Date post: | 18-Nov-2014 |
Category: |
Technology |
Upload: | trend-micro |
View: | 282 times |
Download: | 0 times |
Aggressive and Persistent: Using Frameworks to Defend Against Cyber Attacks
Featuring cyber security experts Professor Scott J. Shackelford,
JD, PhD, of Indiana University's Kelley School of Business and
Andrew A. Proia of Indiana University's Center for Applied
Cybersecurity Research Sponsored by
APRIL 16, 2014
Today’s Speakers
Professor Scott J. Shackelford, JD, PhD
Kelley School of Business
Indiana University
Andrew A. Proia
Center for Applied Cybersecurity Research
Indiana University
Aggressive and Persistent: Using Frameworks to Defend Against Cyber Attacks
APRIL 16, 2014
Harvard Business Review
Apr. 16, 2014
Advanced and Persistent: Using
Frameworks to Defend Against Cyber
Attacks
Prof. Scott Shackelford & Andrew Proia
Outline 1. Conceptualizing the Cyber Threat to
the Private Sector
2. Managing Cyber Attacks
A. Identifying Threats
B. Regulatory Approaches and Examples
3. Negligence and the NIST Framework
A. Genesis
B. Application
C. Shaping Duty of Care
4. Global Implications
To Companies To Countries
• Theft of IP is Costly – impacts
up to 75% of businesses,
costing hundreds of billions
USD annually
• Widespread – at least 19
million people in more than
120 nations
• Easy –more than 30,000
websites with malware kits
available
• Fear of “Electronic Pearl
Harbor”
• Protecting critical national
infrastructure
1.1 Defining the Cyber Threat
*Source: KAL’s Cartoon, Economist, May 7, 2009
*Source: McAfee In the Dark (2010)
Number of Cyber Attacks Cataloged
by CERT from 1995 to 2011
1.2 Unpacking the “Cyber Threat” Cyber War
Cybercrime
Many Types
True Extent Unknown
Global Nature
Response
Cyber Espionage
Legal “black hole”
Cost
Cyber Terrorism
Ransomware
Why relatively rare?
New Cyberwarfare
0
20000
40000
60000
80000
100000
120000
19
95
19
96
19
97
19
98
19
99
20
00
20
01
20
02
20
03
20
04
20
05
20
06
20
07
20
08
20
09
20
10
20
11
*Source: The
War Room
Sponsored by
APRIL 16, 2014