1 / 18

WWW.CARIBBEANCSC.COM

Caribbean Cyber Security: “The Time for ACTION is NOW”. WWW.CARIBBEANCSC.COM. Agenda Global Cyber Security “Reality Check” Caribbean Cyber Crime Trends: 2013 & Beyond Caribbean Distribution of Targets Current Cyber Threat Sources Understanding Our Regional Cyber Security Posture

harvey
Download Presentation

WWW.CARIBBEANCSC.COM

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Caribbean Cyber Security: “The Time for ACTION is NOW” WWW.CARIBBEANCSC.COM

  2. Agenda • Global Cyber Security “Reality Check” • Caribbean Cyber Crime Trends: 2013 & Beyond • Caribbean Distribution of Targets • Current Cyber Threat Sources • Understanding Our Regional Cyber Security Posture • Keeping the Right “BALANCE” • The Global Cyber Security Response • Profile of a HACKED system • Recommended Action Plan (Public & Private Sectors) • CCSC Support Services • About the Caribbean Cyber Security Center (CCSC) • Mission, Vision, Value • Our Team • Implications for the Caribbean in Staying The Current “Unsecure” Course

  3. Global Cyber Security “Reality Check”

  4. Caribbean Cyber Crime Trends: 2013 and Beyond Recent Events Across Our Region “Just a Few” The Evolving Cyber Threat and Our Current Posture • Spike in the number of successful hackings of key public and private sector networks across the region. • The Caribbean is one of the world's fastest growing regions for Internet usage, with 28.7% percent of the Caribbean population of 41.4 million uses the Internet. • As Caribbean and Latin American economies grow, the prospect of financial gain from cyberattacks is drawing organized cyber criminal into the region. • Cyber security is still NOT being taken seriously as the region's relatively fragile infrastructure makes whole economies particularly vulnerable. • Many Caribbean nations and organizations are still not conducting effective security awareness efforts. • Implementation of CSIRT lagging across the region • Lots of “TALK” little or no real “ACTION”, region still trying to solve with just a technology approach. Barbados Government Network Hacked (March 2013) The Parliamentary website of the government of Trinidad and Tobago was breached by a hacker. (April 2012) LIME Barbados' broadband network came under a DOS attack. (April 2012) El Salvador government sites attacked. (June 2011) WHO’S NEXT?

  5. Caribbean Distribution of Targets

  6. “Current” Caribbean Cyber Threat Sources

  7. Understanding Our Regional Cyber Security Posture • Lack of readily available systems information and non-adherence to International Best Practices • Inability to effectively maintain the confidentiality, integrity and availability of systems. • With shrinking budgets in challenging economic times IT Security is placed on the back burner and hence cyber security is not viewed with the required sense of urgency by ICT leaders. • Consumerism – Departments have different buying practices with out consideration for software and hardware standards • Organizational difficulty obtaining management buy-in because cyber threats and cyber crime are seen as IT problems and not as critical business issues. • Cyber Crime is a global threat. Proceeds from Cyber Crime has out stripped the illegal drug trade. • No sense of urgency cause nothing catastrophic has happened “yet” • Overdependence on in-house ICT staff with no independent assessments being conducted.

  8. Keeping the Right “BALANCE” SAVE $$$ REPUTATION SAVED $$$$AT RISK Exceed Higher Risk Caribbean OPS SEC Mission Success Meets Security Requirements Caribbean Confidentiality Integrity Availability Unsatisfactory Lower Risk $$$$AT RISK SAVE $$$ REPUTATION SAVED “ Maintaining the right balance between Security Operations (SECOPS) and Organization Mission Success… in ICT internal and external “risk” never disappears, however it can be lowered”

  9. The Global Cyber Security Response Developed Nations Caribbean Nations • The US, UK, Canada has recognized that is at a crossroads. The globally-interconnected digital information and communications infrastructure known as “cyberspace”underpins almost every facet of modern society and provides critical support for the U.S. economy, civil infrastructure, public safety, and national security. • The status quo is no longer acceptable. The United States must signal to the world that it is serious about addressing this challenge with strong leadership and vision. • The national dialogue on cyber security must begin today. The government, working with industry, should explain this challenge and discuss what the Nation can do to solve problems in a way that the American people can appreciate the need for action. • The United States cannot succeed in securing cyberspace if it works in isolation. The Federal government should enhance its partnership with the private sector. • There has been a lag in the implementation of effective national and regional cyber security legislation and policy frameworks which provides guidance to both the private and public sectors. • Political leaders in the region view cyber security as a “security” issue versus the “development” issue it is, noting our dependence on foreign reserves. • Current economic challenges has adversely impacted regional nations in allocating, or realigning ICT fiscal resources and support to cyber security efforts. • ICT leadership reluctant for independent assessment of their networks (cultural\human factor). • We have not fully recognized that continued successful attack against a critical infrastructure in our region (like Banking) if publized globally can start a chain reaction and can adverse impact many regional economy’s.

  10. Profile of a HACKED system “WHAT HACKERS CAN DO WITH A HACKED SYSTEM” Phising Site Malware Download Site Piracy Server Child Porn Server Span Server Spam Zombie DDos Extortion Zombie Click Fraud Zombie Anonymization Proxy CAPTCHE Solving Zombie eBay/Paypal Fake Auctions Online Gaming Credentails Web Site FTP Credentials Skpe/Voip Credentials Client Side Encryption Certificates Webmail Spam Stranded Abroad Advance Scams Harvesting Email Scams Access to Corporate Email Online Gaming Online Gaming Goods\Currency PC Game License Keys Operating Systems License Key Bank Account Data Credit Card Data Stock Trading Account Mutual Fund/401K Account Fake Antivirus software Ransomware Email Account Ransom Webcam Image Extortion Facebook Twitter LinkedIn Google

  11. Recommended Action Plan (Public & Private Sectors) Caribbean Cyber Security Recommended Roadmap

  12. Caribbean Cyber Security Center: Support Services

  13. VISION MISSION VALUE In the rapidly evolving world of cyber threats and vulnerabilities our mission is the protection of Caribbean private and public ICT information systems and resources, as a regional development issue. To become a recognized “hands-on” regional cyber security and information assurance resource for ICT Penetration Testing, Vulnerability Assessment, Risk Assessments, Security Awareness Training and ICT Security Governance/Policy development support. We have harnessed a best of breed team of recognized and experienced cyber security and information assurance consultants and technology partners, who are well versed in global cyber security compliance standards and best practices.

  14. Caribbean Cyber Security Center: Our Team CCSC Executive Advisory Team “What Makes CCSC Unique“ The CCSC team represent a unique combination of proven and experienced cyber security professional ever assembled to specifically support the Caribbean • Mr. Niel Harper, CISSP, CISA, CRISC • Mr. Cordell Robinson, Attorney, C|CISO • Mr. David Gittens, CISSP • Mr. Michael Barrington, CISSP, TCNE

  15. Implications for the Caribbean in Staying The Current “Unsecure” Course There are only two types of companies: those that have been hacked, and those that will be. Even that is merging into one category: those that have been hacked and will be again," he told the crowd. "Maintaining a code of silence will not serve us in the long run." U.S FBI Director • Loss of Caribbean Investor Confidence, which will adversely impact whole economies • Loss of confidential data which damages overall regional reputation • Losses in Revenue, Customers and Man Hrs • Negative Reputation - Non-Compliance with Standards • Costly, difficult and long recovery process • Wide Reaching Stress / Uncertainty / Job losses • Information theft and business disruption continue to represent the highest external costs. • Cyberattacks can be costly if not resolved quickly • The average time to resolve a cyberattack is 24 days, but it can take up to 50 days

  16. our web presence\portal: www.caribbeancsc.com

  17. contact Information James Bynoe james.bynoe@caribbeancsc.com 202-640-8085 Deon Olton deon.olton@caribbeancsc.com 246-232-9009 Michael Barrington michael.barrington@caribbeancsc.com 443-854-1573 WWW.CARIBBEANCSC.COM

  18. Thank You For Attending!!

More Related