Solutions to the Growing Cyber Security Threat

Solutions to the Growing Cyber Security Threat
Dr. Jane LeClair
Rick Bawcum
•
COO National
Cybersecurity
Institute at Excelsior
College
•
COO / CTO Bross
Group
•
Virtual CIO to
multiple associations
Educating a
Cybersecurity
Workforce
•
CISSP (2004)
•
30+ years in IT
Strategy,
Governance, Service
Delivery
•
Regis University
•
“Where IT meets the
business”
Panel
•
•
Cybersecurity in Our
Digital Lives
•
Former Dean of the
School of Business &
Technology at
Excelsior College
•
Doctorate from
Syracuse University
Marc Noble
•
Certified Information
Systems Security
Professional (CISSP)
•
Information System
Security Architecture
Professional (ISSAP)
•
Certified Information
System Management
(CISM)
•
Member Business
Continuity Institute
Certification (MBCI)
•
Certified Governance
of Enterprise (CGEIT)
•
Cyber/Information
Security Practices
Manager
Staggering Losses…
Identity theft costs Americans $37 billion annually
Worldwide cyber crime costs about $1 TRILLION
annually
Identity theft costs Americans $37 billion annually
90 / 10 Rule
Integrating the Domains
Cybersecurity is a People Problem…
16 Critical Infrastructures
•
•
•
•
•
•
Chemical
Commercial Facilities
Communications
Critical Manufacturing
Dams
Defense Industrial Base
• Emergency Services
• Energy
• Financial Services
•
•
•
•
•
Food and Agriculture
Government Facilities
Healthcare and Public Health
Information Technology
Nuclear Reactors, Materials and
Waste
• Transportation
• Water and Wastewater
7
Future Trends
Association Cyber Focus
• Social engineering is the #1
method of initiating a breach
• ALL of us house personally
identifiable information. This is
a significant area of opportunity
for the enemy.
• If you don’t have the
expertise… hire it!
• You can build better
mousetraps
• Pay attention to Cloud and
SaaS security
• Integrate your Response
supply chain
Building a Cybersecurity Workforce
• A Human Capital Crisis in Cybersecurity, Technical Proficiency Matters by Center
for Strategic and International Studies (CSIS), July 2010.
• Updating U.S. Federal Cybersecurity Policy and Guidance spending scarce
taxpayer dollars on security programs that work, CSIS, October 2012.
• CYBERSECURITY - National Strategy, Roles, and Responsibilities Need to Be
Better Defined and More Effectively Implemented, GAO, February 2013.
• Measuring What Matters: Reducing Risk by Rethinking How We Evaluate
Cybersecurity by SafeGov, March 2013.
• Professionalizing the Nation’s Cybersecurity Workforce? Criteria for DecisionMaking, National Academy of Science, 2013.
Common Findings on Building a
Cybersecurity Workforce
• promoting education, awareness, and workforce planning;
• Train resources to raise the level of technical competence;
• Ensure there is a career path;
• shortfall in trained personnel for cybersecurity and called for
expanded education and rigorous certification;
• IT unemployment 4%, cybersecurity unemployment 2%.
Dr. Jane LeClair
Rick Bawcum
Marc Noble
Audience Q & A