![Page 1: CYBERSECURITY – The next frontier · CYBERSECURITY – The next frontier Robert E Stroud CGEIT CRISC VP, Strategy and Innovation CA Technologies International President, ISACA @RobertEStroud](https://reader034.vdocuments.us/reader034/viewer/2022042803/5f4c8f18a08cdc4d1860c56a/html5/thumbnails/1.jpg)
CYBERSECURITY –The next frontier
Robert E Stroud CGEIT CRISC
VP, Strategy and Innovation CA Technologies
International President, ISACA
@RobertEStroud
August 2014
www.isaca.org/cyber
![Page 2: CYBERSECURITY – The next frontier · CYBERSECURITY – The next frontier Robert E Stroud CGEIT CRISC VP, Strategy and Innovation CA Technologies International President, ISACA @RobertEStroud](https://reader034.vdocuments.us/reader034/viewer/2022042803/5f4c8f18a08cdc4d1860c56a/html5/thumbnails/2.jpg)
© 2014 CA. ALL RIGHTS RESERVED.
Robert E Stroud CGEIT CRISCInternational President ISACA
Vice President Strategy & Innovation CA Technologies
Futurist, Author, Public Speaker & Industry GeeK
15 years Banking
Contributor to numerous industry frameworks, standards
and good practices
Former Director itSMF International &
itSMF USA
@RobertEStroud
![Page 3: CYBERSECURITY – The next frontier · CYBERSECURITY – The next frontier Robert E Stroud CGEIT CRISC VP, Strategy and Innovation CA Technologies International President, ISACA @RobertEStroud](https://reader034.vdocuments.us/reader034/viewer/2022042803/5f4c8f18a08cdc4d1860c56a/html5/thumbnails/3.jpg)
© 2014 CA. ALL RIGHTS RESERVED.
Please do keep mobile devices on during this session!
@RobertEStroud #LeadIT
Source: http://www.securedgenetworks.com/secure-edge-networks-blog/bid/84023/10-Ways-Mobile-Device-Management-Can-Help-Your-School
![Page 4: CYBERSECURITY – The next frontier · CYBERSECURITY – The next frontier Robert E Stroud CGEIT CRISC VP, Strategy and Innovation CA Technologies International President, ISACA @RobertEStroud](https://reader034.vdocuments.us/reader034/viewer/2022042803/5f4c8f18a08cdc4d1860c56a/html5/thumbnails/4.jpg)
© 2014 CA. ALL RIGHTS RESERVED.
ISACA
“Trust in, and value from,
information systems”
– Global association serving 115,000 IT security, assurance, governance and risk professionals
– Established in 1969
– Members in 180 countries
– 200+ chapters
![Page 5: CYBERSECURITY – The next frontier · CYBERSECURITY – The next frontier Robert E Stroud CGEIT CRISC VP, Strategy and Innovation CA Technologies International President, ISACA @RobertEStroud](https://reader034.vdocuments.us/reader034/viewer/2022042803/5f4c8f18a08cdc4d1860c56a/html5/thumbnails/5.jpg)
© 2014 CA. ALL RIGHTS RESERVED.
January 12th, 2010 The world changedThe Advanced Persistent Threat
http://www.eweek.com/c/a/Security/Google-China-and-the-Anatomy-of-the-Aurora-
Attack-255807/
http://www.theguardian.com/technology/blog/2010/jan/20/google-china
![Page 6: CYBERSECURITY – The next frontier · CYBERSECURITY – The next frontier Robert E Stroud CGEIT CRISC VP, Strategy and Innovation CA Technologies International President, ISACA @RobertEStroud](https://reader034.vdocuments.us/reader034/viewer/2022042803/5f4c8f18a08cdc4d1860c56a/html5/thumbnails/6.jpg)
© 2014 CA. ALL RIGHTS RESERVED.
APT’s are impacting us in many ways
![Page 7: CYBERSECURITY – The next frontier · CYBERSECURITY – The next frontier Robert E Stroud CGEIT CRISC VP, Strategy and Innovation CA Technologies International President, ISACA @RobertEStroud](https://reader034.vdocuments.us/reader034/viewer/2022042803/5f4c8f18a08cdc4d1860c56a/html5/thumbnails/7.jpg)
© 2014 CA. ALL RIGHTS RESERVED.
APT’s are accelerating
![Page 8: CYBERSECURITY – The next frontier · CYBERSECURITY – The next frontier Robert E Stroud CGEIT CRISC VP, Strategy and Innovation CA Technologies International President, ISACA @RobertEStroud](https://reader034.vdocuments.us/reader034/viewer/2022042803/5f4c8f18a08cdc4d1860c56a/html5/thumbnails/8.jpg)
© 2014 CA. ALL RIGHTS RESERVED.Scource: http://heartbleed.com
Watch the video here on Heartbleed: https://www.youtube.com/watch?v=8oI_laHhGjE
![Page 9: CYBERSECURITY – The next frontier · CYBERSECURITY – The next frontier Robert E Stroud CGEIT CRISC VP, Strategy and Innovation CA Technologies International President, ISACA @RobertEStroud](https://reader034.vdocuments.us/reader034/viewer/2022042803/5f4c8f18a08cdc4d1860c56a/html5/thumbnails/9.jpg)
© 2014 CA. ALL RIGHTS RESERVED.
Advanced Persistent Threats?
![Page 10: CYBERSECURITY – The next frontier · CYBERSECURITY – The next frontier Robert E Stroud CGEIT CRISC VP, Strategy and Innovation CA Technologies International President, ISACA @RobertEStroud](https://reader034.vdocuments.us/reader034/viewer/2022042803/5f4c8f18a08cdc4d1860c56a/html5/thumbnails/10.jpg)
© 2014 CA. ALL RIGHTS RESERVED.
Evolution of Attacks
![Page 11: CYBERSECURITY – The next frontier · CYBERSECURITY – The next frontier Robert E Stroud CGEIT CRISC VP, Strategy and Innovation CA Technologies International President, ISACA @RobertEStroud](https://reader034.vdocuments.us/reader034/viewer/2022042803/5f4c8f18a08cdc4d1860c56a/html5/thumbnails/11.jpg)
© 2014 CA. ALL RIGHTS RESERVED.
The APT Lifecycle
![Page 12: CYBERSECURITY – The next frontier · CYBERSECURITY – The next frontier Robert E Stroud CGEIT CRISC VP, Strategy and Innovation CA Technologies International President, ISACA @RobertEStroud](https://reader034.vdocuments.us/reader034/viewer/2022042803/5f4c8f18a08cdc4d1860c56a/html5/thumbnails/12.jpg)
© 2014 CA. ALL RIGHTS RESERVED.
Stages of an APT
![Page 13: CYBERSECURITY – The next frontier · CYBERSECURITY – The next frontier Robert E Stroud CGEIT CRISC VP, Strategy and Innovation CA Technologies International President, ISACA @RobertEStroud](https://reader034.vdocuments.us/reader034/viewer/2022042803/5f4c8f18a08cdc4d1860c56a/html5/thumbnails/13.jpg)
© 2014 CA. ALL RIGHTS RESERVED.
How well do security
professionals
understand APTs?
How are they
affecting different
industries and
organizations
throughout the
world?
What is being done
to prevent them?
In Q4 of 2012, ISACA
launched the APT
Awareness Survey
19%
Asia
32%
8%
3%38%Europe / Africa
North America
Latin America
Oceania
![Page 14: CYBERSECURITY – The next frontier · CYBERSECURITY – The next frontier Robert E Stroud CGEIT CRISC VP, Strategy and Innovation CA Technologies International President, ISACA @RobertEStroud](https://reader034.vdocuments.us/reader034/viewer/2022042803/5f4c8f18a08cdc4d1860c56a/html5/thumbnails/14.jpg)
© 2014 CA. ALL RIGHTS RESERVED.
42.5% of respondents
were familiar…
28.6%, somewhat
familiar…
And only 25.1% very
familiar about APTs.
Overall, 96.2% were
somewhat familiar with
APTs…
But most importantly:
AWARENESS
of respondents
understood APTs as a
very credible, serious
threat to national security
and economic stability
93.6%
25%
42%
29%
4%
Very Familiar
Familiar
Somewhat Familiar
Not at All Familiar
![Page 15: CYBERSECURITY – The next frontier · CYBERSECURITY – The next frontier Robert E Stroud CGEIT CRISC VP, Strategy and Innovation CA Technologies International President, ISACA @RobertEStroud](https://reader034.vdocuments.us/reader034/viewer/2022042803/5f4c8f18a08cdc4d1860c56a/html5/thumbnails/15.jpg)
© 2014 CA. ALL RIGHTS RESERVED.
Although just 21.6%
of respondents
reported having been
victims of an APT
attack
63% – three times
that amount –
believe it’s only a
matter of time before
their business is
targeted.
Suffering with an APT
63%BELIEVE IT’S
ONLY A MATTER
OF TIME BEFORE
THEIR BUSINESS IS TARGETED.
![Page 16: CYBERSECURITY – The next frontier · CYBERSECURITY – The next frontier Robert E Stroud CGEIT CRISC VP, Strategy and Innovation CA Technologies International President, ISACA @RobertEStroud](https://reader034.vdocuments.us/reader034/viewer/2022042803/5f4c8f18a08cdc4d1860c56a/html5/thumbnails/16.jpg)
© 2014 CA. ALL RIGHTS RESERVED.
How are
people handling
the threats? Most respondents are
using technology in a
risk based layered
approach to prevent
and combat APTs.
94.9% Anti-Virus / Anti-Malware
92.8% Network Tech (Firewalls, etc.)
71.2% IPS
© 2014 ISACA. All rights reserved
![Page 17: CYBERSECURITY – The next frontier · CYBERSECURITY – The next frontier Robert E Stroud CGEIT CRISC VP, Strategy and Innovation CA Technologies International President, ISACA @RobertEStroud](https://reader034.vdocuments.us/reader034/viewer/2022042803/5f4c8f18a08cdc4d1860c56a/html5/thumbnails/17.jpg)
© 2014 CA. ALL RIGHTS RESERVED.
There aren’t enough
precautions being
taken against the threat
of an APT.
Up to 81.8% of survey
takers have not
updated their
agreements with
vendors who provide
protection against APT.
And 67.3% reported
that they haven’t held
any APT awareness
training programs for
their employees.
A Troubling
Lack of
Initiative
Has your enterprise increased
security training as a result of
APTs?
Very Likely
Likely
Not Very likely
Not at All Likely
0% 20% 40% 60% 80%
Yes
No
![Page 18: CYBERSECURITY – The next frontier · CYBERSECURITY – The next frontier Robert E Stroud CGEIT CRISC VP, Strategy and Innovation CA Technologies International President, ISACA @RobertEStroud](https://reader034.vdocuments.us/reader034/viewer/2022042803/5f4c8f18a08cdc4d1860c56a/html5/thumbnails/18.jpg)
© 2014 CA. ALL RIGHTS RESERVED.
APTs are serious threats.
We need more consideration
to their consequences.Enterprises must adopt more technology awareness
training, vendor management, incident management
and increased attention from executives.
© 2014 ISACA. All rights reserved
![Page 19: CYBERSECURITY – The next frontier · CYBERSECURITY – The next frontier Robert E Stroud CGEIT CRISC VP, Strategy and Innovation CA Technologies International President, ISACA @RobertEStroud](https://reader034.vdocuments.us/reader034/viewer/2022042803/5f4c8f18a08cdc4d1860c56a/html5/thumbnails/19.jpg)
© 2014 CA. ALL RIGHTS RESERVED.
Cybersecurity – more than defense you need “offence”!
Safe harbours will continue to exist
Traditional prevention and detection is not enough you need to move from defensive to offensive
Governments cannot prevent intrusions
Data loss is inevitable
Attacks will continue
Companies often breached for years
New approaches required
Castle Image: http://www.castles.org/Kids_Section/Castle_Story/parts.htm
Image: http://hot1047.com/adrian-peterson-buys-snowmobiles-for-offensive-line/
![Page 20: CYBERSECURITY – The next frontier · CYBERSECURITY – The next frontier Robert E Stroud CGEIT CRISC VP, Strategy and Innovation CA Technologies International President, ISACA @RobertEStroud](https://reader034.vdocuments.us/reader034/viewer/2022042803/5f4c8f18a08cdc4d1860c56a/html5/thumbnails/20.jpg)
© 2014 CA. ALL RIGHTS RESERVED.
![Page 21: CYBERSECURITY – The next frontier · CYBERSECURITY – The next frontier Robert E Stroud CGEIT CRISC VP, Strategy and Innovation CA Technologies International President, ISACA @RobertEStroud](https://reader034.vdocuments.us/reader034/viewer/2022042803/5f4c8f18a08cdc4d1860c56a/html5/thumbnails/21.jpg)
© 2014 CA. ALL RIGHTS RESERVED.
If you have IP you are a target!
Assume you are breached
Prepare for the inevitable
Start planning
Define your “Win” Delay the ‘Threat’ from reaching its goal
Minimize the loss
Improvise as you go along
Are your approaches outdated? If so
review and revise!
![Page 22: CYBERSECURITY – The next frontier · CYBERSECURITY – The next frontier Robert E Stroud CGEIT CRISC VP, Strategy and Innovation CA Technologies International President, ISACA @RobertEStroud](https://reader034.vdocuments.us/reader034/viewer/2022042803/5f4c8f18a08cdc4d1860c56a/html5/thumbnails/22.jpg)
© 2014 CA. ALL RIGHTS RESERVED.
Transitioning to the “new normal”
Build a team
Establish key relationships
Determine Authorities within and
outside organisation
Inventory Existing Technologies
Standardize the Investigation
Process
Training and Governance
Establish & Develop Critical
Capabilities
![Page 23: CYBERSECURITY – The next frontier · CYBERSECURITY – The next frontier Robert E Stroud CGEIT CRISC VP, Strategy and Innovation CA Technologies International President, ISACA @RobertEStroud](https://reader034.vdocuments.us/reader034/viewer/2022042803/5f4c8f18a08cdc4d1860c56a/html5/thumbnails/23.jpg)
© 2014 CA. ALL RIGHTS RESERVED.
![Page 24: CYBERSECURITY – The next frontier · CYBERSECURITY – The next frontier Robert E Stroud CGEIT CRISC VP, Strategy and Innovation CA Technologies International President, ISACA @RobertEStroud](https://reader034.vdocuments.us/reader034/viewer/2022042803/5f4c8f18a08cdc4d1860c56a/html5/thumbnails/24.jpg)
CYBERSECURITY –The next frontier
Robert E Stroud CGEIT CRISC
VP, Strategy and Innovation CA Technologies
International President, ISACA
@RobertEStroud
August 2014
www.isaca.org/cyber
![Page 25: CYBERSECURITY – The next frontier · CYBERSECURITY – The next frontier Robert E Stroud CGEIT CRISC VP, Strategy and Innovation CA Technologies International President, ISACA @RobertEStroud](https://reader034.vdocuments.us/reader034/viewer/2022042803/5f4c8f18a08cdc4d1860c56a/html5/thumbnails/25.jpg)
© 2014 CA. ALL RIGHTS RESERVED.