The State of Cybersecurity - PowerPoint PPT Presentation

1 / 10
About This Presentation
Title:

The State of Cybersecurity

Description:

The State of Cybersecurity A View From Inside the Beltway Robert Y. Bigman* Chief, Information Assurance Group Central Intelligence Agency *The opinions ... – PowerPoint PPT presentation

Number of Views:136
Avg rating:3.0/5.0
Slides: 11
Provided by: northalab
Category:

less

Transcript and Presenter's Notes

Title: The State of Cybersecurity


1
The State of Cybersecurity A View From Inside
the Beltway
  • Robert Y. BigmanChief, Information Assurance
    Group
  • Central Intelligence Agency

The opinions contained herein are mine and not
necessarily shared by the CIA.

2
State of Cybersecurity
  • Recent High Profile Breaches
  • JTF Strike Fighter design drawings stolen
  • Classified data on the Presidents helicopter
    accidentally leaked over P2P file sharing network
  • Chinese reportedly penetrate U.S. electric grid,
    also infect 1,200 government computers in 103
    countries
  • Heartland Payment Systems resulted in expenses
    and accruals of 12.6 million
  • Hannaford Brothers exposed 4.2 million credit and
    debit card numbers
  • UC Berkley loses 160,000 health and personal
    records

3
State of Cybersecurity
  • Worse of All
  • The Agent.BTZ Story
  • The Chinese
  • The Global Criminal Element
  • The Global Hacker with a Habit

4
State of Cybersecurity
  • Security/Privacy on the Internet
  • Its as if everyone was driving in a new city
    without license plates.
  • Its the Wild Wild West without even local
    sheriffs.
  • For most users it is as if they landed on
    another planet with only water and oxygen in
    common.

5
State of Cybersecurity
  • So Why is This Happening?
  • The value (to global organized crime and
    state/non-state actors) far outweighs the risks
  • Global legal remedies not even a discussion topic
  • Where are the boundaries on the Internet?
  • The ease of remote access
  • The vulnerabilities inherent in commercial IT
    products
  • The shocking lack of competent IA talent
  • The shocking lack of organizational commitment to
    implementing basic IA capabilities and procedures

6
State of Cybersecurity
  • Inside The Beltway Solutions to The Problem
  • Lets pass laws
  • Lets regulate the internet
  • Lets appoint a Cyberczar
  • Lets create a Cyber-command

7
State of Cybersecurity
  • Whats Missing
  • While some new laws and regulations are needed,
    developing a meaningful public-private
    partnership is more important
  • Cybersecurity literacy requires investment
  • We have to value secure software like we current
    value feature-rich software
  • We need a trusted identity for all internet users

8
State of Cybersecurity
  • Common Sense Procedural Measures
  • Limit users ability to transfer data to only
    those trained and certified
  • Train and certify system administrators
  • Have all users trained and sign a memorandum of
    information assurance responsibilities
  • Install IA into all IT configuration management
    boards and practices

9
State of Cybersecurity
  • Common Sense Technical Measures
  • Implementing NIST, NSA, and DISA Stig
    Configuration Guides
  • NIST SP800-53 - Twenty critical controls
  • Two-Factor Authentication
  • Patching
  • DEP
  • IPSEC
  • DNSSEC
  • Device Locking/DLP
  • Host Intrusion Detection
  • Source Code Testing

10
Questions?
Write a Comment
User Comments (0)
About PowerShow.com