SlideShare une entreprise Scribd logo

2017 K12 Educators Security Briefing - Matthew Rosenquist

Matthew Rosenquist
Matthew Rosenquist

Matthew Rosenquist's presentation at the 2017 K12 Oregon Educators briefing, discussing the cyber risks and opportunities facing school systems.

Technologie
1  sur  24
Télécharger pour lire hors ligne
Matthew Rosenquist Cybersecurity Strategist February 2017
“We manage security through Leadership and Preparation, otherwise we face Crisis and Desperation” 2
 Data breach – administration, student, and vendor records  Malware/ransomware of devices  Financial theft and fraud  Student bullying, stalking, & safety  Regulatory non-compliance, audit  Denial of Service - Operational unavailability of systems  Reputation, smear, & social attacks  Asset misuse, theft, unauthorized content hosting, file sharing  Information integrity “Ferris Bueller attack”– grades & communications CyberImpactingtheeducationsector 3
Threats&TechnologyLandscape 4
EvolvingLandscape,Adversaries,andimpacts i 93%ofPhishingis Ransomware Upwards of $75 billion in global impact i 97%of Fortune 1000companies Lost data or credentials 2014-2016 i $16Billionin Losses Identity theft & fraud in 2016, up 16% from 2015 IMPACTS GO FAR BEYOND EXPECTATIONS Cybersecurity costs typically measured as part of an incident Actual costs of long term impacts including lost contract revenue, operational disruption, devaluation of trade name, loss of IP, rises in insurance premiums, increased cost to raise debt, customer relationship impacts %COST ~1%* Source: US Tech Manufacturing Company Case Study , Deloitte ~99% 5 More Users New Devices Innovative Usages Generating Vast Data Sensitive Functions Increased Target Value i 40%Increase Data Breach disclosures from 2015 to 2016 i 400kNew Malware/Day 575 million unique samples of malware exist i 200%increase In cyber-crime in the last 5 years
ItisaDataBreachWorld a Top 10 Healthcare breaches of 2015 affected almost 35% of the US population Just for California… 171 breaches involving 24m million records (3 out of 5 Californians) In 2015, overt 700 million records were lost or stolen (that is 80k per hour) 6
25+Million Applications Connected and creating 50x the volume of data 50-200BillionDevices Connected to the Internet $6trillion Cyber-crime impact globally by 2021 $3–$90trillion Aggregate innovation impact of cyber-risks 400kNew Malware/Day 630 million unique samples of malware exist today $75billion Rise of ransomware becomes a multi-billion dollar problem 4 BillionUsersOnline Up from 2+ billion today 50Trillion Gigabytes Amount of data being created A World of Targets with Increased Value 7
Dante'sInfernoofCybersecurityImpacts Denial of Service (Availability) • Access of customers • Availability of data, systems, & services • DDOS network attacks, ransom-ware data locking attacks Data Theft & Exposure (Confidentiality) • ID Theft • Privacy • Data Breach • Transaction data • Database hacks, skimming, lost storage, keylogging Monitor & Manipulate (Integrity) • Internal-access surveillance for advantage • Tamper/Manipulation • Long-term data gathering campaign Security Competency Attacker Innovation Attacks expand over time, increasing in severity based upon different technology and usages Own & Obliterate (C/I/A) • Administrative ownership and control • Capability of unrecoverable obliteration • Strategic attack, undermining of org capability 8
PROCESS People and Technology Attackerstargetpeople,processes,andtechnology 9
OPERATIONAL, INDUSTRIAL, AND VIRTUAL SYSTEMS GOVERNANCE, TRUST, AND OVERSIGHT SYSTEMS DATA, INFORMATION AND CONTROL MECHANISMS ENDPOINTS, NETWORKS, SERVICES, AND MACHINES ACCES CONTROL AND IDENTITY SECURITY, SAFETY, AND PRIVACY CONTROLS The 5 most cyber-attacked industries in 2015: 1. Healthcare 2. Manufacturing 3. Financial Services 4. Government 5. Transportation 10
TechInnovation&AdoptionDrivesRisks New technology bridges the virtual and physical worlds, to connect and enrich peoples lives 11
Government’s roles expand, more regulations and standards Advances in nation-state cyber-offense affects everyone Life safety and cybersecurity intersect in products Rise in digital theft, extortion, and fraud Real-world impacts of cybersecurity emerge Security expectations increase by consumers, businesses, and regulators Attackers evolve, adapt, & accelerate faster than security Trust and Integrity are targeted and undermined Security technologies improve but remain outpaced and outmaneuvered Lack of security talent hinders the industry EvolvingLandscape,Adversaries,&Battlefield 13
SecurityFutures: 13 1. Make no mistake, everyone is a target 2. Threats remain equitable to the growth and use of technology 3. Society expectations increase for cyber security, privacy, and safety 4. Evolving landscape will bring new threats, attacks, and impacts 5. Pendulum swings towards more security, ultimately settles for an optimal balance (regulatory, tech innovators/manufacturers, and best practices) 6. Threats target technology, processes, and people. Cybersecurity must cover all aspects to be effective over time
IndustryBestPractices&Perspectives 14
“Two types of victims exist: Those who are easy targets and those with something of value” - Don’t be an easy target, and protect your valuables. 15
TheBestOrganizations a Seeks Optimal Risk Risk management planning Anticipates impacts Balance Cost, Risk, & Usability Adapts to shifting demands Comprehensive Processes Security as a continuous cycle Continuous improvement process Technology and Behaviors Obstacles and Opposition Leads into the Future Clearly defines success Plans for a sustainable future Roles and accountability Continuously adapting 16
HowCanYouBePrepared? Cyber-Security Capability Process 17 Sustainably effective security requires a continual process to properly allocate resources, enabling operational flexibility while driving cost efficiency and risk manageability
Balance:SecurityValueAspects Optimal security is the right balance of cost, user experience, and risk tradeoffs Optimal security is the right balance of cost, user experience, and risk tradeoffs 19
Layered:SecurityTechnologyIntegration NETWORK • Firewalls, demilitarized zones, data loss prevention, ID management, traffic & content filters PLATFORM • Antivirus software, patching, minimum security specifications for systems APPLICATION • Secure coding, testing, security specifications FILE AND DATA • File and data encryption, enterprise rights management CLOUD USER Security must persist at multiple layers to insure consistency and comprehensiveness 20
ImportantConsiderations… 20 Smarter vs More Collaboration across security functions improving effectiveness Better IT choices & enablement Properly balancing the risk, cost, and usability constraints Expectations Drive Change Society’s expectations shift with pain, impact, and inconvenience Trust will be valued, demanded Security, privacy, and controls will align with greater impacts Controls Must Adapt Innovation intersecting emerging attacks to keep pace with attackers Static defenses are easy to defeat Intelligence, analysis, and actions must feedback to improve systems
OpportunitiesandRisks 21 1. Understand the exposure and risks of connected technology 2. Communicate and develop capabilities aligned to risk goals 3. Seek out trusted partners, tech providers, and security solutions 4. Follow cyber best practices, which must adapt to new challenges 5. Lead. Before the threats gain a significant advantage
Conclusions Cyber threats pose significant risks to security, safety, and privacy Cyber will continue to have an ever greater impact on educational environments New threat vectors will emerge as advanced technology is integrated The rise of cyber represents risks and opportunities Leaders with insights to the future have the best opportunity to align resources and be prepared 22
“We manage security through Leadership and Preparation, otherwise we face Crisis and Desperation” …Areyouprepared?
2017 K12 Educators Security Briefing - Matthew Rosenquist

Recommandé

2017 InfraGard Atlanta Conference - Matthew Rosenquist
2017 InfraGard Atlanta Conference - Matthew Rosenquist2017 InfraGard Atlanta Conference - Matthew Rosenquist
2017 InfraGard Atlanta Conference - Matthew Rosenquist
Matthew Rosenquist
 
Challenges for the Next Generation of Cybersecurity Professionals - Matthew R...
Challenges for the Next Generation of Cybersecurity Professionals - Matthew R...Challenges for the Next Generation of Cybersecurity Professionals - Matthew R...
Challenges for the Next Generation of Cybersecurity Professionals - Matthew R...
Matthew Rosenquist
 
Strategic Leadership for Managing Evolving Cybersecurity Risks
Strategic Leadership for Managing Evolving Cybersecurity RisksStrategic Leadership for Managing Evolving Cybersecurity Risks
Strategic Leadership for Managing Evolving Cybersecurity Risks
Matthew Rosenquist
 
Future of Cybersecurity 2016 - M.Rosenquist
Future of Cybersecurity 2016 - M.RosenquistFuture of Cybersecurity 2016 - M.Rosenquist
Future of Cybersecurity 2016 - M.Rosenquist
Matthew Rosenquist
 
Symantec Intelligence Report - October 2014
Symantec Intelligence Report - October 2014Symantec Intelligence Report - October 2014
Symantec Intelligence Report - October 2014
Symantec
 
CSE 2016 Future of Cyber Security by Matthew Rosenquist
CSE 2016 Future of Cyber Security by Matthew RosenquistCSE 2016 Future of Cyber Security by Matthew Rosenquist
CSE 2016 Future of Cyber Security by Matthew Rosenquist
Matthew Rosenquist
 
Securing the Cloud by Matthew Rosenquist 2016
Securing the Cloud by Matthew Rosenquist 2016Securing the Cloud by Matthew Rosenquist 2016
Securing the Cloud by Matthew Rosenquist 2016
Matthew Rosenquist
 
Diversity in Cybersecurity Education - 2016 ICT keynote - M.Rosenquist
Diversity in Cybersecurity Education - 2016 ICT keynote - M.RosenquistDiversity in Cybersecurity Education - 2016 ICT keynote - M.Rosenquist
Diversity in Cybersecurity Education - 2016 ICT keynote - M.Rosenquist
Matthew Rosenquist
 

Recommandé

2017 InfraGard Atlanta Conference - Matthew Rosenquist
2017 InfraGard Atlanta Conference - Matthew Rosenquist2017 InfraGard Atlanta Conference - Matthew Rosenquist
2017 InfraGard Atlanta Conference - Matthew Rosenquist
Matthew Rosenquist
 
Challenges for the Next Generation of Cybersecurity Professionals - Matthew R...
Challenges for the Next Generation of Cybersecurity Professionals - Matthew R...Challenges for the Next Generation of Cybersecurity Professionals - Matthew R...
Challenges for the Next Generation of Cybersecurity Professionals - Matthew R...
Matthew Rosenquist
 
Strategic Leadership for Managing Evolving Cybersecurity Risks
Strategic Leadership for Managing Evolving Cybersecurity RisksStrategic Leadership for Managing Evolving Cybersecurity Risks
Strategic Leadership for Managing Evolving Cybersecurity Risks
Matthew Rosenquist
 
Future of Cybersecurity 2016 - M.Rosenquist
Future of Cybersecurity 2016 - M.RosenquistFuture of Cybersecurity 2016 - M.Rosenquist
Future of Cybersecurity 2016 - M.Rosenquist
Matthew Rosenquist
 
Symantec Intelligence Report - October 2014
Symantec Intelligence Report - October 2014Symantec Intelligence Report - October 2014
Symantec Intelligence Report - October 2014
Symantec
 
CSE 2016 Future of Cyber Security by Matthew Rosenquist
CSE 2016 Future of Cyber Security by Matthew RosenquistCSE 2016 Future of Cyber Security by Matthew Rosenquist
CSE 2016 Future of Cyber Security by Matthew Rosenquist
Matthew Rosenquist
 
Securing the Cloud by Matthew Rosenquist 2016
Securing the Cloud by Matthew Rosenquist 2016Securing the Cloud by Matthew Rosenquist 2016
Securing the Cloud by Matthew Rosenquist 2016
Matthew Rosenquist
 
Diversity in Cybersecurity Education - 2016 ICT keynote - M.Rosenquist
Diversity in Cybersecurity Education - 2016 ICT keynote - M.RosenquistDiversity in Cybersecurity Education - 2016 ICT keynote - M.Rosenquist
Diversity in Cybersecurity Education - 2016 ICT keynote - M.Rosenquist
Matthew Rosenquist
 
Pivotal Role of HR in Cybersecurity
Pivotal Role of HR in CybersecurityPivotal Role of HR in Cybersecurity
Pivotal Role of HR in Cybersecurity
Matthew Rosenquist
 
Enterprise Cyber Security 2016
Enterprise Cyber Security 2016Enterprise Cyber Security 2016
Enterprise Cyber Security 2016
Supply Chain Coalition
 
True Cost of Data Breaches
True Cost of Data BreachesTrue Cost of Data Breaches
True Cost of Data Breaches
Matthew Rosenquist
 
Top Cyber Threat Predictions for 2019
Top Cyber Threat Predictions for 2019Top Cyber Threat Predictions for 2019
Top Cyber Threat Predictions for 2019
PECB
 
Must Know Cyber Security Stats of 2016
Must Know Cyber Security Stats of 2016Must Know Cyber Security Stats of 2016
Must Know Cyber Security Stats of 2016
DWP Information Architects Inc.
 
Cyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & RecommendationsCyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & Recommendations
Ulf Mattsson
 
Top 10 cybersecurity predictions for 2016 by Matthew Rosenquist
Top 10 cybersecurity predictions for 2016 by Matthew RosenquistTop 10 cybersecurity predictions for 2016 by Matthew Rosenquist
Top 10 cybersecurity predictions for 2016 by Matthew Rosenquist
Matthew Rosenquist
 
Top 5 Cybersecurity Trends in 2021 and Beyond
Top 5 Cybersecurity Trends in 2021 and BeyondTop 5 Cybersecurity Trends in 2021 and Beyond
Top 5 Cybersecurity Trends in 2021 and Beyond
Nandita Nityanandam
 
Breaking down the cyber security framework closing critical it security gaps
Breaking down the cyber security framework closing critical it security gapsBreaking down the cyber security framework closing critical it security gaps
Breaking down the cyber security framework closing critical it security gaps
IBM Security
 
2014 the future evolution of cybersecurity
2014 the future evolution of cybersecurity2014 the future evolution of cybersecurity
2014 the future evolution of cybersecurity
Matthew Rosenquist
 
Cyber security-in-india-present-status
Cyber security-in-india-present-statusCyber security-in-india-present-status
Cyber security-in-india-present-status
Rama Reddy
 
The Future of Cyber Security
The Future of Cyber SecurityThe Future of Cyber Security
The Future of Cyber Security
Stephen Lahanas
 
What trends will 2018 bring for Business Continuity Professionals?
What trends will 2018 bring for Business Continuity Professionals?What trends will 2018 bring for Business Continuity Professionals?
What trends will 2018 bring for Business Continuity Professionals?
PECB
 
Key Findings from the 2015 IBM Cyber Security Intelligence Index
Key Findings from the 2015 IBM Cyber Security Intelligence IndexKey Findings from the 2015 IBM Cyber Security Intelligence Index
Key Findings from the 2015 IBM Cyber Security Intelligence Index
IBM Security
 
Challenges in implementating cyber security
Challenges in implementating cyber securityChallenges in implementating cyber security
Challenges in implementating cyber security
Inderjeet Singh
 
40 under 40 in cybersecurity. top cyber news magazine
40 under 40 in cybersecurity. top cyber news magazine40 under 40 in cybersecurity. top cyber news magazine
40 under 40 in cybersecurity. top cyber news magazine
Bradford Sims
 
What lies ahead? 2016 Cyber Security Predictions from Symantec in the EMEA (E...
What lies ahead? 2016 Cyber Security Predictions from Symantec in the EMEA (E...What lies ahead? 2016 Cyber Security Predictions from Symantec in the EMEA (E...
What lies ahead? 2016 Cyber Security Predictions from Symantec in the EMEA (E...
Symantec
 
Shift Toward Dynamic Cyber Resilience
Shift Toward Dynamic Cyber ResilienceShift Toward Dynamic Cyber Resilience
Shift Toward Dynamic Cyber Resilience
Darren Argyle
 
Cyber attacks in 2021
Cyber attacks in 2021Cyber attacks in 2021
Cyber attacks in 2021
redteamacademypromo
 
Cyber Security Incident Response Planning
Cyber Security Incident Response PlanningCyber Security Incident Response Planning
Cyber Security Incident Response Planning
PECB
 
Twitter For Executives
Twitter For ExecutivesTwitter For Executives
Twitter For Executives
the bureau, digital agency
 
Cyber Security 2017 Challenges
Cyber Security 2017 ChallengesCyber Security 2017 Challenges
Cyber Security 2017 Challenges
Leandro Bennaton
 

Contenu connexe

Tendances

Top Cyber Threat Predictions for 2019
Top Cyber Threat Predictions for 2019Top Cyber Threat Predictions for 2019
Top Cyber Threat Predictions for 2019
PECB
 
Cyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & RecommendationsCyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & Recommendations
Ulf Mattsson
 
Top 10 cybersecurity predictions for 2016 by Matthew Rosenquist
Top 10 cybersecurity predictions for 2016 by Matthew RosenquistTop 10 cybersecurity predictions for 2016 by Matthew Rosenquist
Top 10 cybersecurity predictions for 2016 by Matthew Rosenquist
Matthew Rosenquist
 
Breaking down the cyber security framework closing critical it security gaps
Breaking down the cyber security framework closing critical it security gapsBreaking down the cyber security framework closing critical it security gaps
Breaking down the cyber security framework closing critical it security gaps
IBM Security
 
2014 the future evolution of cybersecurity
2014 the future evolution of cybersecurity2014 the future evolution of cybersecurity
2014 the future evolution of cybersecurity
Matthew Rosenquist
 
What trends will 2018 bring for Business Continuity Professionals?
What trends will 2018 bring for Business Continuity Professionals?What trends will 2018 bring for Business Continuity Professionals?
What trends will 2018 bring for Business Continuity Professionals?
PECB
 
Key Findings from the 2015 IBM Cyber Security Intelligence Index
Key Findings from the 2015 IBM Cyber Security Intelligence IndexKey Findings from the 2015 IBM Cyber Security Intelligence Index
Key Findings from the 2015 IBM Cyber Security Intelligence Index
IBM Security
 
Shift Toward Dynamic Cyber Resilience
Shift Toward Dynamic Cyber ResilienceShift Toward Dynamic Cyber Resilience
Shift Toward Dynamic Cyber Resilience
Darren Argyle
 

Tendances (20)

Pivotal Role of HR in Cybersecurity
Pivotal Role of HR in CybersecurityPivotal Role of HR in Cybersecurity
Pivotal Role of HR in Cybersecurity
 
Enterprise Cyber Security 2016
Enterprise Cyber Security 2016Enterprise Cyber Security 2016
Enterprise Cyber Security 2016
 
True Cost of Data Breaches
True Cost of Data BreachesTrue Cost of Data Breaches
True Cost of Data Breaches
 
Top Cyber Threat Predictions for 2019
Top Cyber Threat Predictions for 2019Top Cyber Threat Predictions for 2019
Top Cyber Threat Predictions for 2019
 
Must Know Cyber Security Stats of 2016
Must Know Cyber Security Stats of 2016Must Know Cyber Security Stats of 2016
Must Know Cyber Security Stats of 2016
 
Cyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & RecommendationsCyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & Recommendations
 
Top 10 cybersecurity predictions for 2016 by Matthew Rosenquist
Top 10 cybersecurity predictions for 2016 by Matthew RosenquistTop 10 cybersecurity predictions for 2016 by Matthew Rosenquist
Top 10 cybersecurity predictions for 2016 by Matthew Rosenquist
 
Top 5 Cybersecurity Trends in 2021 and Beyond
Top 5 Cybersecurity Trends in 2021 and BeyondTop 5 Cybersecurity Trends in 2021 and Beyond
Top 5 Cybersecurity Trends in 2021 and Beyond
 
Breaking down the cyber security framework closing critical it security gaps
Breaking down the cyber security framework closing critical it security gapsBreaking down the cyber security framework closing critical it security gaps
Breaking down the cyber security framework closing critical it security gaps
 
2014 the future evolution of cybersecurity
2014 the future evolution of cybersecurity2014 the future evolution of cybersecurity
2014 the future evolution of cybersecurity
 
Cyber security-in-india-present-status
Cyber security-in-india-present-statusCyber security-in-india-present-status
Cyber security-in-india-present-status
 
The Future of Cyber Security
The Future of Cyber SecurityThe Future of Cyber Security
The Future of Cyber Security
 
What trends will 2018 bring for Business Continuity Professionals?
What trends will 2018 bring for Business Continuity Professionals?What trends will 2018 bring for Business Continuity Professionals?
What trends will 2018 bring for Business Continuity Professionals?
 
Key Findings from the 2015 IBM Cyber Security Intelligence Index
Key Findings from the 2015 IBM Cyber Security Intelligence IndexKey Findings from the 2015 IBM Cyber Security Intelligence Index
Key Findings from the 2015 IBM Cyber Security Intelligence Index
 
Challenges in implementating cyber security
Challenges in implementating cyber securityChallenges in implementating cyber security
Challenges in implementating cyber security
 
40 under 40 in cybersecurity. top cyber news magazine
40 under 40 in cybersecurity. top cyber news magazine40 under 40 in cybersecurity. top cyber news magazine
40 under 40 in cybersecurity. top cyber news magazine
 
What lies ahead? 2016 Cyber Security Predictions from Symantec in the EMEA (E...
What lies ahead? 2016 Cyber Security Predictions from Symantec in the EMEA (E...What lies ahead? 2016 Cyber Security Predictions from Symantec in the EMEA (E...
What lies ahead? 2016 Cyber Security Predictions from Symantec in the EMEA (E...
 
Shift Toward Dynamic Cyber Resilience
Shift Toward Dynamic Cyber ResilienceShift Toward Dynamic Cyber Resilience
Shift Toward Dynamic Cyber Resilience
 
Cyber attacks in 2021
Cyber attacks in 2021Cyber attacks in 2021
Cyber attacks in 2021
 
Cyber Security Incident Response Planning
Cyber Security Incident Response PlanningCyber Security Incident Response Planning
Cyber Security Incident Response Planning
 

En vedette

Cyber Security: The Strategic View
Cyber Security: The Strategic ViewCyber Security: The Strategic View
Cyber Security: The Strategic View
Cisco Canada
 
Technology Explosion and Future of Investigations
Technology Explosion and Future of Investigations Technology Explosion and Future of Investigations
Technology Explosion and Future of Investigations
Case IQ
 
Best Practices for Conducting Sexual Harassment Investigations
Best Practices for Conducting Sexual Harassment InvestigationsBest Practices for Conducting Sexual Harassment Investigations
Best Practices for Conducting Sexual Harassment Investigations
Case IQ
 

En vedette (19)

Twitter For Executives
Twitter For ExecutivesTwitter For Executives
Twitter For Executives
 
Cyber Security 2017 Challenges
Cyber Security 2017 ChallengesCyber Security 2017 Challenges
Cyber Security 2017 Challenges
 
2017 - Cibersecurity v1.0 (English version)
2017 - Cibersecurity v1.0 (English version)2017 - Cibersecurity v1.0 (English version)
2017 - Cibersecurity v1.0 (English version)
 
Strategies to Combat New, Innovative Cyber Threats - 2017
Strategies to Combat New, Innovative Cyber Threats - 2017Strategies to Combat New, Innovative Cyber Threats - 2017
Strategies to Combat New, Innovative Cyber Threats - 2017
 
Cyber Security Workshop @SPIT- 3rd October 2015
Cyber Security Workshop @SPIT- 3rd October 2015Cyber Security Workshop @SPIT- 3rd October 2015
Cyber Security Workshop @SPIT- 3rd October 2015
 
Cyber Security: The Strategic View
Cyber Security: The Strategic ViewCyber Security: The Strategic View
Cyber Security: The Strategic View
 
Conference Presenation Cyber security and big data , Prof. Lili Saghafi
Conference Presenation Cyber security and big data , Prof. Lili SaghafiConference Presenation Cyber security and big data , Prof. Lili Saghafi
Conference Presenation Cyber security and big data , Prof. Lili Saghafi
 
LMTE Cyber Security Sping Summit 20 May 2015 - Presenters' slides
LMTE Cyber Security Sping Summit 20 May 2015 - Presenters' slidesLMTE Cyber Security Sping Summit 20 May 2015 - Presenters' slides
LMTE Cyber Security Sping Summit 20 May 2015 - Presenters' slides
 
Technology Explosion and Future of Investigations
Technology Explosion and Future of Investigations Technology Explosion and Future of Investigations
Technology Explosion and Future of Investigations
 
The Future of Cyber Security - Matthew Rosenquist
The Future of Cyber Security - Matthew RosenquistThe Future of Cyber Security - Matthew Rosenquist
The Future of Cyber Security - Matthew Rosenquist
 
Investigation Interview: Elicitation Techniques
Investigation Interview: Elicitation TechniquesInvestigation Interview: Elicitation Techniques
Investigation Interview: Elicitation Techniques
 
Best Practices for Conducting Sexual Harassment Investigations
Best Practices for Conducting Sexual Harassment InvestigationsBest Practices for Conducting Sexual Harassment Investigations
Best Practices for Conducting Sexual Harassment Investigations
 
Cyber crime ppt
Cyber crime pptCyber crime ppt
Cyber crime ppt
 
10 WealthTech podcasts every wealth advisor should listen to
10 WealthTech podcasts every wealth advisor should listen to10 WealthTech podcasts every wealth advisor should listen to
10 WealthTech podcasts every wealth advisor should listen to
 
An alternate view of the future
An alternate view of the futureAn alternate view of the future
An alternate view of the future
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
Cyber security awareness
Cyber security awarenessCyber security awareness
Cyber security awareness
 
General Awareness On Cyber Security
General Awareness On Cyber SecurityGeneral Awareness On Cyber Security
General Awareness On Cyber Security
 
Data Lake: A simple introduction
Data Lake: A simple introductionData Lake: A simple introduction
Data Lake: A simple introduction
 

Similaire à 2017 K12 Educators Security Briefing - Matthew Rosenquist

Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
Cristian Garcia G.
 
Don't risk it presentation
Don't risk it presentationDon't risk it presentation
Don't risk it presentation
Vincent Kwon
 
Cybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesCybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for Executives
Krist Davood - Principal - CIO
 
Assuring Reliable and Secure IT Services
Assuring Reliable and Secure IT ServicesAssuring Reliable and Secure IT Services
Assuring Reliable and Secure IT Services
tsaiblake
 
Safeguarding the Digital Realm.pdf
Safeguarding the Digital Realm.pdfSafeguarding the Digital Realm.pdf
Safeguarding the Digital Realm.pdf
jasonuchiha2
 

Similaire à 2017 K12 Educators Security Briefing - Matthew Rosenquist (20)

Regional Cyber Security Summit 2016 May 11th-13th Weston Hotel Nairobi Kenya
Regional Cyber Security Summit 2016 May 11th-13th Weston Hotel Nairobi KenyaRegional Cyber Security Summit 2016 May 11th-13th Weston Hotel Nairobi Kenya
Regional Cyber Security Summit 2016 May 11th-13th Weston Hotel Nairobi Kenya
 
Protective Intelligence
Protective IntelligenceProtective Intelligence
Protective Intelligence
 
empowering your business with top-notch cybersecurity services.pdf
empowering your business with top-notch cybersecurity services.pdfempowering your business with top-notch cybersecurity services.pdf
empowering your business with top-notch cybersecurity services.pdf
 
Cyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdfCyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdf
 
Cyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdfCyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdf
 
Cyber Security Conference - A deeper look at Microsoft Security Strategy, Tec...
Cyber Security Conference - A deeper look at Microsoft Security Strategy, Tec...Cyber Security Conference - A deeper look at Microsoft Security Strategy, Tec...
Cyber Security Conference - A deeper look at Microsoft Security Strategy, Tec...
 
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
 
Segurinfo2014 Santiago Cavanna
Segurinfo2014 Santiago CavannaSegurinfo2014 Santiago Cavanna
Segurinfo2014 Santiago Cavanna
 
Don't risk it presentation
Don't risk it presentationDon't risk it presentation
Don't risk it presentation
 
Cybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesCybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for Executives
 
Pat Pather- Cyber Security Unchartered: Vigilance, Innovation and Adaptability
Pat Pather- Cyber Security Unchartered: Vigilance, Innovation and AdaptabilityPat Pather- Cyber Security Unchartered: Vigilance, Innovation and Adaptability
Pat Pather- Cyber Security Unchartered: Vigilance, Innovation and Adaptability
 
5 Steps to Mobile Risk Management
5 Steps to Mobile Risk Management5 Steps to Mobile Risk Management
5 Steps to Mobile Risk Management
 
Defensive Cybersecurity: A Modern Approach to Safeguarding Digital Assets
Defensive Cybersecurity: A Modern Approach to Safeguarding Digital AssetsDefensive Cybersecurity: A Modern Approach to Safeguarding Digital Assets
Defensive Cybersecurity: A Modern Approach to Safeguarding Digital Assets
 
Assuring Reliable and Secure IT Services
Assuring Reliable and Secure IT ServicesAssuring Reliable and Secure IT Services
Assuring Reliable and Secure IT Services
 
Safeguarding the Digital Realm.pdf
Safeguarding the Digital Realm.pdfSafeguarding the Digital Realm.pdf
Safeguarding the Digital Realm.pdf
 
New technologies - Amer Haza'a
New technologies - Amer Haza'aNew technologies - Amer Haza'a
New technologies - Amer Haza'a
 
Cisco Connect 2018 Malaysia - Risk less, achieve more with proactive security
Cisco Connect 2018 Malaysia - Risk less, achieve more with proactive securityCisco Connect 2018 Malaysia - Risk less, achieve more with proactive security
Cisco Connect 2018 Malaysia - Risk less, achieve more with proactive security
 
Big Data Analytics Solutions
Big Data Analytics SolutionsBig Data Analytics Solutions
Big Data Analytics Solutions
 
What is cyber security
What is cyber securityWhat is cyber security
What is cyber security
 
HUMAN FACTOR AND IT/OT CORRELATION
HUMAN FACTOR AND IT/OT CORRELATION HUMAN FACTOR AND IT/OT CORRELATION
HUMAN FACTOR AND IT/OT CORRELATION
 

Plus de Matthew Rosenquist

Improving Healthcare Risk Assessments to Maximize Security Budgets
Improving Healthcare Risk Assessments to Maximize Security BudgetsImproving Healthcare Risk Assessments to Maximize Security Budgets
Improving Healthcare Risk Assessments to Maximize Security Budgets
Matthew Rosenquist
 
2015 August - Intel Security McAfee Labs Quarterly Threat Report
2015 August - Intel Security McAfee Labs Quarterly Threat Report2015 August - Intel Security McAfee Labs Quarterly Threat Report
2015 August - Intel Security McAfee Labs Quarterly Threat Report
Matthew Rosenquist
 
Mergers and Acquisition Security - Areas of Interest
Mergers and Acquisition Security - Areas of InterestMergers and Acquisition Security - Areas of Interest
Mergers and Acquisition Security - Areas of Interest
Matthew Rosenquist
 
Intel IT Experts Tour Cyber Security - Matthew Rosenquist 2013
Intel IT Experts Tour Cyber Security - Matthew Rosenquist 2013Intel IT Experts Tour Cyber Security - Matthew Rosenquist 2013
Intel IT Experts Tour Cyber Security - Matthew Rosenquist 2013
Matthew Rosenquist
 

Plus de Matthew Rosenquist (17)

Improving Healthcare Risk Assessments to Maximize Security Budgets
Improving Healthcare Risk Assessments to Maximize Security BudgetsImproving Healthcare Risk Assessments to Maximize Security Budgets
Improving Healthcare Risk Assessments to Maximize Security Budgets
 
Six Scenarios How Russia May Use Nukes.pdf
Six Scenarios How Russia May Use Nukes.pdfSix Scenarios How Russia May Use Nukes.pdf
Six Scenarios How Russia May Use Nukes.pdf
 
Top Cyber News Magazine - Oct 2022
Top Cyber News Magazine - Oct 2022Top Cyber News Magazine - Oct 2022
Top Cyber News Magazine - Oct 2022
 
2022 Cybersecurity Predictions
2022 Cybersecurity Predictions2022 Cybersecurity Predictions
2022 Cybersecurity Predictions
 
McAfee Labs 2017 Threats Predictions
McAfee Labs 2017 Threats PredictionsMcAfee Labs 2017 Threats Predictions
McAfee Labs 2017 Threats Predictions
 
Cybersecurity Curricula Guidelines for Post-Secondary Degree Programs
Cybersecurity Curricula Guidelines for Post-Secondary Degree ProgramsCybersecurity Curricula Guidelines for Post-Secondary Degree Programs
Cybersecurity Curricula Guidelines for Post-Secondary Degree Programs
 
How Cyber Attacks are Changing Security - CSE ISCWest 2017 - Matthew Rosenqui...
How Cyber Attacks are Changing Security - CSE ISCWest 2017 - Matthew Rosenqui...How Cyber Attacks are Changing Security - CSE ISCWest 2017 - Matthew Rosenqui...
How Cyber Attacks are Changing Security - CSE ISCWest 2017 - Matthew Rosenqui...
 
Cybersecurity Risks and Recommendations - PSA TEC 2017 - Matthew Rosenquist
Cybersecurity Risks and Recommendations - PSA TEC 2017 - Matthew RosenquistCybersecurity Risks and Recommendations - PSA TEC 2017 - Matthew Rosenquist
Cybersecurity Risks and Recommendations - PSA TEC 2017 - Matthew Rosenquist
 
2019 Keynote at the Techno Security and Digital Forensics Conference - The Ve...
2019 Keynote at the Techno Security and Digital Forensics Conference - The Ve...2019 Keynote at the Techno Security and Digital Forensics Conference - The Ve...
2019 Keynote at the Techno Security and Digital Forensics Conference - The Ve...
 
Preparing for the Next Evolutions of Ransomware - Matthew Rosenquist 2018
Preparing for the Next Evolutions of Ransomware - Matthew Rosenquist 2018Preparing for the Next Evolutions of Ransomware - Matthew Rosenquist 2018
Preparing for the Next Evolutions of Ransomware - Matthew Rosenquist 2018
 
2015 August - Intel Security McAfee Labs Quarterly Threat Report
2015 August - Intel Security McAfee Labs Quarterly Threat Report2015 August - Intel Security McAfee Labs Quarterly Threat Report
2015 August - Intel Security McAfee Labs Quarterly Threat Report
 
2015 Global APT Summit - Understanding APT threat agent characteristics is ke...
2015 Global APT Summit - Understanding APT threat agent characteristics is ke...2015 Global APT Summit - Understanding APT threat agent characteristics is ke...
2015 Global APT Summit - Understanding APT threat agent characteristics is ke...
 
Mergers and Acquisition Security - Areas of Interest
Mergers and Acquisition Security - Areas of InterestMergers and Acquisition Security - Areas of Interest
Mergers and Acquisition Security - Areas of Interest
 
2015 Global APT Summit Matthew Rosenquist
2015 Global APT Summit Matthew Rosenquist2015 Global APT Summit Matthew Rosenquist
2015 Global APT Summit Matthew Rosenquist
 
Top 10 Cybersecurity Predictions for 2015
Top 10 Cybersecurity Predictions for 2015Top 10 Cybersecurity Predictions for 2015
Top 10 Cybersecurity Predictions for 2015
 
Intel Cyber Security Briefing at the Cyberstrat14 Security Conference in Hels...
Intel Cyber Security Briefing at the Cyberstrat14 Security Conference in Hels...Intel Cyber Security Briefing at the Cyberstrat14 Security Conference in Hels...
Intel Cyber Security Briefing at the Cyberstrat14 Security Conference in Hels...
 
Intel IT Experts Tour Cyber Security - Matthew Rosenquist 2013
Intel IT Experts Tour Cyber Security - Matthew Rosenquist 2013Intel IT Experts Tour Cyber Security - Matthew Rosenquist 2013
Intel IT Experts Tour Cyber Security - Matthew Rosenquist 2013
 

Dernier

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Roshan Dwivedi
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 

Dernier (20)

GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 

2017 K12 Educators Security Briefing - Matthew Rosenquist

  • 2. “We manage security through Leadership and Preparation, otherwise we face Crisis and Desperation” 2
  • 3.  Data breach – administration, student, and vendor records  Malware/ransomware of devices  Financial theft and fraud  Student bullying, stalking, & safety  Regulatory non-compliance, audit  Denial of Service - Operational unavailability of systems  Reputation, smear, & social attacks  Asset misuse, theft, unauthorized content hosting, file sharing  Information integrity “Ferris Bueller attack”– grades & communications CyberImpactingtheeducationsector 3
  • 5. EvolvingLandscape,Adversaries,andimpacts i 93%ofPhishingis Ransomware Upwards of $75 billion in global impact i 97%of Fortune 1000companies Lost data or credentials 2014-2016 i $16Billionin Losses Identity theft & fraud in 2016, up 16% from 2015 IMPACTS GO FAR BEYOND EXPECTATIONS Cybersecurity costs typically measured as part of an incident Actual costs of long term impacts including lost contract revenue, operational disruption, devaluation of trade name, loss of IP, rises in insurance premiums, increased cost to raise debt, customer relationship impacts %COST ~1%* Source: US Tech Manufacturing Company Case Study , Deloitte ~99% 5 More Users New Devices Innovative Usages Generating Vast Data Sensitive Functions Increased Target Value i 40%Increase Data Breach disclosures from 2015 to 2016 i 400kNew Malware/Day 575 million unique samples of malware exist i 200%increase In cyber-crime in the last 5 years
  • 6. ItisaDataBreachWorld a Top 10 Healthcare breaches of 2015 affected almost 35% of the US population Just for California… 171 breaches involving 24m million records (3 out of 5 Californians) In 2015, overt 700 million records were lost or stolen (that is 80k per hour) 6
  • 7. 25+Million Applications Connected and creating 50x the volume of data 50-200BillionDevices Connected to the Internet $6trillion Cyber-crime impact globally by 2021 $3–$90trillion Aggregate innovation impact of cyber-risks 400kNew Malware/Day 630 million unique samples of malware exist today $75billion Rise of ransomware becomes a multi-billion dollar problem 4 BillionUsersOnline Up from 2+ billion today 50Trillion Gigabytes Amount of data being created A World of Targets with Increased Value 7
  • 8. Dante'sInfernoofCybersecurityImpacts Denial of Service (Availability) • Access of customers • Availability of data, systems, & services • DDOS network attacks, ransom-ware data locking attacks Data Theft & Exposure (Confidentiality) • ID Theft • Privacy • Data Breach • Transaction data • Database hacks, skimming, lost storage, keylogging Monitor & Manipulate (Integrity) • Internal-access surveillance for advantage • Tamper/Manipulation • Long-term data gathering campaign Security Competency Attacker Innovation Attacks expand over time, increasing in severity based upon different technology and usages Own & Obliterate (C/I/A) • Administrative ownership and control • Capability of unrecoverable obliteration • Strategic attack, undermining of org capability 8
  • 10. OPERATIONAL, INDUSTRIAL, AND VIRTUAL SYSTEMS GOVERNANCE, TRUST, AND OVERSIGHT SYSTEMS DATA, INFORMATION AND CONTROL MECHANISMS ENDPOINTS, NETWORKS, SERVICES, AND MACHINES ACCES CONTROL AND IDENTITY SECURITY, SAFETY, AND PRIVACY CONTROLS The 5 most cyber-attacked industries in 2015: 1. Healthcare 2. Manufacturing 3. Financial Services 4. Government 5. Transportation 10
  • 11. TechInnovation&AdoptionDrivesRisks New technology bridges the virtual and physical worlds, to connect and enrich peoples lives 11
  • 12. Government’s roles expand, more regulations and standards Advances in nation-state cyber-offense affects everyone Life safety and cybersecurity intersect in products Rise in digital theft, extortion, and fraud Real-world impacts of cybersecurity emerge Security expectations increase by consumers, businesses, and regulators Attackers evolve, adapt, & accelerate faster than security Trust and Integrity are targeted and undermined Security technologies improve but remain outpaced and outmaneuvered Lack of security talent hinders the industry EvolvingLandscape,Adversaries,&Battlefield 13
  • 13. SecurityFutures: 13 1. Make no mistake, everyone is a target 2. Threats remain equitable to the growth and use of technology 3. Society expectations increase for cyber security, privacy, and safety 4. Evolving landscape will bring new threats, attacks, and impacts 5. Pendulum swings towards more security, ultimately settles for an optimal balance (regulatory, tech innovators/manufacturers, and best practices) 6. Threats target technology, processes, and people. Cybersecurity must cover all aspects to be effective over time
  • 15. “Two types of victims exist: Those who are easy targets and those with something of value” - Don’t be an easy target, and protect your valuables. 15
  • 16. TheBestOrganizations a Seeks Optimal Risk Risk management planning Anticipates impacts Balance Cost, Risk, & Usability Adapts to shifting demands Comprehensive Processes Security as a continuous cycle Continuous improvement process Technology and Behaviors Obstacles and Opposition Leads into the Future Clearly defines success Plans for a sustainable future Roles and accountability Continuously adapting 16
  • 17. HowCanYouBePrepared? Cyber-Security Capability Process 17 Sustainably effective security requires a continual process to properly allocate resources, enabling operational flexibility while driving cost efficiency and risk manageability
  • 18. Balance:SecurityValueAspects Optimal security is the right balance of cost, user experience, and risk tradeoffs Optimal security is the right balance of cost, user experience, and risk tradeoffs 19
  • 19. Layered:SecurityTechnologyIntegration NETWORK • Firewalls, demilitarized zones, data loss prevention, ID management, traffic & content filters PLATFORM • Antivirus software, patching, minimum security specifications for systems APPLICATION • Secure coding, testing, security specifications FILE AND DATA • File and data encryption, enterprise rights management CLOUD USER Security must persist at multiple layers to insure consistency and comprehensiveness 20
  • 20. ImportantConsiderations… 20 Smarter vs More Collaboration across security functions improving effectiveness Better IT choices & enablement Properly balancing the risk, cost, and usability constraints Expectations Drive Change Society’s expectations shift with pain, impact, and inconvenience Trust will be valued, demanded Security, privacy, and controls will align with greater impacts Controls Must Adapt Innovation intersecting emerging attacks to keep pace with attackers Static defenses are easy to defeat Intelligence, analysis, and actions must feedback to improve systems
  • 21. OpportunitiesandRisks 21 1. Understand the exposure and risks of connected technology 2. Communicate and develop capabilities aligned to risk goals 3. Seek out trusted partners, tech providers, and security solutions 4. Follow cyber best practices, which must adapt to new challenges 5. Lead. Before the threats gain a significant advantage
  • 22. Conclusions Cyber threats pose significant risks to security, safety, and privacy Cyber will continue to have an ever greater impact on educational environments New threat vectors will emerge as advanced technology is integrated The rise of cyber represents risks and opportunities Leaders with insights to the future have the best opportunity to align resources and be prepared 22
  • 23. “We manage security through Leadership and Preparation, otherwise we face Crisis and Desperation” …Areyouprepared?