Download as PDF, PPTX
More Related Content
Similar to 11 pp-cybersecurity-revised2 a
![[BDD 2025 - Artificial Intelligence] Building AI Systems That Users (and Comp...](https://cdn.slidesharecdn.com/ss_thumbnails/ai-buildingaisystemsthatusersandcompanieslove-251124030845-038f7732-thumbnail.jpg?width=640&height=640&fit=bounds)
![[BDD 2025 - Full-Stack Development] The Modern Stack: Building Web & AI Appli...](https://cdn.slidesharecdn.com/ss_thumbnails/fs-themodernstackbuildingwebaiapplicationswithserverless-251124030844-388cf04f-thumbnail.jpg?width=640&height=640&fit=bounds)
![[DevFest Strasbourg 2025] - NodeJs Can do that !!](https://cdn.slidesharecdn.com/ss_thumbnails/devfeststrasbourg2025-nodejscandothat-251127142731-da65b6fd-thumbnail.jpg?width=640&height=640&fit=bounds)
![[BDD 2025 - Mobile Development] Crafting Immersive UI with E2E and AGSL Shade...](https://cdn.slidesharecdn.com/ss_thumbnails/md-craftingimmersiveuiwithe2eandagslshaderveronicaputrianggraini-251124030840-0c677f44-thumbnail.jpg?width=640&height=640&fit=bounds)
11 pp-cybersecurity-revised2 a
- 1. © 2019 SPLUNKINC. © 2019 SPLUNK INC. Cybersecurity Landscape Fiduciary leadership of Cybersecurity through Strategy & Governance July 2019 | Version 3.0
- 2. © 2019 SPLUNKINC. © 2019 SPLUNK INC. Customer Data Breaches: Impact and Severity Increasing 2
- 3. © 2019 SPLUNKINC. Slide 3
- 4. © 2019 SPLUNKINC. “I liken it to the very first aero-squadron, when they started with biplanes. We’re at the threshold of a new era… we are not exactly sure how combat in this new dimension of cyberspace will unfold. We only know we’re at the beginning.” “Few if any contemporary computer security controls have prevented a red team from easily accessing any information sought.” “The market does not work well enough to raise the security of computer systems at a rate fast enough to match the apparent growth in threats to systems.” “Computer intrusions, telecommunications targeting and intercept, and private-sector encryption weaknesses… account for the largest portion of economic and industrial information lost by US corporations.” “Espionage over networks can be cost-efficient, offer nearly immediate results, and target specific locations… and are insulated from risks of internationally embarrassing incidents.” “The almost obsessive persistence of serious penetrators is astonishing.” “I almost feel like it’s the early days of flight with the Wright brothers. First of all, you need to kind of figure out that domain, and how are we going to operate and maintain within that domain. So I think it will take a period of time, and it’s going to be growing.” “Our red teams do get into most of the networks we target .” Slide Slide 4
- 5. © 2019 SPLUNKINC. “I liken it to the very first aero-squadron, when they started with biplanes. We’re at the threshold of a new era… we are not exactly sure how combat in this new dimension of cyberspace will unfold. We only know we’re at the beginning.” - 1996 “Few if any contemporary computer security controls have prevented a red team from easily accessing any information sought.” - 1979 “The market does not work well enough to raise the security of computer systems at a rate fast enough to match the apparent growth in threats to systems.” - 1981 “Computer intrusions, telecommunications targeting and intercept, and private-sector encryption weaknesses… account for the largest portion of economic and industrial information lost by US corporations.” - 1995 “Espionage over networks can be cost-efficient, offer nearly immediate results, and target specific locations… and are insulated form risks of internationally embarrassing incidents.” - 1988 “The almost obsessive persistence of serious penetrators is astonishing.” - 1988 “I almost feel like it’s the early days of flight with the Wright brothers. First of all, you need to kind of figure out that domain, and how are we going to operate and maintain within that domain. So I think it will take a period of time, and it’s going to be growing.” - 2009 “Our red teams do get into most of the networks we target .” - 2008 Slide Slide 5
- 6. © 2018 SPLUNKINC. Slide Slide 5
- 7. © 2019 SPLUNKINC. Why? Why are you doing this? Why are you changing? No plan survives first contact with the enemy 1st vs 2nd vs 3rd vs 4th gen war How does the board support the 1.9M members? Use good examples from known good board members Investment corporate governance -- how would you look to your own review? What level of breach are you ok with? Slide Slide 7
- 8. © 2019 SPLUNKINC. Slide Slide 8
- 9. © 2019 SPLUNKINC. Slide Slide 9
- 10. © 2018 SPLUNKINC. Slide Slide 10
- 11. © 2019 SPLUNKINC. Slide Slide 11
- 12. © 2018 SPLUNKINC. Slide Slide 12
- 13. © 2018 SPLUNKINC. Slide Slide 13
- 14. © 2019 SPLUNKINC.
- 15. © 2018 SPLUNKINC. 2880 1910
- 16. © 2019 SPLUNKINC.
- 17. © 2018 SPLUNKINC.
- 18. © 2019 SPLUNKINC.
- 19. © 2018 SPLUNKINC. NIST Framework
- 20. © 2018 SPLUNKINC. NIST Framework B+
- 21. © 2018 SPLUNKINC. Order of Operations Matter
- 22. © 2018 SPLUNKINC. Security Efficacy Consequences <F
- 23. © 2018 SPLUNKINC. Security Efficacy Answers
- 24. © 2018 SPLUNKINC. Strategy on a Napkin
- 25. © 2018 SPLUNKINC. Strategy on a Napkin
- 26. © 2018 SPLUNKINC. Strategy on a Napkin
- 27. © 2018 SPLUNKINC.
- 28. © 2018 SPLUNKINC.
- 29. © 2018 SPLUNKINC. © 2018 SPLUNK INC. Thank you Joel Fulton, PhD CISO [email protected]