Cyber 24 7 slideshare march 2014

50 %
50 %
Information about Cyber 24 7 slideshare march 2014
Business & Mgmt

Published on March 13, 2014

Author: peterlodell

Source: slideshare.net

Description

A summary powerpoint describing my new book on cybersecurity. It is written for an organization's leadership team in an easy to read, non-technical format. It covers the wide range of issues that are present in cybersecurity planning today.

Cyber 24-7: Sound advice for board members, the C-Suite and non- technical executives Peter O’Dell peterlodell@gmail.com

http://www.amazon.com/dp/B00IHIQWYK

Book Summary • Cyber threat is real and unpredictable • Board and C-Suite need to manage • The threat extends far beyond the IT group • Gap between management and IT • Preparation is critical to incident response • Outside partners/services key resource • Incident response must be well executed • Future threats are emerging

Who should read Cyber 24-7 • Board of Directors, C-Suite, and non-technical execs: – Understanding impact and risk – Key strategy elements – Preparation and response – Entire organizational view • IT – CSO, CIO, CISO: – Comprehend management perspective/responsibility – Understand entire scope of cyber threat – Narrow communications gap – Improve planning and response planning

Table of Contents • Chapter 1 The Cyber Problem – Where are we today? • Chapter 2: Cyber: Not your everyday risk! • Chapter 3: Leadership from the Top – Board and Executive Issues • Chapter 4: Real time Cyber Intelligence – Preparing and Prevention • Chapter 5: Attacked and Breached – Now What? • Chapter 6: Cyber Information Sharing • Chapter 7: Government Activities in Cyber • Chapter 8: Information Resources • Chapter 9: A Standardized Approach can streamline the future • Chapter 10: The Future of Cyber Security • Chapter 11: Final Conclusions • Appendix A: Sample Incident Response Checklist • Appendix B: Executive Order on Cyber and NIST Framework

Today’s Situation • Victims of our own success – incredible growth • Opportunity expands the attack surface: – Clouds linked to legacy systems – Internet of Things (IOT) means more entry points – Bring Your Own Devices (BYOD) • We’re not doing all we can: – Boards and C-Suite largely delegating/ignoring – Poor info sharing even at basic levels, not real-time – Eliminating/upgrading legacy systems – “Tone at the Top” by the board and C-Suite – Government – no legislation since 2002, poor grades

Cyber is not a Normal Risk! • Cyber defies conventional metrics – Non-quantifiable – Non-predictable – Global, not local – Can put the entire organization at complete risk • Examples of normal risks: – Weather - business interruption – Employee and customer lawsuits – Theft of a trailer full of cell phones

Executive Leadership • Set the organizational “Tone at the Top” • Responsible for oversight and priorities • The board sets the risk tolerance level • People should be vetted and monitored • Outside resources should be identified • Cross organization response should be planned and exercised • The threat is much broader than just IT issues

What to worry about today • Customer payment information - Target • Intellectual property theft – 20 year impact – Lockheed-Martin • Malicious insiders - Snowden • Critical Infrastructure attack – power, communications • Emerging threats – important to stay current • Device loss or theft – multiple scenarios

Board & C-Suite Preparation/Proactive Efforts • Set the “Tone at the Top” • Understand executive vulnerabilities • Consider a technical board member/committee • Hire the right people and partners • Detailed risk, resilience and plan review • Exercise the full plan across the enterprise

People – Critical at all Levels • Industry shortage means higher Bozo % at all levels • Validating through outside expertise • Finding, training, retaining and motivating • Standing guard 24/7 very difficult • Great can turn malicious for outside reasons • 360 degree communications for team success • Entire organization – this is not just an IT issue

Future Trends • Threat is expanding with new vulnerabilities • Mobile, Cloud, and Internet of Things (IOT) enabling new vulnerabilities • Sharing is still an under-utilized defense • Law enforcement will have to improve cross- jurisdictional investigations and prosecution • Market of services and solutions growing rapidly in response to the threat • Likely will be years before a downturn in risk

About the Author – Pete O’Dell • Current: author, board member, consultant • Past: Multiple roles, multiple industries – President of software division – Autodesk – CIO: Microwarehouse, Autodesk, UCA – COO: Online Interactive, Supertracks – Co-founded Swan Island Networks • Contact: – Peterlodell@gmail.com – Skype: Peterlodell

http://www.amazon.com/dp/B00IHIQWYK

Add a comment

Related presentations

Related pages

slideshare influenceurs cybersecurite twitter - OSINT

slideshare influenceurs cybersecurite twitter from Sentryo... ... May 24, 2016. 0 9. This post was ... © Copyright 2014 ...
Read more

Technology Tidbits: Thoughts of a Cyber Hero: SlideShare ...

Technology Tidbits: Thoughts of a Cyber Hero ... October 3, 2014. SlideShare Presentations ...
Read more

Slideshare Traffic Case Study • From 0 to 243,000 Views in ...

Update August 2014: Slideshare is ... July 24, 2013 at 7 ... One of my readers followed our tips and published a Slideshare presentation about cyber ...
Read more

2014 FIRE SHIFT CALENDAR 24 72 - bac8be7.xyz

... download mobile megatrends 2014 slideshare pdf || ... download march 2014 daily ... 2014 FIRE SHIFT CALENDAR 24 72
Read more

Cyber Risk Reports - Cisco Systems

... RSS&vs_p=Cyber Risk Report: March ... RSS&vs_p=Cyber Risk Report: August 18-24, 2014&vs ... RSS&vs_p=Cyber Risk Report: July 7-13, 2014&vs ...
Read more

Cyber threat intelligence sharing - understanding the ...

By Jason Smith on 24 ... CERT Australia has been generating STIX packages since January 2014 and ... I will describe the cyber threat ...
Read more