Warning Potential 96 2016 106 2017 118B 131 2019 145 2020 - - PowerPoint PPT Presentation

warning potential
SMART_READER_LITE
LIVE PREVIEW

Warning Potential 96 2016 106 2017 118B 131 2019 145 2020 - - PowerPoint PPT Presentation

Sep 04, 2023 137 likes •1.12k views

Warning Potential 96 2016 106 2017 118B 131 2019 145 2020 *Estimated global spend as reported by IDC (11% CAGR) 1.5T *Estimated global cybercriminal revenue as reported by Bromium 3.5 2016 4 2017 4.5T 5 2019 5.5 2020

slide-1
SLIDE 1

Warning

slide-2
SLIDE 2
slide-3
SLIDE 3
slide-4
SLIDE 4

Potential

slide-5
SLIDE 5
slide-6
SLIDE 6
slide-7
SLIDE 7

118B

*Estimated global spend as reported by IDC (11% CAGR)

96

2016

106

2017

131

2019

145

2020
slide-8
SLIDE 8

1.5T

*Estimated global cybercriminal revenue as reported by Bromium
slide-9
SLIDE 9

4.5T

*Estimated global damages as reported by Cybersecurity Ventures

3.5

2016

4

2017

5

2019

5.5

2020
slide-10
SLIDE 10 1500 3000 4500 6000 2016 2017 2018 2019 2020 $ Billions (CDN) Dollars Related To Cybercrime & Cybersecurity Damages Security Revenue 11% Growth Rate
slide-11
SLIDE 11

2016

slide-12
SLIDE 12

2016

slide-13
SLIDE 13

2016

slide-14
SLIDE 14

2017

slide-15
SLIDE 15

2017

slide-16
SLIDE 16

2018

slide-17
SLIDE 17

2018

slide-18
SLIDE 18

2018

slide-19
SLIDE 19

2018

slide-20
SLIDE 20

2018

slide-21
SLIDE 21

2018

slide-22
SLIDE 22

BILLIONS of records breached TRILLIONS of dollars lost THOUSANDS of hours wasted BILLIONS of dollars spent TENS of convictions

slide-23
SLIDE 23

Is this what looks like?

SUCCESS

slide-24
SLIDE 24

NO

slide-25
SLIDE 25

Pause

slide-26
SLIDE 26

A short tangent…

@marknca https://markn.ca
slide-27
SLIDE 27 Global Reach Large Research Organization Cloud Focus
slide-28
SLIDE 28 “Standard” IT Serverless Operational Technologies
slide-29
SLIDE 29

History New capabilities Top problem Biggest opportunity

slide-30
SLIDE 30

How did we get here?

slide-31
SLIDE 31 Customers Problems Internet Bad People Services Employees Controls Controls
slide-32
SLIDE 32

Protect the confidentiality, integrity, and availability

  • f information
The goal of cybersecurity
slide-33
SLIDE 33 CIO CISO Service Delivery System
 Support System Development
slide-34
SLIDE 34 CIO CISO Service Delivery System
 Support System Development Service Desk Change
 Management Business Liaison Network Operations Application
 Support System
 Administration Application
 Development Testing Project
 Office GRC Security
 Ops Incident Response
slide-35
SLIDE 35 CIO CISO Service Delivery System
 Support System Development Responsible Accountable Consulted Informed Responsible Accountable Consulted Informed Responsible Accountable Consulted Informed Responsible Informed RACI for customer facing solutions Consulted
slide-36
SLIDE 36

Can We Do That?

slide-37
SLIDE 37

Joe

CISO, OurCo

slide-38
SLIDE 38

170

*Number of days to detect a persistent threat on network as per Ponemon, 2018
slide-39
SLIDE 39

“Let’s start a threat hunting program” “What will we need?” “Some new tools & 2 team members…”

slide-40
SLIDE 40

… Generate stronger analytics Expand AppSec program Fill open requisitions for SOC Deploy shelfware Create threat hunting team?!?

slide-41
SLIDE 41
slide-42
SLIDE 42 CIO CISO Service Delivery System
 Support System Development
slide-43
SLIDE 43 IT Employees
slide-44
SLIDE 44 Cybersecurity IT
slide-45
SLIDE 45 Employees
slide-46
SLIDE 46 IT Employees
slide-47
SLIDE 47 You IT Employees
slide-48
SLIDE 48 You IT Employees

1:50:750

slide-49
SLIDE 49

A Lack Of People

slide-50
SLIDE 50 Cybersecurity IT
slide-51
SLIDE 51 Cybersecurity IT
slide-52
SLIDE 52

Can you find these people?

slide-53
SLIDE 53
slide-54
SLIDE 54
slide-55
SLIDE 55
slide-56
SLIDE 56

770

* Graduates in cybersecurity from Canadian universities per year as per Universities Canada, 2018
slide-57
SLIDE 57

Can you find these people? Can you keep these people? Will these people actually help?

slide-58
SLIDE 58

#1 Problem

slide-59
SLIDE 59
slide-60
SLIDE 60

92.4%

* Malware starts via phishing as per Verizon DBIR, 2018
slide-61
SLIDE 61

Phishing awareness campaign

slide-62
SLIDE 62

htup://click.thehustle.co/wf/click?upn=rw4-2B1wCQ bh6Z1QY0AaTRRgxNWhkFS3tL4210JyH-2B-2BpEm4 tut5oCho7iCesyL1k1C_w2FF8AYzKpBRjzA7UjULRaTF5X IrrbdesgVaow37rDL0j99VHPRqu3DXqNtSY32Ny9COk Q6J5iyb102DBbyU3bwwSndbVB5LBjhoA61xCaAHTcu PQWdgtuqU2JGWa-2FiYxaP8S2DWu4kH64X9Klqbx-2 FnPk3CS0xNvJnZ-2FMXTz2PgweO6oqxHn36XbpZYn U61W2ZS-2FTMU4pX76KkSTWvCKR1AeJycxP093uVX

  • 2Ffuq6GxJa4poLH4fYFmIdHaomBq0h10vEJUjyGtRs

SLDNhAuJDhvL5BdGbHNpybTUP9VURlMCLwcLcBGLJ SP5-2FSSeI6-2FSRkz2SvpFdGsHj1F5EJReK9SCrUDeEJ WFJbzv7nQJZvIE5n8-2F96TVnNnFutjkzyKR

slide-63
SLIDE 63

.accountant .apartment .associates .bingo .boutique .brussels .careers .clinic .consulting .degree .dog .download .education .energy .engineering .enterprise .fish .fitness .flights .glass .global .gripe .hockey .how .jetzt .kim .lawyer .love .maison .memorial .network .one .parts .party .porn .rentals .school .soccer .surf .theater .today .vacations .video .webcam .wiki .wtf .yoga .zone

slide-64
SLIDE 64

Runs counter to the idea of a link

slide-65
SLIDE 65

2.77%

* Effectiveness of phishing training by McCoy et al., 2017
slide-66
SLIDE 66
slide-67
SLIDE 67

41%

* Web attacks use stolen credentials as per Verizon DBIR, 2018
slide-68
SLIDE 68

Password awareness campaign

slide-69
SLIDE 69
slide-70
SLIDE 70

Runs counter to math & psychology

slide-71
SLIDE 71

86%

* Of passwords are reused or simple as per Troy Hunt, 2018
slide-72
SLIDE 72

Ugh, Users

slide-73
SLIDE 73

Us Them vs.

slide-74
SLIDE 74

“Users” are the problem

slide-75
SLIDE 75

“Users” are the problem

slide-76
SLIDE 76

100%

* Forgotten common sense
slide-77
SLIDE 77

Us Them vs.

slide-78
SLIDE 78

Containment

slide-79
SLIDE 79

“When?” “This system needs to be deployed.” “Monday…”

slide-80
SLIDE 80 Test Plan Respond Mitigate Run Detect Code Stage
slide-81
SLIDE 81 Test Plan Respond Mitigate Run Detect Code Stage
slide-82
SLIDE 82 Plan 1x

Resolution Cost—Workflow Stage

* NIST Planning Report 02-3 Code Test Stage Run 5x 10x —x 2x
slide-83
SLIDE 83

Late stage risk assessments limit options

slide-84
SLIDE 84

Bolt-on

slide-85
SLIDE 85 Test Plan Respond Mitigate Run Detect Code Stage
slide-86
SLIDE 86 Test Plan Respond Mitigate Run Detect Code Stage
slide-87
SLIDE 87

Resolution Cost—Workflow Stage

* NIST Planning Report 02-3 Plan 1x Code Test Stage Run 5x 10x —x 2x
slide-88
SLIDE 88 Plan Code Test Stage Run —x 5x 10x 15x 30x

Resolution Cost—Workflow Stage

* NIST Planning Report 02-3
slide-89
SLIDE 89
slide-90
SLIDE 90 Test Plan Respond Mitigate Run Detect Code Stage
slide-91
SLIDE 91 Test Plan Respond Mitigate Run Detect Code Stage
slide-92
SLIDE 92 Deployment Frequency Lead time for changes Time to restore service Change failure rate *2018 State of Devops report from DORA
slide-93
SLIDE 93

Early security intervention

  • pens up new options

Can you keep up with development cycles? Can you speak developer?

slide-94
SLIDE 94

What now?

slide-95
SLIDE 95

You can’t scale…automate User’s ≠ problem…educate Not collaborating…participate

slide-96
SLIDE 96

Make sure that systems work as intended …and only as intended

The goal of cybersecurity
slide-97
SLIDE 97

Thank you

@marknca

Reach me online

https://markn.ca

Read more at