SlideShare a Scribd company logo

Why is cyber security a disruption in the digital economy

Mark Albala
Mark Albala

As we enter the digital economy, companies will quickly realize that the differentiator in the digital economy is information and information being a valuable resource is subject to theft, hacking, phishing and a host of other issues which compromise a company’s ability to participate in the digital economy. Cybersecurity misfires compromise the trust of buyers and partners necessary to participate in the digital economy. It is up to every company to ensure that the information shared with them is protected to the best of their ability and proactively notify persons and organizations who entrust their information necessary to transact business (any personal identity information including but not limited to addresses, credit card information, social security numbers, account information, credit information, medical records, etc.) with any potential compromises which can yield harm to them by that information either being used maliciously or shared with others. The digital economy is different than other versions of commerce because in the digital economy, information is the lifeblood of digital commerce that passes through the hands of many platforms involved in a digital event. Each of these platforms are an opportunity to wreak havoc on your well-intended but incomplete intents to protect the information contained within the network you control. In the digital economy, it is not only the network you control, but the platforms that touch the personal data entrusted to you as a means of enabling digital commerce, and several techniques have begun to emerge to protect personal information contained within your information domain and the domain of platforms participating in digital commerce. Because the life blood of the digital economy is information, information hacked in the digital economy is akin to shrinkage in the legacy economy. Both are means to directly attack your bottom line, whether it is redirecting customers elsewhere because they don’t trust your privacy program, ransomware which makes your site or one of your partner platform sites dangerous to use or some other reason which challenges your ability to participate in the digital economy. Shrinking the potential market share because of information safety and security challenges is a disruption, making cyber-security a disruptive activity, particularly if it is not dealt with swiftly. If your cyber-security program is focused entirely on protecting the information housed in your four walls, you have exposed yourself to problems you will have difficulty in identifying both the source and the entry point of these issues.

Related slideshows

The 10 Fastest Growing Cyber Security Companies of 2017
The 10 Fastest Growing Cyber Security Companies of 2017The 10 Fastest Growing Cyber Security Companies of 2017
The 10 Fastest Growing Cyber Security Companies of 2017
 
Retail
Retail Retail
Retail
 
Intelligence-Driven Fraud Prevention
Intelligence-Driven Fraud PreventionIntelligence-Driven Fraud Prevention
Intelligence-Driven Fraud Prevention
 
1 of 8
Download to read offline
1 | P a g e | T h e D i g i t a l E c o n o m y a n d C y b e r s e c u r i t y Why is Cyber-Security a disruption in the digital economy? Mark Albala President, InfoSight Partners
2 | P a g e | T h e D i g i t a l E c o n o m y a n d C y b e r s e c u r i t y Introduction As we enter the digital economy, companies will quickly realize that the differentiator in the digital economy is information and information being a valuable resource is subject to theft, hacking, phishing and a host of other issues which compromise a company’s ability to participate in the digital economy. Cybersecurity misfires compromise the trust of buyers and partners necessary to participate in the digital economy. It is up to every company to ensure that the information shared with them is protected to the best of their ability and proactively notify persons and organizations who entrust their information necessary to transact business (any personal identity information including but not limited to addresses, credit card information, social security numbers, account information, credit information, medical records, etc.) with any potential compromises which can yield harm to them by that information either being used maliciously or shared with others. The digital economy is different than other versions of commerce because in the digital economy, information is the lifeblood of digital commerce that passes through the hands of many platforms involved in a digital event. Each of these platforms are an opportunity to wreak havoc on your well- intended but incomplete intents to protect the information contained within the network you control. In the digital economy, it is not only the network you control, but the platforms that touch the personal data entrusted to you as a means of enabling digital commerce, and several techniques have begun to emerge to protect personal information contained within your information domain and the domain of platforms participating in digital commerce. Because the life blood of the digital economy is information, information hacked in the digital economy is akin to shrinkage in the legacy economy. Both are means to directly attack your bottom line, whether it is redirecting customers elsewhere because they don’t trust your privacy program, ransomware which makes your site or one of your partner platform sites dangerous to use or some other reason which challenges your ability to participate in the digital economy. Shrinking the potential market share because of information safety and security challenges is a disruption, making cyber-security a disruptive activity, particularly if it is not dealt with swiftly. If your cyber-security program is focused entirely on protecting the information housed in your four walls, you have exposed yourself to problems you will have difficulty in identifying both the source and the entry point of these issues. Current State of Cyber-Security Cyber-Security has been getting a fair amount of attention recently and for good reason. The number of hacks leaking personal information, delivering ransomware and relegating denial of service hacks has been on the rise. Those who are intent on conducting cyber-security have become more creative, even though the entry point for much of the security based problems are sourced through email. 77% of hackers surveyed (Blackhat survey, 2017) believe that no password is safe from hackers, or the government for that matter. Some Cyber-Security statistics to ponder about (Hewlett Packard Enterprise, 2016) are:
3 | P a g e | T h e D i g i t a l E c o n o m y a n d C y b e r s e c u r i t y • 2016 is a pivotal year changing the conversation from credit card theft to identify theft. This shift is a direct result from the amount of footprint a consumer has in the digital economy. Consumers have been educated on the risks associated with sharing information digitally and are beginning to be selective in where their identity is stored. • 2016 is a pivotal year changing the focus of security fixes from point fixes (i.e., virus protection libraries downloaded to PCs) to a broader defensive approach that prevents entire classes of attacks. • 2016 is a pivotal year which brought cyber-security to the forefront of the political landscape. • Vendors instituting cyber-security solutions are still focused on patching, and should shift their focus quickly. But the burden will be on the consumer until this shift occurs. • Attackers have shifted their efforts to directly attack applications that serve enterprise data. For the time being, this is lucrative, because over one third of the enterprise applications have exhibited at least one critical or high severity security vulnerability. The number of commercial applications exhibiting these vulnerabilities increase dramatically in the open source arena, where over 80% have flaws with serious implications for the management of private data. • The digital economy has resulted in payment systems, bitcoin repositories and Automated Teller Machines becoming a more common source of attack because of the direct monetization of this malware. The need for initiatives focused on the eradication of cyber-security threats have gained prominence. However, in many organizations, these will be multi-year programs initiated with the 2017 budget cycle, leaving room for those intent on causing harm through cyber-security plenty of room. Common methods used to gain access to your data You should not be left panicking, but rather take some actions to watch for specific means of attacks on your organization which will leave trails that you can remediate now. Some of the more common approaches gain access to your data using the following strategies: • Redirecting a web, mobile, Internet of Things (IOT) device or email session to a malicious web page which gives access to information behind the firewall. • Injecting code into a web, mobile, IOT device or email session to perform malicious activities. • Attacking insufficient web, mobile, IOT device or email management controls, thereby capturing passwords, session ids or other key information through cookies and other means. • Writing files on the computer utilizing a web, mobile or email session that collects information and transmits it through an application loaded on the computer. • Executing remote code which collects information via the remote code loaded into a mobile, email or web session. • Requesting information by promising false claims, which is commonly returned through email. • Introducing malicious code into a web cache. • Capturing control of a router, computer or collection of IOT devices to deny service.
4 | P a g e | T h e D i g i t a l E c o n o m y a n d C y b e r s e c u r i t y These methods of security breaches leave an audit trail which should be a proactive defense in an organization’s information arsenal. Companies who do not make cybersecurity a major component of their information arsenal will find themselves appearing in the list of companies shown on figure 2. Some concerns in cyber-security are (SANS institute, 2014) are: 1. RFID Skimming, which use mobile and wireless techniques to access information 2. USB devices which introduce malware to connected and unconnected systems 3. Hacks introduced through the internet of things, such as imbedded systems, proximity sensors, smart devices and a host of emerging products. All of these have one thing in common, they have less room for complex code because of their limited computing footprint. 4. Hacks which attack digital payment systems such as bitcoin. These attacks result in theft of digital payments or virtual stockpiles of digital cash (i.e., bitcoin). 5. Point of Sale Malware introduced through one of the participants in a digital transaction 6. Targeted hacks which use email as an entry point to deliver malware, keyboard trackers or other hacks. 7. Social media sites which harvest personal information, thereby utilizing the social media site as a hack. 8. Webmail account takeover What should be done now If it isn’t obvious, cyber security attacks may not start with your data. Because the lifeblood of the digital economy is information, cyber-security attacks take on a different level of importance than they have in the past, and there is a need at organizations to rethink their cyber-security approaches. Some of the things companies can do is: 1. Assign a person to be responsible for eradicating cyber-security threats. There will be resistance from inside the organization because it will require changes to digital products launched and could impact both the costs and timelines for delivered commerce exchanges, so the person assigned to this role must have sufficient organizational teeth to foster the change and expect compliance to any recommended alterations to cyber-security capabilities. 2. Institute the cyber-security defenses advocated by the National Institute of Standards and Technology, a revised framework (version 1.1 was proposed January, 2017) can be found at http://nist.gov/cyberframework. Version 1.1 is still in draft form, and focuses on the ability to govern, assess risk, educate and eradicate risks when they occur. 3. Construct metrics to manage the dwell time, which is the time between a company is hacked, the time when the hack is detected, the time to dispense with the hack and the time to communicate the attack and deliver a remediation plan to those impacted. The purpose of these metrics is to drive down the time required to deal with cyber-security threats. 4. Run test cyber-security attacks, which exercise the platforms participating in your digital commerce, whether they are on your site or at a partner handling a component of your digital

Recommended for you

IMC 618 - Public Relations Campaign
IMC 618 - Public Relations CampaignIMC 618 - Public Relations Campaign
IMC 618 - Public Relations Campaign

Public Relations Campaign for SecureWorks for IMC 618: PR Concepts & Strategy. Campaign is focused on increasing brand awareness among both big and small businesses as well as potential investors.

 
by Stephanie Holman
idg_secops-solutions
idg_secops-solutionsidg_secops-solutions
idg_secops-solutions

The document discusses the growing security challenges faced by organizations and the need to close the gap between security (SecOps) and IT operations teams. It notes that the volume and complexity of cyberattacks have increased significantly. However, current security tools, processes, and teams are often unable to keep up due to a lack of integration and coordination between security and operations groups. This results in security vulnerabilities not being addressed quickly enough, leading to potential data breaches and other security incidents. The document argues that automating security and operations workflows can help eliminate inefficiencies and prioritize the remediation of the most critical issues.

 
by Jonny Nässlander
Analyst Report: The Digital Universe in 2020 - China
Analyst Report: The Digital Universe in 2020 - ChinaAnalyst Report: The Digital Universe in 2020 - China
Analyst Report: The Digital Universe in 2020 - China

This IDC Country Brief discusses China, where the amount of data created, replicated, and consumed each year will grow 24-fold between 2012 and 2020, according to the 2012 IDC Digital Universe study, sponsored by EMC.

 
by EMC
emc corporationdigital universe
5 | P a g e | T h e D i g i t a l E c o n o m y a n d C y b e r s e c u r i t y commerce. If a partner is unwilling or unable to remediate exposures, be prepared to work with an alternative partner to handle the component of your digital fabric handled by that partner. 5. If you use a data lake as part of your data ecosphere, you have an especially high risk because most of the security frameworks you have in your environment do not provide the same stringency of security to the data lake. It is strongly suggested that you adopt an encryption strategy for any personal identifiable information written to the data lake, whether it is in the right columns or not. Some method of identifying PII data, through patterns or other means is necessary to ensure that credit card, bank routing numbers, social security numbers, and other information written to intended fields, comment fields or other columns because of limitations of feeder systems will be a time bomb if not addressed as soon as possible. 6. If critical information containing PII data is stored on LANS and computers managed by your employees, your security plan against cyber-security is only as strong as the weakest link in your plan. If your employees have laptops and they infect their laptop off premises, they can introduce cyber-security issues when they return to the office, whether on premise or remotely. 7. If you provide access to your network and critical customer data to your agents and partners, you must have your cyber-security plan reach the computing platforms operated by them as well. 8. Hide the candy. If you move around personal identifiable information (PII) through your network for analytical purposes, encrypt the PII information so should it be hacked, the level of exposure is mitigated. If that information is required, those really needing it can get it from a tightly secured area. 9. Solutions that predict the most likely methods of attack based on your software portfolio, network infrastructure and platforms participating in your digital and legacy channels of commerce. These solutions (SAIC, BitSight, Cyberisk to name a few) should be researched to either obtain these solutions or determine what features of your cyber-security arsenal are required to be effective. Devising metrics to improve your ability to detect and eradicate cyber-security threats One of the common themes in treating information as an asset of the organization is percolating metrics used as a means to improve the valuation of information. Having information assets hardened to the challenges of security is one form of eradicating resistance to consuming information. Some metrics that can be used to manage an organization’s information assets are: 1. Number of detected intrusion attempts per day 2. Number of infections per device per day 3. Number of times per year the security and privacy rules of the organization are reviewed 4. Number of times per year key personnel is reminded of their obligations to oversee security 5. Average elapsed time from intrusion / infection to detection 6. Average elapsed time from detection to intrusion closure / disinfection 7. Average number of personal identity information (PII) items not in the intended locations
6 | P a g e | T h e D i g i t a l E c o n o m y a n d C y b e r s e c u r i t y 8. Average number of PII violations per industry and /or country of origin regulations 9. Number of known and unhandled security vulnerabilities 10. Number of properly configured secure socket layer (SSL) certificates 11. Percentage of peer to peer file sharing as an overall percentage of corporate network activity 12. Percentage of people with super user access 13. Average number of days it takes to eliminate access to information on the organizational network 14. Average number of times per year high security profile people are reviewed 15. Times per year access permissions are reviewed 16. Number of open ports into the network and on machines with access to the network 17. Number of third party software products not scanned for vulnerabilities prior to deployment 18. Number of times per month suppliers and vendors are reviewed for security issues 19. Number of times per month vendor and partner security controls are reviewed for issues 20. Percentage of partners, vendors and customers having access to information on the network and who store information on the network are reviewed for security issues The Metrics chosen should: • Be actionable, they should be devised to allow decision makers to take swift action to thwart cyber-security risks. • Be definable in numbers to measure improvements in your cyber-security program. • Be aligned with the information intents of the organization. • Be repeatable, they should be collectible and automatable at a reasonable cost. • Be sufficiently granular so that the programs devised to thwart cyber-security risks can be identified as helping the cause through metrics.
7 | P a g e | T h e D i g i t a l E c o n o m y a n d C y b e r s e c u r i t y What’s at Risk It is easy to find examples of cyber-security attacks in the marketplace, attacks to businesses and the government. Some more devastating cyber-attacks have been: • Yahoo had 1.5 billion accounts hacked, which put a buyout by Verizon at risk. • Sony had unreleased films stolen, as well as the identity of 10 million employees and partners. • The US Office of Personnel Management was hacked twice. One of these attacks resulted in the theft of digital fingerprints. • If you think the government is immune, the White House, the Army, the Democratic National Caucus and the hacking software published by the NSA were hacked. • Target had 40 million credit card accounts hacked. When to start It is important to get started now. The inflection point of when hacking as a means of exposing information to steal a component of digital commerce became an exposed issue most probably in 2015. If you participate in digital commerce, the risk is customers, partners (including partners delivering one or more of the platforms used to deliver digital content and commerce), financiers and vendors within your supply chain will be unwilling to expose their information to you if you have not performed demonstrable diligence on your ability to protect information provided to you for conducting digital commerce. Those who participate in digital commerce who have not performed the necessary due diligence will be disrupted by the avalanche of hacking attempts and the number of these attempts that have exposed them and their customers, partners and others to the risks of their inability or unwillingness to take the necessary actions. Those who participate in other’s digital commerce by delivering a necessary platform to their digital commerce activities will find the use of their platform dwindling if they let the risks of cyber-security infect the digital commerce ecosphere of those using their platform for digital commerce.
8 | P a g e | T h e D i g i t a l E c o n o m y a n d C y b e r s e c u r i t y About the Author Mark Albala is the President of InfoSight Partners, LLC, a business consultancy which provides financial and technology advisory services devised to facilitate focus into the value of information assets. InfoSight Partners is led by Mark Albala, who has served in technology and thought leadership roles and serves as an advisor to analyst organizations. Mark can be reached at mark@infosightpartners.com.

Recommended for you

Baker Tilly Presents: Emerging Trends in Cybersecurity
Baker Tilly Presents: Emerging Trends in CybersecurityBaker Tilly Presents: Emerging Trends in Cybersecurity
Baker Tilly Presents: Emerging Trends in Cybersecurity

Presented at the 29th Annual FMA Conference Topics: > Raise awareness of the emerging trends in cybersecurity, such as the threats and the potential cost that a breach could have on your organization > Establish an understanding of what your organization and board can do to reduce the likelihood and impact of a breach > Identify key characteristics and aspects within an incident/breach response plan and how this plan will reduce the impact of the unfortunate event

 
by BakerTillyConsulting
baker tillybrian sanvidgecybersecurity
ThreatMetrix Profile in March 2014 CIO Review
ThreatMetrix Profile in March 2014 CIO ReviewThreatMetrix Profile in March 2014 CIO Review
ThreatMetrix Profile in March 2014 CIO Review

ThreatMetrix provides context-based authentication and a global federated trust network to help secure remote workforce access for enterprises. It analyzes login contexts and compares them to data from a global network of over 2,500 customers to identify high-risk connections. This allows businesses to streamline access for trusted users while detecting anomalies and reducing security risks, without overburdening legitimate users. The federated trust network grows more powerful as more customers contribute anonymous identity and transaction data.

 
by ThreatMetrix
online fraud preventioncybersecuritythreatmetrix
Mobile malware and enterprise security v 1.2_0
Mobile malware and enterprise security v 1.2_0Mobile malware and enterprise security v 1.2_0
Mobile malware and enterprise security v 1.2_0

This document discusses mobile malware threats facing enterprises. It begins by providing background on the rise of BYOD policies and the security challenges they pose. It then discusses the growing risk of mobile malware, citing statistics on its rapid growth rate and prevalence in apps. The document outlines common types of mobile malware like adware, spyware, and phishing. It explains how these threats can compromise enterprise data and infect networks through BYOD devices. It emphasizes the need for enterprises to adopt comprehensive security solutions to protect corporate data on personal mobile devices.

 
by Javier Gonzalez

More Related Content

What's hot

The 10 Fastest Growing Cyber Security Companies of 2017
The 10 Fastest Growing Cyber Security Companies of 2017The 10 Fastest Growing Cyber Security Companies of 2017
The 10 Fastest Growing Cyber Security Companies of 2017
Insights success media and technology pvt ltd
 
Retail
Retail Retail
Retail
CMR WORLD TECH
 
Intelligence-Driven Fraud Prevention
Intelligence-Driven Fraud PreventionIntelligence-Driven Fraud Prevention
Intelligence-Driven Fraud Prevention
EMC
 
IMC 618 - Public Relations Campaign
IMC 618 - Public Relations CampaignIMC 618 - Public Relations Campaign
IMC 618 - Public Relations Campaign
Stephanie Holman
 
idg_secops-solutions
idg_secops-solutionsidg_secops-solutions
idg_secops-solutions
Jonny Nässlander
 
Analyst Report: The Digital Universe in 2020 - China
Analyst Report: The Digital Universe in 2020 - ChinaAnalyst Report: The Digital Universe in 2020 - China
Analyst Report: The Digital Universe in 2020 - China
EMC
 
Baker Tilly Presents: Emerging Trends in Cybersecurity
Baker Tilly Presents: Emerging Trends in CybersecurityBaker Tilly Presents: Emerging Trends in Cybersecurity
Baker Tilly Presents: Emerging Trends in Cybersecurity
BakerTillyConsulting
 
ThreatMetrix Profile in March 2014 CIO Review
ThreatMetrix Profile in March 2014 CIO ReviewThreatMetrix Profile in March 2014 CIO Review
ThreatMetrix Profile in March 2014 CIO Review
ThreatMetrix
 
Mobile malware and enterprise security v 1.2_0
Mobile malware and enterprise security v 1.2_0Mobile malware and enterprise security v 1.2_0
Mobile malware and enterprise security v 1.2_0
Javier Gonzalez
 
Payment fraud
Payment fraudPayment fraud
Payment fraud
Ramiro Cid
 
Security weekly september 28 october 4, 2021
Security weekly september 28 october 4, 2021 Security weekly september 28 october 4, 2021
Security weekly september 28 october 4, 2021
Roen Branham
 
IBM 2015 Cyber Security Intelligence Index
IBM 2015 Cyber Security Intelligence IndexIBM 2015 Cyber Security Intelligence Index
IBM 2015 Cyber Security Intelligence Index
Andreanne Clarke
 
Internet Security Threat Report 2014 :: Volume 19 Appendices - The hardcore n...
Internet Security Threat Report 2014 :: Volume 19 Appendices - The hardcore n...Internet Security Threat Report 2014 :: Volume 19 Appendices - The hardcore n...
Internet Security Threat Report 2014 :: Volume 19 Appendices - The hardcore n...
Symantec
 
Why Passwords are not strong enough
Why Passwords are not strong enoughWhy Passwords are not strong enough
Why Passwords are not strong enough
EMC
 
[Infographic] 7 Cyber attacks that shook the world
[Infographic] 7 Cyber attacks that shook the world[Infographic] 7 Cyber attacks that shook the world
[Infographic] 7 Cyber attacks that shook the world
Seqrite
 
2015 Global Threat Intelligence Report Executive Summary | NTT i3
2015 Global Threat Intelligence Report Executive Summary | NTT i32015 Global Threat Intelligence Report Executive Summary | NTT i3
2015 Global Threat Intelligence Report Executive Summary | NTT i3
NTT Innovation Institute Inc.
 
CYBER THREAT FORCAST 2016
CYBER THREAT FORCAST 2016 CYBER THREAT FORCAST 2016
CYBER THREAT FORCAST 2016
Bolaji James Bankole CCSS,CEH,MCSA,MCSE,MCP,CCNA,
 
Five Network Security Threats And How To Protect Your Business Wp101112
Five Network Security Threats And How To Protect Your Business Wp101112Five Network Security Threats And How To Protect Your Business Wp101112
Five Network Security Threats And How To Protect Your Business Wp101112
Erik Ginalick
 
Application security meetup data privacy_27052021
Application security meetup data privacy_27052021Application security meetup data privacy_27052021
Application security meetup data privacy_27052021
lior mazor
 
RSA Monthly Online Fraud Report -- February 2014
RSA Monthly Online Fraud Report -- February 2014RSA Monthly Online Fraud Report -- February 2014
RSA Monthly Online Fraud Report -- February 2014
EMC
 

What's hot (20)

The 10 Fastest Growing Cyber Security Companies of 2017
The 10 Fastest Growing Cyber Security Companies of 2017The 10 Fastest Growing Cyber Security Companies of 2017
The 10 Fastest Growing Cyber Security Companies of 2017
 
Retail
Retail Retail
Retail
 
Intelligence-Driven Fraud Prevention
Intelligence-Driven Fraud PreventionIntelligence-Driven Fraud Prevention
Intelligence-Driven Fraud Prevention
 
IMC 618 - Public Relations Campaign
IMC 618 - Public Relations CampaignIMC 618 - Public Relations Campaign
IMC 618 - Public Relations Campaign
 
idg_secops-solutions
idg_secops-solutionsidg_secops-solutions
idg_secops-solutions
 
Analyst Report: The Digital Universe in 2020 - China
Analyst Report: The Digital Universe in 2020 - ChinaAnalyst Report: The Digital Universe in 2020 - China
Analyst Report: The Digital Universe in 2020 - China
 
Baker Tilly Presents: Emerging Trends in Cybersecurity
Baker Tilly Presents: Emerging Trends in CybersecurityBaker Tilly Presents: Emerging Trends in Cybersecurity
Baker Tilly Presents: Emerging Trends in Cybersecurity
 
ThreatMetrix Profile in March 2014 CIO Review
ThreatMetrix Profile in March 2014 CIO ReviewThreatMetrix Profile in March 2014 CIO Review
ThreatMetrix Profile in March 2014 CIO Review
 
Mobile malware and enterprise security v 1.2_0
Mobile malware and enterprise security v 1.2_0Mobile malware and enterprise security v 1.2_0
Mobile malware and enterprise security v 1.2_0
 
Payment fraud
Payment fraudPayment fraud
Payment fraud
 
Security weekly september 28 october 4, 2021
Security weekly september 28 october 4, 2021 Security weekly september 28 october 4, 2021
Security weekly september 28 october 4, 2021
 
IBM 2015 Cyber Security Intelligence Index
IBM 2015 Cyber Security Intelligence IndexIBM 2015 Cyber Security Intelligence Index
IBM 2015 Cyber Security Intelligence Index
 
Internet Security Threat Report 2014 :: Volume 19 Appendices - The hardcore n...
Internet Security Threat Report 2014 :: Volume 19 Appendices - The hardcore n...Internet Security Threat Report 2014 :: Volume 19 Appendices - The hardcore n...
Internet Security Threat Report 2014 :: Volume 19 Appendices - The hardcore n...
 
Why Passwords are not strong enough
Why Passwords are not strong enoughWhy Passwords are not strong enough
Why Passwords are not strong enough
 
[Infographic] 7 Cyber attacks that shook the world
[Infographic] 7 Cyber attacks that shook the world[Infographic] 7 Cyber attacks that shook the world
[Infographic] 7 Cyber attacks that shook the world
 
2015 Global Threat Intelligence Report Executive Summary | NTT i3
2015 Global Threat Intelligence Report Executive Summary | NTT i32015 Global Threat Intelligence Report Executive Summary | NTT i3
2015 Global Threat Intelligence Report Executive Summary | NTT i3
 
CYBER THREAT FORCAST 2016
CYBER THREAT FORCAST 2016 CYBER THREAT FORCAST 2016
CYBER THREAT FORCAST 2016
 
Five Network Security Threats And How To Protect Your Business Wp101112
Five Network Security Threats And How To Protect Your Business Wp101112Five Network Security Threats And How To Protect Your Business Wp101112
Five Network Security Threats And How To Protect Your Business Wp101112
 
Application security meetup data privacy_27052021
Application security meetup data privacy_27052021Application security meetup data privacy_27052021
Application security meetup data privacy_27052021
 
RSA Monthly Online Fraud Report -- February 2014
RSA Monthly Online Fraud Report -- February 2014RSA Monthly Online Fraud Report -- February 2014
RSA Monthly Online Fraud Report -- February 2014
 

Viewers also liked

Flipbook Assignment: Digital Security
Flipbook Assignment: Digital SecurityFlipbook Assignment: Digital Security
Flipbook Assignment: Digital Security
Erica Carnevale
 
Digital security -mariamustelier
Digital security -mariamustelierDigital security -mariamustelier
Digital security -mariamustelier
Frank Gilbert
 
Social Media In The Workplace - CASLIS Workshop Jan2009
Social Media In The Workplace - CASLIS Workshop Jan2009Social Media In The Workplace - CASLIS Workshop Jan2009
Social Media In The Workplace - CASLIS Workshop Jan2009
Hamilton Public Library
 
Digital safety security quest 4.1.2
Digital safety security quest 4.1.2Digital safety security quest 4.1.2
Digital safety security quest 4.1.2
Deepa Muralidhar
 
Security in the Digital Workplace
Security in the Digital WorkplaceSecurity in the Digital Workplace
Security in the Digital Workplace
LiveTiles
 
University of Missouri - Saint Louis Cyber Security
University of Missouri - Saint Louis Cyber SecurityUniversity of Missouri - Saint Louis Cyber Security
University of Missouri - Saint Louis Cyber Security
Maurice Dawson
 
Digital safety and security
Digital safety and securityDigital safety and security
Digital safety and security
mdhague
 
Smartphones for safety: digital technologies and the refugee’s journey
Smartphones for safety: digital technologies and the refugee’s journeySmartphones for safety: digital technologies and the refugee’s journey
Smartphones for safety: digital technologies and the refugee’s journey
mysociety
 
Digital Product Security
Digital Product SecurityDigital Product Security
Digital Product Security
SoftServe
 
Cyber Security for Digital-Era
Cyber Security for Digital-EraCyber Security for Digital-Era
Cyber Security for Digital-Era
JK Tech
 
Chapter 05 Digital Safety and Security
Chapter 05 Digital Safety and SecurityChapter 05 Digital Safety and Security
Chapter 05 Digital Safety and Security
xtin101
 
Cyber Security in the Digital Age: A Survey and its Analysis
Cyber Security in the Digital Age: A Survey and its AnalysisCyber Security in the Digital Age: A Survey and its Analysis
Cyber Security in the Digital Age: A Survey and its Analysis
Rahul Neel Mani
 
Agility, Business Continuity & Security in a Digital World: Can we have it all?
Agility, Business Continuity & Security in a Digital World: Can we have it all?Agility, Business Continuity & Security in a Digital World: Can we have it all?
Agility, Business Continuity & Security in a Digital World: Can we have it all?
Ocean9, Inc.
 
PSFK Presents the Future of Digital Safety & Security
PSFK Presents the Future of Digital Safety & SecurityPSFK Presents the Future of Digital Safety & Security
PSFK Presents the Future of Digital Safety & Security
PSFK
 
2017 Cybersecurity Predictions
2017 Cybersecurity Predictions2017 Cybersecurity Predictions
2017 Cybersecurity Predictions
PaloAltoNetworks
 
OSAC: Personal Digital Security Presentation
OSAC: Personal Digital Security PresentationOSAC: Personal Digital Security Presentation
OSAC: Personal Digital Security Presentation
Dr. Lydia Kostopoulos
 
Citizenship and Safety in a Digital World
Citizenship and Safety in a Digital WorldCitizenship and Safety in a Digital World
Citizenship and Safety in a Digital World
Shelly Sanchez Terrell
 
7 cyber security questions for boards
7 cyber security questions for boards7 cyber security questions for boards
7 cyber security questions for boards
Paul McGillicuddy
 
Personal Digital Security (JavaZone Academy 2017)
Personal Digital Security (JavaZone Academy 2017)Personal Digital Security (JavaZone Academy 2017)
Personal Digital Security (JavaZone Academy 2017)
Michael Johansen
 
Digital security
Digital securityDigital security
Digital security
kamcuff
 

Viewers also liked (20)

Flipbook Assignment: Digital Security
Flipbook Assignment: Digital SecurityFlipbook Assignment: Digital Security
Flipbook Assignment: Digital Security
 
Digital security -mariamustelier
Digital security -mariamustelierDigital security -mariamustelier
Digital security -mariamustelier
 
Social Media In The Workplace - CASLIS Workshop Jan2009
Social Media In The Workplace - CASLIS Workshop Jan2009Social Media In The Workplace - CASLIS Workshop Jan2009
Social Media In The Workplace - CASLIS Workshop Jan2009
 
Digital safety security quest 4.1.2
Digital safety security quest 4.1.2Digital safety security quest 4.1.2
Digital safety security quest 4.1.2
 
Security in the Digital Workplace
Security in the Digital WorkplaceSecurity in the Digital Workplace
Security in the Digital Workplace
 
University of Missouri - Saint Louis Cyber Security
University of Missouri - Saint Louis Cyber SecurityUniversity of Missouri - Saint Louis Cyber Security
University of Missouri - Saint Louis Cyber Security
 
Digital safety and security
Digital safety and securityDigital safety and security
Digital safety and security
 
Smartphones for safety: digital technologies and the refugee’s journey
Smartphones for safety: digital technologies and the refugee’s journeySmartphones for safety: digital technologies and the refugee’s journey
Smartphones for safety: digital technologies and the refugee’s journey
 
Digital Product Security
Digital Product SecurityDigital Product Security
Digital Product Security
 
Cyber Security for Digital-Era
Cyber Security for Digital-EraCyber Security for Digital-Era
Cyber Security for Digital-Era
 
Chapter 05 Digital Safety and Security
Chapter 05 Digital Safety and SecurityChapter 05 Digital Safety and Security
Chapter 05 Digital Safety and Security
 
Cyber Security in the Digital Age: A Survey and its Analysis
Cyber Security in the Digital Age: A Survey and its AnalysisCyber Security in the Digital Age: A Survey and its Analysis
Cyber Security in the Digital Age: A Survey and its Analysis
 
Agility, Business Continuity & Security in a Digital World: Can we have it all?
Agility, Business Continuity & Security in a Digital World: Can we have it all?Agility, Business Continuity & Security in a Digital World: Can we have it all?
Agility, Business Continuity & Security in a Digital World: Can we have it all?
 
PSFK Presents the Future of Digital Safety & Security
PSFK Presents the Future of Digital Safety & SecurityPSFK Presents the Future of Digital Safety & Security
PSFK Presents the Future of Digital Safety & Security
 
2017 Cybersecurity Predictions
2017 Cybersecurity Predictions2017 Cybersecurity Predictions
2017 Cybersecurity Predictions
 
OSAC: Personal Digital Security Presentation
OSAC: Personal Digital Security PresentationOSAC: Personal Digital Security Presentation
OSAC: Personal Digital Security Presentation
 
Citizenship and Safety in a Digital World
Citizenship and Safety in a Digital WorldCitizenship and Safety in a Digital World
Citizenship and Safety in a Digital World
 
7 cyber security questions for boards
7 cyber security questions for boards7 cyber security questions for boards
7 cyber security questions for boards
 
Personal Digital Security (JavaZone Academy 2017)
Personal Digital Security (JavaZone Academy 2017)Personal Digital Security (JavaZone Academy 2017)
Personal Digital Security (JavaZone Academy 2017)
 
Digital security
Digital securityDigital security
Digital security
 

Similar to Why is cyber security a disruption in the digital economy

For digital media companies, effective cybersecurity programs a must
For digital media companies, effective cybersecurity programs a mustFor digital media companies, effective cybersecurity programs a must
For digital media companies, effective cybersecurity programs a must
Grant Thornton LLP
 
5 network-security-threats
5 network-security-threats5 network-security-threats
5 network-security-threats
ReadWrite
 
Cybersecurity in BFSI - Top Threats & Importance
Cybersecurity in BFSI - Top Threats & ImportanceCybersecurity in BFSI - Top Threats & Importance
Cybersecurity in BFSI - Top Threats & Importance
manoharparakh
 
Updated Cyber Security and Fraud Prevention Tools Tactics
Updated Cyber Security and Fraud Prevention Tools TacticsUpdated Cyber Security and Fraud Prevention Tools Tactics
Updated Cyber Security and Fraud Prevention Tools Tactics
Ben Graybar
 
Ways To Protect Your Company From Cybercrime
Ways To Protect Your Company From CybercrimeWays To Protect Your Company From Cybercrime
Ways To Protect Your Company From Cybercrime
thinkwithniche
 
White Paper Example - Brafton for NIP Group.pdf
White Paper Example - Brafton for NIP Group.pdfWhite Paper Example - Brafton for NIP Group.pdf
White Paper Example - Brafton for NIP Group.pdf
Brafton
 
IBM X-Force.PDF
IBM X-Force.PDFIBM X-Force.PDF
IBM X-Force.PDF
Ban Selvakumar
 
Securité : Le rapport 2Q de la X-Force
Securité : Le rapport 2Q de la X-ForceSecurité : Le rapport 2Q de la X-Force
Securité : Le rapport 2Q de la X-Force
Patrick Bouillaud
 
12Cyber Research ProposalCyb
12Cyber Research ProposalCyb12Cyber Research ProposalCyb
12Cyber Research ProposalCyb
AnastaciaShadelb
 
12Cyber Research ProposalCyb
12Cyber Research ProposalCyb12Cyber Research ProposalCyb
12Cyber Research ProposalCyb
ChantellPantoja184
 
What is Importance of Cyber Security
What is Importance of Cyber Security What is Importance of Cyber Security
What is Importance of Cyber Security
Wee Tang
 
CYBER THREAT FORCAST 2016
CYBER THREAT FORCAST 2016 CYBER THREAT FORCAST 2016
CYBER THREAT FORCAST 2016
Bolaji James Bankole CCSS,CEH,MCSA,MCSE,MCP,CCNA,
 
Cybersecurity awareness.pdf
Cybersecurity awareness.pdfCybersecurity awareness.pdf
Cybersecurity awareness.pdf
CRO Cyber Rights Organization
 
How to build a highly secure fin tech application
How to build a highly secure fin tech applicationHow to build a highly secure fin tech application
How to build a highly secure fin tech application
nimbleappgenie
 
Fintech Cyber Security Survey Hong Knog 2018
Fintech Cyber Security Survey Hong Knog 2018Fintech Cyber Security Survey Hong Knog 2018
Fintech Cyber Security Survey Hong Knog 2018
Entersoft Security
 
Emerging Threats to Digital Payments - Is Your Business Ready
Emerging Threats to Digital Payments - Is Your Business ReadyEmerging Threats to Digital Payments - Is Your Business Ready
Emerging Threats to Digital Payments - Is Your Business Ready
Chukwunonso Okoro, CFE, CAMS, CRISC
 
2024 Cyber Threats: What's New and What You Should Keep an Eye On!
2024 Cyber Threats: What's New and What You Should Keep an Eye On!2024 Cyber Threats: What's New and What You Should Keep an Eye On!
2024 Cyber Threats: What's New and What You Should Keep an Eye On!
Alec Kassir cozmozone
 
8Cyber security courses in Bangladesh.docx
8Cyber security courses in Bangladesh.docx8Cyber security courses in Bangladesh.docx
8Cyber security courses in Bangladesh.docx
ArindamGhosal6
 
Security - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaperSecurity - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaper
CMR WORLD TECH
 
The top cybersecurity challenges post-lockdow
The top cybersecurity challenges post-lockdowThe top cybersecurity challenges post-lockdow
The top cybersecurity challenges post-lockdow
Dharmendra Rama
 

Similar to Why is cyber security a disruption in the digital economy (20)

For digital media companies, effective cybersecurity programs a must
For digital media companies, effective cybersecurity programs a mustFor digital media companies, effective cybersecurity programs a must
For digital media companies, effective cybersecurity programs a must
 
5 network-security-threats
5 network-security-threats5 network-security-threats
5 network-security-threats
 
Cybersecurity in BFSI - Top Threats & Importance
Cybersecurity in BFSI - Top Threats & ImportanceCybersecurity in BFSI - Top Threats & Importance
Cybersecurity in BFSI - Top Threats & Importance
 
Updated Cyber Security and Fraud Prevention Tools Tactics
Updated Cyber Security and Fraud Prevention Tools TacticsUpdated Cyber Security and Fraud Prevention Tools Tactics
Updated Cyber Security and Fraud Prevention Tools Tactics
 
Ways To Protect Your Company From Cybercrime
Ways To Protect Your Company From CybercrimeWays To Protect Your Company From Cybercrime
Ways To Protect Your Company From Cybercrime
 
White Paper Example - Brafton for NIP Group.pdf
White Paper Example - Brafton for NIP Group.pdfWhite Paper Example - Brafton for NIP Group.pdf
White Paper Example - Brafton for NIP Group.pdf
 
IBM X-Force.PDF
IBM X-Force.PDFIBM X-Force.PDF
IBM X-Force.PDF
 
Securité : Le rapport 2Q de la X-Force
Securité : Le rapport 2Q de la X-ForceSecurité : Le rapport 2Q de la X-Force
Securité : Le rapport 2Q de la X-Force
 
12Cyber Research ProposalCyb
12Cyber Research ProposalCyb12Cyber Research ProposalCyb
12Cyber Research ProposalCyb
 
12Cyber Research ProposalCyb
12Cyber Research ProposalCyb12Cyber Research ProposalCyb
12Cyber Research ProposalCyb
 
What is Importance of Cyber Security
What is Importance of Cyber Security What is Importance of Cyber Security
What is Importance of Cyber Security
 
CYBER THREAT FORCAST 2016
CYBER THREAT FORCAST 2016 CYBER THREAT FORCAST 2016
CYBER THREAT FORCAST 2016
 
Cybersecurity awareness.pdf
Cybersecurity awareness.pdfCybersecurity awareness.pdf
Cybersecurity awareness.pdf
 
How to build a highly secure fin tech application
How to build a highly secure fin tech applicationHow to build a highly secure fin tech application
How to build a highly secure fin tech application
 
Fintech Cyber Security Survey Hong Knog 2018
Fintech Cyber Security Survey Hong Knog 2018Fintech Cyber Security Survey Hong Knog 2018
Fintech Cyber Security Survey Hong Knog 2018
 
Emerging Threats to Digital Payments - Is Your Business Ready
Emerging Threats to Digital Payments - Is Your Business ReadyEmerging Threats to Digital Payments - Is Your Business Ready
Emerging Threats to Digital Payments - Is Your Business Ready
 
2024 Cyber Threats: What's New and What You Should Keep an Eye On!
2024 Cyber Threats: What's New and What You Should Keep an Eye On!2024 Cyber Threats: What's New and What You Should Keep an Eye On!
2024 Cyber Threats: What's New and What You Should Keep an Eye On!
 
8Cyber security courses in Bangladesh.docx
8Cyber security courses in Bangladesh.docx8Cyber security courses in Bangladesh.docx
8Cyber security courses in Bangladesh.docx
 
Security - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaperSecurity - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaper
 
The top cybersecurity challenges post-lockdow
The top cybersecurity challenges post-lockdowThe top cybersecurity challenges post-lockdow
The top cybersecurity challenges post-lockdow
 

More from Mark Albala

A case for intelligent autonomous ai (iai)
A case for intelligent autonomous ai (iai)A case for intelligent autonomous ai (iai)
A case for intelligent autonomous ai (iai)
Mark Albala
 
The long journey toward true data privacy
The long journey toward true data privacyThe long journey toward true data privacy
The long journey toward true data privacy
Mark Albala
 
Analytics, business cycles and disruptions
Analytics, business cycles and disruptionsAnalytics, business cycles and disruptions
Analytics, business cycles and disruptions
Mark Albala
 
A process for defining your digital approach to business
A process for defining your digital approach to businessA process for defining your digital approach to business
A process for defining your digital approach to business
Mark Albala
 
The business model canvas adapted for the digital economy
The business model canvas adapted for the digital economyThe business model canvas adapted for the digital economy
The business model canvas adapted for the digital economy
Mark Albala
 
Welcome to the Algorithmic Age and the need for Analytic Accuracy Assurance
Welcome to the Algorithmic Age and the need for Analytic Accuracy AssuranceWelcome to the Algorithmic Age and the need for Analytic Accuracy Assurance
Welcome to the Algorithmic Age and the need for Analytic Accuracy Assurance
Mark Albala
 
Prepare to be disrupted
Prepare to be disruptedPrepare to be disrupted
Prepare to be disrupted
Mark Albala
 
Information's value is enhanced when curated for adaptive intelligence
Information's value is enhanced when curated for adaptive intelligenceInformation's value is enhanced when curated for adaptive intelligence
Information's value is enhanced when curated for adaptive intelligence
Mark Albala
 
Personal Data Privacy Assurance
Personal Data Privacy AssurancePersonal Data Privacy Assurance
Personal Data Privacy Assurance
Mark Albala
 
Disruptive outcomes are determined by consumers
Disruptive outcomes are determined by consumersDisruptive outcomes are determined by consumers
Disruptive outcomes are determined by consumers
Mark Albala
 
Introducing the information valuation estimator
Introducing the information valuation estimatorIntroducing the information valuation estimator
Introducing the information valuation estimator
Mark Albala
 
Cybersecurity is a key ingredient in the digital economy
Cybersecurity is a key ingredient in the digital economyCybersecurity is a key ingredient in the digital economy
Cybersecurity is a key ingredient in the digital economy
Mark Albala
 
Deploying and monetizing content in the digital economy
Deploying and monetizing content in the digital economyDeploying and monetizing content in the digital economy
Deploying and monetizing content in the digital economy
Mark Albala
 
The pillars of value
The pillars of valueThe pillars of value
The pillars of value
Mark Albala
 
The pillars of value
The pillars of valueThe pillars of value
The pillars of value
Mark Albala
 
Introducing thriving with information in the digital economy
Introducing thriving with information in the digital economyIntroducing thriving with information in the digital economy
Introducing thriving with information in the digital economy
Mark Albala
 
Introducing thriving with information in the digital economy
Introducing thriving with information in the digital economyIntroducing thriving with information in the digital economy
Introducing thriving with information in the digital economy
Mark Albala
 
Charting your course for surviving disruptive innovations
Charting your course for surviving disruptive innovationsCharting your course for surviving disruptive innovations
Charting your course for surviving disruptive innovations
Mark Albala
 
Information's role in disruption cycles and the exploitation of tipping points
Information's role in disruption cycles and the exploitation of tipping pointsInformation's role in disruption cycles and the exploitation of tipping points
Information's role in disruption cycles and the exploitation of tipping points
Mark Albala
 
Information economics and big data
Information economics and big dataInformation economics and big data
Information economics and big data
Mark Albala
 

More from Mark Albala (20)

A case for intelligent autonomous ai (iai)
A case for intelligent autonomous ai (iai)A case for intelligent autonomous ai (iai)
A case for intelligent autonomous ai (iai)
 
The long journey toward true data privacy
The long journey toward true data privacyThe long journey toward true data privacy
The long journey toward true data privacy
 
Analytics, business cycles and disruptions
Analytics, business cycles and disruptionsAnalytics, business cycles and disruptions
Analytics, business cycles and disruptions
 
A process for defining your digital approach to business
A process for defining your digital approach to businessA process for defining your digital approach to business
A process for defining your digital approach to business
 
The business model canvas adapted for the digital economy
The business model canvas adapted for the digital economyThe business model canvas adapted for the digital economy
The business model canvas adapted for the digital economy
 
Welcome to the Algorithmic Age and the need for Analytic Accuracy Assurance
Welcome to the Algorithmic Age and the need for Analytic Accuracy AssuranceWelcome to the Algorithmic Age and the need for Analytic Accuracy Assurance
Welcome to the Algorithmic Age and the need for Analytic Accuracy Assurance
 
Prepare to be disrupted
Prepare to be disruptedPrepare to be disrupted
Prepare to be disrupted
 
Information's value is enhanced when curated for adaptive intelligence
Information's value is enhanced when curated for adaptive intelligenceInformation's value is enhanced when curated for adaptive intelligence
Information's value is enhanced when curated for adaptive intelligence
 
Personal Data Privacy Assurance
Personal Data Privacy AssurancePersonal Data Privacy Assurance
Personal Data Privacy Assurance
 
Disruptive outcomes are determined by consumers
Disruptive outcomes are determined by consumersDisruptive outcomes are determined by consumers
Disruptive outcomes are determined by consumers
 
Introducing the information valuation estimator
Introducing the information valuation estimatorIntroducing the information valuation estimator
Introducing the information valuation estimator
 
Cybersecurity is a key ingredient in the digital economy
Cybersecurity is a key ingredient in the digital economyCybersecurity is a key ingredient in the digital economy
Cybersecurity is a key ingredient in the digital economy
 
Deploying and monetizing content in the digital economy
Deploying and monetizing content in the digital economyDeploying and monetizing content in the digital economy
Deploying and monetizing content in the digital economy
 
The pillars of value
The pillars of valueThe pillars of value
The pillars of value
 
The pillars of value
The pillars of valueThe pillars of value
The pillars of value
 
Introducing thriving with information in the digital economy
Introducing thriving with information in the digital economyIntroducing thriving with information in the digital economy
Introducing thriving with information in the digital economy
 
Introducing thriving with information in the digital economy
Introducing thriving with information in the digital economyIntroducing thriving with information in the digital economy
Introducing thriving with information in the digital economy
 
Charting your course for surviving disruptive innovations
Charting your course for surviving disruptive innovationsCharting your course for surviving disruptive innovations
Charting your course for surviving disruptive innovations
 
Information's role in disruption cycles and the exploitation of tipping points
Information's role in disruption cycles and the exploitation of tipping pointsInformation's role in disruption cycles and the exploitation of tipping points
Information's role in disruption cycles and the exploitation of tipping points
 
Information economics and big data
Information economics and big dataInformation economics and big data
Information economics and big data
 

Recently uploaded

100 quotes that will be changed your life.pdf
100 quotes that will be changed your life.pdf100 quotes that will be changed your life.pdf
100 quotes that will be changed your life.pdf
MatsikoAlex
 
100 quotes that will be changed your life.pdf
100 quotes that will be changed your life.pdf100 quotes that will be changed your life.pdf
100 quotes that will be changed your life.pdf
MatsikoAlex
 
Contingency Theory - Case Study-by arab.pdf
Contingency Theory - Case Study-by arab.pdfContingency Theory - Case Study-by arab.pdf
Contingency Theory - Case Study-by arab.pdf
hannyhosny
 
Occupational safrty and health (Ladder safety.ppt
Occupational safrty and health (Ladder safety.pptOccupational safrty and health (Ladder safety.ppt
Occupational safrty and health (Ladder safety.ppt
Optimisticanonymous
 
Embracing Change_ Volunteerism in the New Normal by Frederik Durda.pdf
Embracing Change_ Volunteerism in the New Normal by Frederik Durda.pdfEmbracing Change_ Volunteerism in the New Normal by Frederik Durda.pdf
Embracing Change_ Volunteerism in the New Normal by Frederik Durda.pdf
Frederik Durda
 
Behavior Based Safety for Safety Improving Safety Culture
Behavior Based Safety for Safety Improving Safety CultureBehavior Based Safety for Safety Improving Safety Culture
Behavior Based Safety for Safety Improving Safety Culture
aerblog
 
Certified Administrative Officer CAO.pdf
Certified Administrative Officer CAO.pdfCertified Administrative Officer CAO.pdf
Certified Administrative Officer CAO.pdf
GAFM ACADEMY
 
Zoho_Final Report_MGT489: Strategic Management_SmM4.pdf
Zoho_Final Report_MGT489: Strategic Management_SmM4.pdfZoho_Final Report_MGT489: Strategic Management_SmM4.pdf
Zoho_Final Report_MGT489: Strategic Management_SmM4.pdf
Mohammad Tauhidul Islam Khan Rifat
 
CAPACITY BUILDING:HOW TO GROW YOUR INFLUENCE, INCOME & IMPACT
CAPACITY BUILDING:HOW TO GROW YOUR INFLUENCE, INCOME & IMPACTCAPACITY BUILDING:HOW TO GROW YOUR INFLUENCE, INCOME & IMPACT
CAPACITY BUILDING:HOW TO GROW YOUR INFLUENCE, INCOME & IMPACT
Tochi22
 
Understanding Bias: Its Impact on the Workplace and Individuals
Understanding Bias: Its Impact on the Workplace and IndividualsUnderstanding Bias: Its Impact on the Workplace and Individuals
Understanding Bias: Its Impact on the Workplace and Individuals
sanjay singh
 

Recently uploaded (10)

100 quotes that will be changed your life.pdf
100 quotes that will be changed your life.pdf100 quotes that will be changed your life.pdf
100 quotes that will be changed your life.pdf
 
100 quotes that will be changed your life.pdf
100 quotes that will be changed your life.pdf100 quotes that will be changed your life.pdf
100 quotes that will be changed your life.pdf
 
Contingency Theory - Case Study-by arab.pdf
Contingency Theory - Case Study-by arab.pdfContingency Theory - Case Study-by arab.pdf
Contingency Theory - Case Study-by arab.pdf
 
Occupational safrty and health (Ladder safety.ppt
Occupational safrty and health (Ladder safety.pptOccupational safrty and health (Ladder safety.ppt
Occupational safrty and health (Ladder safety.ppt
 
Embracing Change_ Volunteerism in the New Normal by Frederik Durda.pdf
Embracing Change_ Volunteerism in the New Normal by Frederik Durda.pdfEmbracing Change_ Volunteerism in the New Normal by Frederik Durda.pdf
Embracing Change_ Volunteerism in the New Normal by Frederik Durda.pdf
 
Behavior Based Safety for Safety Improving Safety Culture
Behavior Based Safety for Safety Improving Safety CultureBehavior Based Safety for Safety Improving Safety Culture
Behavior Based Safety for Safety Improving Safety Culture
 
Certified Administrative Officer CAO.pdf
Certified Administrative Officer CAO.pdfCertified Administrative Officer CAO.pdf
Certified Administrative Officer CAO.pdf
 
Zoho_Final Report_MGT489: Strategic Management_SmM4.pdf
Zoho_Final Report_MGT489: Strategic Management_SmM4.pdfZoho_Final Report_MGT489: Strategic Management_SmM4.pdf
Zoho_Final Report_MGT489: Strategic Management_SmM4.pdf
 
CAPACITY BUILDING:HOW TO GROW YOUR INFLUENCE, INCOME & IMPACT
CAPACITY BUILDING:HOW TO GROW YOUR INFLUENCE, INCOME & IMPACTCAPACITY BUILDING:HOW TO GROW YOUR INFLUENCE, INCOME & IMPACT
CAPACITY BUILDING:HOW TO GROW YOUR INFLUENCE, INCOME & IMPACT
 
Understanding Bias: Its Impact on the Workplace and Individuals
Understanding Bias: Its Impact on the Workplace and IndividualsUnderstanding Bias: Its Impact on the Workplace and Individuals
Understanding Bias: Its Impact on the Workplace and Individuals
 

Why is cyber security a disruption in the digital economy

  • 1. 1 | P a g e | T h e D i g i t a l E c o n o m y a n d C y b e r s e c u r i t y Why is Cyber-Security a disruption in the digital economy? Mark Albala President, InfoSight Partners
  • 2. 2 | P a g e | T h e D i g i t a l E c o n o m y a n d C y b e r s e c u r i t y Introduction As we enter the digital economy, companies will quickly realize that the differentiator in the digital economy is information and information being a valuable resource is subject to theft, hacking, phishing and a host of other issues which compromise a company’s ability to participate in the digital economy. Cybersecurity misfires compromise the trust of buyers and partners necessary to participate in the digital economy. It is up to every company to ensure that the information shared with them is protected to the best of their ability and proactively notify persons and organizations who entrust their information necessary to transact business (any personal identity information including but not limited to addresses, credit card information, social security numbers, account information, credit information, medical records, etc.) with any potential compromises which can yield harm to them by that information either being used maliciously or shared with others. The digital economy is different than other versions of commerce because in the digital economy, information is the lifeblood of digital commerce that passes through the hands of many platforms involved in a digital event. Each of these platforms are an opportunity to wreak havoc on your well- intended but incomplete intents to protect the information contained within the network you control. In the digital economy, it is not only the network you control, but the platforms that touch the personal data entrusted to you as a means of enabling digital commerce, and several techniques have begun to emerge to protect personal information contained within your information domain and the domain of platforms participating in digital commerce. Because the life blood of the digital economy is information, information hacked in the digital economy is akin to shrinkage in the legacy economy. Both are means to directly attack your bottom line, whether it is redirecting customers elsewhere because they don’t trust your privacy program, ransomware which makes your site or one of your partner platform sites dangerous to use or some other reason which challenges your ability to participate in the digital economy. Shrinking the potential market share because of information safety and security challenges is a disruption, making cyber-security a disruptive activity, particularly if it is not dealt with swiftly. If your cyber-security program is focused entirely on protecting the information housed in your four walls, you have exposed yourself to problems you will have difficulty in identifying both the source and the entry point of these issues. Current State of Cyber-Security Cyber-Security has been getting a fair amount of attention recently and for good reason. The number of hacks leaking personal information, delivering ransomware and relegating denial of service hacks has been on the rise. Those who are intent on conducting cyber-security have become more creative, even though the entry point for much of the security based problems are sourced through email. 77% of hackers surveyed (Blackhat survey, 2017) believe that no password is safe from hackers, or the government for that matter. Some Cyber-Security statistics to ponder about (Hewlett Packard Enterprise, 2016) are:
  • 3. 3 | P a g e | T h e D i g i t a l E c o n o m y a n d C y b e r s e c u r i t y • 2016 is a pivotal year changing the conversation from credit card theft to identify theft. This shift is a direct result from the amount of footprint a consumer has in the digital economy. Consumers have been educated on the risks associated with sharing information digitally and are beginning to be selective in where their identity is stored. • 2016 is a pivotal year changing the focus of security fixes from point fixes (i.e., virus protection libraries downloaded to PCs) to a broader defensive approach that prevents entire classes of attacks. • 2016 is a pivotal year which brought cyber-security to the forefront of the political landscape. • Vendors instituting cyber-security solutions are still focused on patching, and should shift their focus quickly. But the burden will be on the consumer until this shift occurs. • Attackers have shifted their efforts to directly attack applications that serve enterprise data. For the time being, this is lucrative, because over one third of the enterprise applications have exhibited at least one critical or high severity security vulnerability. The number of commercial applications exhibiting these vulnerabilities increase dramatically in the open source arena, where over 80% have flaws with serious implications for the management of private data. • The digital economy has resulted in payment systems, bitcoin repositories and Automated Teller Machines becoming a more common source of attack because of the direct monetization of this malware. The need for initiatives focused on the eradication of cyber-security threats have gained prominence. However, in many organizations, these will be multi-year programs initiated with the 2017 budget cycle, leaving room for those intent on causing harm through cyber-security plenty of room. Common methods used to gain access to your data You should not be left panicking, but rather take some actions to watch for specific means of attacks on your organization which will leave trails that you can remediate now. Some of the more common approaches gain access to your data using the following strategies: • Redirecting a web, mobile, Internet of Things (IOT) device or email session to a malicious web page which gives access to information behind the firewall. • Injecting code into a web, mobile, IOT device or email session to perform malicious activities. • Attacking insufficient web, mobile, IOT device or email management controls, thereby capturing passwords, session ids or other key information through cookies and other means. • Writing files on the computer utilizing a web, mobile or email session that collects information and transmits it through an application loaded on the computer. • Executing remote code which collects information via the remote code loaded into a mobile, email or web session. • Requesting information by promising false claims, which is commonly returned through email. • Introducing malicious code into a web cache. • Capturing control of a router, computer or collection of IOT devices to deny service.
  • 4. 4 | P a g e | T h e D i g i t a l E c o n o m y a n d C y b e r s e c u r i t y These methods of security breaches leave an audit trail which should be a proactive defense in an organization’s information arsenal. Companies who do not make cybersecurity a major component of their information arsenal will find themselves appearing in the list of companies shown on figure 2. Some concerns in cyber-security are (SANS institute, 2014) are: 1. RFID Skimming, which use mobile and wireless techniques to access information 2. USB devices which introduce malware to connected and unconnected systems 3. Hacks introduced through the internet of things, such as imbedded systems, proximity sensors, smart devices and a host of emerging products. All of these have one thing in common, they have less room for complex code because of their limited computing footprint. 4. Hacks which attack digital payment systems such as bitcoin. These attacks result in theft of digital payments or virtual stockpiles of digital cash (i.e., bitcoin). 5. Point of Sale Malware introduced through one of the participants in a digital transaction 6. Targeted hacks which use email as an entry point to deliver malware, keyboard trackers or other hacks. 7. Social media sites which harvest personal information, thereby utilizing the social media site as a hack. 8. Webmail account takeover What should be done now If it isn’t obvious, cyber security attacks may not start with your data. Because the lifeblood of the digital economy is information, cyber-security attacks take on a different level of importance than they have in the past, and there is a need at organizations to rethink their cyber-security approaches. Some of the things companies can do is: 1. Assign a person to be responsible for eradicating cyber-security threats. There will be resistance from inside the organization because it will require changes to digital products launched and could impact both the costs and timelines for delivered commerce exchanges, so the person assigned to this role must have sufficient organizational teeth to foster the change and expect compliance to any recommended alterations to cyber-security capabilities. 2. Institute the cyber-security defenses advocated by the National Institute of Standards and Technology, a revised framework (version 1.1 was proposed January, 2017) can be found at http://nist.gov/cyberframework. Version 1.1 is still in draft form, and focuses on the ability to govern, assess risk, educate and eradicate risks when they occur. 3. Construct metrics to manage the dwell time, which is the time between a company is hacked, the time when the hack is detected, the time to dispense with the hack and the time to communicate the attack and deliver a remediation plan to those impacted. The purpose of these metrics is to drive down the time required to deal with cyber-security threats. 4. Run test cyber-security attacks, which exercise the platforms participating in your digital commerce, whether they are on your site or at a partner handling a component of your digital
  • 5. 5 | P a g e | T h e D i g i t a l E c o n o m y a n d C y b e r s e c u r i t y commerce. If a partner is unwilling or unable to remediate exposures, be prepared to work with an alternative partner to handle the component of your digital fabric handled by that partner. 5. If you use a data lake as part of your data ecosphere, you have an especially high risk because most of the security frameworks you have in your environment do not provide the same stringency of security to the data lake. It is strongly suggested that you adopt an encryption strategy for any personal identifiable information written to the data lake, whether it is in the right columns or not. Some method of identifying PII data, through patterns or other means is necessary to ensure that credit card, bank routing numbers, social security numbers, and other information written to intended fields, comment fields or other columns because of limitations of feeder systems will be a time bomb if not addressed as soon as possible. 6. If critical information containing PII data is stored on LANS and computers managed by your employees, your security plan against cyber-security is only as strong as the weakest link in your plan. If your employees have laptops and they infect their laptop off premises, they can introduce cyber-security issues when they return to the office, whether on premise or remotely. 7. If you provide access to your network and critical customer data to your agents and partners, you must have your cyber-security plan reach the computing platforms operated by them as well. 8. Hide the candy. If you move around personal identifiable information (PII) through your network for analytical purposes, encrypt the PII information so should it be hacked, the level of exposure is mitigated. If that information is required, those really needing it can get it from a tightly secured area. 9. Solutions that predict the most likely methods of attack based on your software portfolio, network infrastructure and platforms participating in your digital and legacy channels of commerce. These solutions (SAIC, BitSight, Cyberisk to name a few) should be researched to either obtain these solutions or determine what features of your cyber-security arsenal are required to be effective. Devising metrics to improve your ability to detect and eradicate cyber-security threats One of the common themes in treating information as an asset of the organization is percolating metrics used as a means to improve the valuation of information. Having information assets hardened to the challenges of security is one form of eradicating resistance to consuming information. Some metrics that can be used to manage an organization’s information assets are: 1. Number of detected intrusion attempts per day 2. Number of infections per device per day 3. Number of times per year the security and privacy rules of the organization are reviewed 4. Number of times per year key personnel is reminded of their obligations to oversee security 5. Average elapsed time from intrusion / infection to detection 6. Average elapsed time from detection to intrusion closure / disinfection 7. Average number of personal identity information (PII) items not in the intended locations
  • 6. 6 | P a g e | T h e D i g i t a l E c o n o m y a n d C y b e r s e c u r i t y 8. Average number of PII violations per industry and /or country of origin regulations 9. Number of known and unhandled security vulnerabilities 10. Number of properly configured secure socket layer (SSL) certificates 11. Percentage of peer to peer file sharing as an overall percentage of corporate network activity 12. Percentage of people with super user access 13. Average number of days it takes to eliminate access to information on the organizational network 14. Average number of times per year high security profile people are reviewed 15. Times per year access permissions are reviewed 16. Number of open ports into the network and on machines with access to the network 17. Number of third party software products not scanned for vulnerabilities prior to deployment 18. Number of times per month suppliers and vendors are reviewed for security issues 19. Number of times per month vendor and partner security controls are reviewed for issues 20. Percentage of partners, vendors and customers having access to information on the network and who store information on the network are reviewed for security issues The Metrics chosen should: • Be actionable, they should be devised to allow decision makers to take swift action to thwart cyber-security risks. • Be definable in numbers to measure improvements in your cyber-security program. • Be aligned with the information intents of the organization. • Be repeatable, they should be collectible and automatable at a reasonable cost. • Be sufficiently granular so that the programs devised to thwart cyber-security risks can be identified as helping the cause through metrics.
  • 7. 7 | P a g e | T h e D i g i t a l E c o n o m y a n d C y b e r s e c u r i t y What’s at Risk It is easy to find examples of cyber-security attacks in the marketplace, attacks to businesses and the government. Some more devastating cyber-attacks have been: • Yahoo had 1.5 billion accounts hacked, which put a buyout by Verizon at risk. • Sony had unreleased films stolen, as well as the identity of 10 million employees and partners. • The US Office of Personnel Management was hacked twice. One of these attacks resulted in the theft of digital fingerprints. • If you think the government is immune, the White House, the Army, the Democratic National Caucus and the hacking software published by the NSA were hacked. • Target had 40 million credit card accounts hacked. When to start It is important to get started now. The inflection point of when hacking as a means of exposing information to steal a component of digital commerce became an exposed issue most probably in 2015. If you participate in digital commerce, the risk is customers, partners (including partners delivering one or more of the platforms used to deliver digital content and commerce), financiers and vendors within your supply chain will be unwilling to expose their information to you if you have not performed demonstrable diligence on your ability to protect information provided to you for conducting digital commerce. Those who participate in digital commerce who have not performed the necessary due diligence will be disrupted by the avalanche of hacking attempts and the number of these attempts that have exposed them and their customers, partners and others to the risks of their inability or unwillingness to take the necessary actions. Those who participate in other’s digital commerce by delivering a necessary platform to their digital commerce activities will find the use of their platform dwindling if they let the risks of cyber-security infect the digital commerce ecosphere of those using their platform for digital commerce.
  • 8. 8 | P a g e | T h e D i g i t a l E c o n o m y a n d C y b e r s e c u r i t y About the Author Mark Albala is the President of InfoSight Partners, LLC, a business consultancy which provides financial and technology advisory services devised to facilitate focus into the value of information assets. InfoSight Partners is led by Mark Albala, who has served in technology and thought leadership roles and serves as an advisor to analyst organizations. Mark can be reached at mark@infosightpartners.com.