Cyber 24 7 slideshare march 2014

67 %
33 %
Information about Cyber 24 7 slideshare march 2014
Business & Mgmt

Published on March 13, 2014

Author: peterlodell



A summary powerpoint describing my new book on cybersecurity. It is written for an organization's leadership team in an easy to read, non-technical format. It covers the wide range of issues that are present in cybersecurity planning today.

Cyber 24-7: Sound advice for board members, the C-Suite and non- technical executives Peter O’Dell

Book Summary • Cyber threat is real and unpredictable • Board and C-Suite need to manage • The threat extends far beyond the IT group • Gap between management and IT • Preparation is critical to incident response • Outside partners/services key resource • Incident response must be well executed • Future threats are emerging

Who should read Cyber 24-7 • Board of Directors, C-Suite, and non-technical execs: – Understanding impact and risk – Key strategy elements – Preparation and response – Entire organizational view • IT – CSO, CIO, CISO: – Comprehend management perspective/responsibility – Understand entire scope of cyber threat – Narrow communications gap – Improve planning and response planning

Table of Contents • Chapter 1 The Cyber Problem – Where are we today? • Chapter 2: Cyber: Not your everyday risk! • Chapter 3: Leadership from the Top – Board and Executive Issues • Chapter 4: Real time Cyber Intelligence – Preparing and Prevention • Chapter 5: Attacked and Breached – Now What? • Chapter 6: Cyber Information Sharing • Chapter 7: Government Activities in Cyber • Chapter 8: Information Resources • Chapter 9: A Standardized Approach can streamline the future • Chapter 10: The Future of Cyber Security • Chapter 11: Final Conclusions • Appendix A: Sample Incident Response Checklist • Appendix B: Executive Order on Cyber and NIST Framework

Today’s Situation • Victims of our own success – incredible growth • Opportunity expands the attack surface: – Clouds linked to legacy systems – Internet of Things (IOT) means more entry points – Bring Your Own Devices (BYOD) • We’re not doing all we can: – Boards and C-Suite largely delegating/ignoring – Poor info sharing even at basic levels, not real-time – Eliminating/upgrading legacy systems – “Tone at the Top” by the board and C-Suite – Government – no legislation since 2002, poor grades

Cyber is not a Normal Risk! • Cyber defies conventional metrics – Non-quantifiable – Non-predictable – Global, not local – Can put the entire organization at complete risk • Examples of normal risks: – Weather - business interruption – Employee and customer lawsuits – Theft of a trailer full of cell phones

Executive Leadership • Set the organizational “Tone at the Top” • Responsible for oversight and priorities • The board sets the risk tolerance level • People should be vetted and monitored • Outside resources should be identified • Cross organization response should be planned and exercised • The threat is much broader than just IT issues

What to worry about today • Customer payment information - Target • Intellectual property theft – 20 year impact – Lockheed-Martin • Malicious insiders - Snowden • Critical Infrastructure attack – power, communications • Emerging threats – important to stay current • Device loss or theft – multiple scenarios

Board & C-Suite Preparation/Proactive Efforts • Set the “Tone at the Top” • Understand executive vulnerabilities • Consider a technical board member/committee • Hire the right people and partners • Detailed risk, resilience and plan review • Exercise the full plan across the enterprise

People – Critical at all Levels • Industry shortage means higher Bozo % at all levels • Validating through outside expertise • Finding, training, retaining and motivating • Standing guard 24/7 very difficult • Great can turn malicious for outside reasons • 360 degree communications for team success • Entire organization – this is not just an IT issue

Future Trends • Threat is expanding with new vulnerabilities • Mobile, Cloud, and Internet of Things (IOT) enabling new vulnerabilities • Sharing is still an under-utilized defense • Law enforcement will have to improve cross- jurisdictional investigations and prosecution • Market of services and solutions growing rapidly in response to the threat • Likely will be years before a downturn in risk

About the Author – Pete O’Dell • Current: author, board member, consultant • Past: Multiple roles, multiple industries – President of software division – Autodesk – CIO: Microwarehouse, Autodesk, UCA – COO: Online Interactive, Supertracks – Co-founded Swan Island Networks • Contact: – – Skype: Peterlodell

Add a comment

Related presentations

Canvas Prints at Affordable Prices make you smile.Visit http://www.shopcanvasprint...

30 Días en Bici en Gijón organiza un recorrido por los comercios históricos de la ...

Con el fin de conocer mejor el rol que juega internet en el proceso de compra en E...

With three established projects across the country and seven more in the pipeline,...

Retailing is not a rocket science, neither it's walk-in-the-park. In this presenta...

What is research??

What is research??

April 2, 2014

Explanatory definitions of research in depth...

Related pages

slideshare influenceurs cybersecurite twitter - OSINT

slideshare influenceurs cybersecurite twitter from Sentryo... ... May 24, 2016. 0 9. This post was ... © Copyright 2014 ...
Read more

Technology Tidbits: Thoughts of a Cyber Hero: SlideShare ...

Technology Tidbits: Thoughts of a Cyber Hero ... October 3, 2014. SlideShare Presentations ...
Read more

Slideshare Traffic Case Study • From 0 to 243,000 Views in ...

Update August 2014: Slideshare is ... July 24, 2013 at 7 ... One of my readers followed our tips and published a Slideshare presentation about cyber ...
Read more


... download mobile megatrends 2014 slideshare pdf || ... download march 2014 daily ... 2014 FIRE SHIFT CALENDAR 24 72
Read more

Cyber Risk Reports - Cisco Systems

... RSS&vs_p=Cyber Risk Report: March ... RSS&vs_p=Cyber Risk Report: August 18-24, 2014&vs ... RSS&vs_p=Cyber Risk Report: July 7-13, 2014&vs ...
Read more

Cyber threat intelligence sharing - understanding the ...

By Jason Smith on 24 ... CERT Australia has been generating STIX packages since January 2014 and ... I will describe the cyber threat ...
Read more