cyber & information security-aha2013
TRANSCRIPT
Ahmet Hamdi ATALAY 11 Nisan 2013’ISTANBUL
Cyber & Information Security
Ahmet Hamdi ATALAY 11 Nisan 2013’ISTANBUL
Information Security - Overview
Ahmet Hamdi ATALAY 11 Nisan 2013’ISTANBUL
What is Information Security?
Information Security ensures protection, confidentiality, integrity & availability of an organization’s assets against exploitation or attacks to degrade or destroy information
from outside or inside the organization
Ahmet Hamdi ATALAY 11 Nisan 2013’ISTANBUL
Information security is not only about technology. Many successful attacks require little or no technical knowledge.
Information Security Has Many Attack Vectors
Ahmet Hamdi ATALAY 11 Nisan 2013’ISTANBUL
Government & Financial Institutions are by far the most attractive targets for sophisticated actors such as nation states or organized criminal organizations
Source: Booz Allen Hamilton analysis of the top 20 information security attacks in 2012
Sophisticated Attackers Focus on High-Value Targets
Ahmet Hamdi ATALAY 11 Nisan 2013’ISTANBUL
Striving for a Better Approach
Ahmet Hamdi ATALAY 11 Nisan 2013’ISTANBUL
Effective Information Security requires a trained and aware workforce and well-defined and enforced policy and procedures. With these, any credible information security tools
will be effective. Without this, no set of tools will work.
Where to Start? The Three Tiers of Information Security
Ahmet Hamdi ATALAY 11 Nisan 2013’ISTANBUL
An effective information security program is built on a foundation of leadership supported by the three pillars of well-thought-out strategy & governance, organization-
wide awareness & training, and advanced technology
Components of Effective Information Security
Ahmet Hamdi ATALAY 11 Nisan 2013’ISTANBUL
People are the most vital aspect of your Cybersecurity defense and should always be your first priority for investment
Focus on the People
Ahmet Hamdi ATALAY 11 Nisan 2013’ISTANBUL
There is temptation to buy a “tool” to fix the problem and it rarely, if ever, works. Tools that are too complex for your team require extensive tuning and integration will rarely
be effective
Adopt a Holistic Approach and Tools
Ahmet Hamdi ATALAY 11 Nisan 2013’ISTANBUL
Threats come from...
Ahmet Hamdi ATALAY 11 Nisan 2013’ISTANBUL
Every Organization is Under Attack
Ahmet Hamdi ATALAY 11 Nisan 2013’ISTANBUL
2013 Attack vector by Industry
Ahmet Hamdi ATALAY 11 Nisan 2013’ISTANBUL
From one every MINUTE to one every SECOND
The growing malware threat
Ahmet Hamdi ATALAY 11 Nisan 2013’ISTANBUL
Nature of threats changing / Today’s attacks sophisticated and successful
The New Breed of Cyber Attacks
Ahmet Hamdi ATALAY 11 Nisan 2013’ISTANBUL
$388 Billion – The total bill for cybercrime footed by online adults in 24 countries… • $114bn – Direct cash costs of cybercrime • $274bn – Victims valued the time lost to cybercrime
Cybercrime is bigger than… • The global black market in marijuana, cocaine, and heroin combined ($288bn)
and approaching the value of all global drug trafficking ($411bn) • At $388bn, cybercrime is more than 100 times the annual expenditures of
UNICEF ($3.65bn)
The total bill for cybercrime...