Larry Clinton Operations Officer Internet Security Alliance - - PowerPoint PPT Presentation

Larry Clinton Operations Officer Internet Security Alliance lclinton@ISAlliance.org 703-907-7028 202-236-0001

The Internet Security Alliance

The Internet Security Alliance is a collaborative effort between Carnegie Mellon University’s Software Engineering Institute (SEI) and its CERT Coordination Center (CERT/CC) and the Electronic Industries Alliance (EIA), a federation of trade associations with

• ver 2,500 members.

ISAlliance Distinctions

• International in membership and leadership
• Inter-sectoral---like the Internet
• Organized on business, not nation state, lines
• ISAlliance IS a Public Private Partnership

Sponsors of ISAlliance

GOALS OF PRESENTATION

• 1. Focus on the PRIVATE side of the public private

partnership

• 2. Demonstrate the Business case for cyber security

and how ISAlliance is trying to help

• 3. Discuss successful information sharing
• 4. Discuss International Cooperation--OAS

• Klez virus:
• Clean up and lost productivity: $9 billion
• Code Red: 1 million computers affected

– Clean-up and lost productivity: $2.6 billion

• Love Bug: 50 variants, 40 million computers affected

– Clean-up and lost productivity: $8.8 billion

• Nimda

– Clean-up and lost productivity: $1.2 billion

• Slammer

– Clean up and lost productivity: $1 billion +

Impact of Attacks on Business

Business case for Cyber Security

“Designing strong security into information infrastructure can reduce overall operating costs enabling cost-saving processes such as remote access and improved supply chains which could not have occurred in networks lacking appropriate security” (Critical Infrastructure Protection Board 2003)

Business Case for Cyber Security

• Research reported in CSO Magazine in 2002

demonstrates a 21% Return on Investment for cyber security systems implemented early in network development.

• “The costs of a sever computer attack are likely to

be greater than the preemptive investment in a cyber security program would have been.” (National Strategy to Secure Cyber Space 2003)

ISAlliance Market- incentives for security

• Visa ----Digital dozen program
• Nortel ---Mandated security for vendors program
• Verizon---Packaging and education programs for

home users

ISAlliance Cyber-Insurance Program

• Coverage for members
• Market incentive for increased security practices
• 10% discount off best prices from AIG
• Additional 5% discount for implementing ISAlliance

Best Practices (July 2002)

• Discounts more than offset sponsorship dues

Adopt and Implement ISAlliance Best Practices

• Cited in US National Draft

Strategy to Protect Cyber Space (September 2002)

• Endorsed by TechNet for CEO

Security Initiative (April 2003)

• Endorsed US India Business

Council (April 2003)

ISAlliance/CERT/cc Special Communications

Benefits of Information Sharing Organizations

• May lesson the likelihood of attack

“Organizations that share information about computer break ins are less attractive targets for malicious attackers.” – NYT 2003

• Participants in information sharing have the

ability to better prepare for attacks (Harvard study 2003)

Examples of Successful ISAlliance Information Sharing I

• SNMP vulnerability

– October 2001 CERT notified ISAlliance members of SNMP

• vulnerability. CERT provides protection advise to membership while

waiting for patch development. – CERT provides ISAlliance members with updates in November, January 4, January 16, Feb. 7. ISAlliance conference calls discuss remediation, press relations and use of vendor patches. – SNMP Publicly disclosed Feb. 12, 2002. – No ISAlliance members are affected by SNMP

Examples of Successful Information Sharing II

• SLAMMER WORM 2002-2003
• May 2002, CERT Notifies ISAlliance members of

slammer vulnerability. Provides advise for protection while awaiting patch

• July 2002 Microsoft provides patch
• January 2003 Slammer Worm attacks, fastest

infection rate to date.

Examples of Successful Information Sharing III

• July 2003 CISCO IOS Interface
• July 16, acting on information from Cisco, CERT

informs ISAlliance members of vulnerability advises applying Cisco patch and steps that can be taken until the patch is applied.

• July 17 ISAlliance Exec Communication &

conference call

• July 18 ISAlliance Exec Communication & call

Why ISAlliance Info Sharing Succeeds

• CERT/cc leadership and credibility
• History (2 years) and regularity build trust
• Inter-sectoral/International membership not

inhibited by competitive concerns

• Success breeds success

International Outreach--- India

• Confederation of Indian Industries/US-India

Business Council/ISAlliance

• 6 Teleconferences discussing cyber security issues

and needs (summer 2003)

• US tour for Indian companies seeking partnerships

in America (fall 2003

• ISAlliance trip to India including ISA/CERT Training

(winter 2003/4) implementing a “gold standard of cyber security

International Cooperation---Japan

• 2002 ISAlliance visits Japan meets with Japanese

Ministry of JEDA and Japan Network Security Association

• July 30, 2003 30 member delegation from Japan

Network Security Association visits ISAlliance to discuss partnerships

International Cooperation/ OAS Region

• ISAlliance is looking for partners in region
• Must be committed to security and past muster with

ISAlliance Board and CERT

• This is a partnership. It requires commitment and

investment

Larry Clinton Operations Officer Internet Security Alliance lclinton@isalliance.org 703-907-7028 202-236-0001