SlideShare a Scribd company logo

Cyber Security Conference - A deeper look at Microsoft Security Strategy, Technology Trends and the Economy of Cybercrime, By Chief Security Advisor Reto Haeni, Microsoft Western Europe

Microsoft
Microsoft

Cyber Security Conference - A deeper look at Microsoft Security Strategy, Technology Trends and the Economy of Cybercrime, By Chief Security Advisor Reto Haeni, Microsoft Western Europe

Technology
1 of 35
Download to read offline
Year 2025 world Internet users of consumer electronics sold in emerging economies mobile Internet subscriptions globally data will move through or be stored in the cloud
Security and privacy are a top leadership concern 3 Managing risk in an increasingly connected world “This Nexus of Forces is impacting security in terms of new vulnerabilities. –Ruggero Contu, Christian Canales and Lawrence Pingree. Forecast Overview: Information Security, Worldwide, 2014 Update. Gartner, Inc. June 25, 2014. Impact of cyber attacks could be as much as $3 trillion in lost productivity and growth Implications Job security Customer loyalty Intellectual property Legal liabilityBrand reputation $ 3.5M Average cost of a data breach to a company 15 % increase YoY median # of days attackers are present on a victim network before detection243 level issue is a CxO Security
Verizon, “2014 Data Breach Investigations Report” 74.8% Percentage of total security incidents in 2013 directed toward public sector Make no mistake…we are Under Attack Public Sector, Retail, Financial Services & SOE’s are the primary targets
Some More Details - Evolution to Targeted Threats Indiscriminate Targeted Consumer Enterprise Target Single Vector Multi-vector Manual Automated Desktop Device and Cloud Visible Concealed Lone Agent Organised Ecosystem Spam Information Theft Information Theft Information Destruction “The world is changing very fast. Big will not beat small anymore. It will be the fast beating the slow.” Rupert Murdoch
Origin of Data Breaches Who is behind data breaches? How do breaches occur? 98% stemmed from external agents (+6%) 4% implicated internal employees (-13%) <1% committed by business partners (<>) 58% of all data theft tied to activist groups 81% utilized some form of hacking (+31%) 69% incorporated malware (+20%) 10% involved physical attacks (-19%) 7% employed social tactics (-4%) 5% resulted from privilege misuse (-12%) Source: Verizon 2012 Data Breach investigations Report
We are not combating hackers We are combating an ecosystem Simplified diagram of the abuse supply chain
Coordination Collaboration Disruption
set policies and principles identify, block, sinkhole Seize, prosecute, takedown security by design identify, block, partner starve Anti-malware and security ecosystem Large-scale Public Services Cloud Providers, Telco’s Government Ad Networks Banks, Finance, Commerce OEMs Vendors CERTs, ISPs & Law Enforcement How do we win? It will take a partnership
Microsoft Experience and Credentials
Dependable, available Predictable, consistent, responsive service Maintainable Resilient, easily restored Proven, ready Trustworthy Computing Working Toward a Safer, More Trusted Internet Security Privacy Business PracticesReliability Secures against attacks Protects confidentiality, integrity, and availability of data and systems Helps manage risk Protects from unwanted communication User choice and control Products, online services adhere to fair information principles Commitment to customer-centric interoperability Recognized industry leader, world-class partner Open, transparent
Elements to a Resilient Infrastructure Protect Detect Threat Information Management Response
14 Resilience against modern Cyberthreats - The Hockey Analogy Placeholder for hockey player picture 😏
15 Coaching Management Build the Foundation for Success and Adapt to Changes
16 Goalie Protect Patch, Deploy Newer Products, Apply the SDL
17 Awareness Detect Active Attacks
18 Defense Response Customer, CSS and Cybersecurity Team
Intelligence Threat Information
20 Protect Patch, Deploy Newer Products, Apply the SDL Detect Active Attacks Response Customer, CSS and Cybersecurity Incident Response Threat Information Management
OverallResilienceofanOrganizationsIT Infrastructure Achieving Overall Resilience Cloud Resilience On-Premises Systems Resilience
We aggressively fight cybercrime and advocate extensively for enhancing cybersecurity We invest deeply in building a trustworthy computing platform and security expertise Microsoft is committed to protecting our customers and being a global cybersecurity advocate We have strong principles and policies that empower you to be in control of your information Security Privacy Compliance Transparency Advocacy Risk management Governance
• Deeper source inspection
Achieving Overall Resilience Cloud Security and Compliance Trustworthy Cloud
Public Data Internal Data Confidential Data
Commitment to industry standards and organizational compliance
On personal devices 24 x 7 collaborationOn the road In the officeAt home Through social media
OverallResilienceofanOrganizationsIT Infrastructure Wrapping Up: Overall Resilience Use trustworthy cloud services to take advantage of the industry leading security processes, technology and skills deployed in Microsoft’s Cloud Services Cloud Resilience Stay Current (Upgrade) + Patch Management Align Active Directory to Threat Environment Assess Threats and Countermeasures Implement Secure Development Practices Use secured devices and enterprise mobility management to gain more control over information and apps in a BYOD as well as enterprise steered device strategy Work with Microsoft’s Consulting Services to implement the security pillars Protect, Detect and Respond to achieve resilience in your on- premises infrastructure. On-PremisesSystems Resilience
36 © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION. Reto Haeni Chief Security Officer & Advisor Microsoft Western Europe HQ reto.haeni@microsoft.com blog: www.retohaeni.net

Recommended

Get Prepared
Get PreparedGet Prepared
Get Prepared
Hewlett Packard Enterprise Business Value Exchange
 
Indusrty Strategy For Action
Indusrty Strategy For ActionIndusrty Strategy For Action
Indusrty Strategy For Action
Barry Greene
 
Plan for the Worst; Fight for the Best
Plan for the Worst; Fight for the BestPlan for the Worst; Fight for the Best
Plan for the Worst; Fight for the Best
Hewlett Packard Enterprise Business Value Exchange
 
2011 FCC CSRIC WG2A Cyber Security Best Practices Final Report
2011 FCC CSRIC WG2A Cyber Security Best Practices Final Report2011 FCC CSRIC WG2A Cyber Security Best Practices Final Report
2011 FCC CSRIC WG2A Cyber Security Best Practices Final Report
Phil Agcaoili
 
Scalar security study2017_slideshare_rev[1]
Scalar security study2017_slideshare_rev[1]Scalar security study2017_slideshare_rev[1]
Scalar security study2017_slideshare_rev[1]
Tracey Ong
 
2016 Scalar Security Study: The Cyber Security Readiness of Canadian Organiza...
2016 Scalar Security Study: The Cyber Security Readiness of Canadian Organiza...2016 Scalar Security Study: The Cyber Security Readiness of Canadian Organiza...
2016 Scalar Security Study: The Cyber Security Readiness of Canadian Organiza...
Scalar Decisions
 
Cybersecurity 2020 the biggest threats to watch out for
Cybersecurity 2020 the biggest threats to watch out forCybersecurity 2020 the biggest threats to watch out for
Cybersecurity 2020 the biggest threats to watch out for
Cigniti Technologies Ltd
 
The Stand Against Cyber Criminals Lawyers, Take The Stand Against Cyber Crimi...
The Stand Against Cyber Criminals Lawyers, Take The Stand Against Cyber Crimi...The Stand Against Cyber Criminals Lawyers, Take The Stand Against Cyber Crimi...
The Stand Against Cyber Criminals Lawyers, Take The Stand Against Cyber Crimi...
Symantec
 

Recommended

Get Prepared
Get PreparedGet Prepared
Get Prepared
Hewlett Packard Enterprise Business Value Exchange
 
Indusrty Strategy For Action
Indusrty Strategy For ActionIndusrty Strategy For Action
Indusrty Strategy For Action
Barry Greene
 
Plan for the Worst; Fight for the Best
Plan for the Worst; Fight for the BestPlan for the Worst; Fight for the Best
Plan for the Worst; Fight for the Best
Hewlett Packard Enterprise Business Value Exchange
 
2011 FCC CSRIC WG2A Cyber Security Best Practices Final Report
2011 FCC CSRIC WG2A Cyber Security Best Practices Final Report2011 FCC CSRIC WG2A Cyber Security Best Practices Final Report
2011 FCC CSRIC WG2A Cyber Security Best Practices Final Report
Phil Agcaoili
 
Scalar security study2017_slideshare_rev[1]
Scalar security study2017_slideshare_rev[1]Scalar security study2017_slideshare_rev[1]
Scalar security study2017_slideshare_rev[1]
Tracey Ong
 
2016 Scalar Security Study: The Cyber Security Readiness of Canadian Organiza...
2016 Scalar Security Study: The Cyber Security Readiness of Canadian Organiza...2016 Scalar Security Study: The Cyber Security Readiness of Canadian Organiza...
2016 Scalar Security Study: The Cyber Security Readiness of Canadian Organiza...
Scalar Decisions
 
Cybersecurity 2020 the biggest threats to watch out for
Cybersecurity 2020 the biggest threats to watch out forCybersecurity 2020 the biggest threats to watch out for
Cybersecurity 2020 the biggest threats to watch out for
Cigniti Technologies Ltd
 
The Stand Against Cyber Criminals Lawyers, Take The Stand Against Cyber Crimi...
The Stand Against Cyber Criminals Lawyers, Take The Stand Against Cyber Crimi...The Stand Against Cyber Criminals Lawyers, Take The Stand Against Cyber Crimi...
The Stand Against Cyber Criminals Lawyers, Take The Stand Against Cyber Crimi...
Symantec
 
The Three Pitfalls of Data Security
The Three Pitfalls of Data SecurityThe Three Pitfalls of Data Security
The Three Pitfalls of Data Security
MarkLogic
 
clearswift-adaptive-redaction-brochure
clearswift-adaptive-redaction-brochureclearswift-adaptive-redaction-brochure
clearswift-adaptive-redaction-brochure
Lee Dalton
 
Integrating-Cyber-Security-for-Increased-Effectiveness
Integrating-Cyber-Security-for-Increased-EffectivenessIntegrating-Cyber-Security-for-Increased-Effectiveness
Integrating-Cyber-Security-for-Increased-Effectiveness
Ayham Kochaji
 
Cyber Security Infographic
Cyber Security InfographicCyber Security Infographic
Cyber Security Infographic
Booz Allen Hamilton
 
Overview of Haystax Technology
Overview of Haystax TechnologyOverview of Haystax Technology
Overview of Haystax Technology
Haystax Technology
 
The Business Case for Data Security
The Business Case for Data SecurityThe Business Case for Data Security
The Business Case for Data Security
Imperva
 
Tripwire_UK_Executive_Cybersecurity_Literacy_Survey
Tripwire_UK_Executive_Cybersecurity_Literacy_SurveyTripwire_UK_Executive_Cybersecurity_Literacy_Survey
Tripwire_UK_Executive_Cybersecurity_Literacy_Survey
Melloney Jewell
 
Biznesa infrastruktūras un datu drošības juridiskie aspekti
Biznesa infrastruktūras un datu drošības juridiskie aspektiBiznesa infrastruktūras un datu drošības juridiskie aspekti
Biznesa infrastruktūras un datu drošības juridiskie aspekti
ebuc
 
The Security Circle- Services Offered
The Security Circle- Services OfferedThe Security Circle- Services Offered
The Security Circle- Services Offered
Rachel Anne Carter
 
Protective Intelligence
Protective IntelligenceProtective Intelligence
Protective Intelligence
wbesse
 
Cost of Cybercrime Study in Financial Services: 2019 Report
Cost of Cybercrime Study in Financial Services: 2019 ReportCost of Cybercrime Study in Financial Services: 2019 Report
Cost of Cybercrime Study in Financial Services: 2019 Report
accenture
 
Improving cyber-security through acquisition
Improving cyber-security through acquisitionImproving cyber-security through acquisition
Improving cyber-security through acquisition
Christopher Dorobek
 
The Cyber Security Readiness of Canadian Organizations
The Cyber Security Readiness of Canadian OrganizationsThe Cyber Security Readiness of Canadian Organizations
The Cyber Security Readiness of Canadian Organizations
Brian Rushton-Phillips
 
[ON-DEMAND WEBINAR] Managed Service Providers vs Managed Security Service Pro...
[ON-DEMAND WEBINAR] Managed Service Providers vs Managed Security Service Pro...[ON-DEMAND WEBINAR] Managed Service Providers vs Managed Security Service Pro...
[ON-DEMAND WEBINAR] Managed Service Providers vs Managed Security Service Pro...
Rea & Associates
 
Securing the Digital Economy: Reinventing the Internet
Securing the Digital Economy: Reinventing the Internet Securing the Digital Economy: Reinventing the Internet
Securing the Digital Economy: Reinventing the Internet
accenture
 
Building Cyber Resilience in the Digital Economy
Building Cyber Resilience in the Digital EconomyBuilding Cyber Resilience in the Digital Economy
Building Cyber Resilience in the Digital Economy
Agus Wicaksono
 
2020 Cost of Insider Threats Global Report with Dr. Larry Ponemon, Chairman ...
2020 Cost of Insider Threats Global Report with Dr. Larry Ponemon, Chairman ... 2020 Cost of Insider Threats Global Report with Dr. Larry Ponemon, Chairman ...
2020 Cost of Insider Threats Global Report with Dr. Larry Ponemon, Chairman ...
Proofpoint
 
Maintain data privacy during software development
Maintain data privacy during software developmentMaintain data privacy during software development
Maintain data privacy during software development
MuhammadArif823
 
FDseminar IT Risk - Yuri Bobbert - Antwerp Management School
FDseminar IT Risk - Yuri Bobbert - Antwerp Management School FDseminar IT Risk - Yuri Bobbert - Antwerp Management School
FDseminar IT Risk - Yuri Bobbert - Antwerp Management School
FDMagazine
 
2018 State of Cyber Resilience for Insurance
2018 State of Cyber Resilience for Insurance2018 State of Cyber Resilience for Insurance
2018 State of Cyber Resilience for Insurance
Accenture Insurance
 
Cyber Security Conference - Praktiske erfaringer med Implementering af Cyber ...
Cyber Security Conference - Praktiske erfaringer med Implementering af Cyber ...Cyber Security Conference - Praktiske erfaringer med Implementering af Cyber ...
Cyber Security Conference - Praktiske erfaringer med Implementering af Cyber ...
Microsoft
 
CFO konference - Financial management i Microsoft og et kulturelt pionerproje...
CFO konference - Financial management i Microsoft og et kulturelt pionerproje...CFO konference - Financial management i Microsoft og et kulturelt pionerproje...
CFO konference - Financial management i Microsoft og et kulturelt pionerproje...
Microsoft
 

More Related Content

What's hot

clearswift-adaptive-redaction-brochure
clearswift-adaptive-redaction-brochureclearswift-adaptive-redaction-brochure
clearswift-adaptive-redaction-brochure
Lee Dalton
 
Integrating-Cyber-Security-for-Increased-Effectiveness
Integrating-Cyber-Security-for-Increased-EffectivenessIntegrating-Cyber-Security-for-Increased-Effectiveness
Integrating-Cyber-Security-for-Increased-Effectiveness
Ayham Kochaji
 
Tripwire_UK_Executive_Cybersecurity_Literacy_Survey
Tripwire_UK_Executive_Cybersecurity_Literacy_SurveyTripwire_UK_Executive_Cybersecurity_Literacy_Survey
Tripwire_UK_Executive_Cybersecurity_Literacy_Survey
Melloney Jewell
 
The Security Circle- Services Offered
The Security Circle- Services OfferedThe Security Circle- Services Offered
The Security Circle- Services Offered
Rachel Anne Carter
 
[ON-DEMAND WEBINAR] Managed Service Providers vs Managed Security Service Pro...
[ON-DEMAND WEBINAR] Managed Service Providers vs Managed Security Service Pro...[ON-DEMAND WEBINAR] Managed Service Providers vs Managed Security Service Pro...
[ON-DEMAND WEBINAR] Managed Service Providers vs Managed Security Service Pro...
Rea & Associates
 
2020 Cost of Insider Threats Global Report with Dr. Larry Ponemon, Chairman ...
2020 Cost of Insider Threats Global Report with Dr. Larry Ponemon, Chairman ... 2020 Cost of Insider Threats Global Report with Dr. Larry Ponemon, Chairman ...
2020 Cost of Insider Threats Global Report with Dr. Larry Ponemon, Chairman ...
Proofpoint
 

What's hot (20)

The Three Pitfalls of Data Security
The Three Pitfalls of Data SecurityThe Three Pitfalls of Data Security
The Three Pitfalls of Data Security
 
clearswift-adaptive-redaction-brochure
clearswift-adaptive-redaction-brochureclearswift-adaptive-redaction-brochure
clearswift-adaptive-redaction-brochure
 
Integrating-Cyber-Security-for-Increased-Effectiveness
Integrating-Cyber-Security-for-Increased-EffectivenessIntegrating-Cyber-Security-for-Increased-Effectiveness
Integrating-Cyber-Security-for-Increased-Effectiveness
 
Cyber Security Infographic
Cyber Security InfographicCyber Security Infographic
Cyber Security Infographic
 
Overview of Haystax Technology
Overview of Haystax TechnologyOverview of Haystax Technology
Overview of Haystax Technology
 
The Business Case for Data Security
The Business Case for Data SecurityThe Business Case for Data Security
The Business Case for Data Security
 
Tripwire_UK_Executive_Cybersecurity_Literacy_Survey
Tripwire_UK_Executive_Cybersecurity_Literacy_SurveyTripwire_UK_Executive_Cybersecurity_Literacy_Survey
Tripwire_UK_Executive_Cybersecurity_Literacy_Survey
 
Biznesa infrastruktūras un datu drošības juridiskie aspekti
Biznesa infrastruktūras un datu drošības juridiskie aspektiBiznesa infrastruktūras un datu drošības juridiskie aspekti
Biznesa infrastruktūras un datu drošības juridiskie aspekti
 
The Security Circle- Services Offered
The Security Circle- Services OfferedThe Security Circle- Services Offered
The Security Circle- Services Offered
 
Protective Intelligence
Protective IntelligenceProtective Intelligence
Protective Intelligence
 
Cost of Cybercrime Study in Financial Services: 2019 Report
Cost of Cybercrime Study in Financial Services: 2019 ReportCost of Cybercrime Study in Financial Services: 2019 Report
Cost of Cybercrime Study in Financial Services: 2019 Report
 
Improving cyber-security through acquisition
Improving cyber-security through acquisitionImproving cyber-security through acquisition
Improving cyber-security through acquisition
 
The Cyber Security Readiness of Canadian Organizations
The Cyber Security Readiness of Canadian OrganizationsThe Cyber Security Readiness of Canadian Organizations
The Cyber Security Readiness of Canadian Organizations
 
[ON-DEMAND WEBINAR] Managed Service Providers vs Managed Security Service Pro...
[ON-DEMAND WEBINAR] Managed Service Providers vs Managed Security Service Pro...[ON-DEMAND WEBINAR] Managed Service Providers vs Managed Security Service Pro...
[ON-DEMAND WEBINAR] Managed Service Providers vs Managed Security Service Pro...
 
Securing the Digital Economy: Reinventing the Internet
Securing the Digital Economy: Reinventing the Internet Securing the Digital Economy: Reinventing the Internet
Securing the Digital Economy: Reinventing the Internet
 
Building Cyber Resilience in the Digital Economy
Building Cyber Resilience in the Digital EconomyBuilding Cyber Resilience in the Digital Economy
Building Cyber Resilience in the Digital Economy
 
2020 Cost of Insider Threats Global Report with Dr. Larry Ponemon, Chairman ...
2020 Cost of Insider Threats Global Report with Dr. Larry Ponemon, Chairman ... 2020 Cost of Insider Threats Global Report with Dr. Larry Ponemon, Chairman ...
2020 Cost of Insider Threats Global Report with Dr. Larry Ponemon, Chairman ...
 
Maintain data privacy during software development
Maintain data privacy during software developmentMaintain data privacy during software development
Maintain data privacy during software development
 
FDseminar IT Risk - Yuri Bobbert - Antwerp Management School
FDseminar IT Risk - Yuri Bobbert - Antwerp Management School FDseminar IT Risk - Yuri Bobbert - Antwerp Management School
FDseminar IT Risk - Yuri Bobbert - Antwerp Management School
 
2018 State of Cyber Resilience for Insurance
2018 State of Cyber Resilience for Insurance2018 State of Cyber Resilience for Insurance
2018 State of Cyber Resilience for Insurance
 

Viewers also liked

CFO konference - Financial management i Microsoft og et kulturelt pionerproje...
CFO konference - Financial management i Microsoft og et kulturelt pionerproje...CFO konference - Financial management i Microsoft og et kulturelt pionerproje...
CFO konference - Financial management i Microsoft og et kulturelt pionerproje...
Microsoft
 

Viewers also liked (20)

Cyber Security Conference - Praktiske erfaringer med Implementering af Cyber ...
Cyber Security Conference - Praktiske erfaringer med Implementering af Cyber ...Cyber Security Conference - Praktiske erfaringer med Implementering af Cyber ...
Cyber Security Conference - Praktiske erfaringer med Implementering af Cyber ...
 
CFO konference - Financial management i Microsoft og et kulturelt pionerproje...
CFO konference - Financial management i Microsoft og et kulturelt pionerproje...CFO konference - Financial management i Microsoft og et kulturelt pionerproje...
CFO konference - Financial management i Microsoft og et kulturelt pionerproje...
 
Cyber Security Conference - Rethinking cyber-threat
Cyber Security Conference - Rethinking cyber-threatCyber Security Conference - Rethinking cyber-threat
Cyber Security Conference - Rethinking cyber-threat
 
Медиапроект Pubtime. Презентация для инвестора
Медиапроект Pubtime. Презентация для инвестораМедиапроект Pubtime. Презентация для инвестора
Медиапроект Pubtime. Презентация для инвестора
 
Modern workplace
Modern workplaceModern workplace
Modern workplace
 
Prescriptive SellingTM en game changer ift at sikre en effektiv salgsstyrke
Prescriptive SellingTM en game changer ift at sikre en effektiv salgsstyrkePrescriptive SellingTM en game changer ift at sikre en effektiv salgsstyrke
Prescriptive SellingTM en game changer ift at sikre en effektiv salgsstyrke
 
MDOP
MDOPMDOP
MDOP
 
Tre danske virksomheders erfaringer med Office 365 - den konkrete forskel for...
Tre danske virksomheders erfaringer med Office 365 - den konkrete forskel for...Tre danske virksomheders erfaringer med Office 365 - den konkrete forskel for...
Tre danske virksomheders erfaringer med Office 365 - den konkrete forskel for...
 
Alm. brand integrerer forretningsprocesser i en microsoft bi platform
Alm. brand integrerer forretningsprocesser i en microsoft bi platformAlm. brand integrerer forretningsprocesser i en microsoft bi platform
Alm. brand integrerer forretningsprocesser i en microsoft bi platform
 
Ledelseskompas målrettet MT Højgaards ledelse
Ledelseskompas målrettet MT Højgaards ledelseLedelseskompas målrettet MT Højgaards ledelse
Ledelseskompas målrettet MT Højgaards ledelse
 
Kundeservice for vindere
Kundeservice for vindereKundeservice for vindere
Kundeservice for vindere
 
Трейвиш А.И. Страноведение Лекция 1
Трейвиш А.И. Страноведение Лекция 1Трейвиш А.И. Страноведение Лекция 1
Трейвиш А.И. Страноведение Лекция 1
 
Microsoft Next 2014 - Productivity session 5 - Projektoverblik, effektivt sam...
Microsoft Next 2014 - Productivity session 5 - Projektoverblik, effektivt sam...Microsoft Next 2014 - Productivity session 5 - Projektoverblik, effektivt sam...
Microsoft Next 2014 - Productivity session 5 - Projektoverblik, effektivt sam...
 
Velfærd for færre resourcer
Velfærd for færre resourcerVelfærd for færre resourcer
Velfærd for færre resourcer
 
FREMTIDENS CFO
FREMTIDENS CFOFREMTIDENS CFO
FREMTIDENS CFO
 
Lad data styre din forretning
Lad data styre din forretningLad data styre din forretning
Lad data styre din forretning
 
Find værdi i alle data
Find værdi i alle dataFind værdi i alle data
Find værdi i alle data
 
Den Moderne Arbejdsplads - New Ways of Working i ISS, af Jeff Gravenhorst, Gr...
Den Moderne Arbejdsplads - New Ways of Working i ISS, af Jeff Gravenhorst, Gr...Den Moderne Arbejdsplads - New Ways of Working i ISS, af Jeff Gravenhorst, Gr...
Den Moderne Arbejdsplads - New Ways of Working i ISS, af Jeff Gravenhorst, Gr...
 
One Step Ahead 2014 Social Business
One Step Ahead 2014 Social BusinessOne Step Ahead 2014 Social Business
One Step Ahead 2014 Social Business
 
Samspillet mellem mennesker, processer og teknologi
Samspillet mellem mennesker, processer og teknologiSamspillet mellem mennesker, processer og teknologi
Samspillet mellem mennesker, processer og teknologi
 

Similar to Cyber Security Conference - A deeper look at Microsoft Security Strategy, Technology Trends and the Economy of Cybercrime, By Chief Security Advisor Reto Haeni, Microsoft Western Europe

2014 the future evolution of cybersecurity
2014 the future evolution of cybersecurity2014 the future evolution of cybersecurity
2014 the future evolution of cybersecurity
Matthew Rosenquist
 
Foley-Cybersecurity-White-Paper_3.9.15
Foley-Cybersecurity-White-Paper_3.9.15Foley-Cybersecurity-White-Paper_3.9.15
Foley-Cybersecurity-White-Paper_3.9.15
James Fisher
 
Mobile Security: 5 Steps to Mobile Risk Management
Mobile Security: 5 Steps to Mobile Risk ManagementMobile Security: 5 Steps to Mobile Risk Management
Mobile Security: 5 Steps to Mobile Risk Management
DMIMarketing
 
Five principles for improving your cyber security
Five principles for improving your cyber securityFive principles for improving your cyber security
Five principles for improving your cyber security
WGroup
 
Future of Cybersecurity 2016 - M.Rosenquist
Future of Cybersecurity 2016 - M.RosenquistFuture of Cybersecurity 2016 - M.Rosenquist
Future of Cybersecurity 2016 - M.Rosenquist
Matthew Rosenquist
 

Similar to Cyber Security Conference - A deeper look at Microsoft Security Strategy, Technology Trends and the Economy of Cybercrime, By Chief Security Advisor Reto Haeni, Microsoft Western Europe (20)

2014 the future evolution of cybersecurity
2014 the future evolution of cybersecurity2014 the future evolution of cybersecurity
2014 the future evolution of cybersecurity
 
Pivotal Role of HR in Cybersecurity
Pivotal Role of HR in CybersecurityPivotal Role of HR in Cybersecurity
Pivotal Role of HR in Cybersecurity
 
3 guiding priciples to improve data security
3 guiding priciples to improve data security3 guiding priciples to improve data security
3 guiding priciples to improve data security
 
Segurinfo2014 Santiago Cavanna
Segurinfo2014 Santiago CavannaSegurinfo2014 Santiago Cavanna
Segurinfo2014 Santiago Cavanna
 
AI IN CYBERSECURITY: THE NEW FRONTIER OF DIGITAL PROTECTION
AI IN CYBERSECURITY: THE NEW FRONTIER OF DIGITAL PROTECTIONAI IN CYBERSECURITY: THE NEW FRONTIER OF DIGITAL PROTECTION
AI IN CYBERSECURITY: THE NEW FRONTIER OF DIGITAL PROTECTION
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
2017 K12 Educators Security Briefing - Matthew Rosenquist
2017 K12 Educators Security Briefing - Matthew Rosenquist2017 K12 Educators Security Briefing - Matthew Rosenquist
2017 K12 Educators Security Briefing - Matthew Rosenquist
 
Big Data Analytics Solutions
Big Data Analytics SolutionsBig Data Analytics Solutions
Big Data Analytics Solutions
 
5 Steps to Mobile Risk Management
5 Steps to Mobile Risk Management5 Steps to Mobile Risk Management
5 Steps to Mobile Risk Management
 
Cybersecurity - Sam Maccherola
Cybersecurity - Sam MaccherolaCybersecurity - Sam Maccherola
Cybersecurity - Sam Maccherola
 
“The Impact of Mobile Devices on Information Security: A Survey of IT and Sec...
“The Impact of Mobile Devices on Information Security: A Survey of IT and Sec...“The Impact of Mobile Devices on Information Security: A Survey of IT and Sec...
“The Impact of Mobile Devices on Information Security: A Survey of IT and Sec...
 
Foley-Cybersecurity-White-Paper_3.9.15
Foley-Cybersecurity-White-Paper_3.9.15Foley-Cybersecurity-White-Paper_3.9.15
Foley-Cybersecurity-White-Paper_3.9.15
 
Mobile Security: 5 Steps to Mobile Risk Management
Mobile Security: 5 Steps to Mobile Risk ManagementMobile Security: 5 Steps to Mobile Risk Management
Mobile Security: 5 Steps to Mobile Risk Management
 
What is cyber security
What is cyber securityWhat is cyber security
What is cyber security
 
Five principles for improving your cyber security
Five principles for improving your cyber securityFive principles for improving your cyber security
Five principles for improving your cyber security
 
Dr K Subramanian
Dr K SubramanianDr K Subramanian
Dr K Subramanian
 
Abhishek kurre.pptx
Abhishek kurre.pptxAbhishek kurre.pptx
Abhishek kurre.pptx
 
2018 State of Cyber Resilience Insurance
2018 State of Cyber Resilience Insurance2018 State of Cyber Resilience Insurance
2018 State of Cyber Resilience Insurance
 
Future of Cybersecurity 2016 - M.Rosenquist
Future of Cybersecurity 2016 - M.RosenquistFuture of Cybersecurity 2016 - M.Rosenquist
Future of Cybersecurity 2016 - M.Rosenquist
 
Why Cybersecurity is a Data Problem
Why Cybersecurity is a Data ProblemWhy Cybersecurity is a Data Problem
Why Cybersecurity is a Data Problem
 

Recently uploaded

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Orbitshub
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Victor Rentea
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
UiPathCommunity
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 

Recently uploaded (20)

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
JohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptxJohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptx
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
Introduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDMIntroduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDM
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
AI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by AnitarajAI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by Anitaraj
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 

Cyber Security Conference - A deeper look at Microsoft Security Strategy, Technology Trends and the Economy of Cybercrime, By Chief Security Advisor Reto Haeni, Microsoft Western Europe

  • 1.
  • 2. Year 2025 world Internet users of consumer electronics sold in emerging economies mobile Internet subscriptions globally data will move through or be stored in the cloud
  • 3. Security and privacy are a top leadership concern 3 Managing risk in an increasingly connected world “This Nexus of Forces is impacting security in terms of new vulnerabilities. –Ruggero Contu, Christian Canales and Lawrence Pingree. Forecast Overview: Information Security, Worldwide, 2014 Update. Gartner, Inc. June 25, 2014. Impact of cyber attacks could be as much as $3 trillion in lost productivity and growth Implications Job security Customer loyalty Intellectual property Legal liabilityBrand reputation $ 3.5M Average cost of a data breach to a company 15 % increase YoY median # of days attackers are present on a victim network before detection243 level issue is a CxO Security
  • 4. Verizon, “2014 Data Breach Investigations Report” 74.8% Percentage of total security incidents in 2013 directed toward public sector Make no mistake…we are Under Attack Public Sector, Retail, Financial Services & SOE’s are the primary targets
  • 5. Some More Details - Evolution to Targeted Threats Indiscriminate Targeted Consumer Enterprise Target Single Vector Multi-vector Manual Automated Desktop Device and Cloud Visible Concealed Lone Agent Organised Ecosystem Spam Information Theft Information Theft Information Destruction “The world is changing very fast. Big will not beat small anymore. It will be the fast beating the slow.” Rupert Murdoch
  • 6. Origin of Data Breaches Who is behind data breaches? How do breaches occur? 98% stemmed from external agents (+6%) 4% implicated internal employees (-13%) <1% committed by business partners (<>) 58% of all data theft tied to activist groups 81% utilized some form of hacking (+31%) 69% incorporated malware (+20%) 10% involved physical attacks (-19%) 7% employed social tactics (-4%) 5% resulted from privilege misuse (-12%) Source: Verizon 2012 Data Breach investigations Report
  • 7. We are not combating hackers We are combating an ecosystem Simplified diagram of the abuse supply chain
  • 9. set policies and principles identify, block, sinkhole Seize, prosecute, takedown security by design identify, block, partner starve Anti-malware and security ecosystem Large-scale Public Services Cloud Providers, Telco’s Government Ad Networks Banks, Finance, Commerce OEMs Vendors CERTs, ISPs & Law Enforcement How do we win? It will take a partnership
  • 11. Dependable, available Predictable, consistent, responsive service Maintainable Resilient, easily restored Proven, ready Trustworthy Computing Working Toward a Safer, More Trusted Internet Security Privacy Business PracticesReliability Secures against attacks Protects confidentiality, integrity, and availability of data and systems Helps manage risk Protects from unwanted communication User choice and control Products, online services adhere to fair information principles Commitment to customer-centric interoperability Recognized industry leader, world-class partner Open, transparent
  • 12.
  • 13. Elements to a Resilient Infrastructure Protect Detect Threat Information Management Response
  • 14. 14 Resilience against modern Cyberthreats - The Hockey Analogy Placeholder for hockey player picture 😏
  • 15. 15 Coaching Management Build the Foundation for Success and Adapt to Changes
  • 16. 16 Goalie Protect Patch, Deploy Newer Products, Apply the SDL
  • 20. 20 Protect Patch, Deploy Newer Products, Apply the SDL Detect Active Attacks Response Customer, CSS and Cybersecurity Incident Response Threat Information Management
  • 22.
  • 23. We aggressively fight cybercrime and advocate extensively for enhancing cybersecurity We invest deeply in building a trustworthy computing platform and security expertise Microsoft is committed to protecting our customers and being a global cybersecurity advocate We have strong principles and policies that empower you to be in control of your information Security Privacy Compliance Transparency Advocacy Risk management Governance
  • 24.
  • 25. • Deeper source inspection
  • 26. Achieving Overall Resilience Cloud Security and Compliance Trustworthy Cloud
  • 27. Public Data Internal Data Confidential Data
  • 28.
  • 29.
  • 30.
  • 31. Commitment to industry standards and organizational compliance
  • 32.
  • 33. On personal devices 24 x 7 collaborationOn the road In the officeAt home Through social media
  • 34. OverallResilienceofanOrganizationsIT Infrastructure Wrapping Up: Overall Resilience Use trustworthy cloud services to take advantage of the industry leading security processes, technology and skills deployed in Microsoft’s Cloud Services Cloud Resilience Stay Current (Upgrade) + Patch Management Align Active Directory to Threat Environment Assess Threats and Countermeasures Implement Secure Development Practices Use secured devices and enterprise mobility management to gain more control over information and apps in a BYOD as well as enterprise steered device strategy Work with Microsoft’s Consulting Services to implement the security pillars Protect, Detect and Respond to achieve resilience in your on- premises infrastructure. On-PremisesSystems Resilience
  • 35. 36 © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION. Reto Haeni Chief Security Officer & Advisor Microsoft Western Europe HQ reto.haeni@microsoft.com blog: www.retohaeni.net