SlideShare ist ein Scribd-Unternehmen logo
1 von 16
Downloaden Sie, um offline zu lesen
BLACKBERRY INTRODUCTION1
IS YOUR ORGANISATION
READY FOR A CRISIS?
THE FUTURE OF SECURITY IN AUSTRALIA. A THINK TANK REPORT BY BLACKBERRY.
BLACKBERRY 2 INDEX
3 Foreword
4 Introduction
5 Participants
6 Collective Response
8 Arms Race
10 Vulnerabilities
12 Human Factors
BLACKBERRY FOREWORD3
At the close of 2016, I had the pleasure of participating in a critical discussion in
Sydney about trends in cyber and mobile security. Together with BlackBerry and
other leaders in various fields of information and people security, this ‘Think Tank’
explored the threat impact today upon organisations in the private and public sectors
in Australia and around the world.
It goes without saying that cybercrime and cybersecurity were high on the agenda.
As a former advisor to the Obama government on the subject, this is an area I am
passionate about. It was clear that it’s a challenge for everyone, from C-levels
to boards to IT managers, who are grappling with these challenges every day
with different strategies. However, beyond this, we also heard first-hand how it
impacts technology and people strategies, including how roles and organisational
responsibilities are changing and solutions are evolving to help manage citizen
and employee safety.
The changing security threat outlook continues to be a challenge and 2017 will
be no different in how we tackle its problems. The landscape will only continue
to evolve, threats will grow and become more complex. This discussion among
some of Australia’s leading experts aimed to examine how organisations and
governments can better ready themselves for a crisis and mitigate risks in the
future. However, this is just a starting block.
We hope the themes in this report help to encourage ongoing dialogue about
cybersecurity, holistic strategies for staff and people safety – and importantly,
what can be done to mitigate and survive cybercrime’s destructive path.
Foreward by
Jeffrey Bleich
Partner at Dentons, former US Ambassador to Australia
and advisor to the Obama government on cybersecurity
Jeffrey Bleich
BLACKBERRY INTRODUCTION4
Once primarily the concern of IT departments, digital
attacks now threaten to disable critical infrastructure,
bring entire cities to their knees and steal billions of
dollars from the economy.
In 2015, the number of digital attacks increased 38%
on the previous year.1
The coming year is expected to
see even bigger growth in cybercrime, with the number
of potential targets, agents and vulnerabilities all
continuing to diversify and expand.
It’s a problem with a hefty price tag.
Today in Australia, cybercrime is a significant
financial problem. In the first quarter of 2015, more
than A$234 million worth of financial loss was self-
reported by victims of cybercrime to the Australian
Cybercrime Online Reporting Network (ACORN),
whilst a report by the Attorney General’s office
suggested the potential national cost at around
$2 billion a year.2
The rising threat tide is understandably causing an
increasing level of concern amongst business leaders.
A recent survey of more than 1,000 IT executives found
nearly nine out of 10 executives (86%) are nervous that
their company’s security won’t be enough to keep out
hackers or malware.3
Cybersecurity today is charged not only with protecting
technology, but also critical infrastructure and even
people. Recent crisis scenarios such as the 2016
South Australian power blackout saw technology
playing a lead recovery role – from messaging impacted
residents about the disaster to routing energy to critical
services such as hospitals and maintaining networks.
The BlackBerry Future of Security Think Tank brought
together a select group of experts to explore the
increasingly complex Australian security environment
– both on and offline. The goal was to establish dialog
amongst public and private sector experts, in order to
better understand the varied challenges facing cities in
the future and how best to develop more comprehensive
and collaborative risk management strategies.
Introduction
Australia’s
cyber risk profile
is changing.
1
BlackBerrySecuritySummitreporting,http://fleetowner.com/technology/your-biz-may-be-compromised-long-you-know-it-if-you-ever-do
2
https://www.ag.gov.au/CrimeAndCorruption/Cybercrime/Documents/national-plan-to-combat-cybercrime.pdf
3
http://blogs.blackberry.com/2016/07/survey-nearly-9-out-of-10-executives-worry-their-companys-security-is-too-weak-to-deter-hackers/
BLACKBERRY 5 PARTICIPANTS
The Think Tank brought together participants from a wide-range of security
backgrounds – including fraud, cybersecurity and terrorism. Importantly the
sectors they work in are incredibly diverse, from professional services, government
departments, financial services, security agencies, utility and telecommunications
and academia.
The Think Tank was moderated by industry commentator and freelance journalist
Brad Howarth. He was joined by:
•	 Sinisha Patkovic – Vice President, BlackBerry Government Solutions
•	 Jeffrey Bleich – Group CEO and Partner, Dentons; Former US Ambassador
to Australia
•	 John Durbridge – Head of Campus Security, Macquarie University
•	 Berys Amor – Director for Technology, Corrs Chambers Westgarth
•	 Rex Stevenson – Director, Signet Group International; Former Director General
for Australian Secret Intelligence Service
•	 Claudine Ogilvie – Chief Information Officer, Jetstar Airways
•	 Craig Davies – CEO at Australian Cybersecurity Growth Network Ltd
•	 George Reinoso – Security and Services Consultant, Ericom
•	 Derek Chen – Regional Head of IT Security, British America Tobacco
•	 Dr Liming Zhu – Research Director, Software and Computational Systems,
DATA61 | CSIRO
The discussion unlocked a number of themes pertinent in the security landscape –
above and beyond just cyber. There were four key take outs that reflected what cities
in Australia and businesses within them should be thinking about moving into 2017
and beyond. These included:
•	 The need for a collective response
•	 The attack arms race
•	 Changing vulnerabilities
•	 Overcoming the human factor
Future of Security
Think Tank participants
BLACKBERRY 6 COLLECTIVE RESPONSE
Need for a
collective response
The need for a nationally integrated response
to cyber threats remains the single most
important goal for addressing cybercrime
in 2017, according to the Think Tank members.
BLACKBERRY 7
Almost all of the group suggested that changes
to the threat landscape have created an overlapping
responsibility between governments, private enterprise
and industry bodies.
For example, last financial year, peak government
body CERT Australia responded to 14,804 cybersecurity
incidents affecting Australian businesses, 418 of which
involved systems of national interest and
critical infrastructure.
With an increasing number of occurrences, it was
agreed collaboration was key. There are numerous
examples of where a joint effort has proved critical
in staving off a digital threat.
In 2012, a foreign criminal syndicate used some
30,000 Australian credit cards to make unauthorised
transactions of more than $30 million. It was only
because of the combined efforts of the Australian
Financial Police, many Australian banks and technology
providers in identifying the threat, that the sum didn’t
run into the hundreds of millions of dollars.
Yet historically, such deep and large scale cooperation
has been rare and it was the strong view of the Think
Tank that it was an area that needed immediate
emphasis. Participants agreed that there is too little
formal information sharing, and no clear lines of
responsibility in terms of what an organisation should
do to defend itself, and where the government’s role
starts and ends.
Jeffrey Bleich, the former US Ambassador to Australia
and now Group CEO and Partner at Dentons, said such
collaboration required a level of openness not previously
found in the sector.
“Only a few years ago many companies were loath to
share any information or disclose details about security
for fear of conceding a competitive edge. This position
is changing but needs to do so even more if we’re to
more effectively combat cybersecurity threats in the
coming year,” Mr Bleich said.
Mr Bleich’s comments were echoed by many other
Think Tank participants, who felt that while organisations
could cooperate when seeking to extinguish a specific
threat, ongoing collaboration continued to
be problematic.
There were a number of potential barriers to facilitate
more open exchange such as commercial sensitivity,
however the most prevalent concern was a lack of
a singular head administrative entity.
On the government side, there are dozens of bodies
focused on improved security and information sharing.
Within the private sector, the number of formal and
informal bodies and initiatives involved in digitally
protecting our cities runs into the hundreds.
Many of the participants said the plethora of conflicting
priorities and approaches amongst these businesses
could be confusing to individual organisations. Even
a seemingly simple task such as a shared definition
of ‘cybercrime’ could be problematic. In a recent threat
report from the Australian Cybersecurity Centre,
the body said “The Government’s definition of a
cyberattack can be at odds with what the information
security community, the public and the media envisage
cyberattacks to be.”
Nonetheless the requirement for a nationally coordinated
approach remains, even if the structure of this
relationship remains still undecided.
BlackBerry Think Tank representative, Sinisha Patkovic
who is BlackBerry’s Vice President of Government
Solutions said, “There are some considerable challenges
in bringing government and private enterprises together
when it comes to cybersecurity. Everyone has a slightly
different expectation and view about what a nationally
coordinated approach would look like. Fortunately,
I think Australia already has a lot of the right foundations
in place for such collaboration, it’s now about taking
the next steps.”
Although full cooperation may be a work in progress,
the Future of Security Think Tank agreed that there
were four key factors that could determine the success
of future collaborations:
•	 Helping educate Australians about how to better
protect themselves
•	 Improved dialogue between government and private
enterprise on cybersecurity – particularly in the area
of breach reporting
•	 Better intelligence provided by government about
emerging and likely cyberattacks
•	 Closer collaboration amongst those businesses
in the private sector
COLLECTIVE RESPONSE
4
http://webcache.googleusercontent.com/search?q=cache:clNj5DQivWsJ:www.aph.gov.au/DocumentStore.ashx%3Fid%3Da03cf049-7f2b-43bd-846c-9eb7bd2f59ef%26subId%3D253039+&cd=3&hl=en&ct=clnk&gl=au
5
https://www.acsc.gov.au/publications/ACSC_Threat_Report_2016.pdf
6
https://www.acsc.gov.au/publications/ACSC_Threat_Report_2016.pdf
BLACKBERRY 8 ARMS RACE
The attack
arms race
Even the cyber criminals themselves are morphing.
The term ‘cyber criminal’ is a catchall category that
now includes a vast range of nation states, groups
and individuals engaged in online crime from all
corners of globe. Their drivers are as distinct as
their backgrounds, from pure financial gain through
to disrupting critical infrastructure.
However, there is one trait that almost all share – they
can move at the speed of light. Criminals are able to
absorb and take advantage of new vulnerabilities within
days or even hours.
The ability to prepare for, or even respond to, such a
rapidly changing threat landscape was much discussed
by the Think Tank members.
One of the big drivers between improved public/
private cyber collaboration was that many Think Tank
participants felt companies were struggling to keep
pace with an ever-changing range of threats.
Dr Liming Zhu, Research Director of Software and
Computational Systems at CSIRO, gave some interesting
insight into how this created a sense of pressure amongst
those charged with protecting the networks.
“At times it really does feel like an arms race. The better we
get at finding countermeasures, those countermeasures then
become a training ground for adversaries to find better exploits.
As a company, you need be methodical about removing classes
of threats completely. Keeping focused on the root cause
is very important,” Dr Zhu said.
BLACKBERRY 9
George Reinoso, a Security and Services Consultant
at Ericom, agreed with Dr Zhu’s thoughts. Rather than
getting overwhelmed he said, “The companies that
weather an unexpected crisis the best are the ones that
are meticulous with their planning. They may not know
the nature of the threat but they know, down to the
smallest degree, what their response approach will be.
When working in an environment where things change
so quickly, it’s important not to get too swept up and
instead focus on preparedness. At the end of the day
it’s the details that matter.”
Another way of alleviating the burden of protecting
a network is to seek outside experts to help better
understand and address rapidly changing threats. As
Head of Campus Security at one of Australia’s leading
education organisations, John Durbridge from Macquarie
University said academic insight should play a key role
in shaping industry security strategy. “Keeping ahead
of the game is key when it comes to cybersecurity.
We have access to some of Australia’s brightest
minds here at Macquarie enabling us to draw on their
expertise and stay one step ahead. It’s important that
organisations are flexible and open minded in who
is the ‘expert’ when it comes to security.”
Whilst the industry pushes towards drawing on more
security experts, those behind cybercrimes are often
at the other end of the spectrum.
Underpinning the ‘attack arms race’ is an increasingly
business-like approach taken by digital crime
organisations – offering products and services to the
less technology savvy. Hackers for hire are likely to offer
round-the-clock support desk services, money laundering
expertise and readily packaged cybercrime ‘kits’ .
The so-called ‘script kiddies’ armed with off-the-shelf
DDoS products were widely suspected to be behind
the Dyn attacks in October 2016, which brought down
services such as Twitter, Spotify, Netflix and Paypal.
The hackers infected common IoT devices, such
as DVRs and webcams, with a malware named
Mirai that turned these devices into a powerful botnet
army that jammed up traffic to a domain name system
(DNS) server.
While most Think Tank participants weren’t specifically
concerned about the threat from less sophisticated
attackers, it did raise concerns about the need for
constant vigilance.
Craig Davies, the former Director of Security at
Atlassian and now Chief Executive Officer at the
Australian Cybersecurity Growth Network Ltd said,
“We need to be continually testing and helping our
organisations on security to deal with an almost
constant threat. Every company has a security strategy
and plan, but too many of them just sit in a desk drawer
somewhere. Organisations need to stop asking ‘What
could possibly go wrong?’ and accept that constant
attack is the new normal.”
At times it really does feel like
an arms race. The better we get
at finding countermeasures, those
countermeasures then become a
training ground for adversaries to find
better exploits. As a company, you need
be methodical about removing classes
of threats completely. Keeping focused
on the root cause is very important
ARMS RACE
7
http://www.pcworld.idg.com.au/article/599997/cybercriminals-increasingly-embracing-sophisticated-business-model-approach/
BLACKBERRY 10 VULNERABILITIES
Changing
vulnerabilities
However, it is not just the rate and sophistication of attacks that is changing, vulnerability areas
are also shifting. The Think Tank believed that technology security professionals needed to widen
their view of what needs to be protected.
The potential vulnerability of the Internet of Things,
infected Artificial Intelligence engines and even
people themselves were amongst some of the
potential concerns raised by the group.
Most pointed to the potential impact of targeting these
emerging areas. The 2015 attack on Ukraine power
stations via connected plant control equipment provided
a sobering example. In this instance cyber terrorists shut
down 30 substations throughout the country – leaving
hundreds of thousands of residents without electricity
for hours. Authorities believe more than six months of
planning went into the attack using a combination of
spear phishing, keylogging and data exfiltration.
However, participants were quick to point out that it
wasn’t just large-scale utility infrastructure that was
at risk. During the past 12 months, researchers have
hacked everything from hospital insulin pumps to
humble electric kettles.
Think Tank participants said they expected to see
increasing connections between the technological
and physical worlds in a bid to better protect cities.
Jeffrey Bleich felt that an integrated approach is
paramount to success, “The notion that people think
differently in the virtual and physical world is a fiction.
We need to observe human nature and apply this
to both spheres, where we are now operating
simultaneously.”
8
http://blogs.blackberry.com/2016/11/how-hackers-could-draft-connected-cars-into-their-botnet-armies/
BLACKBERRY 11 VULNERABILITIES
Craig Davies, Chief Executive Officer at Australian
Cybersecurity Growth Network Ltd, echoed Mr Bleich’s
comments, adding, “It’s critical to our organisations that
we have good overlap between the protection of physical
assets and the IT world. Most organisations in the past
have tended to do one area well, but not necessarily
the other. In such an integrated future we need to be
able to do both really well.”
Derek Chen, Regional Head of IT Security at British
America Tobacco, added, “We’re operating in a new
world. We have had to find new ways of working, with
a number of teams working together whenever there
is a risk highlighted in our organisation to get the best
outcome. An integrated approach is necessary with
fighting sophisticated threats.”
Claudine Ogilvie, Chief Information Officer at Jetstar
further commented, “It is indeed a new world with the
risk of human factors a big threat – just as much as
technology. A big part of a company’s strategy should
be to help staff understand the risks and what to look
out for. To do this you need to bring people on the
journey, putting methods in place to help change
behaviours and be more vigilant. Together with
enhanced technology, it’s important to create that
culture of education across different lines of business –
and that is often overlooked in an organisation.”
“Looking specifically at IT security, with larger
organisations there can be different maturity levels
across the business - what is accepted in one part
of the business, may not be embraced in others.
You can’t simply look at an organisation as a single
environment. There are many individual, yet
overlapping needs.”
In reference to the ‘new world’ of security, this is
also where people, as well as information and data,
are subject to threats. The Think Tank participants
discussed the changing role of the CIO and the wider
threat landscape where partner organisations, friends
and families were an increasingly targeted vulnerability.
These parties were often seen as the weakest link in
the security chain, providing a stepping stone to the
organisation or high value individual.
“As an organisation we don’t only think about security
as something that happens within our internal systems,”
said Berys Amor, Director of Technology at Corrs
Chambers Westgarth. “Sometimes the easiest way
to get to a company might be through a partner
organisation and as an industry we’re increasingly
seeing cyber criminals go after executives through
their personal assistant, friends or even families.”
Looking specifically at IT security, with larger organisations there can
be different maturity levels across the business - what is accepted in
one part of the business, may not be embraced in others. You can’t simply
look at an organisation as a single environment. There are many individual,
yet overlapping needs.
BLACKBERRY 12 HUMAN FACTOR
Overcoming
the human factor
Undoubtedly, the key concern amongst businesses
was that security was often perceived as a barrier
to productivity, rather than a critical safeguard.
Many participants believed that increased security
was inseparably linked to sluggish performance or
administrative red-tape.
Research suggests this belief is right on the money.
A recent BlackBerry security survey found that
82% of global executives felt that security precautions,
specifically in mobile working, caused at least some
frustration amongst their employees. Incredibly,
44% of employees felt too much security could
stop employees from doing their job altogether.
Against this backdrop, many in the Think Tank
believed that a better approach for businesses
was to deploy security solutions that better
matched existing employee behaviours.
In an environment of ever evolving technology threats, it’s somewhat ironic
that amongst the biggest problems in digital safety is the ‘human element’.
Every member of the Think Tank was able to provide extensive examples
of how people could unravel even the most well-thought security strategy.
BLACKBERRY 13 HUMAN FACTOR
According to Derek Chen, Regional Head of IT Security,
British America Tobacco, “a lot of issues come down
to people, they absolutely shape the risk profile. As an
industry we need to build our solutions from the people
perspective up. The challenge is that behaviours, like
technologies change all the time, you have to constantly
monitor how people are or aren’t using security and
adjust your strategy accordingly. It’s not just about
ticking off boxes and thinking you’re done.”
It’s this kind of accommodating approach that Berys
Amor, Director of Technology at law firm Corrs Chambers
Westgarth has been using with some success. The firm
has developed an ongoing internal communications
program to help employees to better understand the
importance of security.
“Five years ago employees were not as aware of the
security threats and we’ve slowly been able to turn that
around through ongoing awareness activity and making
sure our approach fitted the needs and expectations of
the business. Today we have a lot of interaction with the
business to check that partners and staff are doing the
right thing.”
Companies are highly aware of employees circumventing
security measures. BlackBerry’s recently commissioned
research into mobile working practices found 62% of
Australian businesses are worried about the risks of errant
employees storing sensitive information on cloud services.
Rather than driving to force employees to use company-
provided storage, 75% of companies within the survey
said they were working towards delivering an enterprise-
grade file sharing service – that would accommodate both
employee workflow and company needs.
The Think Tank said executive support was critical in
creating a successful security culture. Rex Stevenson,
the former Director General for the Australian Secret
Intelligence Service and now Director of Signet Group
International said, “Unless security is driven from the
very top of the organisation, you’re not going to get any
real change. The CEO needs to get behind it and push
it, otherwise all of your effort trying to change the rest
of the organisation is lost. You need the commitment
right through the organisation, but it needs to start with
the most senior executives.”
What can sometimes be an overlooked factor, the Think
Tank believed there are three critical steps in overcoming
the ‘human element’ challenge:
•	 Constantly test adherence and educate; being
vigilant around both is the centrepiece of a successful
security strategy
•	 Design strategies and programs within organisations
for the people, not for the product
•	 Behaviour changes constantly; be aware of how
working and social patterns evolve within an
organisation over time
The challenge is that behaviours, like
technologies change all the time, you
have to constantly monitor how people
are or aren’t using security and adjust
your strategy accordingly. It’s not just
about ticking off boxes and thinking
you’re done.
BLACKBERRY 14 THE VIEW
I’ve said it before, and I’ll say it again – mobile, in all its
forms has changed the way the cybersecurity landscape
needs to operate. The Internet of Things will require
further changes to how we all think and act about
cybersecurity in the enterprise and beyond. This is
why we have accelerated our efforts to address these
emerging issues, with what BlackBerry calls – “The
Enterprise of Things.”
By this, we mean the network of intelligent connections
and end points within the enterprise that enables
products to move from sketch to scale. It’s the devices,
computers, sensors, trackers, equipment and other
“things” that communicate with each other to enable
smart product development, distribution, marketing
and sales.
A Future without vulnerabilities?
At BlackBerry, we know that mobile has brought
a series of challenges to organisations – from BYOD
to end user data in the cloud, the convenience of
mobile is marred by the security risks it presents.
Today, as companies continue to grapple with securing
their mobile workforces, they are also looking to the
future and how to manage all the other end-points
that are sharing unsecured data.
As shared on our blog, Inside BlackBerry, when
individuals buy electronic devices or use online
services, they generally assume that they’re secure
and that they will protect our private information.
But all too often, these assumptions turn out to be
wrong, as highlighted by the constant news stories
on major cyberattacks and data breaches. The root
of the problem is the typical industry approach to
security: build products, ship them, and hope they
don’t get hacked.
We know that a future without vulnerabilities is one
of the world’s biggest challenges. So, at BlackBerry,
we’re working day and night to turn this security
model on its head. Rapid patching is critical to product
security, but the reactive approach gives the attacker
the opening move. Formal methods have the potential
to proactively improve security design standards and
certifications, giving us the ability to prove that products
and services are secure – including the obscure details
that even the experts sometimes overlook. With the
cybersecurity battle raging on, formal methods can
change the battlefield over the long term and give us
the best possible chance to win the war.
Organisations therefore need to take a more
strategic look at how they comprehensively protect
themselves from end to end. The right approach
to achieving sustainable results rests on three pillars:
making the decisions at the right level through
Governance of IT and Security, having a big
picture with a comprehensive security program,
and ensuring effective use of the security tools.
Software plays a vital role as it is a core building
block of a modern enterprise. It needs to mitigate
both the current threats as well as be resilient
against challenges still to come.
For BlackBerry, it is vitally important that we not
only create great software but that we are able to
help organisations at a strategic level understand
the threat landscape and take appropriate action.
This is why information-sharing initiatives like this
‘Think Tank’ are very important – because collaboration,
at every level, is key to combatting the ever changing
threat. Without dialogue, we are limited in our
understanding and therefore deficient in our solution.
Our enemy listens, learns and adapts with swiftness
and precision. We must do the same.
The
BlackBerry view
by Sinisha Patkovic, Vice President, BlackBerry Government Solutions
BLACKBERRY 15 CLOSING THOUGHTS
The changing cybersecurity threat landscape demands greater clarity regarding the
roles and responsibilities both within and between those organisations under threat.
At the same time, the group which should consider itself under threat is constantly
adding new members, while the threats they face are growing more complex and
broadening in scope.
Faced with such a complex and potentially confusing scenario, it is incumbent upon
all organisations to not just consider the threats they face and their potential impact,
but to also be actively planning for the seeming inevitability that one day their fears
will be realised.
It is not enough for an organisation to simply maintain a defensive perimeter,
especially as the insider threat – be it accidental or malicious – has proven to be
so devastating to so many organisations. So too organisations must accept that the
goals of unscrupulous attacks today are wider than just financial windfalls – intellectual
property, customer records, staff data, and so many other information types all have
value and can all be used to inflict damage at an organisational or even personal level.
And it is not just the actions of malicious actors that organisations must be prepared
for. The heavy dependency of organisations on digital systems and communications
means natural occurrences can have a devastating impact on business continuity.
It is essential that all organisations be well drilled in what to do once an incident
occurs – for the protection of staff as well as for its reputation, intellectual property,
and financial assets. So too it is vital that mechanisms exist so that information
regarding attacks can be quickly shared amongst those most vulnerable.
Because the enemy is multitudinous, well-armed, and has very little to lose.
The same cannot be said of their targets.
Brad Howarth
Closing Thoughts by Think Tank moderator
BLACKBERRY INTRODUCTION16

Weitere ähnliche Inhalte

Was ist angesagt?

Iot–a unique combination of biz ux-tech-sandhi bhide oct29-2014- semi pnw bre...
Iot–a unique combination of biz ux-tech-sandhi bhide oct29-2014- semi pnw bre...Iot–a unique combination of biz ux-tech-sandhi bhide oct29-2014- semi pnw bre...
Iot–a unique combination of biz ux-tech-sandhi bhide oct29-2014- semi pnw bre...sandhibhide
 
Networking Plus December 2014: Connecting Mobile Workers
Networking Plus December 2014: Connecting Mobile WorkersNetworking Plus December 2014: Connecting Mobile Workers
Networking Plus December 2014: Connecting Mobile WorkersEric Wong
 
The Internet of Things (IoT for Beginners Guide)
The Internet of Things (IoT for Beginners Guide)The Internet of Things (IoT for Beginners Guide)
The Internet of Things (IoT for Beginners Guide)Ashish Kumar
 
Netop Remote Control Embedded Devices
Netop Remote Control Embedded DevicesNetop Remote Control Embedded Devices
Netop Remote Control Embedded DevicesNetop
 
The Financial Impact of BYOD
The Financial Impact of BYODThe Financial Impact of BYOD
The Financial Impact of BYODCisco Services
 
The STEEP Forces Driving Cloud Computing for CSA IT
The STEEP Forces Driving Cloud Computing for CSA ITThe STEEP Forces Driving Cloud Computing for CSA IT
The STEEP Forces Driving Cloud Computing for CSA ITCraig Rispin
 
Internet of things enabling tech - challenges - opportunities (2016)
Internet of things   enabling tech - challenges - opportunities (2016)Internet of things   enabling tech - challenges - opportunities (2016)
Internet of things enabling tech - challenges - opportunities (2016)Davor Dokonal
 
There's No Such Thing As "Downtime" In a Hospital
There's No Such Thing As "Downtime" In a HospitalThere's No Such Thing As "Downtime" In a Hospital
There's No Such Thing As "Downtime" In a HospitalNETSCOUT
 
Android in the Enterprise New Security Enhancements: Google and BlackBerry St...
Android in the Enterprise New Security Enhancements: Google and BlackBerry St...Android in the Enterprise New Security Enhancements: Google and BlackBerry St...
Android in the Enterprise New Security Enhancements: Google and BlackBerry St...BlackBerry
 
The Internet of Things: the 4 security dimensions of smart devices
The Internet of Things: the 4 security dimensions of smart devicesThe Internet of Things: the 4 security dimensions of smart devices
The Internet of Things: the 4 security dimensions of smart devicesWavestone
 
LIFT OFF 2017: IoT and MSS Deep Dive
LIFT OFF 2017: IoT and MSS Deep DiveLIFT OFF 2017: IoT and MSS Deep Dive
LIFT OFF 2017: IoT and MSS Deep DiveRobert Herjavec
 
E magazine march issue 2021
E magazine march issue 2021E magazine march issue 2021
E magazine march issue 2021VARINDIA
 
Mobile Industry Technology Forecast
Mobile Industry Technology ForecastMobile Industry Technology Forecast
Mobile Industry Technology ForecastMotaz Agamawi
 
11 things IT leaders need to know about the internet of things
11 things IT leaders need to know about the internet of things 11 things IT leaders need to know about the internet of things
11 things IT leaders need to know about the internet of things WGroup
 
IS_Associates_IoT_Pres_Miller_Broadcom
IS_Associates_IoT_Pres_Miller_BroadcomIS_Associates_IoT_Pres_Miller_Broadcom
IS_Associates_IoT_Pres_Miller_BroadcomWilliam H. Miller, Jr.
 
New trends of IoT in 2018 and beyond (SJSU Conference )
New trends of IoT in 2018 and beyond (SJSU Conference ) New trends of IoT in 2018 and beyond (SJSU Conference )
New trends of IoT in 2018 and beyond (SJSU Conference ) Ahmed Banafa
 
VET4SBO Level 2 module 6 - unit 4 - v0.9 en
VET4SBO Level 2   module 6 - unit 4  - v0.9 enVET4SBO Level 2   module 6 - unit 4  - v0.9 en
VET4SBO Level 2 module 6 - unit 4 - v0.9 enKarel Van Isacker
 

Was ist angesagt? (20)

Iot–a unique combination of biz ux-tech-sandhi bhide oct29-2014- semi pnw bre...
Iot–a unique combination of biz ux-tech-sandhi bhide oct29-2014- semi pnw bre...Iot–a unique combination of biz ux-tech-sandhi bhide oct29-2014- semi pnw bre...
Iot–a unique combination of biz ux-tech-sandhi bhide oct29-2014- semi pnw bre...
 
Networking Plus December 2014: Connecting Mobile Workers
Networking Plus December 2014: Connecting Mobile WorkersNetworking Plus December 2014: Connecting Mobile Workers
Networking Plus December 2014: Connecting Mobile Workers
 
The Internet of Things (IoT for Beginners Guide)
The Internet of Things (IoT for Beginners Guide)The Internet of Things (IoT for Beginners Guide)
The Internet of Things (IoT for Beginners Guide)
 
Netop Remote Control Embedded Devices
Netop Remote Control Embedded DevicesNetop Remote Control Embedded Devices
Netop Remote Control Embedded Devices
 
The Financial Impact of BYOD
The Financial Impact of BYODThe Financial Impact of BYOD
The Financial Impact of BYOD
 
The STEEP Forces Driving Cloud Computing for CSA IT
The STEEP Forces Driving Cloud Computing for CSA ITThe STEEP Forces Driving Cloud Computing for CSA IT
The STEEP Forces Driving Cloud Computing for CSA IT
 
Internet of things enabling tech - challenges - opportunities (2016)
Internet of things   enabling tech - challenges - opportunities (2016)Internet of things   enabling tech - challenges - opportunities (2016)
Internet of things enabling tech - challenges - opportunities (2016)
 
There's No Such Thing As "Downtime" In a Hospital
There's No Such Thing As "Downtime" In a HospitalThere's No Such Thing As "Downtime" In a Hospital
There's No Such Thing As "Downtime" In a Hospital
 
Insights success the 10 best performing cyber security solution providers 4th...
Insights success the 10 best performing cyber security solution providers 4th...Insights success the 10 best performing cyber security solution providers 4th...
Insights success the 10 best performing cyber security solution providers 4th...
 
Io t whitepaper_5_15_17
Io t whitepaper_5_15_17Io t whitepaper_5_15_17
Io t whitepaper_5_15_17
 
Android in the Enterprise New Security Enhancements: Google and BlackBerry St...
Android in the Enterprise New Security Enhancements: Google and BlackBerry St...Android in the Enterprise New Security Enhancements: Google and BlackBerry St...
Android in the Enterprise New Security Enhancements: Google and BlackBerry St...
 
The Internet of Things: the 4 security dimensions of smart devices
The Internet of Things: the 4 security dimensions of smart devicesThe Internet of Things: the 4 security dimensions of smart devices
The Internet of Things: the 4 security dimensions of smart devices
 
LIFT OFF 2017: IoT and MSS Deep Dive
LIFT OFF 2017: IoT and MSS Deep DiveLIFT OFF 2017: IoT and MSS Deep Dive
LIFT OFF 2017: IoT and MSS Deep Dive
 
E magazine march issue 2021
E magazine march issue 2021E magazine march issue 2021
E magazine march issue 2021
 
Mobile Industry Technology Forecast
Mobile Industry Technology ForecastMobile Industry Technology Forecast
Mobile Industry Technology Forecast
 
11 things IT leaders need to know about the internet of things
11 things IT leaders need to know about the internet of things 11 things IT leaders need to know about the internet of things
11 things IT leaders need to know about the internet of things
 
IS_Associates_IoT_Pres_Miller_Broadcom
IS_Associates_IoT_Pres_Miller_BroadcomIS_Associates_IoT_Pres_Miller_Broadcom
IS_Associates_IoT_Pres_Miller_Broadcom
 
Interner of Things Iinsurance gateway
Interner of Things Iinsurance gateway Interner of Things Iinsurance gateway
Interner of Things Iinsurance gateway
 
New trends of IoT in 2018 and beyond (SJSU Conference )
New trends of IoT in 2018 and beyond (SJSU Conference ) New trends of IoT in 2018 and beyond (SJSU Conference )
New trends of IoT in 2018 and beyond (SJSU Conference )
 
VET4SBO Level 2 module 6 - unit 4 - v0.9 en
VET4SBO Level 2   module 6 - unit 4  - v0.9 enVET4SBO Level 2   module 6 - unit 4  - v0.9 en
VET4SBO Level 2 module 6 - unit 4 - v0.9 en
 

Andere mochten auch

BlackBerry Software: Securing the Enterprise of Things
BlackBerry Software: Securing the Enterprise of ThingsBlackBerry Software: Securing the Enterprise of Things
BlackBerry Software: Securing the Enterprise of ThingsBlackBerry
 
BlackBerry 10 Implications for Enterprise Mobility
BlackBerry 10 Implications for Enterprise MobilityBlackBerry 10 Implications for Enterprise Mobility
BlackBerry 10 Implications for Enterprise MobilityAntenna Software
 
BlackBerry 10 Enterprise Development
BlackBerry 10 Enterprise DevelopmentBlackBerry 10 Enterprise Development
BlackBerry 10 Enterprise DevelopmentSimon HSU
 
Intro BlackBerry 10 for enterprise
Intro BlackBerry 10 for enterpriseIntro BlackBerry 10 for enterprise
Intro BlackBerry 10 for enterpriseBelsoft
 
Introducing BlackBerry Secure
Introducing BlackBerry SecureIntroducing BlackBerry Secure
Introducing BlackBerry SecureBlackBerry
 
Ranbijay Kumar - BlackBerry Jam Americas 2013
Ranbijay Kumar - BlackBerry Jam Americas 2013Ranbijay Kumar - BlackBerry Jam Americas 2013
Ranbijay Kumar - BlackBerry Jam Americas 2013Dr. Ranbijay Kumar
 
EDM2014 Better Data Beats Big Data
EDM2014 Better Data Beats Big DataEDM2014 Better Data Beats Big Data
EDM2014 Better Data Beats Big DataMichael Yudelson
 
Buenas prácticas BEDA 2017
Buenas prácticas BEDA 2017Buenas prácticas BEDA 2017
Buenas prácticas BEDA 2017sarasacristan
 
ResumeAnkitaNagane (1)
ResumeAnkitaNagane (1)ResumeAnkitaNagane (1)
ResumeAnkitaNagane (1)Ankita Nagane
 
Matshidiso Mohale - Ref Letter
Matshidiso Mohale - Ref LetterMatshidiso Mohale - Ref Letter
Matshidiso Mohale - Ref LetterMatshidiso Mohale
 
Creación indices y constraints en bases de datos de sql server
Creación indices y constraints en bases de datos de sql serverCreación indices y constraints en bases de datos de sql server
Creación indices y constraints en bases de datos de sql serverCesarIvanPM22
 
CRAIG VAN DER PLANK CV MARCH2016 (002)
CRAIG VAN DER PLANK CV MARCH2016 (002)CRAIG VAN DER PLANK CV MARCH2016 (002)
CRAIG VAN DER PLANK CV MARCH2016 (002)Craig Van Der Plank
 
Writing an email to a friend
Writing an email to a friendWriting an email to a friend
Writing an email to a friendMabel Cortes
 
DTEK50 by BlackBerry Spec Sheet
DTEK50 by BlackBerry Spec SheetDTEK50 by BlackBerry Spec Sheet
DTEK50 by BlackBerry Spec SheetBlackBerry
 

Andere mochten auch (18)

BlackBerry Software: Securing the Enterprise of Things
BlackBerry Software: Securing the Enterprise of ThingsBlackBerry Software: Securing the Enterprise of Things
BlackBerry Software: Securing the Enterprise of Things
 
BlackBerry 10 Implications for Enterprise Mobility
BlackBerry 10 Implications for Enterprise MobilityBlackBerry 10 Implications for Enterprise Mobility
BlackBerry 10 Implications for Enterprise Mobility
 
BlackBerry 10 Enterprise Development
BlackBerry 10 Enterprise DevelopmentBlackBerry 10 Enterprise Development
BlackBerry 10 Enterprise Development
 
Intro BlackBerry 10 for enterprise
Intro BlackBerry 10 for enterpriseIntro BlackBerry 10 for enterprise
Intro BlackBerry 10 for enterprise
 
Introducing BlackBerry Secure
Introducing BlackBerry SecureIntroducing BlackBerry Secure
Introducing BlackBerry Secure
 
Ranbijay Kumar - BlackBerry Jam Americas 2013
Ranbijay Kumar - BlackBerry Jam Americas 2013Ranbijay Kumar - BlackBerry Jam Americas 2013
Ranbijay Kumar - BlackBerry Jam Americas 2013
 
manual service Oki C310dn
manual service Oki C310dnmanual service Oki C310dn
manual service Oki C310dn
 
EDM2014 Better Data Beats Big Data
EDM2014 Better Data Beats Big DataEDM2014 Better Data Beats Big Data
EDM2014 Better Data Beats Big Data
 
Buenas prácticas BEDA 2017
Buenas prácticas BEDA 2017Buenas prácticas BEDA 2017
Buenas prácticas BEDA 2017
 
ResumeAnkitaNagane (1)
ResumeAnkitaNagane (1)ResumeAnkitaNagane (1)
ResumeAnkitaNagane (1)
 
CV
CVCV
CV
 
Matshidiso Mohale - Ref Letter
Matshidiso Mohale - Ref LetterMatshidiso Mohale - Ref Letter
Matshidiso Mohale - Ref Letter
 
Creación indices y constraints en bases de datos de sql server
Creación indices y constraints en bases de datos de sql serverCreación indices y constraints en bases de datos de sql server
Creación indices y constraints en bases de datos de sql server
 
Psikologi remaja
Psikologi remajaPsikologi remaja
Psikologi remaja
 
CRAIG VAN DER PLANK CV MARCH2016 (002)
CRAIG VAN DER PLANK CV MARCH2016 (002)CRAIG VAN DER PLANK CV MARCH2016 (002)
CRAIG VAN DER PLANK CV MARCH2016 (002)
 
Writing an email to a friend
Writing an email to a friendWriting an email to a friend
Writing an email to a friend
 
DTEK50 by BlackBerry Spec Sheet
DTEK50 by BlackBerry Spec SheetDTEK50 by BlackBerry Spec Sheet
DTEK50 by BlackBerry Spec Sheet
 
Tabela 2017 Q1
Tabela 2017 Q1Tabela 2017 Q1
Tabela 2017 Q1
 

Ähnlich wie Is Your Organization in Crisis?

Cyber savvy (2)
Cyber savvy (2)Cyber savvy (2)
Cyber savvy (2)naveen p
 
Final presentation cyber security submit copy
Final presentation cyber security submit copyFinal presentation cyber security submit copy
Final presentation cyber security submit copysmita mitra
 
Gsn 2014 digital yearbook of homeland security awards
Gsn 2014 digital yearbook of homeland security awardsGsn 2014 digital yearbook of homeland security awards
Gsn 2014 digital yearbook of homeland security awardsChuck Brooks
 
cybersecurity-250
cybersecurity-250cybersecurity-250
cybersecurity-250Chris Crowe
 
4.01 Cyber Conference_ press release5.13
4.01 Cyber Conference_ press release5.134.01 Cyber Conference_ press release5.13
4.01 Cyber Conference_ press release5.13Signals Defense, LLC
 
2010 6 Things u need 2 know in 2010 Whitepaper Final
2010  6 Things u need 2 know in 2010 Whitepaper Final2010  6 Things u need 2 know in 2010 Whitepaper Final
2010 6 Things u need 2 know in 2010 Whitepaper FinalLarry Taylor Ph.D.
 
WSIS10 Action Line C5 Building Confidence and Security in the use of ICT's
WSIS10 Action Line C5 Building Confidence and Security in the use of ICT'sWSIS10 Action Line C5 Building Confidence and Security in the use of ICT's
WSIS10 Action Line C5 Building Confidence and Security in the use of ICT'sDr Lendy Spires
 
Policy Guide for Legislators
Policy Guide for LegislatorsPolicy Guide for Legislators
Policy Guide for LegislatorsKristin Judge
 
Hacking Municipal Government Best Practices for Protection of Sensitive Loc...
Hacking Municipal Government  Best Practices for Protection of  Sensitive Loc...Hacking Municipal Government  Best Practices for Protection of  Sensitive Loc...
Hacking Municipal Government Best Practices for Protection of Sensitive Loc...Ben Griffith
 
The National Cyber Security Strategy: Success Through Cooperation
The National Cyber Security Strategy: Success Through CooperationThe National Cyber Security Strategy: Success Through Cooperation
The National Cyber Security Strategy: Success Through CooperationMark Johnson
 
CIR Magazine - Cyber Readiness, key to survival
CIR Magazine - Cyber Readiness, key to survivalCIR Magazine - Cyber Readiness, key to survival
CIR Magazine - Cyber Readiness, key to survivalMorgan Jones
 
CC_Futureinc_Cyber Security
CC_Futureinc_Cyber SecurityCC_Futureinc_Cyber Security
CC_Futureinc_Cyber SecurityAlistair Blake
 
Top Cyber News MAGAZINE. Troels Oerting
Top Cyber News MAGAZINE. Troels Oerting Top Cyber News MAGAZINE. Troels Oerting
Top Cyber News MAGAZINE. Troels Oerting TopCyberNewsMAGAZINE
 
Online security – an assessment of the new
Online security – an assessment of the newOnline security – an assessment of the new
Online security – an assessment of the newsunnyjoshi88
 
Government Information Quarterly 34 (2017) 1–7Contents lis.docx
Government Information Quarterly 34 (2017) 1–7Contents lis.docxGovernment Information Quarterly 34 (2017) 1–7Contents lis.docx
Government Information Quarterly 34 (2017) 1–7Contents lis.docxbenjaminjames21681
 
1. security 20 20 - ebook-vol2
1. security 20 20 - ebook-vol21. security 20 20 - ebook-vol2
1. security 20 20 - ebook-vol2Adela Cocic
 

Ähnlich wie Is Your Organization in Crisis? (20)

Cyber savvy (2)
Cyber savvy (2)Cyber savvy (2)
Cyber savvy (2)
 
Delusions of-safety-cyber-savvy-ceo
Delusions of-safety-cyber-savvy-ceoDelusions of-safety-cyber-savvy-ceo
Delusions of-safety-cyber-savvy-ceo
 
Final presentation cyber security submit copy
Final presentation cyber security submit copyFinal presentation cyber security submit copy
Final presentation cyber security submit copy
 
Delusions of-safety-cyber-savvy-ceo
Delusions of-safety-cyber-savvy-ceoDelusions of-safety-cyber-savvy-ceo
Delusions of-safety-cyber-savvy-ceo
 
Gsn 2014 digital yearbook of homeland security awards
Gsn 2014 digital yearbook of homeland security awardsGsn 2014 digital yearbook of homeland security awards
Gsn 2014 digital yearbook of homeland security awards
 
cybersecurity-250
cybersecurity-250cybersecurity-250
cybersecurity-250
 
4.01 Cyber Conference_ press release5.13
4.01 Cyber Conference_ press release5.134.01 Cyber Conference_ press release5.13
4.01 Cyber Conference_ press release5.13
 
2010 6 Things u need 2 know in 2010 Whitepaper Final
2010  6 Things u need 2 know in 2010 Whitepaper Final2010  6 Things u need 2 know in 2010 Whitepaper Final
2010 6 Things u need 2 know in 2010 Whitepaper Final
 
WSIS10 Action Line C5 Building Confidence and Security in the use of ICT's
WSIS10 Action Line C5 Building Confidence and Security in the use of ICT'sWSIS10 Action Line C5 Building Confidence and Security in the use of ICT's
WSIS10 Action Line C5 Building Confidence and Security in the use of ICT's
 
Policy Guide for Legislators
Policy Guide for LegislatorsPolicy Guide for Legislators
Policy Guide for Legislators
 
Hacking Municipal Government Best Practices for Protection of Sensitive Loc...
Hacking Municipal Government  Best Practices for Protection of  Sensitive Loc...Hacking Municipal Government  Best Practices for Protection of  Sensitive Loc...
Hacking Municipal Government Best Practices for Protection of Sensitive Loc...
 
The National Cyber Security Strategy: Success Through Cooperation
The National Cyber Security Strategy: Success Through CooperationThe National Cyber Security Strategy: Success Through Cooperation
The National Cyber Security Strategy: Success Through Cooperation
 
CIR Magazine - Cyber Readiness, key to survival
CIR Magazine - Cyber Readiness, key to survivalCIR Magazine - Cyber Readiness, key to survival
CIR Magazine - Cyber Readiness, key to survival
 
CC_Futureinc_Cyber Security
CC_Futureinc_Cyber SecurityCC_Futureinc_Cyber Security
CC_Futureinc_Cyber Security
 
Volume2 chapter1 security
Volume2 chapter1 securityVolume2 chapter1 security
Volume2 chapter1 security
 
Top Cyber News MAGAZINE. Troels Oerting
Top Cyber News MAGAZINE. Troels Oerting Top Cyber News MAGAZINE. Troels Oerting
Top Cyber News MAGAZINE. Troels Oerting
 
Online security – an assessment of the new
Online security – an assessment of the newOnline security – an assessment of the new
Online security – an assessment of the new
 
Trends_in_my_profession(revised)
Trends_in_my_profession(revised)Trends_in_my_profession(revised)
Trends_in_my_profession(revised)
 
Government Information Quarterly 34 (2017) 1–7Contents lis.docx
Government Information Quarterly 34 (2017) 1–7Contents lis.docxGovernment Information Quarterly 34 (2017) 1–7Contents lis.docx
Government Information Quarterly 34 (2017) 1–7Contents lis.docx
 
1. security 20 20 - ebook-vol2
1. security 20 20 - ebook-vol21. security 20 20 - ebook-vol2
1. security 20 20 - ebook-vol2
 

Mehr von BlackBerry

Infographic Partner Benefits
Infographic Partner BenefitsInfographic Partner Benefits
Infographic Partner BenefitsBlackBerry
 
File Sharing Use Cases in Financial Services
File Sharing Use Cases in Financial ServicesFile Sharing Use Cases in Financial Services
File Sharing Use Cases in Financial ServicesBlackBerry
 
Ottawa’s Autonomous Car Scene
Ottawa’s Autonomous Car SceneOttawa’s Autonomous Car Scene
Ottawa’s Autonomous Car SceneBlackBerry
 
Canada’s Hub of Autonomous Vehicle Innovation is in Kanatas (Ottawa)
Canada’s Hub of Autonomous Vehicle Innovation is in Kanatas (Ottawa)Canada’s Hub of Autonomous Vehicle Innovation is in Kanatas (Ottawa)
Canada’s Hub of Autonomous Vehicle Innovation is in Kanatas (Ottawa)BlackBerry
 
The Endpoint Is Just the Starting Point
The Endpoint Is Just the Starting PointThe Endpoint Is Just the Starting Point
The Endpoint Is Just the Starting PointBlackBerry
 
35 Ways QNX Touches Our Lives
35 Ways QNX Touches Our Lives35 Ways QNX Touches Our Lives
35 Ways QNX Touches Our LivesBlackBerry
 
Introducing BlackBerry Work for End Users: A Better Way to Work
Introducing BlackBerry Work for End Users: A Better Way to WorkIntroducing BlackBerry Work for End Users: A Better Way to Work
Introducing BlackBerry Work for End Users: A Better Way to WorkBlackBerry
 
Business-Class Productivity Meets Certified Security: BlackBerry Enterprise M...
Business-Class Productivity Meets Certified Security: BlackBerry Enterprise M...Business-Class Productivity Meets Certified Security: BlackBerry Enterprise M...
Business-Class Productivity Meets Certified Security: BlackBerry Enterprise M...BlackBerry
 
Secure Enterprise File Sharing and Mobile Content Management
Secure Enterprise File Sharing and Mobile Content ManagementSecure Enterprise File Sharing and Mobile Content Management
Secure Enterprise File Sharing and Mobile Content ManagementBlackBerry
 
BlackBerry Workspaces: Solutions for Technology & Manufacturing
BlackBerry Workspaces: Solutions for Technology & ManufacturingBlackBerry Workspaces: Solutions for Technology & Manufacturing
BlackBerry Workspaces: Solutions for Technology & ManufacturingBlackBerry
 
Make the Most Out of Your Deployment of BlackBerry Workspaces: Solutions for ...
Make the Most Out of Your Deployment of BlackBerry Workspaces: Solutions for ...Make the Most Out of Your Deployment of BlackBerry Workspaces: Solutions for ...
Make the Most Out of Your Deployment of BlackBerry Workspaces: Solutions for ...BlackBerry
 
BlackBerry Workspaces Mobile Applications
BlackBerry Workspaces Mobile ApplicationsBlackBerry Workspaces Mobile Applications
BlackBerry Workspaces Mobile ApplicationsBlackBerry
 
BlackBerry Workspaces: Solutions for Media & Entertainment
BlackBerry Workspaces: Solutions for Media & Entertainment BlackBerry Workspaces: Solutions for Media & Entertainment
BlackBerry Workspaces: Solutions for Media & Entertainment BlackBerry
 
BlackBerry Workspaces: Solutions for Healthcare
BlackBerry Workspaces: Solutions for HealthcareBlackBerry Workspaces: Solutions for Healthcare
BlackBerry Workspaces: Solutions for HealthcareBlackBerry
 
BlackBerry Workspaces: Solutions for Government
BlackBerry Workspaces: Solutions for GovernmentBlackBerry Workspaces: Solutions for Government
BlackBerry Workspaces: Solutions for GovernmentBlackBerry
 
BlackBerry Workspaces: Solutions for Energy & Utilities
BlackBerry Workspaces: Solutions for Energy & UtilitiesBlackBerry Workspaces: Solutions for Energy & Utilities
BlackBerry Workspaces: Solutions for Energy & UtilitiesBlackBerry
 
BlackBerry Workspaces: Integration with Data Loss Prevention (DLP)
BlackBerry Workspaces: Integration with Data Loss Prevention (DLP)BlackBerry Workspaces: Integration with Data Loss Prevention (DLP)
BlackBerry Workspaces: Integration with Data Loss Prevention (DLP)BlackBerry
 
BlackBerry Workspaces: Authentication and Identity Connectors
BlackBerry Workspaces: Authentication and Identity ConnectorsBlackBerry Workspaces: Authentication and Identity Connectors
BlackBerry Workspaces: Authentication and Identity ConnectorsBlackBerry
 
BlackBerry Unified Endpoint Manager (UEM): Complete Multi-OS Control for Secu...
BlackBerry Unified Endpoint Manager (UEM): Complete Multi-OS Control for Secu...BlackBerry Unified Endpoint Manager (UEM): Complete Multi-OS Control for Secu...
BlackBerry Unified Endpoint Manager (UEM): Complete Multi-OS Control for Secu...BlackBerry
 
BlackBerry Dynamics
BlackBerry Dynamics BlackBerry Dynamics
BlackBerry Dynamics BlackBerry
 

Mehr von BlackBerry (20)

Infographic Partner Benefits
Infographic Partner BenefitsInfographic Partner Benefits
Infographic Partner Benefits
 
File Sharing Use Cases in Financial Services
File Sharing Use Cases in Financial ServicesFile Sharing Use Cases in Financial Services
File Sharing Use Cases in Financial Services
 
Ottawa’s Autonomous Car Scene
Ottawa’s Autonomous Car SceneOttawa’s Autonomous Car Scene
Ottawa’s Autonomous Car Scene
 
Canada’s Hub of Autonomous Vehicle Innovation is in Kanatas (Ottawa)
Canada’s Hub of Autonomous Vehicle Innovation is in Kanatas (Ottawa)Canada’s Hub of Autonomous Vehicle Innovation is in Kanatas (Ottawa)
Canada’s Hub of Autonomous Vehicle Innovation is in Kanatas (Ottawa)
 
The Endpoint Is Just the Starting Point
The Endpoint Is Just the Starting PointThe Endpoint Is Just the Starting Point
The Endpoint Is Just the Starting Point
 
35 Ways QNX Touches Our Lives
35 Ways QNX Touches Our Lives35 Ways QNX Touches Our Lives
35 Ways QNX Touches Our Lives
 
Introducing BlackBerry Work for End Users: A Better Way to Work
Introducing BlackBerry Work for End Users: A Better Way to WorkIntroducing BlackBerry Work for End Users: A Better Way to Work
Introducing BlackBerry Work for End Users: A Better Way to Work
 
Business-Class Productivity Meets Certified Security: BlackBerry Enterprise M...
Business-Class Productivity Meets Certified Security: BlackBerry Enterprise M...Business-Class Productivity Meets Certified Security: BlackBerry Enterprise M...
Business-Class Productivity Meets Certified Security: BlackBerry Enterprise M...
 
Secure Enterprise File Sharing and Mobile Content Management
Secure Enterprise File Sharing and Mobile Content ManagementSecure Enterprise File Sharing and Mobile Content Management
Secure Enterprise File Sharing and Mobile Content Management
 
BlackBerry Workspaces: Solutions for Technology & Manufacturing
BlackBerry Workspaces: Solutions for Technology & ManufacturingBlackBerry Workspaces: Solutions for Technology & Manufacturing
BlackBerry Workspaces: Solutions for Technology & Manufacturing
 
Make the Most Out of Your Deployment of BlackBerry Workspaces: Solutions for ...
Make the Most Out of Your Deployment of BlackBerry Workspaces: Solutions for ...Make the Most Out of Your Deployment of BlackBerry Workspaces: Solutions for ...
Make the Most Out of Your Deployment of BlackBerry Workspaces: Solutions for ...
 
BlackBerry Workspaces Mobile Applications
BlackBerry Workspaces Mobile ApplicationsBlackBerry Workspaces Mobile Applications
BlackBerry Workspaces Mobile Applications
 
BlackBerry Workspaces: Solutions for Media & Entertainment
BlackBerry Workspaces: Solutions for Media & Entertainment BlackBerry Workspaces: Solutions for Media & Entertainment
BlackBerry Workspaces: Solutions for Media & Entertainment
 
BlackBerry Workspaces: Solutions for Healthcare
BlackBerry Workspaces: Solutions for HealthcareBlackBerry Workspaces: Solutions for Healthcare
BlackBerry Workspaces: Solutions for Healthcare
 
BlackBerry Workspaces: Solutions for Government
BlackBerry Workspaces: Solutions for GovernmentBlackBerry Workspaces: Solutions for Government
BlackBerry Workspaces: Solutions for Government
 
BlackBerry Workspaces: Solutions for Energy & Utilities
BlackBerry Workspaces: Solutions for Energy & UtilitiesBlackBerry Workspaces: Solutions for Energy & Utilities
BlackBerry Workspaces: Solutions for Energy & Utilities
 
BlackBerry Workspaces: Integration with Data Loss Prevention (DLP)
BlackBerry Workspaces: Integration with Data Loss Prevention (DLP)BlackBerry Workspaces: Integration with Data Loss Prevention (DLP)
BlackBerry Workspaces: Integration with Data Loss Prevention (DLP)
 
BlackBerry Workspaces: Authentication and Identity Connectors
BlackBerry Workspaces: Authentication and Identity ConnectorsBlackBerry Workspaces: Authentication and Identity Connectors
BlackBerry Workspaces: Authentication and Identity Connectors
 
BlackBerry Unified Endpoint Manager (UEM): Complete Multi-OS Control for Secu...
BlackBerry Unified Endpoint Manager (UEM): Complete Multi-OS Control for Secu...BlackBerry Unified Endpoint Manager (UEM): Complete Multi-OS Control for Secu...
BlackBerry Unified Endpoint Manager (UEM): Complete Multi-OS Control for Secu...
 
BlackBerry Dynamics
BlackBerry Dynamics BlackBerry Dynamics
BlackBerry Dynamics
 

Kürzlich hochgeladen

UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UbiTrack UK
 
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration WorkflowsIgniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration WorkflowsSafe Software
 
9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding TeamAdam Moalla
 
Computer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsComputer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsSeth Reyes
 
UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7DianaGray10
 
Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1DianaGray10
 
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online CollaborationCOMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online Collaborationbruanjhuli
 
Nanopower In Semiconductor Industry.pdf
Nanopower  In Semiconductor Industry.pdfNanopower  In Semiconductor Industry.pdf
Nanopower In Semiconductor Industry.pdfPedro Manuel
 
Comparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioComparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioChristian Posta
 
Building AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptxBuilding AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptxUdaiappa Ramachandran
 
Empowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintEmpowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintMahmoud Rabie
 
Linked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond OntologiesLinked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond OntologiesDavid Newbury
 
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationUsing IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationIES VE
 
OpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability AdventureOpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability AdventureEric D. Schabell
 
Cybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxCybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxGDSC PJATK
 
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfUiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfDianaGray10
 
UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8DianaGray10
 
Bird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemBird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemAsko Soukka
 

Kürzlich hochgeladen (20)

20230104 - machine vision
20230104 - machine vision20230104 - machine vision
20230104 - machine vision
 
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
 
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration WorkflowsIgniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
 
9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team
 
Computer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsComputer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and Hazards
 
UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7
 
Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1
 
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online CollaborationCOMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
 
Nanopower In Semiconductor Industry.pdf
Nanopower  In Semiconductor Industry.pdfNanopower  In Semiconductor Industry.pdf
Nanopower In Semiconductor Industry.pdf
 
Comparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioComparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and Istio
 
Building AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptxBuilding AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptx
 
Empowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintEmpowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership Blueprint
 
Linked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond OntologiesLinked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond Ontologies
 
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationUsing IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
 
OpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability AdventureOpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability Adventure
 
201610817 - edge part1
201610817 - edge part1201610817 - edge part1
201610817 - edge part1
 
Cybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxCybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptx
 
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfUiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
 
UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8
 
Bird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemBird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystem
 

Is Your Organization in Crisis?

  • 1. BLACKBERRY INTRODUCTION1 IS YOUR ORGANISATION READY FOR A CRISIS? THE FUTURE OF SECURITY IN AUSTRALIA. A THINK TANK REPORT BY BLACKBERRY.
  • 2. BLACKBERRY 2 INDEX 3 Foreword 4 Introduction 5 Participants 6 Collective Response 8 Arms Race 10 Vulnerabilities 12 Human Factors
  • 3. BLACKBERRY FOREWORD3 At the close of 2016, I had the pleasure of participating in a critical discussion in Sydney about trends in cyber and mobile security. Together with BlackBerry and other leaders in various fields of information and people security, this ‘Think Tank’ explored the threat impact today upon organisations in the private and public sectors in Australia and around the world. It goes without saying that cybercrime and cybersecurity were high on the agenda. As a former advisor to the Obama government on the subject, this is an area I am passionate about. It was clear that it’s a challenge for everyone, from C-levels to boards to IT managers, who are grappling with these challenges every day with different strategies. However, beyond this, we also heard first-hand how it impacts technology and people strategies, including how roles and organisational responsibilities are changing and solutions are evolving to help manage citizen and employee safety. The changing security threat outlook continues to be a challenge and 2017 will be no different in how we tackle its problems. The landscape will only continue to evolve, threats will grow and become more complex. This discussion among some of Australia’s leading experts aimed to examine how organisations and governments can better ready themselves for a crisis and mitigate risks in the future. However, this is just a starting block. We hope the themes in this report help to encourage ongoing dialogue about cybersecurity, holistic strategies for staff and people safety – and importantly, what can be done to mitigate and survive cybercrime’s destructive path. Foreward by Jeffrey Bleich Partner at Dentons, former US Ambassador to Australia and advisor to the Obama government on cybersecurity Jeffrey Bleich
  • 4. BLACKBERRY INTRODUCTION4 Once primarily the concern of IT departments, digital attacks now threaten to disable critical infrastructure, bring entire cities to their knees and steal billions of dollars from the economy. In 2015, the number of digital attacks increased 38% on the previous year.1 The coming year is expected to see even bigger growth in cybercrime, with the number of potential targets, agents and vulnerabilities all continuing to diversify and expand. It’s a problem with a hefty price tag. Today in Australia, cybercrime is a significant financial problem. In the first quarter of 2015, more than A$234 million worth of financial loss was self- reported by victims of cybercrime to the Australian Cybercrime Online Reporting Network (ACORN), whilst a report by the Attorney General’s office suggested the potential national cost at around $2 billion a year.2 The rising threat tide is understandably causing an increasing level of concern amongst business leaders. A recent survey of more than 1,000 IT executives found nearly nine out of 10 executives (86%) are nervous that their company’s security won’t be enough to keep out hackers or malware.3 Cybersecurity today is charged not only with protecting technology, but also critical infrastructure and even people. Recent crisis scenarios such as the 2016 South Australian power blackout saw technology playing a lead recovery role – from messaging impacted residents about the disaster to routing energy to critical services such as hospitals and maintaining networks. The BlackBerry Future of Security Think Tank brought together a select group of experts to explore the increasingly complex Australian security environment – both on and offline. The goal was to establish dialog amongst public and private sector experts, in order to better understand the varied challenges facing cities in the future and how best to develop more comprehensive and collaborative risk management strategies. Introduction Australia’s cyber risk profile is changing. 1 BlackBerrySecuritySummitreporting,http://fleetowner.com/technology/your-biz-may-be-compromised-long-you-know-it-if-you-ever-do 2 https://www.ag.gov.au/CrimeAndCorruption/Cybercrime/Documents/national-plan-to-combat-cybercrime.pdf 3 http://blogs.blackberry.com/2016/07/survey-nearly-9-out-of-10-executives-worry-their-companys-security-is-too-weak-to-deter-hackers/
  • 5. BLACKBERRY 5 PARTICIPANTS The Think Tank brought together participants from a wide-range of security backgrounds – including fraud, cybersecurity and terrorism. Importantly the sectors they work in are incredibly diverse, from professional services, government departments, financial services, security agencies, utility and telecommunications and academia. The Think Tank was moderated by industry commentator and freelance journalist Brad Howarth. He was joined by: • Sinisha Patkovic – Vice President, BlackBerry Government Solutions • Jeffrey Bleich – Group CEO and Partner, Dentons; Former US Ambassador to Australia • John Durbridge – Head of Campus Security, Macquarie University • Berys Amor – Director for Technology, Corrs Chambers Westgarth • Rex Stevenson – Director, Signet Group International; Former Director General for Australian Secret Intelligence Service • Claudine Ogilvie – Chief Information Officer, Jetstar Airways • Craig Davies – CEO at Australian Cybersecurity Growth Network Ltd • George Reinoso – Security and Services Consultant, Ericom • Derek Chen – Regional Head of IT Security, British America Tobacco • Dr Liming Zhu – Research Director, Software and Computational Systems, DATA61 | CSIRO The discussion unlocked a number of themes pertinent in the security landscape – above and beyond just cyber. There were four key take outs that reflected what cities in Australia and businesses within them should be thinking about moving into 2017 and beyond. These included: • The need for a collective response • The attack arms race • Changing vulnerabilities • Overcoming the human factor Future of Security Think Tank participants
  • 6. BLACKBERRY 6 COLLECTIVE RESPONSE Need for a collective response The need for a nationally integrated response to cyber threats remains the single most important goal for addressing cybercrime in 2017, according to the Think Tank members.
  • 7. BLACKBERRY 7 Almost all of the group suggested that changes to the threat landscape have created an overlapping responsibility between governments, private enterprise and industry bodies. For example, last financial year, peak government body CERT Australia responded to 14,804 cybersecurity incidents affecting Australian businesses, 418 of which involved systems of national interest and critical infrastructure. With an increasing number of occurrences, it was agreed collaboration was key. There are numerous examples of where a joint effort has proved critical in staving off a digital threat. In 2012, a foreign criminal syndicate used some 30,000 Australian credit cards to make unauthorised transactions of more than $30 million. It was only because of the combined efforts of the Australian Financial Police, many Australian banks and technology providers in identifying the threat, that the sum didn’t run into the hundreds of millions of dollars. Yet historically, such deep and large scale cooperation has been rare and it was the strong view of the Think Tank that it was an area that needed immediate emphasis. Participants agreed that there is too little formal information sharing, and no clear lines of responsibility in terms of what an organisation should do to defend itself, and where the government’s role starts and ends. Jeffrey Bleich, the former US Ambassador to Australia and now Group CEO and Partner at Dentons, said such collaboration required a level of openness not previously found in the sector. “Only a few years ago many companies were loath to share any information or disclose details about security for fear of conceding a competitive edge. This position is changing but needs to do so even more if we’re to more effectively combat cybersecurity threats in the coming year,” Mr Bleich said. Mr Bleich’s comments were echoed by many other Think Tank participants, who felt that while organisations could cooperate when seeking to extinguish a specific threat, ongoing collaboration continued to be problematic. There were a number of potential barriers to facilitate more open exchange such as commercial sensitivity, however the most prevalent concern was a lack of a singular head administrative entity. On the government side, there are dozens of bodies focused on improved security and information sharing. Within the private sector, the number of formal and informal bodies and initiatives involved in digitally protecting our cities runs into the hundreds. Many of the participants said the plethora of conflicting priorities and approaches amongst these businesses could be confusing to individual organisations. Even a seemingly simple task such as a shared definition of ‘cybercrime’ could be problematic. In a recent threat report from the Australian Cybersecurity Centre, the body said “The Government’s definition of a cyberattack can be at odds with what the information security community, the public and the media envisage cyberattacks to be.” Nonetheless the requirement for a nationally coordinated approach remains, even if the structure of this relationship remains still undecided. BlackBerry Think Tank representative, Sinisha Patkovic who is BlackBerry’s Vice President of Government Solutions said, “There are some considerable challenges in bringing government and private enterprises together when it comes to cybersecurity. Everyone has a slightly different expectation and view about what a nationally coordinated approach would look like. Fortunately, I think Australia already has a lot of the right foundations in place for such collaboration, it’s now about taking the next steps.” Although full cooperation may be a work in progress, the Future of Security Think Tank agreed that there were four key factors that could determine the success of future collaborations: • Helping educate Australians about how to better protect themselves • Improved dialogue between government and private enterprise on cybersecurity – particularly in the area of breach reporting • Better intelligence provided by government about emerging and likely cyberattacks • Closer collaboration amongst those businesses in the private sector COLLECTIVE RESPONSE 4 http://webcache.googleusercontent.com/search?q=cache:clNj5DQivWsJ:www.aph.gov.au/DocumentStore.ashx%3Fid%3Da03cf049-7f2b-43bd-846c-9eb7bd2f59ef%26subId%3D253039+&cd=3&hl=en&ct=clnk&gl=au 5 https://www.acsc.gov.au/publications/ACSC_Threat_Report_2016.pdf 6 https://www.acsc.gov.au/publications/ACSC_Threat_Report_2016.pdf
  • 8. BLACKBERRY 8 ARMS RACE The attack arms race Even the cyber criminals themselves are morphing. The term ‘cyber criminal’ is a catchall category that now includes a vast range of nation states, groups and individuals engaged in online crime from all corners of globe. Their drivers are as distinct as their backgrounds, from pure financial gain through to disrupting critical infrastructure. However, there is one trait that almost all share – they can move at the speed of light. Criminals are able to absorb and take advantage of new vulnerabilities within days or even hours. The ability to prepare for, or even respond to, such a rapidly changing threat landscape was much discussed by the Think Tank members. One of the big drivers between improved public/ private cyber collaboration was that many Think Tank participants felt companies were struggling to keep pace with an ever-changing range of threats. Dr Liming Zhu, Research Director of Software and Computational Systems at CSIRO, gave some interesting insight into how this created a sense of pressure amongst those charged with protecting the networks. “At times it really does feel like an arms race. The better we get at finding countermeasures, those countermeasures then become a training ground for adversaries to find better exploits. As a company, you need be methodical about removing classes of threats completely. Keeping focused on the root cause is very important,” Dr Zhu said.
  • 9. BLACKBERRY 9 George Reinoso, a Security and Services Consultant at Ericom, agreed with Dr Zhu’s thoughts. Rather than getting overwhelmed he said, “The companies that weather an unexpected crisis the best are the ones that are meticulous with their planning. They may not know the nature of the threat but they know, down to the smallest degree, what their response approach will be. When working in an environment where things change so quickly, it’s important not to get too swept up and instead focus on preparedness. At the end of the day it’s the details that matter.” Another way of alleviating the burden of protecting a network is to seek outside experts to help better understand and address rapidly changing threats. As Head of Campus Security at one of Australia’s leading education organisations, John Durbridge from Macquarie University said academic insight should play a key role in shaping industry security strategy. “Keeping ahead of the game is key when it comes to cybersecurity. We have access to some of Australia’s brightest minds here at Macquarie enabling us to draw on their expertise and stay one step ahead. It’s important that organisations are flexible and open minded in who is the ‘expert’ when it comes to security.” Whilst the industry pushes towards drawing on more security experts, those behind cybercrimes are often at the other end of the spectrum. Underpinning the ‘attack arms race’ is an increasingly business-like approach taken by digital crime organisations – offering products and services to the less technology savvy. Hackers for hire are likely to offer round-the-clock support desk services, money laundering expertise and readily packaged cybercrime ‘kits’ . The so-called ‘script kiddies’ armed with off-the-shelf DDoS products were widely suspected to be behind the Dyn attacks in October 2016, which brought down services such as Twitter, Spotify, Netflix and Paypal. The hackers infected common IoT devices, such as DVRs and webcams, with a malware named Mirai that turned these devices into a powerful botnet army that jammed up traffic to a domain name system (DNS) server. While most Think Tank participants weren’t specifically concerned about the threat from less sophisticated attackers, it did raise concerns about the need for constant vigilance. Craig Davies, the former Director of Security at Atlassian and now Chief Executive Officer at the Australian Cybersecurity Growth Network Ltd said, “We need to be continually testing and helping our organisations on security to deal with an almost constant threat. Every company has a security strategy and plan, but too many of them just sit in a desk drawer somewhere. Organisations need to stop asking ‘What could possibly go wrong?’ and accept that constant attack is the new normal.” At times it really does feel like an arms race. The better we get at finding countermeasures, those countermeasures then become a training ground for adversaries to find better exploits. As a company, you need be methodical about removing classes of threats completely. Keeping focused on the root cause is very important ARMS RACE 7 http://www.pcworld.idg.com.au/article/599997/cybercriminals-increasingly-embracing-sophisticated-business-model-approach/
  • 10. BLACKBERRY 10 VULNERABILITIES Changing vulnerabilities However, it is not just the rate and sophistication of attacks that is changing, vulnerability areas are also shifting. The Think Tank believed that technology security professionals needed to widen their view of what needs to be protected. The potential vulnerability of the Internet of Things, infected Artificial Intelligence engines and even people themselves were amongst some of the potential concerns raised by the group. Most pointed to the potential impact of targeting these emerging areas. The 2015 attack on Ukraine power stations via connected plant control equipment provided a sobering example. In this instance cyber terrorists shut down 30 substations throughout the country – leaving hundreds of thousands of residents without electricity for hours. Authorities believe more than six months of planning went into the attack using a combination of spear phishing, keylogging and data exfiltration. However, participants were quick to point out that it wasn’t just large-scale utility infrastructure that was at risk. During the past 12 months, researchers have hacked everything from hospital insulin pumps to humble electric kettles. Think Tank participants said they expected to see increasing connections between the technological and physical worlds in a bid to better protect cities. Jeffrey Bleich felt that an integrated approach is paramount to success, “The notion that people think differently in the virtual and physical world is a fiction. We need to observe human nature and apply this to both spheres, where we are now operating simultaneously.” 8 http://blogs.blackberry.com/2016/11/how-hackers-could-draft-connected-cars-into-their-botnet-armies/
  • 11. BLACKBERRY 11 VULNERABILITIES Craig Davies, Chief Executive Officer at Australian Cybersecurity Growth Network Ltd, echoed Mr Bleich’s comments, adding, “It’s critical to our organisations that we have good overlap between the protection of physical assets and the IT world. Most organisations in the past have tended to do one area well, but not necessarily the other. In such an integrated future we need to be able to do both really well.” Derek Chen, Regional Head of IT Security at British America Tobacco, added, “We’re operating in a new world. We have had to find new ways of working, with a number of teams working together whenever there is a risk highlighted in our organisation to get the best outcome. An integrated approach is necessary with fighting sophisticated threats.” Claudine Ogilvie, Chief Information Officer at Jetstar further commented, “It is indeed a new world with the risk of human factors a big threat – just as much as technology. A big part of a company’s strategy should be to help staff understand the risks and what to look out for. To do this you need to bring people on the journey, putting methods in place to help change behaviours and be more vigilant. Together with enhanced technology, it’s important to create that culture of education across different lines of business – and that is often overlooked in an organisation.” “Looking specifically at IT security, with larger organisations there can be different maturity levels across the business - what is accepted in one part of the business, may not be embraced in others. You can’t simply look at an organisation as a single environment. There are many individual, yet overlapping needs.” In reference to the ‘new world’ of security, this is also where people, as well as information and data, are subject to threats. The Think Tank participants discussed the changing role of the CIO and the wider threat landscape where partner organisations, friends and families were an increasingly targeted vulnerability. These parties were often seen as the weakest link in the security chain, providing a stepping stone to the organisation or high value individual. “As an organisation we don’t only think about security as something that happens within our internal systems,” said Berys Amor, Director of Technology at Corrs Chambers Westgarth. “Sometimes the easiest way to get to a company might be through a partner organisation and as an industry we’re increasingly seeing cyber criminals go after executives through their personal assistant, friends or even families.” Looking specifically at IT security, with larger organisations there can be different maturity levels across the business - what is accepted in one part of the business, may not be embraced in others. You can’t simply look at an organisation as a single environment. There are many individual, yet overlapping needs.
  • 12. BLACKBERRY 12 HUMAN FACTOR Overcoming the human factor Undoubtedly, the key concern amongst businesses was that security was often perceived as a barrier to productivity, rather than a critical safeguard. Many participants believed that increased security was inseparably linked to sluggish performance or administrative red-tape. Research suggests this belief is right on the money. A recent BlackBerry security survey found that 82% of global executives felt that security precautions, specifically in mobile working, caused at least some frustration amongst their employees. Incredibly, 44% of employees felt too much security could stop employees from doing their job altogether. Against this backdrop, many in the Think Tank believed that a better approach for businesses was to deploy security solutions that better matched existing employee behaviours. In an environment of ever evolving technology threats, it’s somewhat ironic that amongst the biggest problems in digital safety is the ‘human element’. Every member of the Think Tank was able to provide extensive examples of how people could unravel even the most well-thought security strategy.
  • 13. BLACKBERRY 13 HUMAN FACTOR According to Derek Chen, Regional Head of IT Security, British America Tobacco, “a lot of issues come down to people, they absolutely shape the risk profile. As an industry we need to build our solutions from the people perspective up. The challenge is that behaviours, like technologies change all the time, you have to constantly monitor how people are or aren’t using security and adjust your strategy accordingly. It’s not just about ticking off boxes and thinking you’re done.” It’s this kind of accommodating approach that Berys Amor, Director of Technology at law firm Corrs Chambers Westgarth has been using with some success. The firm has developed an ongoing internal communications program to help employees to better understand the importance of security. “Five years ago employees were not as aware of the security threats and we’ve slowly been able to turn that around through ongoing awareness activity and making sure our approach fitted the needs and expectations of the business. Today we have a lot of interaction with the business to check that partners and staff are doing the right thing.” Companies are highly aware of employees circumventing security measures. BlackBerry’s recently commissioned research into mobile working practices found 62% of Australian businesses are worried about the risks of errant employees storing sensitive information on cloud services. Rather than driving to force employees to use company- provided storage, 75% of companies within the survey said they were working towards delivering an enterprise- grade file sharing service – that would accommodate both employee workflow and company needs. The Think Tank said executive support was critical in creating a successful security culture. Rex Stevenson, the former Director General for the Australian Secret Intelligence Service and now Director of Signet Group International said, “Unless security is driven from the very top of the organisation, you’re not going to get any real change. The CEO needs to get behind it and push it, otherwise all of your effort trying to change the rest of the organisation is lost. You need the commitment right through the organisation, but it needs to start with the most senior executives.” What can sometimes be an overlooked factor, the Think Tank believed there are three critical steps in overcoming the ‘human element’ challenge: • Constantly test adherence and educate; being vigilant around both is the centrepiece of a successful security strategy • Design strategies and programs within organisations for the people, not for the product • Behaviour changes constantly; be aware of how working and social patterns evolve within an organisation over time The challenge is that behaviours, like technologies change all the time, you have to constantly monitor how people are or aren’t using security and adjust your strategy accordingly. It’s not just about ticking off boxes and thinking you’re done.
  • 14. BLACKBERRY 14 THE VIEW I’ve said it before, and I’ll say it again – mobile, in all its forms has changed the way the cybersecurity landscape needs to operate. The Internet of Things will require further changes to how we all think and act about cybersecurity in the enterprise and beyond. This is why we have accelerated our efforts to address these emerging issues, with what BlackBerry calls – “The Enterprise of Things.” By this, we mean the network of intelligent connections and end points within the enterprise that enables products to move from sketch to scale. It’s the devices, computers, sensors, trackers, equipment and other “things” that communicate with each other to enable smart product development, distribution, marketing and sales. A Future without vulnerabilities? At BlackBerry, we know that mobile has brought a series of challenges to organisations – from BYOD to end user data in the cloud, the convenience of mobile is marred by the security risks it presents. Today, as companies continue to grapple with securing their mobile workforces, they are also looking to the future and how to manage all the other end-points that are sharing unsecured data. As shared on our blog, Inside BlackBerry, when individuals buy electronic devices or use online services, they generally assume that they’re secure and that they will protect our private information. But all too often, these assumptions turn out to be wrong, as highlighted by the constant news stories on major cyberattacks and data breaches. The root of the problem is the typical industry approach to security: build products, ship them, and hope they don’t get hacked. We know that a future without vulnerabilities is one of the world’s biggest challenges. So, at BlackBerry, we’re working day and night to turn this security model on its head. Rapid patching is critical to product security, but the reactive approach gives the attacker the opening move. Formal methods have the potential to proactively improve security design standards and certifications, giving us the ability to prove that products and services are secure – including the obscure details that even the experts sometimes overlook. With the cybersecurity battle raging on, formal methods can change the battlefield over the long term and give us the best possible chance to win the war. Organisations therefore need to take a more strategic look at how they comprehensively protect themselves from end to end. The right approach to achieving sustainable results rests on three pillars: making the decisions at the right level through Governance of IT and Security, having a big picture with a comprehensive security program, and ensuring effective use of the security tools. Software plays a vital role as it is a core building block of a modern enterprise. It needs to mitigate both the current threats as well as be resilient against challenges still to come. For BlackBerry, it is vitally important that we not only create great software but that we are able to help organisations at a strategic level understand the threat landscape and take appropriate action. This is why information-sharing initiatives like this ‘Think Tank’ are very important – because collaboration, at every level, is key to combatting the ever changing threat. Without dialogue, we are limited in our understanding and therefore deficient in our solution. Our enemy listens, learns and adapts with swiftness and precision. We must do the same. The BlackBerry view by Sinisha Patkovic, Vice President, BlackBerry Government Solutions
  • 15. BLACKBERRY 15 CLOSING THOUGHTS The changing cybersecurity threat landscape demands greater clarity regarding the roles and responsibilities both within and between those organisations under threat. At the same time, the group which should consider itself under threat is constantly adding new members, while the threats they face are growing more complex and broadening in scope. Faced with such a complex and potentially confusing scenario, it is incumbent upon all organisations to not just consider the threats they face and their potential impact, but to also be actively planning for the seeming inevitability that one day their fears will be realised. It is not enough for an organisation to simply maintain a defensive perimeter, especially as the insider threat – be it accidental or malicious – has proven to be so devastating to so many organisations. So too organisations must accept that the goals of unscrupulous attacks today are wider than just financial windfalls – intellectual property, customer records, staff data, and so many other information types all have value and can all be used to inflict damage at an organisational or even personal level. And it is not just the actions of malicious actors that organisations must be prepared for. The heavy dependency of organisations on digital systems and communications means natural occurrences can have a devastating impact on business continuity. It is essential that all organisations be well drilled in what to do once an incident occurs – for the protection of staff as well as for its reputation, intellectual property, and financial assets. So too it is vital that mechanisms exist so that information regarding attacks can be quickly shared amongst those most vulnerable. Because the enemy is multitudinous, well-armed, and has very little to lose. The same cannot be said of their targets. Brad Howarth Closing Thoughts by Think Tank moderator