warning potential
play

Warning Potential 96 2016 106 2017 118B 131 2019 145 2020 - PowerPoint PPT Presentation

Warning Potential 96 2016 106 2017 118B 131 2019 145 2020 *Estimated global spend as reported by IDC (11% CAGR) 1.5T *Estimated global cybercriminal revenue as reported by Bromium 3.5 2016 4 2017 4.5T 5 2019 5.5 2020


  1. Warning

  2. Potential

  3. 96 2016 106 2017 118B 131 2019 145 2020 *Estimated global spend as reported by IDC (11% CAGR)

  4. 1.5T *Estimated global cybercriminal revenue as reported by Bromium

  5. 3.5 2016 4 2017 4.5T 5 2019 5.5 2020 *Estimated global damages as reported by Cybersecurity Ventures

  6. Dollars Related To Cybercrime & Cybersecurity 6000 Damages 4500 $ Billions (CDN) 3000 11% Growth Rate Revenue 1500 Security 2016 2017 2018 2019 2020

  7. 2016

  8. 2016

  9. 2016

  10. 2017

  11. 2017

  12. 2018

  13. 2018

  14. 2018

  15. 2018

  16. 2018

  17. 2018

  18. THOUSANDS of hours wasted BILLIONS of records breached BILLIONS of dollars spent TRILLIONS of dollars lost TENS of convictions

  19. Is this what SUCCESS looks like?

  20. NO

  21. Pause

  22. A short tangent… @marknca https://markn.ca

  23. Large Research Global Reach Cloud Focus Organization

  24. Operational “Standard” IT Serverless Technologies

  25. History New capabilities Top problem Biggest opportunity

  26. How did we get here?

  27. Bad People Controls Customers Internet Controls Employees Services Problems

  28. The goal of cybersecurity Protect the confidentiality, integrity, and availability of information

  29. CIO Service System 
 System CISO Delivery Support Development

  30. CIO Service System 
 System CISO Delivery Support Development Network Application 
 GRC Service Desk Operations Development Change 
 Security 
 Application 
 Testing Management Ops Support Business System 
 Project 
 Incident Liaison Administration Office Response

  31. CIO Service System 
 System CISO Delivery Support Development Responsible Responsible Responsible Responsible Accountable Accountable Accountable Informed Consulted Consulted Consulted Consulted Informed Informed Informed RACI for customer facing solutions

  32. Can We Do That?

  33. Joe CISO, OurCo

  34. 170 *Number of days to detect a persistent threat on network as per Ponemon, 2018

  35. “Let’s start a threat hunting program” “What will we need?” “Some new tools & 2 team members…”

  36. … � Generate stronger analytics � Expand AppSec program � Fill open requisitions for SOC � Deploy shelfware � Create threat hunting team?!?

  37. CIO Service System 
 System CISO Delivery Support Development

  38. IT Employees

  39. Cybersecurity IT

  40. Employees

  41. IT Employees

  42. You IT Employees

  43. 1:50:750 You IT Employees

  44. A Lack Of People

  45. Cybersecurity IT

  46. Cybersecurity IT

  47. Can you find these people?

  48. 770 * Graduates in cybersecurity from Canadian universities per year as per Universities Canada, 2018

  49. Can you find these people? Can you keep these people? Will these people actually help?

  50. #1 Problem

  51. 92.4% * Malware starts via phishing as per Verizon DBIR, 2018

  52. Phishing awareness campaign

  53. h tu p://click.thehustle.co/wf/click?upn=rw4-2B1wCQ bh6Z1QY0AaTRRgxNWhkFS3tL4210JyH-2B-2BpEm4 tu t5oCho7iCesyL1k1C_w2FF8AYzKpBRjzA7UjULRaTF5X IrrbdesgVaow37rDL0j99VHPRqu3DXqNtSY32Ny9COk Q6J5iyb102DBbyU3bwwSndbVB5LBjhoA61xCaAHTcu PQWdg tu qU2JGWa-2FiYxaP8S2DWu4kH64X9Klqbx-2 FnPk3CS0xNvJnZ-2FMXTz2PgweO6oqxHn36XbpZYn U61W2ZS-2FTMU4pX76KkSTWvCKR1AeJycxP093uVX -2Ffuq6GxJa4poLH4fYFmIdHaomBq0h10vEJUjyGtRs SLDNhAuJDhvL5BdGbHNpybTUP9VURlMCLwcLcBGLJ SP5-2FSSeI6-2FSRkz2SvpFdGsHj1F5EJReK9SCrUDeEJ WFJbzv7nQJZvIE5n8-2F96TVnNnFutjkzyKR

  54. .accountant .education .jetzt .school .apartment .energy .kim .soccer .associates .engineering .lawyer .surf .bingo .enterprise .love .theater .boutique .fish .maison .today .brussels .fitness .memorial .vacations .careers .flights .network .video .clinic .glass .one .webcam .consulting .global .parts .wiki .degree .gripe .party .wtf .dog .hockey .porn .yoga .download .how .rentals .zone

  55. Runs counter to the idea of a link

  56. 2.77% * Effectiveness of phishing training by McCoy et al., 2017

  57. 41% * Web attacks use stolen credentials as per Verizon DBIR, 2018

  58. Password awareness campaign

  59. Runs counter to math & psychology

  60. 86% * Of passwords are reused or simple as per Troy Hunt, 2018

  61. Ugh, Users

  62. vs. Us Them

  63. “Users” are the problem

  64. “Users” are the problem

  65. 100% * Forgotten common sense

  66. vs. Us Them

  67. Containment

  68. “This system needs to be deployed.” “When?” “Monday…”

  69. Plan Run Code Stage Mitigate Detect Test Respond

  70. Plan Run Code Stage Mitigate Detect Test Respond

  71. Resolution Cost—Workflow Stage 2x —x 10x 5x 1x Code Test Stage Run Plan * NIST Planning Report 02-3

  72. Late stage risk assessments limit options

  73. Bolt-on

  74. Plan Run Code Stage Mitigate Detect Test Respond

  75. Plan Run Code Stage Mitigate Detect Test Respond

  76. Resolution Cost—Workflow Stage 2x —x 10x 5x 1x Code Test Stage Run Plan * NIST Planning Report 02-3

  77. Resolution Cost—Workflow Stage 30x 15x 10x 5x —x Plan Code Test Stage Run * NIST Planning Report 02-3

  78. Plan Run Code Stage Mitigate Detect Test Respond

  79. Plan Run Code Stage Mitigate Detect Test Respond

  80. Deployment Frequency Lead time for changes Time to restore service Change failure rate *2018 State of Devops report from DORA

  81. Early security intervention opens up new options Can you keep up with development cycles? Can you speak developer?

  82. What now?

  83. You can’t scale… automate User’s ≠ problem… educate Not collaborating… participate

  84. The goal of cybersecurity Make sure that systems work as intended …and only as intended

  85. Thank you Read more at https://markn.ca Reach me online @marknca

Recommend


More recommend