Professional Documents
Culture Documents
Senior Director
Microsoft Global Cyber Security & Data Protection Group
Presentation Objectives
Introductions
Cyber security context
Introductions
Context
Organisations cannot ignore the potential
benefits of emerging technologies
Efficiency savings & effectiveness gains
Dynamic data driven decision making
Context specific data to myriad of devices
Optimise business processes
Understand & predict behaviour
Context
However, using these technologies changes
your security environment
A new security model is needed
Concept of perimeter changes
Context
Cyber-attacks are growing in scale, scope,
and sophistication
Hardware & software are targeted, often in
the supply chain
Attackers range from disaffected
employees, single-issue activists, hobbyhackers, criminals, terrorists, and nation
states
It is safe to assume that you are a target
Context
Getting it wrong is expensive & can kill your
business
5 % of business-related privacy and security
breaches result in more $20 million in direct
costs and damages
Those costs include legal expenses and legal
settlements, business interruption costs,
investigating and remediating problems, as
well as possibly paying for crisis
communications and other specialized services
Aon Corp
Context
Just having insurance isnt enough
The average cost for a breach is $7 million.
Yet, the average portion of that cost borne by
cyber-risk insurance is just $3 million
If you consider all revenue classes, only 8
percent (of U.S. businesses) buy cyber
coverage
Aon Corp
Context
This isnt just a data protection & privacy
issue
What harm could an attacker do if they
chose to disrupt your infrastructure?
Manipulate your connected equipment?
Disrupt GPS & navigation systems
Remotely change the mixing formula in your
suppliers factory?
Impact Assessment
Regulators, Markets & Media will judge your
organization based on:
How long it took to detect a breach
How long the attacker had been in the system
& level of access obtained
The quality of control, monitoring & cyber
hygiene measures in place & supported by
policy
The effectiveness of the response plan
The time taken to resume key services
The effectiveness & speed of the post breach
communication
Impact Assessment
An increasing number of governments,
insurance companies & enterprises are
establishing minimum standards of cyber
security if your organization is to be part of
their supply chain or to seek insurance
Only 1 in 3 supply chain vendor contracts
contain security provisions
Only 1 in 3 supply chain vendors have any
security certification or accreditation
Cyber Economics
Goal: increase attacker costs
Quick Wins
Reduce the number of privileged admin
accounts to the absolute minimum, reduce
the scope of the ones left, and use multifactor authentication
Patch & Update promptly
Cyberkeel Maritime Sector survey April 2015
37% failure rate
Quick Wins
Application whitelist
Baseline normal activity on your network
& look for outlier behaviour
Have an alternative communication system
ready for when you are attacked
Understand who will help you on tactical &
strategic recovery & have the relationship
in place. Have 24/7 contact numbers for
key personnel & vendors
Quick Wins
Most attacks require some user interaction.
Writing clear policy, training & educating
staff, combined with visible sanctions for
breaching policy works!
Conclusion
The maritime sector is particularly
vulnerable to cyber attack, and the
consequences of a successful attack could
be more severe than other domains
Organisations in the maritime sector should
be treating this as a high priority
The processes of Protect, Detect, Respond
are mature in other sectors & will work
equally effectively in the maritime sector.
Robert Hayes
Microsoft Global Cyber Security Group
robert.hayes@microsoft.com