"Cyber" security - all good, no need to worry?

Ian Amit Director of Services, IOActive

¡Hola

Source: datalossdb.org

Incidents by Business Type - All Time

Biz Gov Med Edu

Incidents by Vector - All Time

Outside Inside - Accidental Inside - Malicious UnknownInside

DataLossDB.org Incidents Over Time

2004 2005 2006 2007 2008 2009 2010 2011 2012 2013

829728

Problem ✓

Solution?

What would CISO do?

RISK MANAGEMENT

We need to get back to BASICS

insert crowd pic here

Prioritize !

Based on risk, impact,

potential cost, and cost of remediation

Summary1. Stop throwing money on products

2. Identify assets, processes, technology, threats.

3. Assess your current posture. Identify gaps.

4. Address gaps based on priority and relevance. Consider cost (of impact, of fixing).

5. Test effectiveness.

6. Back to 2.

REMEMBER!

• You are not fighting off pentesters. You are fighting off actual adversaries.

• You are not fighting off auditors. You keep your organization working.

• You are not fighting off regulators. You are trying to keep yourself out of jail.

Thank You! ¡gracias

Ian Amit Director of Services, IOActive

ian.amit@ioactive.com Twitter: @iiamit

"Cyber" security - all good, no need to worry?

Technology

Transcript of "Cyber" security - all good, no need to worry?

A Type System for Tomorrow · “Bad programmers worry about the code. Good programmers worry about data structures and their relationships.” - Linus Torvalds “Smart data structures

Unproductive worry

Cyber-Physical Cloud(y) Computing: Good News, Bad News and Looking Forward

Five Cyber Threats to Worry About in 2018 · 3/3/2018 · through cyber defenses. The following are some significant threats to look out for this year. More huge data breaches The

While cyber insurance is by no means a replacement to good ... · While cyber insurance is by no means a replacement to good IT security practices, the policy provides a safety net

NIO WORRY LIST FOR JANUARY...Title NIO WORRY LIST FOR JANUARY Subject NIO WORRY LIST FOR JANUARY Keywords

WORRY _______ BE INTERESTED _______ GET UPSET ____ BE GOOD ________ FEEL PROUD_____ APPLY _________A JOB GO _________ AN INTERVIEW.

Caribbean Cyber Security Center “The Good Guys”

Unproductive Worry Matthew 6:27-34 Do you remember Alfred E. Newman from Mad Magazine? Why do we worry? Does it do any good to worry about things?

Cyber resilience as a global public good

How to be Cyber Safe! - Security, Cyber , and …02f9c3b.netsolhost.com/.../uploads/Cyber-safe-4-SMBs-brief-web.pdfOverall precautions and security/privacy good habits 3 This is great

Good Neighbor Evangelism BuIldBridgesBuIldBridges Last series: Be a good neighbor! Don’t worry, just do it! What works today? Stewardship This.

Midterm Mean: 29/50 30+: In reasonably good shape 20-30: Worry a little Under 20: Worry a lot Answers are on the web page –Explain anything you don't understand,

Divided we stand, united we worry: Predictors of worry in ...

Cyber Security Forum - Squarespace · PDF fileBIBF Cyber Security Forum - Sam script v2a May 2017 Page 1 of 12 Cyber Security Forum Presentation C.B (Sam) Mulholland Good Afternoon

Good News - Andrews University · Good News Hope International Newsletter ... don’t worry, they won’t last long either. 5] Old friends are ... incognito in the metro station was

PENGARUH PENERAPAN GOOD CORPORATE ...eprints.perbanas.ac.id/2442/8/COVER.pdfv “Don’t worry about failure, just worry about the chance you miss when you don’t even try” “Sesungguhnya

CYBER JUSTICE: CYBER GOVERNANCE THROUGH HUMAN …Anja Mihr Thus cyber justice is defined by good governance principles and human rights norms and their realization in cyberspace through

Cyber Security Grant Program DHSES Cyber Initiatives · resources necessary for providing cyber security awareness training to their staff in support of good cyber hygiene at the

The Public Library “Cyber Shelf”is a good place to …wildginger.com/pdffiles/esewing3.pdf · The Public Library “Cyber Shelf”is a good place to start looking for e-books.

WORRY ___ BE INTERESTED _ GET UPSET BE GOOD ____ FEEL PROUD_ APPLY _A JOB GO ___ AN INTERVIEW.