SlideShare une entreprise Scribd logo

Vale Security Conference - 2011 - 9 - Andrew Cushman

Vale Security Conference
Vale Security Conference

Vale Security Conference - 2011 Sábado - 9ª Palestra Palestrante : Andrew Cushman Palestra : Strategies for evolving threats Slide (SlideShare) : http://www.slideshare.net/valesecconf/andrew-9665573

Technologie
1  sur  28
Télécharger pour lire hors ligne
Andrew Cushman Senior Director Trustworthy Computing Security Microsoft Corporation
Who Am I? Joined Microsoft in 1990 Worked on MSMoney, IIS, & now Security Also Worked on “Patch Tuesday” & BlueHat New-ish Job this Year – Seeking Non-Technical Security Solutions Why Am I Here? Discuss Changes and Suggest Responses Adaptive Challenge Facing Us Microsoft & Andrew are committed Brasil Brasil is Special & Unique
Product Life Cycle Policy and Ecosystem Creation Conception Alignment Release
Management Identity For Government For Citizens For the Supply Chain Employees Incident Response People Awareness and Know-How (Citizen, Children, Government Employees…) Collaboration with Critical Information/Data Protection Infrastructure Trusted Stack Solutions Public National Intelligence (incl. eGovernment Education Health Safety Security CERT) Infra- Critical National Infrastructure Trusted Government Security structure (CoreIO) Infrastructure (CoreIO) Community Engagement Supply Chain Security Secure Defense Training Fundamentals Partnerships with National Risk Privacy Cyberwarefare Security/Priv. Development and Private Sector Management Legislation Doctrine Standards Collaboration Law Enforcement Intelligence Incident Cybersecurity Enable Secure Training and Training and Preparedness Legislation Innovation Collaboration Collaboration
7th largest IT market WW 6th country in PC Shipments WW 3rd in online time per user – 22h50min/month 5th largest cell phone market - 147M units 60% of all 3G Cell Phones in Latin America 2nd largest WW in number of Companies (620k new Companies only in 2010) In the last 5 years, internet active users in total Population grew from 24% to 43% in 2009 10th in broadband (256 kb) users - 9.1M users (4.8% of total 190M population)
People Friendly, Smart, Hard-working, Creative, Stylish!, Proud & Humble at the same time Culture Diverse Society and a Rich History Di Cavalcanti, Vinicius, Jorge Amado Land of Opportunity Geography – Huge country that is rich in resources (and people) Government - Foundational Principles Rule of Law It Works There is a Brazilian Way
Rapid Evolution and Adoption of Technology
Internet users estimated to reach 3 Billion by 2015 w/ bulk of People users coming from Brazil, Russia, India, China and Indonesia The number of internet connected devices is predicted to Devices exceed over 15 billion - twice the world's population by 2015 and will likely 50 Billion by 2020. It’s estimated that 1 billion new Web pages are created daily Data and about 32 million domain names are added to the Web every year with this number expected to rise dramatically in
25 million Facebook users in the country of 1.16 billion people, an increase of 1.78 million from the start of last month. Indian Internet to grow from 81 M to 237 M Internet users by 2015
Military Economic Cybercrime Espionage Cyber Warfare Espionage
Usage Every aspect of our lives is now dependent on computers Food, Energy, Finances, Entertainment, Clothing, Government Future Connectivity is like Oxygen Data, Data, Data Every aspect of our lives is now dependent on computers
Within a decade, more than 50 billion everyday objects could be collecting data and making it available online A growing amount of Internet traffic is originating with non-PC devices. In 2010, only 3 percent of Internet traffic originated with non-PC devices, but by 2015 the non-PC share of Internet traffic will grow to 15 percent. PC-originated traffic will grow at a CAGR of 33 percent, while TVs, tablets, smartphones, and machine-to-machine (M2M) modules will have growth rates of 101 percent, 216 percent, 144 percent, and 258 percent, respectively.
Non-traditional data sources Sensors GPS tracks Web click streams Non-traditional processing Massive processing over semi-structured data Less formal structural schemata Machine learning grows up Probabilistic Ranking Correlation Novel use cases Historical mining to create real-time models Saving and processing “all-data”
1 billion new Web pages are created daily and about 32 million domain names are added to the Web yearly with this sharp increases expected in 2011. The “terabyte club” will reach 6 million by 2015. In 2015, there will be 6 million Internet households worldwide generating over a terabyte per month in Internet traffic, up from just a few hundred thousand in 2010. There will be over 20 million households generating half a terabyte per month in 2015. The amount of data created, captured, and replicated in the world is growing at a compounded rate of 60% a year. By 2011, the digital universe will be 10 times the size it was in 2006. (IDC)
Threats No longer just attacks on infrastructure Attacks against Intellectual Property And Attacks against the foundations Attacks against business models Recent Attacks & News Anonymous & Lulz Comodo, DigiNotar Location issues w/ smart phones Facial Recognition Talk from Black Hat http://www.face-to-facebook.net/hacking-monopolism- trilogy.php Hacking Microcontrolers - Don Bailey’s BH Europe
Borrowing Concept from Harvard Business Review Article 1997 Key Concept – We need Technical Solutions && we need to Adapt (change) our thinking Get On the Balcony Identify the Adaptive Challenge Adaptive Solutions – often from bottom up Ronald Heifetz & Donald Laurie – HBR article http://hbr.org/2001/12/the-work-of-leadership/ar/1
Dynamic Rationalized Strategic and Optimal Continuous Risk Standardized Holistic and Operational Management Controlled Risk Basic Proactive Threat Management Threat Intelligence Robust Governance Tactical Understood Risk Integrated Security Automated Undefined Risk Threat Aware Quantitatively Managed Culture of Security Threat Ignorance Structured Service-Oriented Unpredictable Consistency Ad-Hoc and Manual Awareness and Training Unaware
Protect Detect Asset Classification Monitor Identity Mgmt - Baseline - Users - Intrusions - Devices Assessment Access Control - Vulnerabilities - Network - Configurations - Machine & Data Reporting Training Defend Recover Respond Update Incident Response - Software Emergency response - Hardware Communicate - Procedures Remediate - Training - Quarantine - Defenses - Clean Restore - Patch - Data & Facilities
Dynamic Rationalized StrategicandOptimal ContinuousRisk Management Standardized HolisticandOperational ThreatManagement ControlledRisk Basic RobustGovernance Proactive ThreatIntelligence UnderstoodRisk Automated Tactical IntegratedSecurity ThreatAware CultureofSecurity UndefinedRisk QuantitativelyManaged ThreatIgnorance Structured Service-Oriented Unpredictable Consistency Ad-Hocand Manual Awareness and Training Unaware Respond Basic Standardized Rationalized Dynamic - Desktop Image Engineering - Desktop Optimization and - Desktop Virtualization Solutions - Server Virtualization with Advanced - Active Directory Design & Configuration Management - Server Virtualization with Advanced Management - High Availability Deployment - Security for Wireless Services Management - Virtual Desktop Solution - BitLocker Full-Volume Encryption - Secure Public Key Infrastructure Infrastructure - Seamless Access using DirectAccess Solutions - Network Access Protection with and TMG - Strong Authentication using IPSec Enforcement - Enterprise Federated Identity using Smartcards - Network Isolation Services ADFS - Application Lifecycle Management - Secure Web & Remote Access using - Application Backup using System Services 2010 Forefront TMG Center Data Protection Manager - Network Access Protection with - Enterprise Identity Lifecycle 802.1x Enforcement Management - Data Protection using Active Directory Rights Management - Client Anti-Malware Solutions - Enterprise Configuration - IT Compliance and Reporting: End- - Server Virtualization with Advanced Management to-End Monitoring Management - Centralized, Policy- - IT Enterprise Management: End-to- - Audit Collection Services driven Management End Cross-Platform Monitoring - System Error Reporting & Analysis - Enterprise Mobile Device Services Management - Client and Server Anti-Malware Solutions - Windows Error Reporting Deployment Services - Premier IR Support and Training - Secure Development Lifecycle Training and Assessment Services - Internet Crime and Forensics Investigations Education and Training Services - Enterprise Recovery Services 2
Convergence – SSL Trust Agility Moxie Marlinspike – BH USA https://www.blackhat.com/html/bh-us- 11/bh-us-11-archives.html#Marlinspike DARPA RA-11-52 - The Defense Advanced Research Projects Agency's Cyber Fast Track program https://www.blackhat.com/html/bh-us- 11/bh-us-11-archives.html#Zatko Dan Kaminsky’s NetNoob
First BlueHat Prize Challenge: Design a novel runtime mitigation technology that is capable of preventing the exploitation of memory safety vulnerabilities Entry Period: Aug 3, 2011 – Apr 1, 2012 Winners announced: BlackHat USA August 2012 IP remains the property of the inventor, with a license for Microsoft to use the technology Grand Prize: • $200,000 in cash Second Prize: • $50,000 in cash Third Prize: • MSDN subscription ($10,000 value)
Microsoft Confidential
Things that give me pause…
Technical Solutions On the Fast Track Army CDCiber Big Events – 2014 & 2016 RIC Broadband Urgent Need for Adaptive Solutions Too But few Adaptive Solution Ideas & Environment continues to favor Technical Solutions Cloud Transformation Move to the Cloud is permanent – like concrete over farmland
© 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Recommandé

Vale Security Conference - 2011 - 17 - Rodrigo Rubira Branco (BSDaemon)
Vale Security Conference - 2011 - 17 - Rodrigo Rubira Branco (BSDaemon)Vale Security Conference - 2011 - 17 - Rodrigo Rubira Branco (BSDaemon)
Vale Security Conference - 2011 - 17 - Rodrigo Rubira Branco (BSDaemon)Vale Security Conference
 
Vale Security Conference - 2011 - 13 - Nelson Brito
Vale Security Conference - 2011 - 13 - Nelson BritoVale Security Conference - 2011 - 13 - Nelson Brito
Vale Security Conference - 2011 - 13 - Nelson BritoVale Security Conference
 
Vale Security Conference - 2011 - 11 - Fernando Mercês [Octane Labs] [Coding ...
Vale Security Conference - 2011 - 11 - Fernando Mercês [Octane Labs] [Coding ...Vale Security Conference - 2011 - 11 - Fernando Mercês [Octane Labs] [Coding ...
Vale Security Conference - 2011 - 11 - Fernando Mercês [Octane Labs] [Coding ...Vale Security Conference
 
Vale Security Conference - 2011 - 5 - Luiz Eduardo
Vale Security Conference - 2011 - 5 - Luiz EduardoVale Security Conference - 2011 - 5 - Luiz Eduardo
Vale Security Conference - 2011 - 5 - Luiz EduardoVale Security Conference
 
Vale Security Conference - 2011 - 3 - Rener Alberto (Gr1nch) [DC Labs]
Vale Security Conference - 2011 - 3 - Rener Alberto (Gr1nch) [DC Labs]Vale Security Conference - 2011 - 3 - Rener Alberto (Gr1nch) [DC Labs]
Vale Security Conference - 2011 - 3 - Rener Alberto (Gr1nch) [DC Labs]Vale Security Conference
 
Vale Security Conference - 2011 - 2 - Dr. Emerson Wendt
Vale Security Conference - 2011 - 2 - Dr. Emerson WendtVale Security Conference - 2011 - 2 - Dr. Emerson Wendt
Vale Security Conference - 2011 - 2 - Dr. Emerson WendtVale Security Conference
 
Vale Security Conference - 2011 - 12 - Rafael Soares Ferreira
Vale Security Conference - 2011 - 12 - Rafael Soares FerreiraVale Security Conference - 2011 - 12 - Rafael Soares Ferreira
Vale Security Conference - 2011 - 12 - Rafael Soares FerreiraVale Security Conference
 
Vale Security Conference - 2011 - 6 - Thiago Bordini
Vale Security Conference - 2011 - 6 - Thiago BordiniVale Security Conference - 2011 - 6 - Thiago Bordini
Vale Security Conference - 2011 - 6 - Thiago BordiniVale Security Conference
 

Recommandé

Vale Security Conference - 2011 - 17 - Rodrigo Rubira Branco (BSDaemon)
Vale Security Conference - 2011 - 17 - Rodrigo Rubira Branco (BSDaemon)Vale Security Conference - 2011 - 17 - Rodrigo Rubira Branco (BSDaemon)
Vale Security Conference - 2011 - 17 - Rodrigo Rubira Branco (BSDaemon)Vale Security Conference
 
Vale Security Conference - 2011 - 13 - Nelson Brito
Vale Security Conference - 2011 - 13 - Nelson BritoVale Security Conference - 2011 - 13 - Nelson Brito
Vale Security Conference - 2011 - 13 - Nelson BritoVale Security Conference
 
Vale Security Conference - 2011 - 11 - Fernando Mercês [Octane Labs] [Coding ...
Vale Security Conference - 2011 - 11 - Fernando Mercês [Octane Labs] [Coding ...Vale Security Conference - 2011 - 11 - Fernando Mercês [Octane Labs] [Coding ...
Vale Security Conference - 2011 - 11 - Fernando Mercês [Octane Labs] [Coding ...Vale Security Conference
 
Vale Security Conference - 2011 - 5 - Luiz Eduardo
Vale Security Conference - 2011 - 5 - Luiz EduardoVale Security Conference - 2011 - 5 - Luiz Eduardo
Vale Security Conference - 2011 - 5 - Luiz EduardoVale Security Conference
 
Vale Security Conference - 2011 - 3 - Rener Alberto (Gr1nch) [DC Labs]
Vale Security Conference - 2011 - 3 - Rener Alberto (Gr1nch) [DC Labs]Vale Security Conference - 2011 - 3 - Rener Alberto (Gr1nch) [DC Labs]
Vale Security Conference - 2011 - 3 - Rener Alberto (Gr1nch) [DC Labs]Vale Security Conference
 
Vale Security Conference - 2011 - 2 - Dr. Emerson Wendt
Vale Security Conference - 2011 - 2 - Dr. Emerson WendtVale Security Conference - 2011 - 2 - Dr. Emerson Wendt
Vale Security Conference - 2011 - 2 - Dr. Emerson WendtVale Security Conference
 
Vale Security Conference - 2011 - 12 - Rafael Soares Ferreira
Vale Security Conference - 2011 - 12 - Rafael Soares FerreiraVale Security Conference - 2011 - 12 - Rafael Soares Ferreira
Vale Security Conference - 2011 - 12 - Rafael Soares FerreiraVale Security Conference
 
Vale Security Conference - 2011 - 6 - Thiago Bordini
Vale Security Conference - 2011 - 6 - Thiago BordiniVale Security Conference - 2011 - 6 - Thiago Bordini
Vale Security Conference - 2011 - 6 - Thiago BordiniVale Security Conference
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality AssuranceInflectra
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Farhan Tariq
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfpanagenda
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rick Flair
 
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...panagenda
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Mark Goldstein
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesThousandEyes
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demoHarshalMandlekar2
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch TuesdayIvanti
 
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Scott Andery
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Alkin Tezuysal
 
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...AliaaTarek5
 
2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by HubspotMarius Sescu
 
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTExpeed Software
 

Contenu connexe

Dernier

[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality AssuranceInflectra
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Farhan Tariq
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfpanagenda
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rick Flair
 
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...panagenda
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Mark Goldstein
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesThousandEyes
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demoHarshalMandlekar2
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch TuesdayIvanti
 
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Scott Andery
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Alkin Tezuysal
 
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...AliaaTarek5
 

Dernier (20)

[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...
 
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demo
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch Tuesday
 
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
 
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
 

En vedette

2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by HubspotMarius Sescu
 
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTExpeed Software
 
Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsProduct Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsPixeldarts
 
How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthThinkNow
 
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfAI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfmarketingartwork
 
PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024Neil Kimberley
 
Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)contently
 
How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024Albert Qian
 
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsKurio // The Social Media Age(ncy)
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Search Engine Journal
 
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summarySpeakerHub
 
ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd Clark Boyd
 
Getting into the tech field. what next
Getting into the tech field. what next Getting into the tech field. what next
Getting into the tech field. what next Tessa Mero
 
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentGoogle's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentLily Ray
 
Time Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesTime Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesVit Horky
 
The six step guide to practical project management
The six step guide to practical project managementThe six step guide to practical project management
The six step guide to practical project managementMindGenius
 
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...RachelPearson36
 

En vedette (20)

2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot
 
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPT
 
Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsProduct Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage Engineerings
 
How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental Health
 
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfAI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
 
Skeleton Culture Code
Skeleton Culture CodeSkeleton Culture Code
Skeleton Culture Code
 
PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024
 
Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)
 
How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024
 
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie Insights
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024
 
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary
 
ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd
 
Getting into the tech field. what next
Getting into the tech field. what next Getting into the tech field. what next
Getting into the tech field. what next
 
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentGoogle's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search Intent
 
How to have difficult conversations
How to have difficult conversations How to have difficult conversations
How to have difficult conversations
 
Introduction to Data Science
Introduction to Data ScienceIntroduction to Data Science
Introduction to Data Science
 
Time Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesTime Management & Productivity - Best Practices
Time Management & Productivity - Best Practices
 
The six step guide to practical project management
The six step guide to practical project managementThe six step guide to practical project management
The six step guide to practical project management
 
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
 

Vale Security Conference - 2011 - 9 - Andrew Cushman

  • 1. Andrew Cushman Senior Director Trustworthy Computing Security Microsoft Corporation
  • 2. Who Am I? Joined Microsoft in 1990 Worked on MSMoney, IIS, & now Security Also Worked on “Patch Tuesday” & BlueHat New-ish Job this Year – Seeking Non-Technical Security Solutions Why Am I Here? Discuss Changes and Suggest Responses Adaptive Challenge Facing Us Microsoft & Andrew are committed Brasil Brasil is Special & Unique
  • 3. Product Life Cycle Policy and Ecosystem Creation Conception Alignment Release
  • 4. Management Identity For Government For Citizens For the Supply Chain Employees Incident Response People Awareness and Know-How (Citizen, Children, Government Employees…) Collaboration with Critical Information/Data Protection Infrastructure Trusted Stack Solutions Public National Intelligence (incl. eGovernment Education Health Safety Security CERT) Infra- Critical National Infrastructure Trusted Government Security structure (CoreIO) Infrastructure (CoreIO) Community Engagement Supply Chain Security Secure Defense Training Fundamentals Partnerships with National Risk Privacy Cyberwarefare Security/Priv. Development and Private Sector Management Legislation Doctrine Standards Collaboration Law Enforcement Intelligence Incident Cybersecurity Enable Secure Training and Training and Preparedness Legislation Innovation Collaboration Collaboration
  • 5. 7th largest IT market WW 6th country in PC Shipments WW 3rd in online time per user – 22h50min/month 5th largest cell phone market - 147M units 60% of all 3G Cell Phones in Latin America 2nd largest WW in number of Companies (620k new Companies only in 2010) In the last 5 years, internet active users in total Population grew from 24% to 43% in 2009 10th in broadband (256 kb) users - 9.1M users (4.8% of total 190M population)
  • 6. People Friendly, Smart, Hard-working, Creative, Stylish!, Proud & Humble at the same time Culture Diverse Society and a Rich History Di Cavalcanti, Vinicius, Jorge Amado Land of Opportunity Geography – Huge country that is rich in resources (and people) Government - Foundational Principles Rule of Law It Works There is a Brazilian Way
  • 7. Rapid Evolution and Adoption of Technology
  • 8. Internet users estimated to reach 3 Billion by 2015 w/ bulk of People users coming from Brazil, Russia, India, China and Indonesia The number of internet connected devices is predicted to Devices exceed over 15 billion - twice the world's population by 2015 and will likely 50 Billion by 2020. It’s estimated that 1 billion new Web pages are created daily Data and about 32 million domain names are added to the Web every year with this number expected to rise dramatically in
  • 9. 25 million Facebook users in the country of 1.16 billion people, an increase of 1.78 million from the start of last month. Indian Internet to grow from 81 M to 237 M Internet users by 2015
  • 10. Military Economic Cybercrime Espionage Cyber Warfare Espionage
  • 11. Usage Every aspect of our lives is now dependent on computers Food, Energy, Finances, Entertainment, Clothing, Government Future Connectivity is like Oxygen Data, Data, Data Every aspect of our lives is now dependent on computers
  • 12. Within a decade, more than 50 billion everyday objects could be collecting data and making it available online A growing amount of Internet traffic is originating with non-PC devices. In 2010, only 3 percent of Internet traffic originated with non-PC devices, but by 2015 the non-PC share of Internet traffic will grow to 15 percent. PC-originated traffic will grow at a CAGR of 33 percent, while TVs, tablets, smartphones, and machine-to-machine (M2M) modules will have growth rates of 101 percent, 216 percent, 144 percent, and 258 percent, respectively.
  • 13. Non-traditional data sources Sensors GPS tracks Web click streams Non-traditional processing Massive processing over semi-structured data Less formal structural schemata Machine learning grows up Probabilistic Ranking Correlation Novel use cases Historical mining to create real-time models Saving and processing “all-data”
  • 14. 1 billion new Web pages are created daily and about 32 million domain names are added to the Web yearly with this sharp increases expected in 2011. The “terabyte club” will reach 6 million by 2015. In 2015, there will be 6 million Internet households worldwide generating over a terabyte per month in Internet traffic, up from just a few hundred thousand in 2010. There will be over 20 million households generating half a terabyte per month in 2015. The amount of data created, captured, and replicated in the world is growing at a compounded rate of 60% a year. By 2011, the digital universe will be 10 times the size it was in 2006. (IDC)
  • 15. Threats No longer just attacks on infrastructure Attacks against Intellectual Property And Attacks against the foundations Attacks against business models Recent Attacks & News Anonymous & Lulz Comodo, DigiNotar Location issues w/ smart phones Facial Recognition Talk from Black Hat http://www.face-to-facebook.net/hacking-monopolism- trilogy.php Hacking Microcontrolers - Don Bailey’s BH Europe
  • 16. Borrowing Concept from Harvard Business Review Article 1997 Key Concept – We need Technical Solutions && we need to Adapt (change) our thinking Get On the Balcony Identify the Adaptive Challenge Adaptive Solutions – often from bottom up Ronald Heifetz & Donald Laurie – HBR article http://hbr.org/2001/12/the-work-of-leadership/ar/1
  • 17.
  • 18. Dynamic Rationalized Strategic and Optimal Continuous Risk Standardized Holistic and Operational Management Controlled Risk Basic Proactive Threat Management Threat Intelligence Robust Governance Tactical Understood Risk Integrated Security Automated Undefined Risk Threat Aware Quantitatively Managed Culture of Security Threat Ignorance Structured Service-Oriented Unpredictable Consistency Ad-Hoc and Manual Awareness and Training Unaware
  • 19. Protect Detect Asset Classification Monitor Identity Mgmt - Baseline - Users - Intrusions - Devices Assessment Access Control - Vulnerabilities - Network - Configurations - Machine & Data Reporting Training Defend Recover Respond Update Incident Response - Software Emergency response - Hardware Communicate - Procedures Remediate - Training - Quarantine - Defenses - Clean Restore - Patch - Data & Facilities
  • 20. Dynamic Rationalized StrategicandOptimal ContinuousRisk Management Standardized HolisticandOperational ThreatManagement ControlledRisk Basic RobustGovernance Proactive ThreatIntelligence UnderstoodRisk Automated Tactical IntegratedSecurity ThreatAware CultureofSecurity UndefinedRisk QuantitativelyManaged ThreatIgnorance Structured Service-Oriented Unpredictable Consistency Ad-Hocand Manual Awareness and Training Unaware Respond Basic Standardized Rationalized Dynamic - Desktop Image Engineering - Desktop Optimization and - Desktop Virtualization Solutions - Server Virtualization with Advanced - Active Directory Design & Configuration Management - Server Virtualization with Advanced Management - High Availability Deployment - Security for Wireless Services Management - Virtual Desktop Solution - BitLocker Full-Volume Encryption - Secure Public Key Infrastructure Infrastructure - Seamless Access using DirectAccess Solutions - Network Access Protection with and TMG - Strong Authentication using IPSec Enforcement - Enterprise Federated Identity using Smartcards - Network Isolation Services ADFS - Application Lifecycle Management - Secure Web & Remote Access using - Application Backup using System Services 2010 Forefront TMG Center Data Protection Manager - Network Access Protection with - Enterprise Identity Lifecycle 802.1x Enforcement Management - Data Protection using Active Directory Rights Management - Client Anti-Malware Solutions - Enterprise Configuration - IT Compliance and Reporting: End- - Server Virtualization with Advanced Management to-End Monitoring Management - Centralized, Policy- - IT Enterprise Management: End-to- - Audit Collection Services driven Management End Cross-Platform Monitoring - System Error Reporting & Analysis - Enterprise Mobile Device Services Management - Client and Server Anti-Malware Solutions - Windows Error Reporting Deployment Services - Premier IR Support and Training - Secure Development Lifecycle Training and Assessment Services - Internet Crime and Forensics Investigations Education and Training Services - Enterprise Recovery Services 2
  • 21.
  • 22. Convergence – SSL Trust Agility Moxie Marlinspike – BH USA https://www.blackhat.com/html/bh-us- 11/bh-us-11-archives.html#Marlinspike DARPA RA-11-52 - The Defense Advanced Research Projects Agency's Cyber Fast Track program https://www.blackhat.com/html/bh-us- 11/bh-us-11-archives.html#Zatko Dan Kaminsky’s NetNoob
  • 23. First BlueHat Prize Challenge: Design a novel runtime mitigation technology that is capable of preventing the exploitation of memory safety vulnerabilities Entry Period: Aug 3, 2011 – Apr 1, 2012 Winners announced: BlackHat USA August 2012 IP remains the property of the inventor, with a license for Microsoft to use the technology Grand Prize: • $200,000 in cash Second Prize: • $50,000 in cash Third Prize: • MSDN subscription ($10,000 value)
  • 25.
  • 26. Things that give me pause…
  • 27. Technical Solutions On the Fast Track Army CDCiber Big Events – 2014 & 2016 RIC Broadband Urgent Need for Adaptive Solutions Too But few Adaptive Solution Ideas & Environment continues to favor Technical Solutions Cloud Transformation Move to the Cloud is permanent – like concrete over farmland
  • 28. © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.