SlideShare une entreprise Scribd logo

Valuendo cyberwar and security (jan 2012) handout

Marc Vael
Marc Vael

A small presentation on cyberwar and how to approach it in a managed way

TechnologieBusiness
1  sur  31
Télécharger pour lire hors ligne
How vulnerable are you to cyber attack?
Cybersecurity threats • Cyber-criminals • Malware • Phishers • Spammers • Negligent staff • Hackers • Unethical employees misusing/misconfiguring security functions • Unauthorized access, modification, disclosure of information • Nations attacking critical information infrastructures • Technical advances that can render encryption algorithms obsolete
Lessons learned so far Cyberattacks are DIFFICULT to execute.
Lessons learned so far Governments do have the resources/skills to conduct cyberattacks.
Cyberwarfare is "the fifth domain of warfare“
“Cyberspace is a new domain in warfare which has become just as critical to military operations as land, sea, air and space.”
“Actions to penetrate computers or networks for the purposes of causing damage or disruption.”
Information warfare is “using & managing IT in the pursuit of a competitive advantage over an opponent“
Lessons learned so far Cyberattacks are a real, clear and present danger to organisations & government agencies.
“It’s possible that hackers have gotten into administrative computer systems of utility companies, but says those aren’t linked to the equipment controlling the grid, at least not in developed countries. I have never heard that the grid itself has been hacked.” Howardt Schmidt, Cyber-Security Coordinator of the US
Lessons learned so far Targeted organizations are unprepared.
Lessons learned so far Security professionals are at risk.
Risk always exists! (whether or not it is detected / recognised by the organisation).
Impact of an attack on the business
Cyberattack mitigating strategies Corporate governance : ERM = COSO Support from Board of Directors & Executive Management
Cyberattack mitigating strategies Managing risks appropriately
Cyberattack mitigating strategies Policies & Standards
Cyberattack mitigating strategies Project Management
Cyberattack mitigating strategies Supply Chain Management
Cyberattack mitigating strategies EDUCATION!
Cyberattack mitigating strategies Providing proper funding
Cyberattack mitigating strategies Providing proper resources
Cyberattack mitigating strategies Measuring performance
Cyberattack mitigating strategies Review / Audit
Cyberattack mitigating strategies Incident/Crisis Management
Governance Objectives Business Objectives PO1 Define a strategic IT plan PO2 Define the information architecture Information Criteria PO3 Determine technological direction • Effectiveness PO4 Define the IT processes, organisation and • Efficiency relationships • Confidentiality • Integrity PO5 Manage the IT investment • Availability PO6 Communicate mgt aims & direction • Compliance PO7 Manage IT human resources • Reliability PO8 Manage quality PO9 Assess and manage IT risks ME1 Monitor & evaluate IT performance PO10 Manage projects ME2 Monitor & evaluate internal control IT RESOURCES ME3 Ensure compliance with external • Applications requirements • Information ME4 Provide IT governance • Infrastructure • People PLAN & ORGANISE MONITOR & EVALUATE ACQUIRE & DS1 Define & manage service levels IMPLEMENT DS2 Manage third-party services DS3 Manage performance & capacity DS4 Ensure continuous service DS5 Ensure systems security AI1 Identify automated solutions DS6 Identify & allocate costs DELIVER & AI2 Acquire & maintain application software DS7 Educate & train users AI3 Acquire & maintain IT infrastructure DS8 Manage service desk and incidents SUPPORT AI4 Enable operation and use DS9 Manage the configuration AI5 Procure IT resources DS10 Manage problems AI6 Manage changes DS11 Manage data DS12 Manage the physical environment AI7 Install & accredit solutions and changes DS13 Manage operations
Information Security Management
“I don’t care how many millions of dollars you spend on security technology. If you don’t have people trained properly, I’m going to get in if I want to get in.” Susie Thunder, Cyberpunk
Contact information Marc Vael CISA, CISM, CISSP, CGEIT, ITIL Service Manager, Prince2 Director Knowledge Board ISACA 3701 Algonquin Road, Suite 1010 Rolling Meadows IL 60008 USA http://www.isaca.org/security marc@vael.net http://www.linkedin.com/in/marcvael http://twitter.com/marcvael

Recommandé

Information Security It's All About Compliance
Information Security It's All About ComplianceInformation Security It's All About Compliance
Information Security It's All About ComplianceDinesh O Bareja
 
Gus Hunt's Work-Bench Enterprise Security Summit Keynote
Gus Hunt's Work-Bench Enterprise Security Summit KeynoteGus Hunt's Work-Bench Enterprise Security Summit Keynote
Gus Hunt's Work-Bench Enterprise Security Summit KeynoteWork-Bench
 
Information Security Management Education Program - Concept Document
Information Security Management Education Program - Concept Document Information Security Management Education Program - Concept Document
Information Security Management Education Program - Concept Document Dinesh O Bareja
 
Attacking the cloud with social engineering
Attacking the cloud with social engineeringAttacking the cloud with social engineering
Attacking the cloud with social engineeringPeter Wood
 
Cloud Security: A Business-Centric Approach in 12 Steps
Cloud Security: A Business-Centric Approach in 12 StepsCloud Security: A Business-Centric Approach in 12 Steps
Cloud Security: A Business-Centric Approach in 12 StepsOmar Khawaja
 
IT compliance
IT complianceIT compliance
IT compliancePhan Vuong
 
Rothke Computer Forensics Show 2010 Deployment Strategies For Effective E...
Rothke Computer Forensics Show 2010 Deployment Strategies For Effective E...Rothke Computer Forensics Show 2010 Deployment Strategies For Effective E...
Rothke Computer Forensics Show 2010 Deployment Strategies For Effective E...Ben Rothke
 
Incident Response Requires Superhumans
Incident Response Requires SuperhumansIncident Response Requires Superhumans
Incident Response Requires SuperhumansDinesh O Bareja
 

Recommandé

Information Security It's All About Compliance
Information Security It's All About ComplianceInformation Security It's All About Compliance
Information Security It's All About ComplianceDinesh O Bareja
 
Gus Hunt's Work-Bench Enterprise Security Summit Keynote
Gus Hunt's Work-Bench Enterprise Security Summit KeynoteGus Hunt's Work-Bench Enterprise Security Summit Keynote
Gus Hunt's Work-Bench Enterprise Security Summit KeynoteWork-Bench
 
Information Security Management Education Program - Concept Document
Information Security Management Education Program - Concept Document Information Security Management Education Program - Concept Document
Information Security Management Education Program - Concept Document Dinesh O Bareja
 
Attacking the cloud with social engineering
Attacking the cloud with social engineeringAttacking the cloud with social engineering
Attacking the cloud with social engineeringPeter Wood
 
Cloud Security: A Business-Centric Approach in 12 Steps
Cloud Security: A Business-Centric Approach in 12 StepsCloud Security: A Business-Centric Approach in 12 Steps
Cloud Security: A Business-Centric Approach in 12 StepsOmar Khawaja
 
IT compliance
IT complianceIT compliance
IT compliancePhan Vuong
 
Rothke Computer Forensics Show 2010 Deployment Strategies For Effective E...
Rothke Computer Forensics Show 2010 Deployment Strategies For Effective E...Rothke Computer Forensics Show 2010 Deployment Strategies For Effective E...
Rothke Computer Forensics Show 2010 Deployment Strategies For Effective E...Ben Rothke
 
Incident Response Requires Superhumans
Incident Response Requires SuperhumansIncident Response Requires Superhumans
Incident Response Requires SuperhumansDinesh O Bareja
 
2019-09-11 Workshop incident response n handling honeynet Universitas Indonesia
2019-09-11 Workshop incident response n handling honeynet Universitas Indonesia2019-09-11 Workshop incident response n handling honeynet Universitas Indonesia
2019-09-11 Workshop incident response n handling honeynet Universitas IndonesiaIGN MANTRA
 
Workshop Computer & Cyber Security, STTB Bandung, 23 Desember 2017
Workshop Computer & Cyber Security, STTB Bandung, 23 Desember 2017Workshop Computer & Cyber Security, STTB Bandung, 23 Desember 2017
Workshop Computer & Cyber Security, STTB Bandung, 23 Desember 2017IGN MANTRA
 
Smarter Security - A Practical Guide to Doing More with Less
Smarter Security - A Practical Guide to Doing More with LessSmarter Security - A Practical Guide to Doing More with Less
Smarter Security - A Practical Guide to Doing More with LessOmar Khawaja
 
General Version 8 Jul 09
General Version 8 Jul 09General Version 8 Jul 09
General Version 8 Jul 09tverbeck
 
Information Security vs. Data Governance vs. Data Protection: What Is the Rea...
Information Security vs. Data Governance vs. Data Protection: What Is the Rea...Information Security vs. Data Governance vs. Data Protection: What Is the Rea...
Information Security vs. Data Governance vs. Data Protection: What Is the Rea...PECB
 
Information Security Management. Security solutions copy
Information Security Management. Security solutions copyInformation Security Management. Security solutions copy
Information Security Management. Security solutions copyyuliana_mar
 
The difference between Cybersecurity and Information Security
The difference between Cybersecurity and Information SecurityThe difference between Cybersecurity and Information Security
The difference between Cybersecurity and Information SecurityPECB
 
Impressions from Caribbean ICT Stakeholder Meeting, CyberSecurity
Impressions from Caribbean ICT Stakeholder Meeting, CyberSecurityImpressions from Caribbean ICT Stakeholder Meeting, CyberSecurity
Impressions from Caribbean ICT Stakeholder Meeting, CyberSecurityShiva Bissessar
 
CSO Magazine Confab 2013 Atlanta - Cyber Security
CSO Magazine Confab 2013 Atlanta - Cyber SecurityCSO Magazine Confab 2013 Atlanta - Cyber Security
CSO Magazine Confab 2013 Atlanta - Cyber SecurityPhil Agcaoili
 
Managing Frequently Overlooked Risks & Threats (FORTS) in Corporations
Managing Frequently Overlooked Risks & Threats (FORTS) in CorporationsManaging Frequently Overlooked Risks & Threats (FORTS) in Corporations
Managing Frequently Overlooked Risks & Threats (FORTS) in CorporationsDinesh O Bareja
 
DocomUSA Cyber Security
DocomUSA Cyber SecurityDocomUSA Cyber Security
DocomUSA Cyber Securitydocomusa
 
CertainSafe MicroTokenization Technology Detailed Overview
CertainSafe MicroTokenization Technology Detailed OverviewCertainSafe MicroTokenization Technology Detailed Overview
CertainSafe MicroTokenization Technology Detailed OverviewSteven Russo
 
Ethical Hacking vs Penetration Testing vs Cybersecurity: Know the Difference?
Ethical Hacking vs Penetration Testing vs Cybersecurity: Know the Difference?Ethical Hacking vs Penetration Testing vs Cybersecurity: Know the Difference?
Ethical Hacking vs Penetration Testing vs Cybersecurity: Know the Difference?PECB
 
Steganography - Muheeb Ghallab
Steganography - Muheeb GhallabSteganography - Muheeb Ghallab
Steganography - Muheeb GhallabFahmi Albaheth
 
Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...
Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...
Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...IBM Security
 
Governance in Cybercrime and Cybersecurity orgns - final distribution Organiz...
Governance in Cybercrime and Cybersecurity orgns - final distribution Organiz...Governance in Cybercrime and Cybersecurity orgns - final distribution Organiz...
Governance in Cybercrime and Cybersecurity orgns - final distribution Organiz...Dinesh O Bareja
 
Vulnerability Intelligence - Standing Still in a world full of change
Vulnerability Intelligence - Standing Still in a world full of changeVulnerability Intelligence - Standing Still in a world full of change
Vulnerability Intelligence - Standing Still in a world full of changeEoin Keary
 
ISACA - China Cybersecurity Law Presentation - Kyle Lai - v3.2
ISACA - China Cybersecurity Law Presentation - Kyle Lai - v3.2ISACA - China Cybersecurity Law Presentation - Kyle Lai - v3.2
ISACA - China Cybersecurity Law Presentation - Kyle Lai - v3.2Kyle Lai
 
ISO 27001 Awareness IGN Mantra 2nd Day, 1st Session.
ISO 27001 Awareness IGN Mantra 2nd Day, 1st Session.ISO 27001 Awareness IGN Mantra 2nd Day, 1st Session.
ISO 27001 Awareness IGN Mantra 2nd Day, 1st Session.IGN MANTRA
 
CERT Australia Update, by Scott Brown [APNIC 38 / Network Abuse BoF]
CERT Australia Update, by Scott Brown [APNIC 38 / Network Abuse BoF]CERT Australia Update, by Scott Brown [APNIC 38 / Network Abuse BoF]
CERT Australia Update, by Scott Brown [APNIC 38 / Network Abuse BoF]APNIC
 
Network-Based Intrusion Detection System
Network-Based Intrusion Detection SystemNetwork-Based Intrusion Detection System
Network-Based Intrusion Detection Systemjohnb0118
 
Industrial Training - Network Intrusion Detection System Using Snort
Industrial Training - Network Intrusion Detection System Using SnortIndustrial Training - Network Intrusion Detection System Using Snort
Industrial Training - Network Intrusion Detection System Using SnortDisha Bedi
 

Contenu connexe

Tendances

2019-09-11 Workshop incident response n handling honeynet Universitas Indonesia
2019-09-11 Workshop incident response n handling honeynet Universitas Indonesia2019-09-11 Workshop incident response n handling honeynet Universitas Indonesia
2019-09-11 Workshop incident response n handling honeynet Universitas IndonesiaIGN MANTRA
 
Workshop Computer & Cyber Security, STTB Bandung, 23 Desember 2017
Workshop Computer & Cyber Security, STTB Bandung, 23 Desember 2017Workshop Computer & Cyber Security, STTB Bandung, 23 Desember 2017
Workshop Computer & Cyber Security, STTB Bandung, 23 Desember 2017IGN MANTRA
 
Smarter Security - A Practical Guide to Doing More with Less
Smarter Security - A Practical Guide to Doing More with LessSmarter Security - A Practical Guide to Doing More with Less
Smarter Security - A Practical Guide to Doing More with LessOmar Khawaja
 
General Version 8 Jul 09
General Version 8 Jul 09General Version 8 Jul 09
General Version 8 Jul 09tverbeck
 
Information Security vs. Data Governance vs. Data Protection: What Is the Rea...
Information Security vs. Data Governance vs. Data Protection: What Is the Rea...Information Security vs. Data Governance vs. Data Protection: What Is the Rea...
Information Security vs. Data Governance vs. Data Protection: What Is the Rea...PECB
 
Information Security Management. Security solutions copy
Information Security Management. Security solutions copyInformation Security Management. Security solutions copy
Information Security Management. Security solutions copyyuliana_mar
 
The difference between Cybersecurity and Information Security
The difference between Cybersecurity and Information SecurityThe difference between Cybersecurity and Information Security
The difference between Cybersecurity and Information SecurityPECB
 
Impressions from Caribbean ICT Stakeholder Meeting, CyberSecurity
Impressions from Caribbean ICT Stakeholder Meeting, CyberSecurityImpressions from Caribbean ICT Stakeholder Meeting, CyberSecurity
Impressions from Caribbean ICT Stakeholder Meeting, CyberSecurityShiva Bissessar
 
CSO Magazine Confab 2013 Atlanta - Cyber Security
CSO Magazine Confab 2013 Atlanta - Cyber SecurityCSO Magazine Confab 2013 Atlanta - Cyber Security
CSO Magazine Confab 2013 Atlanta - Cyber SecurityPhil Agcaoili
 
Managing Frequently Overlooked Risks & Threats (FORTS) in Corporations
Managing Frequently Overlooked Risks & Threats (FORTS) in CorporationsManaging Frequently Overlooked Risks & Threats (FORTS) in Corporations
Managing Frequently Overlooked Risks & Threats (FORTS) in CorporationsDinesh O Bareja
 
DocomUSA Cyber Security
DocomUSA Cyber SecurityDocomUSA Cyber Security
DocomUSA Cyber Securitydocomusa
 
CertainSafe MicroTokenization Technology Detailed Overview
CertainSafe MicroTokenization Technology Detailed OverviewCertainSafe MicroTokenization Technology Detailed Overview
CertainSafe MicroTokenization Technology Detailed OverviewSteven Russo
 
Ethical Hacking vs Penetration Testing vs Cybersecurity: Know the Difference?
Ethical Hacking vs Penetration Testing vs Cybersecurity: Know the Difference?Ethical Hacking vs Penetration Testing vs Cybersecurity: Know the Difference?
Ethical Hacking vs Penetration Testing vs Cybersecurity: Know the Difference?PECB
 
Steganography - Muheeb Ghallab
Steganography - Muheeb GhallabSteganography - Muheeb Ghallab
Steganography - Muheeb GhallabFahmi Albaheth
 
Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...
Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...
Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...IBM Security
 
Governance in Cybercrime and Cybersecurity orgns - final distribution Organiz...
Governance in Cybercrime and Cybersecurity orgns - final distribution Organiz...Governance in Cybercrime and Cybersecurity orgns - final distribution Organiz...
Governance in Cybercrime and Cybersecurity orgns - final distribution Organiz...Dinesh O Bareja
 
Vulnerability Intelligence - Standing Still in a world full of change
Vulnerability Intelligence - Standing Still in a world full of changeVulnerability Intelligence - Standing Still in a world full of change
Vulnerability Intelligence - Standing Still in a world full of changeEoin Keary
 
ISACA - China Cybersecurity Law Presentation - Kyle Lai - v3.2
ISACA - China Cybersecurity Law Presentation - Kyle Lai - v3.2ISACA - China Cybersecurity Law Presentation - Kyle Lai - v3.2
ISACA - China Cybersecurity Law Presentation - Kyle Lai - v3.2Kyle Lai
 
ISO 27001 Awareness IGN Mantra 2nd Day, 1st Session.
ISO 27001 Awareness IGN Mantra 2nd Day, 1st Session.ISO 27001 Awareness IGN Mantra 2nd Day, 1st Session.
ISO 27001 Awareness IGN Mantra 2nd Day, 1st Session.IGN MANTRA
 
CERT Australia Update, by Scott Brown [APNIC 38 / Network Abuse BoF]
CERT Australia Update, by Scott Brown [APNIC 38 / Network Abuse BoF]CERT Australia Update, by Scott Brown [APNIC 38 / Network Abuse BoF]
CERT Australia Update, by Scott Brown [APNIC 38 / Network Abuse BoF]APNIC
 

Tendances (20)

2019-09-11 Workshop incident response n handling honeynet Universitas Indonesia
2019-09-11 Workshop incident response n handling honeynet Universitas Indonesia2019-09-11 Workshop incident response n handling honeynet Universitas Indonesia
2019-09-11 Workshop incident response n handling honeynet Universitas Indonesia
 
Workshop Computer & Cyber Security, STTB Bandung, 23 Desember 2017
Workshop Computer & Cyber Security, STTB Bandung, 23 Desember 2017Workshop Computer & Cyber Security, STTB Bandung, 23 Desember 2017
Workshop Computer & Cyber Security, STTB Bandung, 23 Desember 2017
 
Smarter Security - A Practical Guide to Doing More with Less
Smarter Security - A Practical Guide to Doing More with LessSmarter Security - A Practical Guide to Doing More with Less
Smarter Security - A Practical Guide to Doing More with Less
 
General Version 8 Jul 09
General Version 8 Jul 09General Version 8 Jul 09
General Version 8 Jul 09
 
Information Security vs. Data Governance vs. Data Protection: What Is the Rea...
Information Security vs. Data Governance vs. Data Protection: What Is the Rea...Information Security vs. Data Governance vs. Data Protection: What Is the Rea...
Information Security vs. Data Governance vs. Data Protection: What Is the Rea...
 
Information Security Management. Security solutions copy
Information Security Management. Security solutions copyInformation Security Management. Security solutions copy
Information Security Management. Security solutions copy
 
The difference between Cybersecurity and Information Security
The difference between Cybersecurity and Information SecurityThe difference between Cybersecurity and Information Security
The difference between Cybersecurity and Information Security
 
Impressions from Caribbean ICT Stakeholder Meeting, CyberSecurity
Impressions from Caribbean ICT Stakeholder Meeting, CyberSecurityImpressions from Caribbean ICT Stakeholder Meeting, CyberSecurity
Impressions from Caribbean ICT Stakeholder Meeting, CyberSecurity
 
CSO Magazine Confab 2013 Atlanta - Cyber Security
CSO Magazine Confab 2013 Atlanta - Cyber SecurityCSO Magazine Confab 2013 Atlanta - Cyber Security
CSO Magazine Confab 2013 Atlanta - Cyber Security
 
Managing Frequently Overlooked Risks & Threats (FORTS) in Corporations
Managing Frequently Overlooked Risks & Threats (FORTS) in CorporationsManaging Frequently Overlooked Risks & Threats (FORTS) in Corporations
Managing Frequently Overlooked Risks & Threats (FORTS) in Corporations
 
DocomUSA Cyber Security
DocomUSA Cyber SecurityDocomUSA Cyber Security
DocomUSA Cyber Security
 
CertainSafe MicroTokenization Technology Detailed Overview
CertainSafe MicroTokenization Technology Detailed OverviewCertainSafe MicroTokenization Technology Detailed Overview
CertainSafe MicroTokenization Technology Detailed Overview
 
Ethical Hacking vs Penetration Testing vs Cybersecurity: Know the Difference?
Ethical Hacking vs Penetration Testing vs Cybersecurity: Know the Difference?Ethical Hacking vs Penetration Testing vs Cybersecurity: Know the Difference?
Ethical Hacking vs Penetration Testing vs Cybersecurity: Know the Difference?
 
Steganography - Muheeb Ghallab
Steganography - Muheeb GhallabSteganography - Muheeb Ghallab
Steganography - Muheeb Ghallab
 
Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...
Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...
Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...
 
Governance in Cybercrime and Cybersecurity orgns - final distribution Organiz...
Governance in Cybercrime and Cybersecurity orgns - final distribution Organiz...Governance in Cybercrime and Cybersecurity orgns - final distribution Organiz...
Governance in Cybercrime and Cybersecurity orgns - final distribution Organiz...
 
Vulnerability Intelligence - Standing Still in a world full of change
Vulnerability Intelligence - Standing Still in a world full of changeVulnerability Intelligence - Standing Still in a world full of change
Vulnerability Intelligence - Standing Still in a world full of change
 
ISACA - China Cybersecurity Law Presentation - Kyle Lai - v3.2
ISACA - China Cybersecurity Law Presentation - Kyle Lai - v3.2ISACA - China Cybersecurity Law Presentation - Kyle Lai - v3.2
ISACA - China Cybersecurity Law Presentation - Kyle Lai - v3.2
 
ISO 27001 Awareness IGN Mantra 2nd Day, 1st Session.
ISO 27001 Awareness IGN Mantra 2nd Day, 1st Session.ISO 27001 Awareness IGN Mantra 2nd Day, 1st Session.
ISO 27001 Awareness IGN Mantra 2nd Day, 1st Session.
 
CERT Australia Update, by Scott Brown [APNIC 38 / Network Abuse BoF]
CERT Australia Update, by Scott Brown [APNIC 38 / Network Abuse BoF]CERT Australia Update, by Scott Brown [APNIC 38 / Network Abuse BoF]
CERT Australia Update, by Scott Brown [APNIC 38 / Network Abuse BoF]
 

En vedette

Network-Based Intrusion Detection System
Network-Based Intrusion Detection SystemNetwork-Based Intrusion Detection System
Network-Based Intrusion Detection Systemjohnb0118
 
Industrial Training - Network Intrusion Detection System Using Snort
Industrial Training - Network Intrusion Detection System Using SnortIndustrial Training - Network Intrusion Detection System Using Snort
Industrial Training - Network Intrusion Detection System Using SnortDisha Bedi
 
Hit by a Cyberattack: lesson learned
Hit by a Cyberattack: lesson learned Hit by a Cyberattack: lesson learned
Hit by a Cyberattack: lesson learnedB.A.
 
Spoofing Techniques
Spoofing TechniquesSpoofing Techniques
Spoofing TechniquesRaza_Abidi
 
Cybercrime And Computer Misuse Cases
Cybercrime And Computer Misuse CasesCybercrime And Computer Misuse Cases
Cybercrime And Computer Misuse CasesAshesh R
 
FireWall
FireWallFireWall
FireWallrubal_9
 
Phishing exposed
Phishing exposedPhishing exposed
Phishing exposedtamfin
 
Firewall presentation
Firewall presentationFirewall presentation
Firewall presentationAmandeep Kaur
 
Cybercrime.ppt
Cybercrime.pptCybercrime.ppt
Cybercrime.pptAeman Khan
 

En vedette (19)

Network-Based Intrusion Detection System
Network-Based Intrusion Detection SystemNetwork-Based Intrusion Detection System
Network-Based Intrusion Detection System
 
Industrial Training - Network Intrusion Detection System Using Snort
Industrial Training - Network Intrusion Detection System Using SnortIndustrial Training - Network Intrusion Detection System Using Snort
Industrial Training - Network Intrusion Detection System Using Snort
 
Hit by a Cyberattack: lesson learned
Hit by a Cyberattack: lesson learned Hit by a Cyberattack: lesson learned
Hit by a Cyberattack: lesson learned
 
Phishing
PhishingPhishing
Phishing
 
I P S P O O F I N G
I P S P O O F I N GI P S P O O F I N G
I P S P O O F I N G
 
Phishing ppt
Phishing pptPhishing ppt
Phishing ppt
 
Spoofing Techniques
Spoofing TechniquesSpoofing Techniques
Spoofing Techniques
 
Cybercrime And Computer Misuse Cases
Cybercrime And Computer Misuse CasesCybercrime And Computer Misuse Cases
Cybercrime And Computer Misuse Cases
 
Phishing
PhishingPhishing
Phishing
 
Psychrometrics
PsychrometricsPsychrometrics
Psychrometrics
 
Firewall presentation
Firewall presentationFirewall presentation
Firewall presentation
 
Wireshark Basics
Wireshark BasicsWireshark Basics
Wireshark Basics
 
FireWall
FireWallFireWall
FireWall
 
PSYCHROMETRY
PSYCHROMETRYPSYCHROMETRY
PSYCHROMETRY
 
Phishing exposed
Phishing exposedPhishing exposed
Phishing exposed
 
Cyber law
Cyber lawCyber law
Cyber law
 
Firewall presentation
Firewall presentationFirewall presentation
Firewall presentation
 
Introduction to Cyber Law
Introduction to Cyber LawIntroduction to Cyber Law
Introduction to Cyber Law
 
Cybercrime.ppt
Cybercrime.pptCybercrime.ppt
Cybercrime.ppt
 

Similaire à Valuendo cyberwar and security (jan 2012) handout

Valuendo cyberwar and security (okt 2011) handout
Valuendo cyberwar and security (okt 2011) handoutValuendo cyberwar and security (okt 2011) handout
Valuendo cyberwar and security (okt 2011) handoutMarc Vael
 
E-Mail Compliance Frameworks in the Real World
E-Mail Compliance Frameworks in the Real WorldE-Mail Compliance Frameworks in the Real World
E-Mail Compliance Frameworks in the Real WorldChris Byrne
 
Tatakelola Teknologi Informasi
Tatakelola Teknologi InformasiTatakelola Teknologi Informasi
Tatakelola Teknologi InformasiCahyo Darujati
 
Future Focus Infotech
Future Focus InfotechFuture Focus Infotech
Future Focus InfotechLyf Ffi
 
Himss 2011 securing health information in the cloud -- feisal nanji
Himss 2011 securing health information in the cloud -- feisal nanjiHimss 2011 securing health information in the cloud -- feisal nanji
Himss 2011 securing health information in the cloud -- feisal nanjiFeisal Nanji
 
Nick Patience, Director Product Marketing & Strategy at Recommind - Big Data:...
Nick Patience, Director Product Marketing & Strategy at Recommind - Big Data:...Nick Patience, Director Product Marketing & Strategy at Recommind - Big Data:...
Nick Patience, Director Product Marketing & Strategy at Recommind - Big Data:...Global Business Events
 
Feb 26 NETP Slide Deck
Feb 26 NETP Slide DeckFeb 26 NETP Slide Deck
Feb 26 NETP Slide Deckddcomeau
 
Improving Quality and Adoption: EIM SQL Server 2012
Improving Quality and Adoption: EIM SQL Server 2012Improving Quality and Adoption: EIM SQL Server 2012
Improving Quality and Adoption: EIM SQL Server 2012Perficient, Inc.
 
Abc Consultants - Technology
Abc Consultants - TechnologyAbc Consultants - Technology
Abc Consultants - Technologymanishbhatia128
 
Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...
Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...
Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...TrustArc
 
Fisher Practice Areas 2012
Fisher Practice Areas 2012Fisher Practice Areas 2012
Fisher Practice Areas 2012fish1960
 
Why Should Consultants and Systems Integrators Become Certified Information P...
Why Should Consultants and Systems Integrators Become Certified Information P...Why Should Consultants and Systems Integrators Become Certified Information P...
Why Should Consultants and Systems Integrators Become Certified Information P...John Mancini
 
Indranil Guha - It transformation challenges & choices...
Indranil Guha - It transformation challenges & choices...Indranil Guha - It transformation challenges & choices...
Indranil Guha - It transformation challenges & choices...Global Business Events
 
Bobby.german
Bobby.germanBobby.german
Bobby.germanNASAPMC
 
Afac device-security-july-7-2014v7-2
Afac device-security-july-7-2014v7-2Afac device-security-july-7-2014v7-2
Afac device-security-july-7-2014v7-2KBIZEAU
 

Similaire à Valuendo cyberwar and security (jan 2012) handout (20)

Valuendo cyberwar and security (okt 2011) handout
Valuendo cyberwar and security (okt 2011) handoutValuendo cyberwar and security (okt 2011) handout
Valuendo cyberwar and security (okt 2011) handout
 
E-Mail Compliance Frameworks in the Real World
E-Mail Compliance Frameworks in the Real WorldE-Mail Compliance Frameworks in the Real World
E-Mail Compliance Frameworks in the Real World
 
Tatakelola Teknologi Informasi
Tatakelola Teknologi InformasiTatakelola Teknologi Informasi
Tatakelola Teknologi Informasi
 
ICT Governance
ICT GovernanceICT Governance
ICT Governance
 
Future Focus Infotech
Future Focus InfotechFuture Focus Infotech
Future Focus Infotech
 
FFI PPT
FFI PPT FFI PPT
FFI PPT
 
Himss 2011 securing health information in the cloud -- feisal nanji
Himss 2011 securing health information in the cloud -- feisal nanjiHimss 2011 securing health information in the cloud -- feisal nanji
Himss 2011 securing health information in the cloud -- feisal nanji
 
Information Security for Small Business
Information Security for Small BusinessInformation Security for Small Business
Information Security for Small Business
 
Information Security for Small Business
Information Security for Small BusinessInformation Security for Small Business
Information Security for Small Business
 
Nick Patience, Director Product Marketing & Strategy at Recommind - Big Data:...
Nick Patience, Director Product Marketing & Strategy at Recommind - Big Data:...Nick Patience, Director Product Marketing & Strategy at Recommind - Big Data:...
Nick Patience, Director Product Marketing & Strategy at Recommind - Big Data:...
 
Feb 26 NETP Slide Deck
Feb 26 NETP Slide DeckFeb 26 NETP Slide Deck
Feb 26 NETP Slide Deck
 
Improving Quality and Adoption: EIM SQL Server 2012
Improving Quality and Adoption: EIM SQL Server 2012Improving Quality and Adoption: EIM SQL Server 2012
Improving Quality and Adoption: EIM SQL Server 2012
 
Top challenges
Top challengesTop challenges
Top challenges
 
Abc Consultants - Technology
Abc Consultants - TechnologyAbc Consultants - Technology
Abc Consultants - Technology
 
Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...
Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...
Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...
 
Fisher Practice Areas 2012
Fisher Practice Areas 2012Fisher Practice Areas 2012
Fisher Practice Areas 2012
 
Why Should Consultants and Systems Integrators Become Certified Information P...
Why Should Consultants and Systems Integrators Become Certified Information P...Why Should Consultants and Systems Integrators Become Certified Information P...
Why Should Consultants and Systems Integrators Become Certified Information P...
 
Indranil Guha - It transformation challenges & choices...
Indranil Guha - It transformation challenges & choices...Indranil Guha - It transformation challenges & choices...
Indranil Guha - It transformation challenges & choices...
 
Bobby.german
Bobby.germanBobby.german
Bobby.german
 
Afac device-security-july-7-2014v7-2
Afac device-security-july-7-2014v7-2Afac device-security-july-7-2014v7-2
Afac device-security-july-7-2014v7-2
 

Plus de Marc Vael

How secure are chat and webconf tools
How secure are chat and webconf toolsHow secure are chat and webconf tools
How secure are chat and webconf toolsMarc Vael
 
my experience as ciso
my experience as cisomy experience as ciso
my experience as cisoMarc Vael
 
Advantages of privacy by design in IoE
Advantages of privacy by design in IoEAdvantages of privacy by design in IoE
Advantages of privacy by design in IoEMarc Vael
 
Cybersecurity governance existing frameworks (nov 2015)
Cybersecurity governance existing frameworks (nov 2015)Cybersecurity governance existing frameworks (nov 2015)
Cybersecurity governance existing frameworks (nov 2015)Marc Vael
 
Cybersecurity nexus vision
Cybersecurity nexus visionCybersecurity nexus vision
Cybersecurity nexus visionMarc Vael
 
ISACA Reporting relevant IT risks to stakeholders
ISACA Reporting relevant IT risks to stakeholdersISACA Reporting relevant IT risks to stakeholders
ISACA Reporting relevant IT risks to stakeholdersMarc Vael
 
Cloud security lessons learned and audit
Cloud security lessons learned and auditCloud security lessons learned and audit
Cloud security lessons learned and auditMarc Vael
 
Value-added it auditing
Value-added it auditingValue-added it auditing
Value-added it auditingMarc Vael
 
ISACA Internet of Things open forum presentation
ISACA Internet of Things open forum presentationISACA Internet of Things open forum presentation
ISACA Internet of Things open forum presentationMarc Vael
 
hoe kan u vandaag informatie veiligheid realiseren op een praktische manier?
hoe kan u vandaag informatie veiligheid realiseren op een praktische manier?hoe kan u vandaag informatie veiligheid realiseren op een praktische manier?
hoe kan u vandaag informatie veiligheid realiseren op een praktische manier?Marc Vael
 
The value of big data analytics
The value of big data analyticsThe value of big data analytics
The value of big data analyticsMarc Vael
 
Social media risks and controls
Social media risks and controlsSocial media risks and controls
Social media risks and controlsMarc Vael
 
The view of auditor on cybercrime
The view of auditor on cybercrimeThe view of auditor on cybercrime
The view of auditor on cybercrimeMarc Vael
 
ISACA Mobile Payments Forum presentation
ISACA Mobile Payments Forum presentationISACA Mobile Payments Forum presentation
ISACA Mobile Payments Forum presentationMarc Vael
 
Belgian Data Protection Commission's new audit programme
Belgian Data Protection Commission's new audit programmeBelgian Data Protection Commission's new audit programme
Belgian Data Protection Commission's new audit programmeMarc Vael
 
ISACA Cloud Computing Risks
ISACA Cloud Computing RisksISACA Cloud Computing Risks
ISACA Cloud Computing RisksMarc Vael
 
Information security awareness (sept 2012) bis handout
Information security awareness (sept 2012) bis handoutInformation security awareness (sept 2012) bis handout
Information security awareness (sept 2012) bis handoutMarc Vael
 
ISACA smart security for smart devices
ISACA smart security for smart devicesISACA smart security for smart devices
ISACA smart security for smart devicesMarc Vael
 
Securing big data (july 2012)
Securing big data (july 2012)Securing big data (july 2012)
Securing big data (july 2012)Marc Vael
 
How to handle multilayered IT security today
How to handle multilayered IT security todayHow to handle multilayered IT security today
How to handle multilayered IT security todayMarc Vael
 

Plus de Marc Vael (20)

How secure are chat and webconf tools
How secure are chat and webconf toolsHow secure are chat and webconf tools
How secure are chat and webconf tools
 
my experience as ciso
my experience as cisomy experience as ciso
my experience as ciso
 
Advantages of privacy by design in IoE
Advantages of privacy by design in IoEAdvantages of privacy by design in IoE
Advantages of privacy by design in IoE
 
Cybersecurity governance existing frameworks (nov 2015)
Cybersecurity governance existing frameworks (nov 2015)Cybersecurity governance existing frameworks (nov 2015)
Cybersecurity governance existing frameworks (nov 2015)
 
Cybersecurity nexus vision
Cybersecurity nexus visionCybersecurity nexus vision
Cybersecurity nexus vision
 
ISACA Reporting relevant IT risks to stakeholders
ISACA Reporting relevant IT risks to stakeholdersISACA Reporting relevant IT risks to stakeholders
ISACA Reporting relevant IT risks to stakeholders
 
Cloud security lessons learned and audit
Cloud security lessons learned and auditCloud security lessons learned and audit
Cloud security lessons learned and audit
 
Value-added it auditing
Value-added it auditingValue-added it auditing
Value-added it auditing
 
ISACA Internet of Things open forum presentation
ISACA Internet of Things open forum presentationISACA Internet of Things open forum presentation
ISACA Internet of Things open forum presentation
 
hoe kan u vandaag informatie veiligheid realiseren op een praktische manier?
hoe kan u vandaag informatie veiligheid realiseren op een praktische manier?hoe kan u vandaag informatie veiligheid realiseren op een praktische manier?
hoe kan u vandaag informatie veiligheid realiseren op een praktische manier?
 
The value of big data analytics
The value of big data analyticsThe value of big data analytics
The value of big data analytics
 
Social media risks and controls
Social media risks and controlsSocial media risks and controls
Social media risks and controls
 
The view of auditor on cybercrime
The view of auditor on cybercrimeThe view of auditor on cybercrime
The view of auditor on cybercrime
 
ISACA Mobile Payments Forum presentation
ISACA Mobile Payments Forum presentationISACA Mobile Payments Forum presentation
ISACA Mobile Payments Forum presentation
 
Belgian Data Protection Commission's new audit programme
Belgian Data Protection Commission's new audit programmeBelgian Data Protection Commission's new audit programme
Belgian Data Protection Commission's new audit programme
 
ISACA Cloud Computing Risks
ISACA Cloud Computing RisksISACA Cloud Computing Risks
ISACA Cloud Computing Risks
 
Information security awareness (sept 2012) bis handout
Information security awareness (sept 2012) bis handoutInformation security awareness (sept 2012) bis handout
Information security awareness (sept 2012) bis handout
 
ISACA smart security for smart devices
ISACA smart security for smart devicesISACA smart security for smart devices
ISACA smart security for smart devices
 
Securing big data (july 2012)
Securing big data (july 2012)Securing big data (july 2012)
Securing big data (july 2012)
 
How to handle multilayered IT security today
How to handle multilayered IT security todayHow to handle multilayered IT security today
How to handle multilayered IT security today
 

Dernier

2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 

Dernier (20)

2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 

Valuendo cyberwar and security (jan 2012) handout

  • 1. How vulnerable are you to cyber attack?
  • 2. Cybersecurity threats • Cyber-criminals • Malware • Phishers • Spammers • Negligent staff • Hackers • Unethical employees misusing/misconfiguring security functions • Unauthorized access, modification, disclosure of information • Nations attacking critical information infrastructures • Technical advances that can render encryption algorithms obsolete
  • 3. Lessons learned so far Cyberattacks are DIFFICULT to execute.
  • 4. Lessons learned so far Governments do have the resources/skills to conduct cyberattacks.
  • 5. Cyberwarfare is "the fifth domain of warfare“
  • 6. “Cyberspace is a new domain in warfare which has become just as critical to military operations as land, sea, air and space.”
  • 7. “Actions to penetrate computers or networks for the purposes of causing damage or disruption.”
  • 8. Information warfare is “using & managing IT in the pursuit of a competitive advantage over an opponent“
  • 9. Lessons learned so far Cyberattacks are a real, clear and present danger to organisations & government agencies.
  • 10. “It’s possible that hackers have gotten into administrative computer systems of utility companies, but says those aren’t linked to the equipment controlling the grid, at least not in developed countries. I have never heard that the grid itself has been hacked.” Howardt Schmidt, Cyber-Security Coordinator of the US
  • 11. Lessons learned so far Targeted organizations are unprepared.
  • 12. Lessons learned so far Security professionals are at risk.
  • 13. Risk always exists! (whether or not it is detected / recognised by the organisation).
  • 14. Impact of an attack on the business
  • 15. Cyberattack mitigating strategies Corporate governance : ERM = COSO Support from Board of Directors & Executive Management
  • 16. Cyberattack mitigating strategies Managing risks appropriately
  • 17. Cyberattack mitigating strategies Policies & Standards
  • 18. Cyberattack mitigating strategies Project Management
  • 19. Cyberattack mitigating strategies Supply Chain Management
  • 23. Cyberattack mitigating strategies Measuring performance
  • 25. Cyberattack mitigating strategies Incident/Crisis Management
  • 26. Governance Objectives Business Objectives PO1 Define a strategic IT plan PO2 Define the information architecture Information Criteria PO3 Determine technological direction • Effectiveness PO4 Define the IT processes, organisation and • Efficiency relationships • Confidentiality • Integrity PO5 Manage the IT investment • Availability PO6 Communicate mgt aims & direction • Compliance PO7 Manage IT human resources • Reliability PO8 Manage quality PO9 Assess and manage IT risks ME1 Monitor & evaluate IT performance PO10 Manage projects ME2 Monitor & evaluate internal control IT RESOURCES ME3 Ensure compliance with external • Applications requirements • Information ME4 Provide IT governance • Infrastructure • People PLAN & ORGANISE MONITOR & EVALUATE ACQUIRE & DS1 Define & manage service levels IMPLEMENT DS2 Manage third-party services DS3 Manage performance & capacity DS4 Ensure continuous service DS5 Ensure systems security AI1 Identify automated solutions DS6 Identify & allocate costs DELIVER & AI2 Acquire & maintain application software DS7 Educate & train users AI3 Acquire & maintain IT infrastructure DS8 Manage service desk and incidents SUPPORT AI4 Enable operation and use DS9 Manage the configuration AI5 Procure IT resources DS10 Manage problems AI6 Manage changes DS11 Manage data DS12 Manage the physical environment AI7 Install & accredit solutions and changes DS13 Manage operations
  • 27.
  • 29. “I don’t care how many millions of dollars you spend on security technology. If you don’t have people trained properly, I’m going to get in if I want to get in.” Susie Thunder, Cyberpunk
  • 30.
  • 31. Contact information Marc Vael CISA, CISM, CISSP, CGEIT, ITIL Service Manager, Prince2 Director Knowledge Board ISACA 3701 Algonquin Road, Suite 1010 Rolling Meadows IL 60008 USA http://www.isaca.org/security marc@vael.net http://www.linkedin.com/in/marcvael http://twitter.com/marcvael