Successfully Protecting Your IP Assets A Cyber Perspective E.J. Hilbert October 8, 2013.
-
Upload
william-owen -
Category
Documents
-
view
217 -
download
2
Transcript of Successfully Protecting Your IP Assets A Cyber Perspective E.J. Hilbert October 8, 2013.
Successfully Protecting Your IP Assets
A Cyber Perspective
E.J. Hilbert
October 8, 2013
About the Speaker• Managing Director Kroll Advisory Solutions- Head of Cyber
Investigations for EMEA
• President of Online Intelligence- A cyber security and investigative firm specializing in social media and online advertising schemes, scams and crimes.
• Director of Security Enforcement for MySpace – Responsible for addressing all security concerns related to MySpace, its systems and its users.
• FBI Special Agent- Specialized in White Collar Crime, Cyber Crime and Counter-Terrorism. Notable cases are Treason charges against Adam Gadahn aka Azzam Al Amriki, FBI.gov email intrusion, Carderplanet takedown/Cardkeeper, Samantha Runnion Kidnapping and Invita/Flyhook: the Alexey Ivanov case
• High school Teacher and Coach- History, Science, Baseball, Basketball and Cross Country
• Got my first computer at 12yrs old, a Commodore 64, upgraded later to an Apple IIe
• Consultant on TV shows, movies and books, various media coverage including MSNBC, CNN, Financial Times, Rolling Stone, WSJ, Wired, Gizmodo and others
Why Invent When You Can Steal
IP equals Information that can equal Profit
» There is no innovation that is not stored digitally
» Patent trolls illustrate the profit model
Innovation takes time
» Shortage of Cyber professionals in EMEA
» Plagiarism is the highest form of flattery?
Theft can level the playing field
» Emerging markets are looking for a leg up
» 1st world markets are looking to stay on top
Physical theft is hard, cyber theft is easy
Five Steps To Protecting Your IP
Know What You Have
Limit Who Can Access It
Know Who Is Accessing It and Why
Terminating Access
Fight For What Is Yours
Knowing What You Have
Before you can protect something you need to know what IT is.
Blob Data- most people and companies have a stockpile of Blob data with no understanding of what it includes.
Value of Your Data – One man’s trash is another man’s fortune
Subjective Security- Protection around the individual as well as the whole.
Limit Who Has AccessEveryone does not have “A Need To Know”
Access Control – shut the doors and close the blinds
Key ring approach – Require different passwords for each level of access
Change It Up- Force changes at random times
Who are you and why are your looking at this
You need to monitor who is accessing your stuff
Most companies do not monitor access
» We create logs but nobody reviews them
Logs are not just for reactive work
» Viewing the logs will show patterns
User authentication and reasons for use are imperative
» Are you sure they are who they say they are?
Detection and Terminating AccessYou need to have lightening reflexes
The speed of cyber theft is only tempered by perceived monitoring, the fear of getting caught and victims ability to act.
You must be able to detect an attack and shutdown access immediately
“We will protect IP as soon as we get some of our own.”
Fight for What is Yours “What’s the use?” is defeatist and has a knock-on
effect.
Cyber attackers do not fear being caught because most given up the fight. There is no downside to stealing your IP for the hackers.
Most victims of cyber attack focus on the how it happened and defending against the next attack, few seek attribution and penalties.
No fight means you will forever be the victim.
WITH
Take Away Information
Know What You Have
Limit Who Can Access It
Know Who Is Accessing It and Why
Be Able to Terminate Access
Fight For What Is Yours
Which of These Don’t You Do?
Questions?
E.J. Hilbert
Managing Director
Kroll Advisory Solutions
+44 (0)782-5753027
www.twitter.com/ejhilbert
www.linkedin.com/in/ejhilbert