SlideShare a Scribd company logo

State of Cybersecurity: 2016 Findings and Implications

Priyanka Aash
Priyanka Aash

This session will present key results of ISACA and RSA’s State of Cybersecurity Survey. Learn findings of the current cybersecurity landscape. Understand current threats and vulnerabilities as well as how enterprises are responding. Results will include top threats faced, as well as information on controls, skills employers are looking for, security organizational structures and incident plans. (Source: RSA USA 2016-San Francisco)

Technology
1 of 24
Download to read offline
SESSION ID: #RSAC Ron Hale Ph.D., CISM State of Cybersecurity: 2016 Findings and Implications AST1-R02 Chief Knowledge Officer ISACA rhale@isaca.org Jennifer Lawinski Editor-in-Chief RSA Conference Jennifer.lawinski@rsa.com
#RSAC Topics Professionals Want to Know About 2 RSA Conference submissions tell the story:
#RSAC Top 10 Topics 3 1. Internet of Things 2. Industrial Control Systems and the Industrial Internet of Things 3. Encryption 4. Artificial Intelligence and Machine Learning. 5. Crowdsourcing 6. The Role of the Researcher 7. Healthcare and Automotive 8. Security Meets the Board of Directors 9. Privacy and Legislative Volatility 10. INAMOIBW
#RSAC The Internet of Things is a Big Deal 4 For the second year in a row submissions around IoT surged, showing that it’s a topic on the minds of security professionals. The survey this year asked questions about IoT and respondents agree it’s a major issue that they’ll be facing in years to come.
#RSAC AI and Machine Learning Have You Worried 5 More sessions focused on artificial intelligence and machine learning like “Rise of the Hacking Machines," and the survey results showed that security pros are concerned.
#RSAC Security Meets the Board of Directors 6 Companies are looking to bridge the gap between threat intelligence and risk management, but many of the respondents to our survey don’t feel they have the security personnel and processes in place to handle serious security threats.
#RSAC Survey Results Review 7 The State of Cybersecurity 2016 Summary Findings
#RSAC Four Prominent Questions 8 1. What are enterprises experiencing in terms of cyber-incidents? 2. How concerned are enterprise decision makers? 3. Are security organizations capable of addressing cyber-incidents? 4. What does the future hold given new technology directions?
#RSAC Were You a Victim in 2015? 9 Yes No Don’t know 33.41% 48.91% 17.68% 10% 20% 30% 40% 50% 60%
#RSAC Likelihood of Being a Victim in 2016? 10 Very Likely Likely Not Very Likely Not Likely at All Don’t Know 42.17% 32.17% 16.52% 1.09% 8.04% 10% 20% 30% 40% 50% 60%
#RSAC Frequency of Attack 11 Online Identity Theft Hacking Malicious Code Loss of Intellectual Property Intentional Damage to Computer Systems Physical Loss Phishing Denial of Service Insider Damage Don’t Know Daily 4.08% 11.06% 16.36% 1.44% 0.95% 1.42% 29.67% 4.05% 2.91% 13.13% Monthly 5.52% 9.18% 12.85% 4.08% 5.01% 9.69% 15.19% 9.76% 9.69% 3.86% Weekly 4.56% 7.29% 12.38% 2.40% 1.43% 6.38% 16.82% 5.48% 1.69% 2.32% Quarterly 20.62% 25.18% 26.40% 19.90% 18.38% 37.12% 18.69% 27.38% 21.79% 6.18% 22.8%8.4% 6.3% 8.7% 1 2 3 4
#RSAC Frequency of Attack – Known and Unknown 12 Online Identity Theft Hacking Malicious Code Loss of Intellectual Property Intentional Damage to Computer Systems Physical Loss Phishing Denial of Service Insider Damage Don’t Know Known 34.77% 52.71% 67.99% 27.82% 25.78% 54.61% 80.73% 46.67% 36.08% 25.48% Unknown 65.23% 47.29% 32.01% 72.18% 74.22% 45.39% 19.63% 53.33% 63.92% 74.52% 53.8%46.2%
#RSAC Ability to Detect and Respond 13 31.41% 42.08% 17.35% 4.56% Yes Yes – Simple Issues No Do not know Not applicable 2.60% 10% 20% 30% 40% 50% 60%
#RSAC Level of Board Concern 14 Very concerned Concerned Not concerned Not concerned at all Don’t know Not applicable 35.7% 46.0% 7.8% 2.6% 0.9% 7.0% 81.7% 10% 20% 30% 40% 50% 60%
#RSAC Executive Team Support for Risk Mitigation 15 Enforcing security policy Providing funding Following food practices Mandating awareness Do not know Not applicable 66.08% 63.0% 42.95% 58.37% 5.95% 6.61% 10% 20% 30% 40% 50% 60%
#RSAC Security Reporting Structure 16 CEO CIO CFO Audit Board of Directors Undefined Don’t know Not Applicable 13.62% 63.24% 4.37% 1.29% 8.23% 3.08% 3.34% 2.83% 10% 20% 30% 40% 50% 60%
#RSAC Time to Fill Open Cyber Positions 17 < 2 Weeks 1 Month 2 Months 3 Months 6 Months Cannot Fill Don’t Know 1.1% 8.1% 17.5% 26.2% 27.5% 9.0% 10.7% 10% 20% 30% 40% 50% 60%
#RSAC Applicants Qualified on Hire 18 32.7% 26.6% 16.8% 11.8% 12.2% Less than 25% 25 – 50% 50 – 75% 75 – 100% Do Not Know 10% 20% 30% 40% 50% 60%
#RSAC Most Significant Skill Gap 19 60.9% 75.3% 61.1% 0.6% Technical skills Business Understanding Communications Other
#RSAC How Are Skills Developed 20 On the job training Skilled based training / Performance based testing Vendor specific tool training Other training & certifications Formal education Technical training center or 3rd party trainers Cyber competitions Online training / webinars Self-instruction Not developing skills Does not need to develop skills Other 85.8% 38.1% 51.9% 63.2% 16.0% 26.7% 5.3% 47.9% 58.0% 7.0% 0.9% 4.8% #1 #2 #3 #4
#RSAC Artificial Intelligence and Cyber Risk 21 41.9% 2.8% 62.0% Increase in the short-term Decrease in the short-term Increase in the long-term Decrease in the long-term Remain the same in the short-term Remain the same in the long-term Don’t know 7.4% 11.7% 5.6% 8.9% 10% 20% 30% 40% 50% 60%
#RSAC Concern for Internet of Thing Risk 22 18.7% 34.3% 9.3% Very concerned Concerned Not concerned Not concerned at all Don’t know Not applicable 3.9% 9.11% 24.7% 10% 20% 30% 40% 50% 60%
#RSAC Action Items 23 Assess your capabilities to detect and respond to incidents Have an honest discussion with decision makers Identify skill needs and develop a strategy
#RSAC For a Copy of the Report 24 www.isaca.org/state-of-cybersecurity-2016

Recommended

Introduction and a Look at Security Trends
Introduction and a Look at Security TrendsIntroduction and a Look at Security Trends
Introduction and a Look at Security TrendsPriyanka Aash
 
The Seven Most Dangerous New Attack Techniques, and What's Coming Next
The Seven Most Dangerous New Attack Techniques, and What's Coming NextThe Seven Most Dangerous New Attack Techniques, and What's Coming Next
The Seven Most Dangerous New Attack Techniques, and What's Coming NextPriyanka Aash
 
Wireless Infusion Pumps: Securing Hospitals’ Most Ubiquitous Medical Device
Wireless Infusion Pumps: Securing Hospitals’ Most Ubiquitous Medical DeviceWireless Infusion Pumps: Securing Hospitals’ Most Ubiquitous Medical Device
Wireless Infusion Pumps: Securing Hospitals’ Most Ubiquitous Medical DevicePriyanka Aash
 
Cloud Breach – Preparation and Response
Cloud Breach – Preparation and ResponseCloud Breach – Preparation and Response
Cloud Breach – Preparation and ResponsePriyanka Aash
 
Rise of the Hacking Machines
Rise of the Hacking MachinesRise of the Hacking Machines
Rise of the Hacking MachinesPriyanka Aash
 
IOCs Are Dead—Long Live IOCs!
IOCs Are Dead—Long Live IOCs!IOCs Are Dead—Long Live IOCs!
IOCs Are Dead—Long Live IOCs!Priyanka Aash
 
Threat Intelligence Is Like Three Day Potty Training
Threat Intelligence Is Like Three Day Potty TrainingThreat Intelligence Is Like Three Day Potty Training
Threat Intelligence Is Like Three Day Potty TrainingPriyanka Aash
 
LogSentinel Next-Gen SIEM
LogSentinel Next-Gen SIEMLogSentinel Next-Gen SIEM
LogSentinel Next-Gen SIEMDenitsa Dimova
 

Recommended

Introduction and a Look at Security Trends
Introduction and a Look at Security TrendsIntroduction and a Look at Security Trends
Introduction and a Look at Security TrendsPriyanka Aash
 
The Seven Most Dangerous New Attack Techniques, and What's Coming Next
The Seven Most Dangerous New Attack Techniques, and What's Coming NextThe Seven Most Dangerous New Attack Techniques, and What's Coming Next
The Seven Most Dangerous New Attack Techniques, and What's Coming NextPriyanka Aash
 
Wireless Infusion Pumps: Securing Hospitals’ Most Ubiquitous Medical Device
Wireless Infusion Pumps: Securing Hospitals’ Most Ubiquitous Medical DeviceWireless Infusion Pumps: Securing Hospitals’ Most Ubiquitous Medical Device
Wireless Infusion Pumps: Securing Hospitals’ Most Ubiquitous Medical DevicePriyanka Aash
 
Cloud Breach – Preparation and Response
Cloud Breach – Preparation and ResponseCloud Breach – Preparation and Response
Cloud Breach – Preparation and ResponsePriyanka Aash
 
Rise of the Hacking Machines
Rise of the Hacking MachinesRise of the Hacking Machines
Rise of the Hacking MachinesPriyanka Aash
 
IOCs Are Dead—Long Live IOCs!
IOCs Are Dead—Long Live IOCs!IOCs Are Dead—Long Live IOCs!
IOCs Are Dead—Long Live IOCs!Priyanka Aash
 
Threat Intelligence Is Like Three Day Potty Training
Threat Intelligence Is Like Three Day Potty TrainingThreat Intelligence Is Like Three Day Potty Training
Threat Intelligence Is Like Three Day Potty TrainingPriyanka Aash
 
LogSentinel Next-Gen SIEM
LogSentinel Next-Gen SIEMLogSentinel Next-Gen SIEM
LogSentinel Next-Gen SIEMDenitsa Dimova
 
New Paradigms for the Next Era of Security
New Paradigms for the Next Era of SecurityNew Paradigms for the Next Era of Security
New Paradigms for the Next Era of SecuritySounil Yu
 
LIFT OFF 2017: Transforming Security
LIFT OFF 2017: Transforming SecurityLIFT OFF 2017: Transforming Security
LIFT OFF 2017: Transforming SecurityRobert Herjavec
 
The Internet of Everything is Here
The Internet of Everything is HereThe Internet of Everything is Here
The Internet of Everything is HereLancope, Inc.
 
DTS Solution - Cyber Security Services Portfolio
DTS Solution - Cyber Security Services PortfolioDTS Solution - Cyber Security Services Portfolio
DTS Solution - Cyber Security Services PortfolioShah Sheikh
 
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...Cristian Garcia G.
 
Critical Capabilities for MDR Services - What to Know Before You Buy
Critical Capabilities for MDR Services - What to Know Before You BuyCritical Capabilities for MDR Services - What to Know Before You Buy
Critical Capabilities for MDR Services - What to Know Before You BuyFidelis Cybersecurity
 
Debunked: 5 Myths About Zero Trust Security
Debunked: 5 Myths About Zero Trust SecurityDebunked: 5 Myths About Zero Trust Security
Debunked: 5 Myths About Zero Trust SecurityCentrify Corporation
 
Big Data Security Intelligence and Analytics for Advanced Threat Protection
Big Data Security Intelligence and Analytics for Advanced Threat ProtectionBig Data Security Intelligence and Analytics for Advanced Threat Protection
Big Data Security Intelligence and Analytics for Advanced Threat ProtectionBlue Coat
 
Leverage Big Data for Security Intelligence
Leverage Big Data for Security Intelligence Leverage Big Data for Security Intelligence
Leverage Big Data for Security Intelligence Stefaan Van daele
 
A holistic approach to risk management 20210210 w acfe france &amp; cyber rea...
A holistic approach to risk management 20210210 w acfe france &amp; cyber rea...A holistic approach to risk management 20210210 w acfe france &amp; cyber rea...
A holistic approach to risk management 20210210 w acfe france &amp; cyber rea...Judith Beckhard Cardoso
 
Smarter Security - A Practical Guide to Doing More with Less
Smarter Security - A Practical Guide to Doing More with LessSmarter Security - A Practical Guide to Doing More with Less
Smarter Security - A Practical Guide to Doing More with LessOmar Khawaja
 
CYBERSECURITY MESH - DIGITAL TRUST FRAMEWORK
CYBERSECURITY MESH - DIGITAL TRUST FRAMEWORKCYBERSECURITY MESH - DIGITAL TRUST FRAMEWORK
CYBERSECURITY MESH - DIGITAL TRUST FRAMEWORKMaganathin Veeraragaloo
 
ATP Technology Pillars
ATP Technology PillarsATP Technology Pillars
ATP Technology PillarsPriyanka Aash
 
LIFT OFF 2017: Ransomware and IR Overview
LIFT OFF 2017: Ransomware and IR OverviewLIFT OFF 2017: Ransomware and IR Overview
LIFT OFF 2017: Ransomware and IR OverviewRobert Herjavec
 
Soc 2030-socs-are-broken-lets-fix- them
Soc 2030-socs-are-broken-lets-fix- themSoc 2030-socs-are-broken-lets-fix- them
Soc 2030-socs-are-broken-lets-fix- themPriyanka Aash
 
Blueliv Corporate Brochure 2017
Blueliv Corporate Brochure 2017Blueliv Corporate Brochure 2017
Blueliv Corporate Brochure 2017Blueliv
 
Cyber Security 4.0 conference 30 November 2016
Cyber Security 4.0 conference 30 November 2016Cyber Security 4.0 conference 30 November 2016
Cyber Security 4.0 conference 30 November 2016InfinIT - Innovationsnetværket for it
 
Achieving Visible Security at Scale with the NIST Cybersecurity Framework
Achieving Visible Security at Scale with the NIST Cybersecurity FrameworkAchieving Visible Security at Scale with the NIST Cybersecurity Framework
Achieving Visible Security at Scale with the NIST Cybersecurity FrameworkKevin Fealey
 
Final presentation january iia cybersecurity securing your 2016 audit plan
Final presentation january iia cybersecurity securing your 2016 audit planFinal presentation january iia cybersecurity securing your 2016 audit plan
Final presentation january iia cybersecurity securing your 2016 audit planCameron Forbes Over
 
Sizing the Cyber Skills Gap
Sizing the Cyber Skills GapSizing the Cyber Skills Gap
Sizing the Cyber Skills GapStephen Cobb
 
Security - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaperSecurity - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaperCMR WORLD TECH
 
Hands on Security, Disrupting the Kill Chain, SplunkLive! Austin
Hands on Security, Disrupting the Kill Chain, SplunkLive! AustinHands on Security, Disrupting the Kill Chain, SplunkLive! Austin
Hands on Security, Disrupting the Kill Chain, SplunkLive! AustinSplunk
 

More Related Content

What's hot

New Paradigms for the Next Era of Security
New Paradigms for the Next Era of SecurityNew Paradigms for the Next Era of Security
New Paradigms for the Next Era of SecuritySounil Yu
 
LIFT OFF 2017: Transforming Security
LIFT OFF 2017: Transforming SecurityLIFT OFF 2017: Transforming Security
LIFT OFF 2017: Transforming SecurityRobert Herjavec
 
The Internet of Everything is Here
The Internet of Everything is HereThe Internet of Everything is Here
The Internet of Everything is HereLancope, Inc.
 
DTS Solution - Cyber Security Services Portfolio
DTS Solution - Cyber Security Services PortfolioDTS Solution - Cyber Security Services Portfolio
DTS Solution - Cyber Security Services PortfolioShah Sheikh
 
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...Cristian Garcia G.
 
Critical Capabilities for MDR Services - What to Know Before You Buy
Critical Capabilities for MDR Services - What to Know Before You BuyCritical Capabilities for MDR Services - What to Know Before You Buy
Critical Capabilities for MDR Services - What to Know Before You BuyFidelis Cybersecurity
 
Debunked: 5 Myths About Zero Trust Security
Debunked: 5 Myths About Zero Trust SecurityDebunked: 5 Myths About Zero Trust Security
Debunked: 5 Myths About Zero Trust SecurityCentrify Corporation
 
Big Data Security Intelligence and Analytics for Advanced Threat Protection
Big Data Security Intelligence and Analytics for Advanced Threat ProtectionBig Data Security Intelligence and Analytics for Advanced Threat Protection
Big Data Security Intelligence and Analytics for Advanced Threat ProtectionBlue Coat
 
Leverage Big Data for Security Intelligence
Leverage Big Data for Security Intelligence Leverage Big Data for Security Intelligence
Leverage Big Data for Security Intelligence Stefaan Van daele
 
A holistic approach to risk management 20210210 w acfe france &amp; cyber rea...
A holistic approach to risk management 20210210 w acfe france &amp; cyber rea...A holistic approach to risk management 20210210 w acfe france &amp; cyber rea...
A holistic approach to risk management 20210210 w acfe france &amp; cyber rea...Judith Beckhard Cardoso
 
Smarter Security - A Practical Guide to Doing More with Less
Smarter Security - A Practical Guide to Doing More with LessSmarter Security - A Practical Guide to Doing More with Less
Smarter Security - A Practical Guide to Doing More with LessOmar Khawaja
 
CYBERSECURITY MESH - DIGITAL TRUST FRAMEWORK
CYBERSECURITY MESH - DIGITAL TRUST FRAMEWORKCYBERSECURITY MESH - DIGITAL TRUST FRAMEWORK
CYBERSECURITY MESH - DIGITAL TRUST FRAMEWORKMaganathin Veeraragaloo
 
ATP Technology Pillars
ATP Technology PillarsATP Technology Pillars
ATP Technology PillarsPriyanka Aash
 
LIFT OFF 2017: Ransomware and IR Overview
LIFT OFF 2017: Ransomware and IR OverviewLIFT OFF 2017: Ransomware and IR Overview
LIFT OFF 2017: Ransomware and IR OverviewRobert Herjavec
 
Soc 2030-socs-are-broken-lets-fix- them
Soc 2030-socs-are-broken-lets-fix- themSoc 2030-socs-are-broken-lets-fix- them
Soc 2030-socs-are-broken-lets-fix- themPriyanka Aash
 
Blueliv Corporate Brochure 2017
Blueliv Corporate Brochure 2017Blueliv Corporate Brochure 2017
Blueliv Corporate Brochure 2017Blueliv
 
Achieving Visible Security at Scale with the NIST Cybersecurity Framework
Achieving Visible Security at Scale with the NIST Cybersecurity FrameworkAchieving Visible Security at Scale with the NIST Cybersecurity Framework
Achieving Visible Security at Scale with the NIST Cybersecurity FrameworkKevin Fealey
 
Final presentation january iia cybersecurity securing your 2016 audit plan
Final presentation january iia cybersecurity securing your 2016 audit planFinal presentation january iia cybersecurity securing your 2016 audit plan
Final presentation january iia cybersecurity securing your 2016 audit planCameron Forbes Over
 
Sizing the Cyber Skills Gap
Sizing the Cyber Skills GapSizing the Cyber Skills Gap
Sizing the Cyber Skills GapStephen Cobb
 

What's hot (20)

New Paradigms for the Next Era of Security
New Paradigms for the Next Era of SecurityNew Paradigms for the Next Era of Security
New Paradigms for the Next Era of Security
 
LIFT OFF 2017: Transforming Security
LIFT OFF 2017: Transforming SecurityLIFT OFF 2017: Transforming Security
LIFT OFF 2017: Transforming Security
 
The Internet of Everything is Here
The Internet of Everything is HereThe Internet of Everything is Here
The Internet of Everything is Here
 
DTS Solution - Cyber Security Services Portfolio
DTS Solution - Cyber Security Services PortfolioDTS Solution - Cyber Security Services Portfolio
DTS Solution - Cyber Security Services Portfolio
 
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
 
Critical Capabilities for MDR Services - What to Know Before You Buy
Critical Capabilities for MDR Services - What to Know Before You BuyCritical Capabilities for MDR Services - What to Know Before You Buy
Critical Capabilities for MDR Services - What to Know Before You Buy
 
Debunked: 5 Myths About Zero Trust Security
Debunked: 5 Myths About Zero Trust SecurityDebunked: 5 Myths About Zero Trust Security
Debunked: 5 Myths About Zero Trust Security
 
Big Data Security Intelligence and Analytics for Advanced Threat Protection
Big Data Security Intelligence and Analytics for Advanced Threat ProtectionBig Data Security Intelligence and Analytics for Advanced Threat Protection
Big Data Security Intelligence and Analytics for Advanced Threat Protection
 
Leverage Big Data for Security Intelligence
Leverage Big Data for Security Intelligence Leverage Big Data for Security Intelligence
Leverage Big Data for Security Intelligence
 
A holistic approach to risk management 20210210 w acfe france &amp; cyber rea...
A holistic approach to risk management 20210210 w acfe france &amp; cyber rea...A holistic approach to risk management 20210210 w acfe france &amp; cyber rea...
A holistic approach to risk management 20210210 w acfe france &amp; cyber rea...
 
Smarter Security - A Practical Guide to Doing More with Less
Smarter Security - A Practical Guide to Doing More with LessSmarter Security - A Practical Guide to Doing More with Less
Smarter Security - A Practical Guide to Doing More with Less
 
CYBERSECURITY MESH - DIGITAL TRUST FRAMEWORK
CYBERSECURITY MESH - DIGITAL TRUST FRAMEWORKCYBERSECURITY MESH - DIGITAL TRUST FRAMEWORK
CYBERSECURITY MESH - DIGITAL TRUST FRAMEWORK
 
ATP Technology Pillars
ATP Technology PillarsATP Technology Pillars
ATP Technology Pillars
 
LIFT OFF 2017: Ransomware and IR Overview
LIFT OFF 2017: Ransomware and IR OverviewLIFT OFF 2017: Ransomware and IR Overview
LIFT OFF 2017: Ransomware and IR Overview
 
Soc 2030-socs-are-broken-lets-fix- them
Soc 2030-socs-are-broken-lets-fix- themSoc 2030-socs-are-broken-lets-fix- them
Soc 2030-socs-are-broken-lets-fix- them
 
Blueliv Corporate Brochure 2017
Blueliv Corporate Brochure 2017Blueliv Corporate Brochure 2017
Blueliv Corporate Brochure 2017
 
Cyber Security 4.0 conference 30 November 2016
Cyber Security 4.0 conference 30 November 2016Cyber Security 4.0 conference 30 November 2016
Cyber Security 4.0 conference 30 November 2016
 
Achieving Visible Security at Scale with the NIST Cybersecurity Framework
Achieving Visible Security at Scale with the NIST Cybersecurity FrameworkAchieving Visible Security at Scale with the NIST Cybersecurity Framework
Achieving Visible Security at Scale with the NIST Cybersecurity Framework
 
Final presentation january iia cybersecurity securing your 2016 audit plan
Final presentation january iia cybersecurity securing your 2016 audit planFinal presentation january iia cybersecurity securing your 2016 audit plan
Final presentation january iia cybersecurity securing your 2016 audit plan
 
Sizing the Cyber Skills Gap
Sizing the Cyber Skills GapSizing the Cyber Skills Gap
Sizing the Cyber Skills Gap
 

Viewers also liked

Security - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaperSecurity - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaperCMR WORLD TECH
 
Hands on Security, Disrupting the Kill Chain, SplunkLive! Austin
Hands on Security, Disrupting the Kill Chain, SplunkLive! AustinHands on Security, Disrupting the Kill Chain, SplunkLive! Austin
Hands on Security, Disrupting the Kill Chain, SplunkLive! AustinSplunk
 
Partnership with a CFO: On the Front Line of Cybersecurity
Partnership with a CFO: On the Front Line of CybersecurityPartnership with a CFO: On the Front Line of Cybersecurity
Partnership with a CFO: On the Front Line of CybersecurityPriyanka Aash
 
Security Program Development for the Hipster Company
Security Program Development for the Hipster CompanySecurity Program Development for the Hipster Company
Security Program Development for the Hipster CompanyPriyanka Aash
 
Integrated Security Operations Center (ISOC) for Cybersecurity Collaboration
Integrated Security Operations Center (ISOC) for Cybersecurity CollaborationIntegrated Security Operations Center (ISOC) for Cybersecurity Collaboration
Integrated Security Operations Center (ISOC) for Cybersecurity CollaborationPriyanka Aash
 
How to Steer Cyber Security with Only One KPI: The Cyber Risk Resilience
How to Steer Cyber Security with Only One KPI: The Cyber Risk ResilienceHow to Steer Cyber Security with Only One KPI: The Cyber Risk Resilience
How to Steer Cyber Security with Only One KPI: The Cyber Risk ResiliencePriyanka Aash
 
SOC Architecture - Building the NextGen SOC
SOC Architecture - Building the NextGen SOCSOC Architecture - Building the NextGen SOC
SOC Architecture - Building the NextGen SOCPriyanka Aash
 
Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]David Sweigert
 
Understanding Cyber Kill Chain and OODA loop
Understanding Cyber Kill Chain and OODA loopUnderstanding Cyber Kill Chain and OODA loop
Understanding Cyber Kill Chain and OODA loopDavid Sweigert
 
Cybersecurity and The Board
Cybersecurity and The BoardCybersecurity and The Board
Cybersecurity and The BoardPaul Melson
 
Artificial Intelligence and Machine Learning for Cybersecurity
Artificial Intelligence and Machine Learning for CybersecurityArtificial Intelligence and Machine Learning for Cybersecurity
Artificial Intelligence and Machine Learning for CybersecurityDr David Probert
 
Cyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & RecommendationsCyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & RecommendationsUlf Mattsson
 
7 cyber security questions for boards
7 cyber security questions for boards7 cyber security questions for boards
7 cyber security questions for boardsPaul McGillicuddy
 
Cyber crime and security ppt
Cyber crime and security pptCyber crime and security ppt
Cyber crime and security pptLipsita Behera
 

Viewers also liked (15)

Security - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaperSecurity - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaper
 
Hands on Security, Disrupting the Kill Chain, SplunkLive! Austin
Hands on Security, Disrupting the Kill Chain, SplunkLive! AustinHands on Security, Disrupting the Kill Chain, SplunkLive! Austin
Hands on Security, Disrupting the Kill Chain, SplunkLive! Austin
 
Partnership with a CFO: On the Front Line of Cybersecurity
Partnership with a CFO: On the Front Line of CybersecurityPartnership with a CFO: On the Front Line of Cybersecurity
Partnership with a CFO: On the Front Line of Cybersecurity
 
Security Program Development for the Hipster Company
Security Program Development for the Hipster CompanySecurity Program Development for the Hipster Company
Security Program Development for the Hipster Company
 
Cyber kill chain
Cyber kill chainCyber kill chain
Cyber kill chain
 
Integrated Security Operations Center (ISOC) for Cybersecurity Collaboration
Integrated Security Operations Center (ISOC) for Cybersecurity CollaborationIntegrated Security Operations Center (ISOC) for Cybersecurity Collaboration
Integrated Security Operations Center (ISOC) for Cybersecurity Collaboration
 
How to Steer Cyber Security with Only One KPI: The Cyber Risk Resilience
How to Steer Cyber Security with Only One KPI: The Cyber Risk ResilienceHow to Steer Cyber Security with Only One KPI: The Cyber Risk Resilience
How to Steer Cyber Security with Only One KPI: The Cyber Risk Resilience
 
SOC Architecture - Building the NextGen SOC
SOC Architecture - Building the NextGen SOCSOC Architecture - Building the NextGen SOC
SOC Architecture - Building the NextGen SOC
 
Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]
 
Understanding Cyber Kill Chain and OODA loop
Understanding Cyber Kill Chain and OODA loopUnderstanding Cyber Kill Chain and OODA loop
Understanding Cyber Kill Chain and OODA loop
 
Cybersecurity and The Board
Cybersecurity and The BoardCybersecurity and The Board
Cybersecurity and The Board
 
Artificial Intelligence and Machine Learning for Cybersecurity
Artificial Intelligence and Machine Learning for CybersecurityArtificial Intelligence and Machine Learning for Cybersecurity
Artificial Intelligence and Machine Learning for Cybersecurity
 
Cyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & RecommendationsCyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & Recommendations
 
7 cyber security questions for boards
7 cyber security questions for boards7 cyber security questions for boards
7 cyber security questions for boards
 
Cyber crime and security ppt
Cyber crime and security pptCyber crime and security ppt
Cyber crime and security ppt
 

Similar to State of Cybersecurity: 2016 Findings and Implications

Cyber Risk Management in 2017 - Challenges & Recommendations
Cyber Risk Management in 2017 - Challenges & RecommendationsCyber Risk Management in 2017 - Challenges & Recommendations
Cyber Risk Management in 2017 - Challenges & RecommendationsUlf Mattsson
 
Managing ISO 31000 Framework in AI Systems - The EU ACT and other regulations
Managing ISO 31000 Framework in AI Systems - The EU ACT and other regulationsManaging ISO 31000 Framework in AI Systems - The EU ACT and other regulations
Managing ISO 31000 Framework in AI Systems - The EU ACT and other regulationsPECB
 
Webinar: Securing Mobile Banking Apps
Webinar: Securing Mobile Banking AppsWebinar: Securing Mobile Banking Apps
Webinar: Securing Mobile Banking AppsWultra
 
ISACA and RSA CSX Presentation from the RSA 2015 Conference
ISACA and RSA CSX Presentation from the RSA 2015 Conference ISACA and RSA CSX Presentation from the RSA 2015 Conference
ISACA and RSA CSX Presentation from the RSA 2015 Conference Robert Stroud
 
Matt_Cyber Security Core Deck September 2016.pptx
Matt_Cyber Security Core Deck September 2016.pptxMatt_Cyber Security Core Deck September 2016.pptx
Matt_Cyber Security Core Deck September 2016.pptxNakhoudah
 
Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...
Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...
Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...Rishi Singh
 
Security in the Hybrid Cloud Now and in 2016
Security in the Hybrid Cloud Now and in 2016 Security in the Hybrid Cloud Now and in 2016
Security in the Hybrid Cloud Now and in 2016 IDG Connect
 
Briefing the board lessons learned from cisos and directors
Briefing the board lessons learned from cisos and directorsBriefing the board lessons learned from cisos and directors
Briefing the board lessons learned from cisos and directorsPriyanka Aash
 
Global Megatrends in Cybersecurity – A Survey of 1,000 CxOs
Global Megatrends in Cybersecurity – A Survey of 1,000 CxOsGlobal Megatrends in Cybersecurity – A Survey of 1,000 CxOs
Global Megatrends in Cybersecurity – A Survey of 1,000 CxOsArgyle Executive Forum
 
Cyber Crimes Forensics
Cyber Crimes ForensicsCyber Crimes Forensics
Cyber Crimes Forensicssayansambit
 
Cisco Security DNA
Cisco Security DNACisco Security DNA
Cisco Security DNAMatteo Masi
 
What I Learned at RSAC 2020
What I Learned at RSAC 2020What I Learned at RSAC 2020
What I Learned at RSAC 2020Ulf Mattsson
 
CIO Tech Poll: Tech Priorities 2018
CIO Tech Poll: Tech Priorities 2018CIO Tech Poll: Tech Priorities 2018
CIO Tech Poll: Tech Priorities 2018IDG
 
Symantec Intelligence Report: February 2015
Symantec Intelligence Report: February 2015Symantec Intelligence Report: February 2015
Symantec Intelligence Report: February 2015Symantec
 
The malware monetization machine
The malware monetization machineThe malware monetization machine
The malware monetization machinePriyanka Aash
 
Adjusting Your Security Controls: It’s the New Normal
Adjusting Your Security Controls: It’s the New NormalAdjusting Your Security Controls: It’s the New Normal
Adjusting Your Security Controls: It’s the New NormalPriyanka Aash
 
IDC, the third platform and a security perspective Latam, Cisco Live 2014
IDC, the third platform and a security perspective Latam, Cisco Live 2014IDC, the third platform and a security perspective Latam, Cisco Live 2014
IDC, the third platform and a security perspective Latam, Cisco Live 2014Felipe Lamus
 
Global Cyber Security Overview | TechSci Research
Global Cyber Security Overview | TechSci Research Global Cyber Security Overview | TechSci Research
Global Cyber Security Overview | TechSci Research TechSci Research
 
Passwordless is Possible - How to Remove Passwords and Improve Security
Passwordless is Possible - How to Remove Passwords and Improve Security Passwordless is Possible - How to Remove Passwords and Improve Security
Passwordless is Possible - How to Remove Passwords and Improve Security SecureAuth
 

Similar to State of Cybersecurity: 2016 Findings and Implications (20)

Cyber Risk Management in 2017 - Challenges & Recommendations
Cyber Risk Management in 2017 - Challenges & RecommendationsCyber Risk Management in 2017 - Challenges & Recommendations
Cyber Risk Management in 2017 - Challenges & Recommendations
 
Managing ISO 31000 Framework in AI Systems - The EU ACT and other regulations
Managing ISO 31000 Framework in AI Systems - The EU ACT and other regulationsManaging ISO 31000 Framework in AI Systems - The EU ACT and other regulations
Managing ISO 31000 Framework in AI Systems - The EU ACT and other regulations
 
Webinar: Securing Mobile Banking Apps
Webinar: Securing Mobile Banking AppsWebinar: Securing Mobile Banking Apps
Webinar: Securing Mobile Banking Apps
 
ISACA and RSA CSX Presentation from the RSA 2015 Conference
ISACA and RSA CSX Presentation from the RSA 2015 Conference ISACA and RSA CSX Presentation from the RSA 2015 Conference
ISACA and RSA CSX Presentation from the RSA 2015 Conference
 
Matt_Cyber Security Core Deck September 2016.pptx
Matt_Cyber Security Core Deck September 2016.pptxMatt_Cyber Security Core Deck September 2016.pptx
Matt_Cyber Security Core Deck September 2016.pptx
 
Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...
Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...
Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...
 
Security in the Hybrid Cloud Now and in 2016
Security in the Hybrid Cloud Now and in 2016 Security in the Hybrid Cloud Now and in 2016
Security in the Hybrid Cloud Now and in 2016
 
Briefing the board lessons learned from cisos and directors
Briefing the board lessons learned from cisos and directorsBriefing the board lessons learned from cisos and directors
Briefing the board lessons learned from cisos and directors
 
Global Megatrends in Cybersecurity – A Survey of 1,000 CxOs
Global Megatrends in Cybersecurity – A Survey of 1,000 CxOsGlobal Megatrends in Cybersecurity – A Survey of 1,000 CxOs
Global Megatrends in Cybersecurity – A Survey of 1,000 CxOs
 
Cyber Crimes Forensics
Cyber Crimes ForensicsCyber Crimes Forensics
Cyber Crimes Forensics
 
Cisco Security DNA
Cisco Security DNACisco Security DNA
Cisco Security DNA
 
What I Learned at RSAC 2020
What I Learned at RSAC 2020What I Learned at RSAC 2020
What I Learned at RSAC 2020
 
CIO Tech Poll: Tech Priorities 2018
CIO Tech Poll: Tech Priorities 2018CIO Tech Poll: Tech Priorities 2018
CIO Tech Poll: Tech Priorities 2018
 
Symantec Intelligence Report: February 2015
Symantec Intelligence Report: February 2015Symantec Intelligence Report: February 2015
Symantec Intelligence Report: February 2015
 
The malware monetization machine
The malware monetization machineThe malware monetization machine
The malware monetization machine
 
Adjusting Your Security Controls: It’s the New Normal
Adjusting Your Security Controls: It’s the New NormalAdjusting Your Security Controls: It’s the New Normal
Adjusting Your Security Controls: It’s the New Normal
 
Draft-Pulse-Flow_v21.pdf
Draft-Pulse-Flow_v21.pdfDraft-Pulse-Flow_v21.pdf
Draft-Pulse-Flow_v21.pdf
 
IDC, the third platform and a security perspective Latam, Cisco Live 2014
IDC, the third platform and a security perspective Latam, Cisco Live 2014IDC, the third platform and a security perspective Latam, Cisco Live 2014
IDC, the third platform and a security perspective Latam, Cisco Live 2014
 
Global Cyber Security Overview | TechSci Research
Global Cyber Security Overview | TechSci Research Global Cyber Security Overview | TechSci Research
Global Cyber Security Overview | TechSci Research
 
Passwordless is Possible - How to Remove Passwords and Improve Security
Passwordless is Possible - How to Remove Passwords and Improve Security Passwordless is Possible - How to Remove Passwords and Improve Security
Passwordless is Possible - How to Remove Passwords and Improve Security
 

More from Priyanka Aash

Digital Personal Data Protection (DPDP) Practical Approach For CISOs
Digital Personal Data Protection (DPDP) Practical Approach For CISOsDigital Personal Data Protection (DPDP) Practical Approach For CISOs
Digital Personal Data Protection (DPDP) Practical Approach For CISOsPriyanka Aash
 
Verizon Breach Investigation Report (VBIR).pdf
Verizon Breach Investigation Report (VBIR).pdfVerizon Breach Investigation Report (VBIR).pdf
Verizon Breach Investigation Report (VBIR).pdfPriyanka Aash
 
Top 10 Security Risks .pptx.pdf
Top 10 Security Risks .pptx.pdfTop 10 Security Risks .pptx.pdf
Top 10 Security Risks .pptx.pdfPriyanka Aash
 
Simplifying data privacy and protection.pdf
Simplifying data privacy and protection.pdfSimplifying data privacy and protection.pdf
Simplifying data privacy and protection.pdfPriyanka Aash
 
Generative AI and Security (1).pptx.pdf
Generative AI and Security (1).pptx.pdfGenerative AI and Security (1).pptx.pdf
Generative AI and Security (1).pptx.pdfPriyanka Aash
 
EVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdf
EVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdfEVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdf
EVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdfPriyanka Aash
 
Cyber Truths_Are you Prepared version 1.1.pptx.pdf
Cyber Truths_Are you Prepared version 1.1.pptx.pdfCyber Truths_Are you Prepared version 1.1.pptx.pdf
Cyber Truths_Are you Prepared version 1.1.pptx.pdfPriyanka Aash
 
Cyber Crisis Management.pdf
Cyber Crisis Management.pdfCyber Crisis Management.pdf
Cyber Crisis Management.pdfPriyanka Aash
 
CISOPlatform journey.pptx.pdf
CISOPlatform journey.pptx.pdfCISOPlatform journey.pptx.pdf
CISOPlatform journey.pptx.pdfPriyanka Aash
 
Chennai Chapter.pptx.pdf
Chennai Chapter.pptx.pdfChennai Chapter.pptx.pdf
Chennai Chapter.pptx.pdfPriyanka Aash
 
Cloud attack vectors_Moshe.pdf
Cloud attack vectors_Moshe.pdfCloud attack vectors_Moshe.pdf
Cloud attack vectors_Moshe.pdfPriyanka Aash
 
Stories From The Web 3 Battlefield
Stories From The Web 3 BattlefieldStories From The Web 3 Battlefield
Stories From The Web 3 BattlefieldPriyanka Aash
 
Lessons Learned From Ransomware Attacks
Lessons Learned From Ransomware AttacksLessons Learned From Ransomware Attacks
Lessons Learned From Ransomware AttacksPriyanka Aash
 
Emerging New Threats And Top CISO Priorities In 2022 (Chennai)
Emerging New Threats And Top CISO Priorities In 2022 (Chennai)Emerging New Threats And Top CISO Priorities In 2022 (Chennai)
Emerging New Threats And Top CISO Priorities In 2022 (Chennai)Priyanka Aash
 
Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)
Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)
Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)Priyanka Aash
 
Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)
Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)
Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)Priyanka Aash
 
Cloud Security: Limitations of Cloud Security Groups and Flow Logs
Cloud Security: Limitations of Cloud Security Groups and Flow LogsCloud Security: Limitations of Cloud Security Groups and Flow Logs
Cloud Security: Limitations of Cloud Security Groups and Flow LogsPriyanka Aash
 
Cyber Security Governance
Cyber Security GovernanceCyber Security Governance
Cyber Security GovernancePriyanka Aash
 

More from Priyanka Aash (20)

Digital Personal Data Protection (DPDP) Practical Approach For CISOs
Digital Personal Data Protection (DPDP) Practical Approach For CISOsDigital Personal Data Protection (DPDP) Practical Approach For CISOs
Digital Personal Data Protection (DPDP) Practical Approach For CISOs
 
Verizon Breach Investigation Report (VBIR).pdf
Verizon Breach Investigation Report (VBIR).pdfVerizon Breach Investigation Report (VBIR).pdf
Verizon Breach Investigation Report (VBIR).pdf
 
Top 10 Security Risks .pptx.pdf
Top 10 Security Risks .pptx.pdfTop 10 Security Risks .pptx.pdf
Top 10 Security Risks .pptx.pdf
 
Simplifying data privacy and protection.pdf
Simplifying data privacy and protection.pdfSimplifying data privacy and protection.pdf
Simplifying data privacy and protection.pdf
 
Generative AI and Security (1).pptx.pdf
Generative AI and Security (1).pptx.pdfGenerative AI and Security (1).pptx.pdf
Generative AI and Security (1).pptx.pdf
 
EVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdf
EVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdfEVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdf
EVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdf
 
DPDP Act 2023.pdf
DPDP Act 2023.pdfDPDP Act 2023.pdf
DPDP Act 2023.pdf
 
Cyber Truths_Are you Prepared version 1.1.pptx.pdf
Cyber Truths_Are you Prepared version 1.1.pptx.pdfCyber Truths_Are you Prepared version 1.1.pptx.pdf
Cyber Truths_Are you Prepared version 1.1.pptx.pdf
 
Cyber Crisis Management.pdf
Cyber Crisis Management.pdfCyber Crisis Management.pdf
Cyber Crisis Management.pdf
 
CISOPlatform journey.pptx.pdf
CISOPlatform journey.pptx.pdfCISOPlatform journey.pptx.pdf
CISOPlatform journey.pptx.pdf
 
Chennai Chapter.pptx.pdf
Chennai Chapter.pptx.pdfChennai Chapter.pptx.pdf
Chennai Chapter.pptx.pdf
 
Cloud attack vectors_Moshe.pdf
Cloud attack vectors_Moshe.pdfCloud attack vectors_Moshe.pdf
Cloud attack vectors_Moshe.pdf
 
Stories From The Web 3 Battlefield
Stories From The Web 3 BattlefieldStories From The Web 3 Battlefield
Stories From The Web 3 Battlefield
 
Lessons Learned From Ransomware Attacks
Lessons Learned From Ransomware AttacksLessons Learned From Ransomware Attacks
Lessons Learned From Ransomware Attacks
 
Emerging New Threats And Top CISO Priorities In 2022 (Chennai)
Emerging New Threats And Top CISO Priorities In 2022 (Chennai)Emerging New Threats And Top CISO Priorities In 2022 (Chennai)
Emerging New Threats And Top CISO Priorities In 2022 (Chennai)
 
Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)
Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)
Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)
 
Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)
Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)
Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)
 
Cloud Security: Limitations of Cloud Security Groups and Flow Logs
Cloud Security: Limitations of Cloud Security Groups and Flow LogsCloud Security: Limitations of Cloud Security Groups and Flow Logs
Cloud Security: Limitations of Cloud Security Groups and Flow Logs
 
Cyber Security Governance
Cyber Security GovernanceCyber Security Governance
Cyber Security Governance
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 

Recently uploaded

Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Principled Technologies
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsRoshan Dwivedi
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 

Recently uploaded (20)

Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 

State of Cybersecurity: 2016 Findings and Implications

  • 1. SESSION ID: #RSAC Ron Hale Ph.D., CISM State of Cybersecurity: 2016 Findings and Implications AST1-R02 Chief Knowledge Officer ISACA rhale@isaca.org Jennifer Lawinski Editor-in-Chief RSA Conference Jennifer.lawinski@rsa.com
  • 2. #RSAC Topics Professionals Want to Know About 2 RSA Conference submissions tell the story:
  • 3. #RSAC Top 10 Topics 3 1. Internet of Things 2. Industrial Control Systems and the Industrial Internet of Things 3. Encryption 4. Artificial Intelligence and Machine Learning. 5. Crowdsourcing 6. The Role of the Researcher 7. Healthcare and Automotive 8. Security Meets the Board of Directors 9. Privacy and Legislative Volatility 10. INAMOIBW
  • 4. #RSAC The Internet of Things is a Big Deal 4 For the second year in a row submissions around IoT surged, showing that it’s a topic on the minds of security professionals. The survey this year asked questions about IoT and respondents agree it’s a major issue that they’ll be facing in years to come.
  • 5. #RSAC AI and Machine Learning Have You Worried 5 More sessions focused on artificial intelligence and machine learning like “Rise of the Hacking Machines," and the survey results showed that security pros are concerned.
  • 6. #RSAC Security Meets the Board of Directors 6 Companies are looking to bridge the gap between threat intelligence and risk management, but many of the respondents to our survey don’t feel they have the security personnel and processes in place to handle serious security threats.
  • 7. #RSAC Survey Results Review 7 The State of Cybersecurity 2016 Summary Findings
  • 8. #RSAC Four Prominent Questions 8 1. What are enterprises experiencing in terms of cyber-incidents? 2. How concerned are enterprise decision makers? 3. Are security organizations capable of addressing cyber-incidents? 4. What does the future hold given new technology directions?
  • 9. #RSAC Were You a Victim in 2015? 9 Yes No Don’t know 33.41% 48.91% 17.68% 10% 20% 30% 40% 50% 60%
  • 10. #RSAC Likelihood of Being a Victim in 2016? 10 Very Likely Likely Not Very Likely Not Likely at All Don’t Know 42.17% 32.17% 16.52% 1.09% 8.04% 10% 20% 30% 40% 50% 60%
  • 11. #RSAC Frequency of Attack 11 Online Identity Theft Hacking Malicious Code Loss of Intellectual Property Intentional Damage to Computer Systems Physical Loss Phishing Denial of Service Insider Damage Don’t Know Daily 4.08% 11.06% 16.36% 1.44% 0.95% 1.42% 29.67% 4.05% 2.91% 13.13% Monthly 5.52% 9.18% 12.85% 4.08% 5.01% 9.69% 15.19% 9.76% 9.69% 3.86% Weekly 4.56% 7.29% 12.38% 2.40% 1.43% 6.38% 16.82% 5.48% 1.69% 2.32% Quarterly 20.62% 25.18% 26.40% 19.90% 18.38% 37.12% 18.69% 27.38% 21.79% 6.18% 22.8%8.4% 6.3% 8.7% 1 2 3 4
  • 12. #RSAC Frequency of Attack – Known and Unknown 12 Online Identity Theft Hacking Malicious Code Loss of Intellectual Property Intentional Damage to Computer Systems Physical Loss Phishing Denial of Service Insider Damage Don’t Know Known 34.77% 52.71% 67.99% 27.82% 25.78% 54.61% 80.73% 46.67% 36.08% 25.48% Unknown 65.23% 47.29% 32.01% 72.18% 74.22% 45.39% 19.63% 53.33% 63.92% 74.52% 53.8%46.2%
  • 13. #RSAC Ability to Detect and Respond 13 31.41% 42.08% 17.35% 4.56% Yes Yes – Simple Issues No Do not know Not applicable 2.60% 10% 20% 30% 40% 50% 60%
  • 14. #RSAC Level of Board Concern 14 Very concerned Concerned Not concerned Not concerned at all Don’t know Not applicable 35.7% 46.0% 7.8% 2.6% 0.9% 7.0% 81.7% 10% 20% 30% 40% 50% 60%
  • 15. #RSAC Executive Team Support for Risk Mitigation 15 Enforcing security policy Providing funding Following food practices Mandating awareness Do not know Not applicable 66.08% 63.0% 42.95% 58.37% 5.95% 6.61% 10% 20% 30% 40% 50% 60%
  • 16. #RSAC Security Reporting Structure 16 CEO CIO CFO Audit Board of Directors Undefined Don’t know Not Applicable 13.62% 63.24% 4.37% 1.29% 8.23% 3.08% 3.34% 2.83% 10% 20% 30% 40% 50% 60%
  • 17. #RSAC Time to Fill Open Cyber Positions 17 < 2 Weeks 1 Month 2 Months 3 Months 6 Months Cannot Fill Don’t Know 1.1% 8.1% 17.5% 26.2% 27.5% 9.0% 10.7% 10% 20% 30% 40% 50% 60%
  • 18. #RSAC Applicants Qualified on Hire 18 32.7% 26.6% 16.8% 11.8% 12.2% Less than 25% 25 – 50% 50 – 75% 75 – 100% Do Not Know 10% 20% 30% 40% 50% 60%
  • 19. #RSAC Most Significant Skill Gap 19 60.9% 75.3% 61.1% 0.6% Technical skills Business Understanding Communications Other
  • 20. #RSAC How Are Skills Developed 20 On the job training Skilled based training / Performance based testing Vendor specific tool training Other training & certifications Formal education Technical training center or 3rd party trainers Cyber competitions Online training / webinars Self-instruction Not developing skills Does not need to develop skills Other 85.8% 38.1% 51.9% 63.2% 16.0% 26.7% 5.3% 47.9% 58.0% 7.0% 0.9% 4.8% #1 #2 #3 #4
  • 21. #RSAC Artificial Intelligence and Cyber Risk 21 41.9% 2.8% 62.0% Increase in the short-term Decrease in the short-term Increase in the long-term Decrease in the long-term Remain the same in the short-term Remain the same in the long-term Don’t know 7.4% 11.7% 5.6% 8.9% 10% 20% 30% 40% 50% 60%
  • 22. #RSAC Concern for Internet of Thing Risk 22 18.7% 34.3% 9.3% Very concerned Concerned Not concerned Not concerned at all Don’t know Not applicable 3.9% 9.11% 24.7% 10% 20% 30% 40% 50% 60%
  • 23. #RSAC Action Items 23 Assess your capabilities to detect and respond to incidents Have an honest discussion with decision makers Identify skill needs and develop a strategy
  • 24. #RSAC For a Copy of the Report 24 www.isaca.org/state-of-cybersecurity-2016