If you're someone who uses technology and has concerns about your digital security then this course, Cyber Security Awareness: Security Overview, is a great course for you. In this course, we will first cover different areas that are top priorities for security organizations. Then we will look at where threats are coming from in our current global environment before finally looking at the reality of cyber attacks in our current global environment.
Over a period of 30 years, Steve has acquired skills in technology implementation, management assessments, process reengineering, and compliance management consulting. Putting the right people in the right roles with supporting technology and defining process and procedures for successful Cyber security programs. Steve held several C Level Executive roles, acting as CTO, CIO, and most recently CISO for several utility companies. He earned a leadership reputation for relationship building, program management, communication skills, and project delivery.
Section Introduction Transcripts
Section Introduction Transcripts
Introduction Welcome, in this course today we're going to talk about today's cyber security reality. An introduction to the current state of cyber security in the world today. This course is part of our cyber security awareness training series. My name is Steve Maciejewski or Steve Mack. I'll be presenting on behalf of Metro Source. I've been in the information technology and cyber security role for over 30 years. My early days in the US Army doing communications and many leadership roles over the years such as a Director of IT, Chief Information Security Officer, Chief Technology Officer, and Chief Information Security Officer. I'm currently a Principal with Think Security here in the Denver Colorado area and the acting Chief Information Security Officer for several corporations throughout the Denver Metropolitan Area. This lesson is for anyone wanting to understand the current risks associated with cyber security that are taking place across corporations and countries today. This is not a technical class, although we will cover the rapid development of Malware, and cyber attacks from a technical perspective. The main focus is about risks and threats, and root cause analysis, and the effectiveness related to cyber security today.
What the C Suite Wants to Know Let's start at the top and try to understand the risks that corporations are grappling with today. What does the C Suite want to know? We have several surveys that we're going to discuss and they're related to the cyber security risk management and corporate leadership perspective. Starting with the CIO and looking at his five top concerns. He's looking at external threats, the change in the way the business is conducted, the rapid advance of technology, or the change of technology, regulatory compliance issues and concerns, and the changing market and client needs. What is an external threat? Everybody says, "External threat. " External threat is organized crime. Simply put it's the ability for criminals to leverage technology for financial gain. Number one concern. Number two, nation-states. Nation states are governments that seek to take advantage of you through the development and exploitation and implementation of cyber technology. Number three of external threats, in my mind, cyber espionage. And, like other businesses using various methods of technology to exfiltrate information for competitive advantage, number four in external threats, hactivism, political groups seeking attention or awareness by any means possible including cyber terrorism. In summary, number one, external threats, cyber security really is the number one risk for most CIOs today or CISOs.
What Are the Threats? What are today's threats and how have they evolved? Let's cover some of the history of cyber crimes and cyber threats and how they've grown in sophistication. In the past, you had a few isolated criminals and the ever popular script kiddie to worry about. And they stumbled through the Internet and they were looking for targets of opportunity. What can they see, what can they get, what can they look at? And their typical action was to deface a website. Capture the flag kind of activity. But not so for today's criminals and today's threats. Today's perpetrators of cyber crimes are very focused. They're in it for gain. Financial monetary gain. When you look at it, they have some very complex tools and they have scripts that have been developed and sold for profit around the world. Welcome to the Darknet, where everything can be bought and sold. Credit cards, social security numbers, health records, cracked software, even application and scripts for hacking. All for sale. So crimes are no longer perpetrated by the individual looking for something to do. Attacks today are very sophisticated and targeted for reasons of gain. And we have recently experienced a quantum leap forward in the level of technology that can be used in these attacks. So how did that happen?
Where the Threats Are Emanating From Who's suspected of creating the most advanced malware in the marketplace today? Nation state hacking, the who's and the why's of the threats. So in this lesson, we'll cover some of the basic digital weapons and why. Let's site a few specific examples of nation state intelligence gathering, or hacking. So if we just go to the headlines today, White House detected suspicious activity on its unclassified network. So what does that mean? It's unclear as to what has transpired, but the State Department slammed on their breaks and took the unprecedented step of shutting down its entire unclassified e-mail system. Another headline, NOA NOAA, the National Oceanic Atmospheric Administration was hacked, and they were accused of trying to cover up the compromise. Not only did NOAA fail to notify the proper authorities about the cyber intrusion, the agency went as far to claim that unscheduled maintenance on its network was to blame for the unavailability of the National Weather Service satellite images.
Cyber Attacks Are Here to Stay So, Today's Reality. The genie is out of the bottle. It happened on Zero Day. My best guess is November 2007 when Stuxnet was released. Now others will argue that point, but Stuxnet wasn't officially discovered and notified util June of 2010. But since then the world we live in has been changed forever. Nothing is considered secure that is connected to the Internet. We can't put the genie back in the bottle, so what is left to do is to manage, mitigate, transfer the risk associated with cyber security today. So for today's reality, you're not going to stop all attacks. Nation states and cyber criminals have the means, resources such as the people, the money, and the time to find that single weakness in your defenses. So today's strategy is all about detection and remediation. How quickly can you discover from the intrusion, control the situation, reduce the damage, and remediate the vulnerability? Sun Tzu. The art of war teaches us not to rely on the likelihood of the enemy's not coming, but on your own readiness to receive him. You can't keep a determined opponent out, you can only detect them and then mitigate the risk. Now a typical attack and remediation effort can take many hours, or days, or even months to recover from.