1. ataya cybersecurity sasoct 16, 2015 · 1 mckinsey study 2011 2 source: 2013 global information...
TRANSCRIPT
Prof. Georges Ataya, Vice President of the Belgian Cybersecurity Coalition
CybersecurityFundamentals
Academic Director, IT Management Education (Solvay Brussels School of Economics and Management) Managing Partner, ICT Control SA
Previously: One to One solution
Security Threat
Address Vulnerability
Virus infection
Software to detect and eradicate malware
Social engineering
Staff awareness and education
Technical threat
Technical solution
Previously: One to One solution
Building higher defensive walls and installing defense-in-depth solutions
Advanced persistent threats
List of major APT AttacksAttack name Period Impact or outcome
Moonlight Maze 1998‐2000 Tens of thousands of files stolen, including maps of military installations, troop configurations and military hardware designs, resulting in millions of dollars of damage
Titan Rain 2003‐2005 Not disclosed. Likely to be similar to Moonlight Maze
Sykipot 2007‐2012 Trade secrets stolen, including design, financial, manufacturing and strategic planning information from US and UK companies, resulting in loss of competitiveness
GhostNet 2008‐2009 Political and economic data compromised on more than 1,000 computers in over 100 countries
Operation Aurora 2009‐2010 Large quantities of intellectual property stolen, resulting in substantial losses in competitiveness
Gozi 2007 onward Infected more than one million computers around the world, causing tens of millions of dollars in damages
Zeus 2007 onward Compromised tens of thousands of FTP accounts on company sites and several million bank users, resulting in the theft of hundreds of millions of dollars
SpyEye 2009 onward Millions of dollars stolen from the customer accounts of several hundred banks across the world
Stuxnet 2010 The malware was reported to have caused substantial damage to the centrifuges at the Natanz nuclear enrichment laboratory in Iran.
Duqu 2011 Captured information that might enable a future APT attack on industrial control systems
Flame 2012 Stole information from around 1,000 machines in Iran, Israel, Sudan, Syria, Lebanon, Saudi Arabia, and Egypt. Attacks ceased when publicly disclosed
Red October 2007‐2012 Reported to have stolen hundreds of terabytes of secrets from diplomatic, trade, military, aerospace, energy, and research organizations in Russia, Iran, the US, and other countries
Eurograbber 2012 Stole an estimated 36 million euro from more than 30,000 customers in over 30 banks across Europe
Sources of APT Threat
Highest Enterprise Risk of Successful APT Attack
WHAT DO YOU BELIEVE TO BE THE HIGHEST RISK TO YOUR ENTERPRISE ASSOCIATED WITH A SUCCESSFUL APT ATTACK?
The “Cyber Kill Chain”
Sequence of activities conducted by an attacker to carry out an APT attack
The Cybersecurity Skills GapThere are an estimated 410,000 to 510,000 information security professionals worldwide, and jobs are expected to increase 53 percent by 2018 with over 4.2 million jobs available1.
1 However, recent studies and reports suggest that there are simply not enough skilled professionals to fill them.
1 McKinsey Study 20112 Source: 2013 Global Information Security Workforce Study, Frost & Sullivan and Booz Allen Hamilton.
2
Cybersecurity RolesThe structure and governance of every organization is different and varies based on the type of organization. Each organization has its own mission (business), size, industry, culture and legal regulations. However, all organizations have a responsibility and duty to protect their assets and operations, including their IT infrastructure and information
Executive Management
Board of Directors
Compliance
Information Security RolesRisk management
Cybersecurity Practitioners
Senior Information Security Management
Knowledge domains for Information Security Age
Technical Generic Management
Source: Georges Ataya
IDENTIFY
DETECT
PROTECT
RECOVER
RESPOND
© 2015 ICTC.EU
Cybersecurity processes
IDENTIFY
DETECT
PROTECT
RECOVER
RESPOND
Cybersecurity processes
Sources of information
To be downloaded at isaca.org
“Information security risk can be seen as the multiplication of three factors: assets, vulnerabilities and threats.”
2014
Executive Education in
IT ManagementExecutive Education in Information SecurityManagement
Solvay.edu/IT
Executive Master in IT Management
Executive Programme inCIO PracticesCIO LeadershipIT Business AgilityEnterprise and IT ArchitectureIT SourcingIT Management Consulting
Executive Master in Information Risk and Cybersecurity
Executive Programme inSecurity GovernanceInformation SecurityCybersecurity
Solvay.edu/IT
G3 – IT Risk and Legal concerns
M2 – IT Services and Run Management
G1 – The CIO Foundation
G2 – IT Governance Workshop
M1 – Applications Build and Management
B2 – Business Transformation
B3 – Digital Agility and Innovation
B1 – Enterprise Strategy and Architecture
M3 – IT Sourcing Management
G – track IT Governance
M – track IT Management
B – track Business Agility
Lectured tracks and modules
A1 – IT Finance and Portfolio Management
A2 – Soft Skills for IT professionals
A3 – Building Expert Opinion
A – track Activating skills
© 2014 ictc.eu
S1 – Information Security Management
S2 – IT Security Practices
S3 – Cybersecurity Workshop
S – trackInfo Security
Solvay.edu/IT
Today: Knowledge exchange• Share experiences: good and bad• Learn from each other• Create the foundations for the
awareness building and the policy recommendations
Ultimate goal• Get the number of infected
computers down
Georges Ataya ‐ [email protected] – solvay.edu/it