Larry Clinton Operations Officer Internet Security Alliance - PowerPoint PPT Presentation

Larry Clinton Operations Officer Internet Security Alliance lclinton@ISAlliance.org 703-907-7028 202-236-0001

The Internet Security Alliance The Internet Security Alliance is a collaborative effort between Carnegie Mellon University’s Software Engineering Institute (SEI) and its CERT Coordination Center (CERT/CC) and the Electronic Industries Alliance (EIA ), a federation of trade associations with over 2,500 members.

ISAlliance Distinctions • International in membership and leadership • Inter-sectoral---like the Internet • Organized on business, not nation state, lines • ISAlliance IS a Public Private Partnership

Sponsors of ISAlliance

GOALS OF PRESENTATION • 1. Focus on the PRIVATE side of the public private partnership • 2. Demonstrate the Business case for cyber security and how ISAlliance is trying to help • 3. Discuss successful information sharing • 4. Discuss International Cooperation--OAS

Impact of Attacks on Business • Klez virus: - Clean up and lost productivity: $9 billion • Code Red: 1 million computers affected – Clean-up and lost productivity: $2.6 billion • Love Bug: 50 variants, 40 million computers affected – Clean-up and lost productivity: $8.8 billion • Nimda – Clean-up and lost productivity: $1.2 billion • Slammer – Clean up and lost productivity: $1 billion +

Business case for Cyber Security “Designing strong security into information infrastructure can reduce overall operating costs enabling cost-saving processes such as remote access and improved supply chains which could not have occurred in networks lacking appropriate security” (Critical Infrastructure Protection Board 2003)

Business Case for Cyber Security • Research reported in CSO Magazine in 2002 demonstrates a 21% Return on Investment for cyber security systems implemented early in network development. • “The costs of a sever computer attack are likely to be greater than the preemptive investment in a cyber security program would have been.” (National Strategy to Secure Cyber Space 2003)

ISAlliance Market- incentives for security • Visa ----Digital dozen program • Nortel ---Mandated security for vendors program • Verizon---Packaging and education programs for home users

ISAlliance Cyber-Insurance Program • Coverage for members • Market incentive for increased security practices • 10% discount off best prices from AIG • Additional 5% discount for implementing ISAlliance Best Practices (July 2002) • Discounts more than offset sponsorship dues

Adopt and Implement ISAlliance Best Practices • Cited in US National Draft Strategy to Protect Cyber Space (September 2002) • Endorsed by TechNet for CEO Security Initiative (April 2003) • Endorsed US India Business Council (April 2003)

ISAlliance/CERT/cc Special Communications

Benefits of Information Sharing Organizations • May lesson the likelihood of attack “Organizations that share information about computer break ins are less attractive targets for malicious attackers.” – NYT 2003 • Participants in information sharing have the ability to better prepare for attacks (Harvard study 2003)

Examples of Successful ISAlliance Information Sharing I • SNMP vulnerability – October 2001 CERT notified ISAlliance members of SNMP vulnerability. CERT provides protection advise to membership while waiting for patch development. – CERT provides ISAlliance members with updates in November, January 4, January 16, Feb. 7. ISAlliance conference calls discuss remediation, press relations and use of vendor patches. – SNMP Publicly disclosed Feb. 12, 2002. – No ISAlliance members are affected by SNMP

Examples of Successful Information Sharing II • SLAMMER WORM 2002-2003 • May 2002, CERT Notifies ISAlliance members of slammer vulnerability. Provides advise for protection while awaiting patch • July 2002 Microsoft provides patch • January 2003 Slammer Worm attacks, fastest infection rate to date.

Examples of Successful Information Sharing III • July 2003 CISCO IOS Interface • July 16, acting on information from Cisco, CERT informs ISAlliance members of vulnerability advises applying Cisco patch and steps that can be taken until the patch is applied. • July 17 ISAlliance Exec Communication & conference call • July 18 ISAlliance Exec Communication & call

Why ISAlliance Info Sharing Succeeds • CERT/cc leadership and credibility • History (2 years) and regularity build trust • Inter-sectoral/International membership not inhibited by competitive concerns • Success breeds success

International Outreach--- India • Confederation of Indian Industries/US-India Business Council/ISAlliance • 6 Teleconferences discussing cyber security issues and needs (summer 2003) • US tour for Indian companies seeking partnerships in America (fall 2003 • ISAlliance trip to India including ISA/CERT Training (winter 2003/4) implementing a “gold standard of cyber security

International Cooperation---Japan • 2002 ISAlliance visits Japan meets with Japanese Ministry of JEDA and Japan Network Security Association • July 30, 2003 30 member delegation from Japan Network Security Association visits ISAlliance to discuss partnerships

International Cooperation/ OAS Region • ISAlliance is looking for partners in region • Must be committed to security and past muster with ISAlliance Board and CERT • This is a partnership. It requires commitment and investment

Larry Clinton Operations Officer Internet Security Alliance lclinton@isalliance.org 703-907-7028 202-236-0001