MANAGING CYBER
THREATSA Cyber Security Conversation with the
Experts
Renata SpinksReginald Gillins
Jane OderoSimoné Thomas
2
Overview• Let’s Talk about Cyber
– Overview of What is CyberSpace vs. Cyber Security
• Framework of Cyber Threats– The types, styles, and existence of Cyber Threats
• Challenges of Managing Cyber Threats– Global Awareness and Collaboration: Public & Private
• Conversation with the Experts– Cyber Security Real-world Experiences
• 2014 Cyber Security Focal Points– Key points to consider when dealing with Cyber Security
• Question and Answers
3
Let’s Talk About Cyber
• Cyberspace vs. Cyber Security-Cyberspace -- the online world of computer networks and the Internet
-Cyber security -- measures taken to protect a computer or system against unauthorized access or attack
4
Let’s Talk About Cyber
• Cyber Security is similar to Home Security
5
Framework of Cyber Threats
• Types of Threats• Bot-network operators
• Hackers that take over multiple systems in order to coordinate attacks and distribute malicious code
• Criminal Groups• Seek to attack systems for monetary gain
• Foreign intelligence services • Use cyber tools as part of their information-gathering and espionage
• Hackers• Break into networks for the thrill of the challenge or for bragging rights in the
hacker community
• Insiders• Disgruntled or unaware user of the system; uses unrestricted access to cause
damage or to steal system data. (Primary source of computer crime)
6
Framework of Cyber Threats (cont.)
• Types of Threats– Phishers
• Individuals, or small groups, who execute phishing schemes in an attempt to steal identities or information for monetary gain (use bait to catch unaware users)
– Spammers• Individuals or organizations who distribute unsolicited e-mail with hidden or false
information in order to sell products, conduct phishing schemes, distribute spyware/malware, or attack organizations (i.e., denial of service).
– Spyware/malware authors• Individuals or organizations with malicious intent carry out attacks against users
by producing and distributing spyware and malware.
– Terrorists• Terrorists seek to destroy, incapacitate, or exploit critical infrastructures in order
to threaten national security, cause mass casualties, weaken the U.S. economy, and damage public morale and confidence.
“Types of Threats” Source: Government Accountability Office (GAO), Department of Homeland Security's (DHS's) Role in Critical Infrastructure Protection (CIP) Cybersecurity, GAO-05-434 (Washington, D.C.: May, 2005).
7
Framework of Cyber Threats (cont.)
• Why do Cyber Threats Exist?– National Governments
• Goal is to weaken, disrupt or destroy the U.S.
– Terrorists• Goal is to spread terror throughout the U.S. civilian population
– Industrial Spies and Organized Crime Groups• Goals are profit based to conduct industrial espionage and large-scale
monetary theft
– Hacktivists• Goals are to support their political agenda, propaganda and causing
damage to achieve notoriety for their cause
– Hackers• Goals are associated with notoriety, profit, and cause disruption
8
Challenges in Managing Cyber Threats
• Global Awareness • Directives, Executive Orders, Working
Groups
9
Conversing with the Experts
• Serving in the Cyber Security Field • Areas of Focus for a Career in Cyber
– DHS Initiatives– Investigations
• Resources– Education– Blogs
10
2014 Cyber Security Focal Points
• Critical Success Factors• THINK Cyber BEYA 2013
– THINK about what’s happening in Cyberspace– Military Reliance on Technology and
Innovation– Engineers and others who produce innovative
technology– Young Men and Women to take an Interest
11
Questions
WHERE?
HOW?
WHO?