CTM360 Web Series - Definition of Cybersecurity
Summary
TLDRMahar B, CEO of CTM 360, discusses the urgent need to redefine security management in light of increasing cyber threats. He highlights the reality that all companies are either already hacked or unknowingly compromised, emphasizing the exponential growth in security breaches and their financial impact. B calls for a shift in approach, suggesting a reevaluation of the definitions of cybersecurity, information security, and IT security to create a more effective enterprise security strategy.
Takeaways
- 🛡️ The speaker, Mahar B, CEO and founder of CTM 360, emphasizes the need for a change in the current approach to managing security due to prevalent issues.
- 🔄 The FBI director's statement has evolved, suggesting that all companies are either already hacked or will be, highlighting the inevitability of cyber attacks.
- 🏦 Swift's advice post the Bangladeshi Bank hack was for banks to assume they have been breached, which led to the discovery of undetected breaches in many banks.
- 🕵️♂️ Data dumps, such as the Ashley Madison and LinkedIn breaches, reveal the extent of security breaches and the potential for password reuse across accounts.
- 💡 The importance of understanding the difference between cyber security and information security is highlighted, with a call to redefine these terms for clarity.
- 📈 The estimated global losses due to cyber attacks are projected to increase exponentially, from $445 billion to 2 trillion by 2019.
- 💻 The IC3 reports a significant increase in recorded losses from security breaches, indicating the growing severity of the issue.
- 🏥 Despite substantial investments in security, 75% of top US commercial banks still have malware, and 95% have grades of C or less, suggesting a failure in current security practices.
- 🔍 The speaker proposes a redefinition of security roles, distinguishing between IT security, information security, and cyber security, each with its unique mission.
- 🛑 The mission of IT security is service delivery, focusing on secure user experience, akin to the role of police in the physical world.
- 🛡️ Information security's mission is to protect information assets, similar to the military's role in safeguarding critical assets in the physical world.
- 💣 Cyber security's mission is to identify and neutralize cyber attacks, equating to the role of intelligence agencies conducting covert operations against threats.
Q & A
Who is the speaker in the video and what is their role?
-The speaker is Mahar B, the CEO and founder of CTM 360.
What is the main reason the speaker has started this series of talks?
-The speaker believes that there is a need to change the way security is managed today due to several highlighted issues.
What did the FBI director and the Cisco CEO say about company hacks?
-The FBI director said there are two types of companies: those that have been hacked and those that will be hacked. The Cisco CEO updated this by saying there are companies that have been hacked and those that don't know they have been hacked.
What example does the speaker use to illustrate that many organizations have been breached without knowing?
-The speaker mentions the Swift statement after the Bangladeshi Bank hack, where banks were advised to assume they have been breached, and many found breaches upon investigation.
What are data dumps and why are they significant?
-Data dumps occur when large social media or internet service providers are breached and user email IDs and passwords are published online. These can lead to further breaches as attackers use these credentials to access other accounts.
What impact did the Yahoo data breach have?
-The Yahoo data breach significantly impacted the company, causing a loss of value, and highlighted the widespread issue of data breaches.
How has the financial impact of security breaches changed over time?
-The financial losses from security breaches have grown exponentially, with estimated losses increasing from $445 billion last year to a projected $2 trillion by 2019.
What is the state of security in the US banking sector according to the speaker?
-Despite heavy investments in security, 75% of the top US commercial banks have malware in their environments, and 95% of the top 20 US banks have a security grade of C or less.
What two areas does the speaker suggest need to be addressed to improve security?
-The speaker suggests redefining security and adopting offensive defense as two critical areas that need to be addressed.
How does the speaker differentiate between IT security, information security, and cyber security?
-IT security focuses on service delivery for end users, information security focuses on protecting information assets, and cyber security focuses on identifying and neutralizing cyber attacks.
Outlines
🛡️ The Urgency for Security Redefinition
Mahar B, CEO and founder of CTM 360, introduces a series on the need to change current security management practices. He emphasizes this by citing FBI and Cisco CEO statements that all companies are either already hacked or will be, highlighting the pervasiveness of cyber threats. Mahar discusses the Bangladeshi Bank hack and how many banks only discovered breaches after financial losses occurred. He also touches on data dumps, where breaches lead to public exposure of user credentials, potentially compromising multiple accounts. The talk concludes with the alarming statistic of a projected increase in cybercrime losses from $445 billion to 2 trillion by 2019, underscoring the exponential growth of security breaches and the inefficacy of current security investments.
📉 The Ineffectiveness of Current Security Measures
This paragraph delves into the ineffectiveness of current security measures, as evidenced by the poor security grades of top US banks and the rapid increase in losses over time. Mahar B suggests that the current approach to security is not only insufficient but also requires a fundamental rethink. He proposes that the industry needs to redefine security and adopt an offensive defense strategy. The paragraph also discusses the confusion surrounding the terms 'cyber security' and 'information security', noting the shift in terminology and the lack of a clear, unified definition. Mahar argues for a clear distinction between IT security, which focuses on service delivery and user security, information security, which protects information assets, and cybersecurity, which is concerned with neutralizing cyber attacks.
🔍 Redefining the Missions of Enterprise Security
In the final paragraph, Mahar B emphasizes the importance of differentiating between the missions of physical security, IT security, information security, and cybersecurity within an organization. He illustrates this by likening each to different aspects of national security, with physical security akin to police, information security to the military, and cybersecurity to intelligence agencies. Mahar asserts that assigning conflicting missions to one individual or department can lead to inefficiencies and proposes that understanding and separating these roles will lead to more effective enterprise security. He promises to elaborate on the roles and responsibilities in future talks, advocating for a redefined approach to security.
Mindmap
Keywords
💡Security Management
💡Hacking
💡Data Breach
💡Data Dump
💡Password Reuse
💡Cybersecurity
💡Information Security
💡IT Security
💡Loss from Cybercrime
💡Malware
💡Offensive Defense
Highlights
The speaker, Mahar B, CEO and founder of CTM 360, initiates a series of talks to address the need for a change in security management practices.
FBI director's statement that there are only two types of companies: those that have been hacked and those that will be, indicating the inevitability of cyber attacks.
Cisco CEO's update to the FBI's statement, suggesting that all companies have been hacked, some just don't know it yet.
The Bangladeshi Bank hack exemplifies the reality of undetected breaches, with attackers remaining undetected for over a year.
Data dumps, such as the Ashley Madison breach, reveal the extent of password reuse across accounts, leading to further unauthorized access.
The impact of data dumps on high-profile individuals, like Mark Zuckerberg, whose Pinterest and Twitter accounts were hacked due to reused passwords.
Yahoo's data breach as a significant example of the financial and reputational damage caused by cyber attacks.
The exponential growth of financial losses due to security breaches, projected to reach 2 trillion by 2019.
The IC3's recorded losses from 2001 to 2015, showing a drastic increase from 17 million to over a billion dollars.
Despite increased investment in security, 75% of top US commercial banks still have malware present in their systems.
The grading system for bank security in the US, where 95% of top 20 banks have a grade of C or less, indicating a significant security issue.
The speaker's call for a redefinition of security practices, suggesting that current methods are insufficient.
The differentiation between cyber security, information security, and IT security, and the need for clarity in these definitions.
The analogy of security roles in the physical world to clarify the distinct missions of IT security, information security, and cyber security.
The proposal to redefine security by assigning clear and distinct roles to IT security, information security, and cyber security to enhance effectiveness.
The speaker's intention to delve deeper into the roles and responsibilities of each security domain in subsequent talks.
Transcripts
[Music]
[Applause]
[Music]
hi my name is Mahar B I am the CEO and
founder of ctm 360 I've have started
this series of talk because I believe we
need to make a change in the way we are
managing Security today
why am I saying that is because there
are issues which I want to highlight and
I want to start by describing to you the
rational why I feel we need to make the
change and in this talk of today I'll
only end up with the high level
difference which I think we need to make
in the following talks I'll take you in
more details of this so starting with
the first part why am I saying we need
to make the difference let's look at
what an FBI director said a couple of
years back what he said was that there
are only two type of companies one that
has been hacked and the ones who will be
hacked but last year the same thing was
changed by The Cisco CEO he said there
are two type of companies the ones who
have been hacked and the ones who don't
know that they have been hacked so
effectively what he is saying is that
everybody has been hacked and he may be
very right I believe so this is exactly
what also Swift said last year once the
Bangladeshi Bank hack came to surface
they said to the banks assume you all
have been breached and when the banks
went around trying to look for it a lot
of banks did find that the breach had
happened and the attackers were on the
way even in Bangladeshi Bank the
attackers were there for more than a
year before somebody even came to know
and they only came to know when the
money was transferred so this is what is
practically going on right now in a lot
of organizations and they don't know
about
it this can be visible from one more
angle if you look at the data dumps what
is a data dump when a large social media
or a internet service provider is
breached and the email IDs which people
have used there as a user ID along with
their password is published on the
internet that is what we call a data
dump now in those data dumps the one
which was by Ashley medicon that made a
big news because it was on a dating site
and on from there a lot of people came
to know that their spouse were cheating
on them why because their email
addresses were in part of the data dump
now for us what is important in that is
the password along with it assumingly
the same password they must have used
across many of their accounts so once I
know the password from there I can try
in a number of their other accounts
including including their company email
account and I may succeed and think of
it that how many other data dumps are
happening LinkedIn is another one which
made big news it was posted last year in
2016 the breach had happened in 2012 so
for 4 years somebody had the passwords
for that they must be scrapping the data
across many networks and one person who
was there who we all know is Mark
Zuckerberg his email address was part of
the that breach and because of that once
this was published last year Somebody
went in and hacked his Pinterest and
Twitter account because the password was
the
same
now this data
dumps the one which happened on Yahoo
impacted it the most because they lost a
lot of value from it and then about
every week we find a few data dumps
there the next thing which I want to
talk about is the loss we are having
last year the estimated loss was
$445
billion and then now projecting that
this loss will go up to 2 trillion by
2019 in another just 2 to 3 years what
is going on if we look at the actual
money loss which is recorded by ic3 an
organization in the US it recorded that
in 2001 the data loss the losses from
the security breaches from 17 million
went up to a billion by
2015 so the losses are growing
exponentially where we are spending and
investing so much more in securing and
that is also evident from the security
report which was done on the banking
sector in
USA the country which has the largest
security vendors assumingly they're
spending the most money on securing the
banks and the situation is that 75% of
the top us commercial banks have got
malware in their
environment 95% of the top 20 US Banks
don't even have a grade of A or B
they're all C or less so something is
really
wrong if we plot it against time we see
that the losses have gone much higher
with time the attacks are going at a
faster Pace than how much we are able to
manage it let's go ahead another 30
years and if we keep on doing what we
are doing today then whatever we are
managing will be really
negligible so what I'm trying to say is
we don't need to do more of whatever we
have been doing we need to do it
differently and the two areas which I'm
projecting we need to do differently one
is to redefine security and other is
offensive defense so let's look at
redefining security let's start by
saying what are the definitions of cyber
security information security and it
security if I ask you give me the
difference what you think is there
between cyber security and information
security I'm sure you will struggle
everybody struggles everybody has their
own way of defining it the difference
which we notice is that over the period
people have started using the word cyber
security instead of information security
the same National initiative which was
information security initiative is now
called cyber security initiative the
information security groups have started
calling themselves cyber security group
the information security awareness we
used to have is called cyber security
awareness and let alone the two strong
countries when their presidents meet up
China and us the headline says they're
both debating the definition of cyber
security pretty much the same thing
happens when the Chinese president goes
onto the UK so what's going on let's do
a research across the industry to see
what anybody says about cyber security
the first thing which I did was I went
to isaka isaka does not have their own
definition of cyber security but a
gentleman there tried to explain what he
thinks is cyber security in his view
information security is a bigger
umbrella and whatever we know within
that is traditional security and what we
don't know is cyber security that is his
definition I don't comment on it let's
go to itg itg says that defined it as
the protection of systems Network and
data in
cyberspace here we will have a debate on
what is cyberspace things which I own
but they're in the cloud are they in the
cyberspace and so on let's look at a
university the university says that
information cyber security
is referred to also as it security
information technology security so they
for them cyber security and it security
is one and the
same it's very confusing you look across
all the different vendors and every
vendor tries to explain it by what their
business is and maybe you can say that I
have tried to do the same but I think in
my humble opinion my description of
cyber security would make more sense in
redefining security let's start first
look at it security and each of these
functions I would rather like to focus
on the mission of each to understand
what they are so it mission is really
Service delivery which is about the end
user where we need to give the end user
more room to work but in a secure manner
which is similar to police in the
physical world then we go on to
information security information
security the mission is about
information assets it's not about the
end user which in the physical world we
can say is more of less like the
ministry of defense the military
itself the military is trying to secure
the critical assets of the country where
people may die but they need to secure
the critical assets the mission is
entirely different than what is the
mission of the police same the missions
of it security and information security
are very different then we come to cyber
security the mission is about attacks
it's only about identifying and
neutralizing cyber attacks these three
hence giv you the different picture
where cyber security equates to
intelligence agency in the physical
world where the intelligence agencies
even go out outside their country into
other countries and perform covert
operations to neutralize the attackers
and hence comes forth the big Enterprise
security with four pillars physical
security with the mission of physical
nature of assets of the Enterprise it
security which the mission is the end
user information security mission is the
information assets and lastly cyber
security where the mission is about
attacks now if we try to give these
different missions to the same one
individual we will have an issue we are
giving them conflicting missions and
this is why I'm saying we should
differentiate to get more effective
Enterprise Security in an
organization I in my next talks I'll
take you through in more detail of each
one of them up to what I believe should
be the roles and
responsibilities thank
you
تصفح المزيد من مقاطع الفيديو ذات الصلة
The Hacking Wars - How Governments Hack Each Other
Uncovering Cyber Threats: EDR vs SIEM Comparison #cybersecurity #cyber #risk #threats #detective
Privacy and Security: Impact of Digital Technology
Did the global response to 9/11 make us safer? | Benedetta Berti
Enterprise Computing Preliminary Course Unit 3: Principals Of Cybersecurity
NSE 1 The Threat Landscape - CISO Perspectives
5.0 / 5 (0 votes)