Timreview.ca

Technology Innovation Management Review TIM Lecture Series
The Expanding Cybersecurity Threat
It used to be that not a month would go by without some new data breach being reported. Then it seemed not a week would go by. Today, we see daily reports about some new attack vector, some new cyber- espionage group, some new kind of cyber-attack occurring against our critical networks and our critical data. Vice President of Global Government Affairs & Cybersecurity Policy Globally, a wide range of threats are being detected across many platforms and devices. There is also wide The TIM Lecture Series is hosted by the Technology range of attackers, from highly-organized criminal en- Innovation Management program at terprises to individual cyber-criminals to "hacktivists" Carleton University in Ottawa, Canada. The lectures (i.e., politically motivated actors) to state-sponsored provide a forum to promote the transfer of knowledge groups. The variety of threats and motivations make Sy- between university research to technology company mantec's task of identifying threats and developing pro- executives and entrepreneurs as well as research and tections an increasing challenge and drives its focus on development personnel. Readers are encouraged to the attackers' tactics, techniques, and procedures share related insights or provide feedback on the (TTP). A detailed understanding of the attackers is es- presentation or the TIM Lecture Series, including re- sential in building effective defenses against them.
commendations of future speakers. Today, the key categories of threats raised by attackers The first TIM lecture of 2015 was held at Carleton Uni- versity on February 19th, and was presented by Cheri F. McGuire, Vice President of Global Government Af- 1. Data breaches: more than 550 million identities were
fairs & Cybersecurity Policy at Symantec exposed due to data breaches in 2013, and Symantec ex- McGuire provided an overview of Symantec's view of pects this number to soon exceed 1 billion, which is the expanding cybersecurity threat and the measures equivalent to nearly 1 out of every 7 people on the plan- the company is employing to mitigate the risk for com- et, or about 1 in 3 Internet users. And, data breaches are panies and individuals. The slides from her presenta- becoming increasingly broad: intellectual property, tion are available here trade agreements, and business agreements, are often now the target, not just credit card data, etc. 2. Mobile and social: a key area where threats are prolif-
To begin, McGuire provided background on Sy- erating and where social engineering is carried out (i.e., mantec's systems for identifying and evaluating cyber- attackers gather personal data about persons of interest threats around the world, which it uses as a basis for via social networks and then use it to make targeted developing protection measures. In particular, she de- emails more convincing). scribed Symantec's Global Intelligence Network (GIN), a massive array of monitoring systems, attack sensors, 3. Ransomware: malware that locks a computer and en-
and decoy accounts, combined with the world's crypts the data, then demands payment for decryption. largest vulnerability database and capability for big Ransomware is becoming increasingly prevalent: Sy- data analytics, which together provide real-time in- mantec observed a 500% month-on-month increase in sights on what is happening on a global scale.
ransomware in 2013.
Technology Innovation Management Review TIM Lecture Series – The Expanding Cybersecurity Threat
Cheri F. McGuire
4. Cyber-espionage: the identity of malicious intruders
cooperate and share high-level information, support is not always known, and the distinctions between cat- prosecutions of cyber-crimes, and develop an ecosys- egories of attackers is not clear-cut: one group may tem approach to cybersecurity. This approach also re- pose as another to obscure their identities and inten- flects the shift towards a defense that is not solely tions, particularly when the attacks are initiated by na- founded on signature-based technologies (i.e., antivir- us software), but reflects an increasingly sophisticated, layered approach to cybersecurity. 5. Internet of Things: innovation in this area is happen-
ing very quickly, but the security is a step behind. Sy-
Finally, McGuire provided a list of best practices for mantec believes that, to be effective, security must be businesses to help protect against cyber-threats: built into products as they are being developed, not "bolted on" later. 1. Employ defence-in-depth strategies In terms of targets, McGuire highlighted critical infra- 2. Monitor for network incursion attempts and vulner- structure (e.g., power grids, transportation networks, manufacturing sectors, financial systems) as an import-ant area of concern. 3. Antivirus on endpoints is not enough McGuire also highlighted the increase in web-based at- 4. Secure websites against man-in-the-middle attacks tacks: in 2013, Symantec blocked 23% more web at-tacks than in 2012. However, targeted attacks are of 5. Protect private keys particular concern, such as emails targeted at persons of interest using personal data gathered to increase the 6. Use encryption to protect sensitive data apparent authenticity of the communication. Such tar-geted emails are designed to trick people into taking ac- 7. Ensure all devices on company networks have secur- tions that they would not otherwise take if they understood the consequences. Examples include spear-phishing (i.e., sending an email to a person of interest) 8. Implement a removable media policy and watering holes (i.e., drawing targets to infected websites, where the malware lies waiting to infect visit- 9. Be aggressive with updating and patching 10. Enforce an effective password policy Beyond Symantec's efforts to develop its products and services, the company has also been actively pursuing 11. Ensure regular backups are available public–private partnerships to help counter the ex-panding cybersecurity threat. These partnerships are 12. Restrict email attachments both private-to-private and private-to-public; Sy-mantec is working with other companies and with 13. Ensure an infection and incident response proced- many government agencies that span policy, opera- tions, law enforcement, as well as education and aware-ness. Such partnerships are motivated by the desire to 14. Educate users on basic security protocols Technology Innovation Management Review TIM Lecture Series – The Expanding Cybersecurity Threat
Cheri F. McGuire
About the Speaker
Cheri McGuire is Vice President for Global Govern-
ment Affairs and Cybersecurity Policy at Symantec,
where she is responsible for the global public policy
agenda and government engagement strategy,
which includes cybersecurity, data integrity, critical
infrastructure protection, and privacy. She currently
serves on the World Economic Forum Global
Agenda Council on Cybersecurity, and on the
boards of the Information Technology Industry
Council, the US Information Technology Office in
China, and the National Cyber Security Alliance. She
also is a past board member of the IT Information
Sharing and Analysis Center, a former member of
the Industry Executive Subcommittee of the Presid-
ent's National Security Telecommunications Advis-
ory Committee, and a former Chair of the US IT
Sector Coordinating Council. Ms. McGuire is a fre-
quent presenter on technology policy issues, includ-
ing testifying five times before the US Congress on
cybersecurity, privacy, and cybercrime. Prior to join-
ing Symantec, she served as Director for Critical In-
frastructure and Cybersecurity in Microsoft's
Trustworthy Computing Group, and she has held
numerous positions in the Department of Home-
land Security, Booz Allen Hamilton, and a telecom
engineering firm that was acquired by Exelon Infra-
structure Services. She was also a Congressional
staffer for seven years. Ms. McGuire holds an MBA
from The George Washington University and a BA
from the University of California, Riverside.
This report was written by Chris McPhee. Citation: McGuire, C. F. 2015. TIM Lecture Series – The
Expanding Cybersecurity Threat. Technology Innovation
Management Review, 5(3): 46–48.
http://timreview.ca/article/881
Keywords: cybersecurity, cyber-attacks, cyber-threats, data breaches, cyber-
espionage, social engineering, malware, ransomware, scareware, antivirus,
private-public partnerships, Symantec

Source: http://timreview.ca/sites/default/files/article_PDF/TIMLS_McGuire_TIMReview_March2015.pdf