the rise of the cso - oracle cloud › us › assets › rise-of-the-cso-2773679.pdf10:05–10:20...
TRANSCRIPT
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
The Rise of the CSOWelcome
David ProfozichSenior Vice PresidentNorth America SalesOracle
October 27, 2015
Oracle Public
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. | Oracle Public
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. | Oracle Public 3
WELCOME
5 CSO SUMMIT @
OPEN WORLDTHTHE
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. | Oracle Public 4
We’re in the Age of Mega Breaches
200M ExperianMar ‘14
150MeBay
May ‘14
22MEducation
July ‘14
SA BanksOCT ‘13
Credit Cards
150M + CodeAdobe Oct ‘13
98MTargetDec‘13
20MCredit Bureau
12MTelecom
Jan ‘14
56MHome Depot
Sep ‘14
ImmigrationJune’14
PersonalRecords
76MJPMCOct ‘14
53MSony
Dec ‘14
227M
80MAnthemFeb ‘15
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. | Oracle Public
President proposes national mandate to require 30 day data breach notification
State of the Union urges Congress for legislation to increase computer security
Cybersecurity sprint Federal CIO mandate to protect Federal info & assets
Cybersecurity awareness month; week 5 focus on education and awareness
Government Security Focus Increases in 2015
January
October
January
June
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. | Oracle Public
Typical Attack Vectors
Social Attacks
Command & Control
Brute Force Hacking
Malware
SQL Injection Attack
Stolen Credentials
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. | Oracle Public
Global Cybercrime is a $288 Billion ProblemBigger than Stolen Phones, Cars, Credit Cards and the Cocaine Market Combined
$288 BILLIONGLOBAL CYBERCRIME MARKET
$30BSTOLEN SMART PHONE
$56BSTOLENVEHICLE MARKET
$85BCOCAINEMARKET
$114BSTOLEN CREDIT CARD MARKET
Source: Forrester, Interpol, Symantec
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
“I often say that the CSO is the corporate rock-star of the future because exceptional ones possess a combination of skills that rarely appear in one person”
Brian Moynihan, CEO, Bank of America
Oracle Public
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. | Oracle Public 9
Technical Curiosity is as Important as Aptitude
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. | Oracle Public 10
CSO: Chief Politician, Communicator, and Crisis Manager
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. | Oracle Public 11
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. | Oracle Public
Hacking and Malware Biggest Threats
-100
0
100
200
300
400
500
600
700
800
900
2004 2005 2006 2007 2008 2009 2010 2011 2012 2013
Hacking Malware Social Physical Misuse Error
HACKING
MALWARE
SOCIAL
PHYSICAL
1600%INCREASE
Source: 2014 Verizon DBIR
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. | Oracle Public
Oracle Can Reduce the Attack Surface Area by 80%
-100
0
100
200
300
400
500
600
700
800
900
2004 2005 2006 2007 2008 2009 2010 2011 2012 2013
Hacking Malware Social Physical Misuse Error
HACKING
MALWARE
SOCIAL
PHYSICAL
Source: 2014 Verizon DBIR
Privileged UserControls
SystemConfiguration
UnprotectedDatabases
50%
19%
13%
80%
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. | Oracle Public
Source: 2014 Verizon DBIR
Oracle Can Help Mitigate
TARGET 70M Records
JPMC 76M Records
ANTHEM 80M Records
ADOBE152M Records
HOME DEPOT56M Records
DEFAULT PASSWORDSOLUTIONRegular password reset Strong password policy
UNENCRYPTED DATASOLUTIONFile system encryptionDatabase encryption
STOLEN CREDENTIALSSOLUTIONMulti-factor authenticationWeb-fraud detection
UNPATCHED SERVERSOLUTIONMulti-factor authenticationAutomated config & patch
WEAK PASSWORDSSOLUTIONMulti-factor authenticationAutomated config & patch
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
Oracle Security – From the Inside Out
DatabasesInfrastructure Applications
Infrastructure
Database Security
Governance, Risk and Compliance
Identity Management
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
9:00–9:30 a.m. The Rise of the CSODave Profozich, SVP of North America Sales, Oracle
9:30–9:50 a.m. Securing Data in RetailAnantha Srirama, VP of New Technology, Macy’s
9:50–10:05 a.m. Securing the Oracle Public CloudSteve Daheb, SVP Business Groups, Oracle
10:05–10:20 a.m. Connecting the Dots with Identity Gautum Muralidharan, Dir Advisory Services, PwC
10:20–10:35 a.m. Innovations in Data SecurityVipin Samar, VP of Database Security, Oracle
10:35–10:50 a.m. Break
AGENDA
16Oracle Public
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
AGENDA
10:50–11:05 a.m. Innovations in Identity ManagementPeter Barker, SVP Database Security, Oracle
11:05–11:25 a.m. Preparing for the Big BreachAndy Wells, VP TRO Access Management, Technology Operations, Kaiser Permanente
11:25–11:40 a.m. Securing the Big Data LifecycleNiel Mendelson, VP, Advanced Analytics & Big Data, Oracle
11:40–12:00 p.m. Experts Panel - The Future of SecurityMary Ann Davidson, CSO, OracleChris Gavin, VP of Information Security, OracleGautum Muralidharan, Dir Advisory Services, PwC
12:00 p.m. ConclusionDave Profozich, SVP of North America Sales, Oracle
Oracle Public
