Add to collection(s) Add to saved
  1. Social Science
  2. Psychology
  3. Conformity

Case Studies in Public Private Partnership Click to edit Master text styles ƒ

advertisement 
Case Studies in Public Private
Partnership
ƒ Click to edit Master text styles
– Second level
ƒ Third level
– Fourth level
ƒ Fifth level
Cheri McGuire
Principal Security Strategist
Trustworthy Computing
Critical Infrastructure Protection
Microsoft's Critical Infrastructure
Protection Program
ƒ Click to edit Master text styles
– Second level
ƒ Third level
– Fourth level
ƒ Fifth level
Drive strategic ecosystem and internal change that enhances critical
infrastructure security and resiliency, builds trust and alignment of action
with governments and critical infrastructure providers.
Critical Infrastructure Protection
The World Today
ƒ Click to edit Master text styles
– Second level
ƒ Third level
– Fourth level
ƒ Fifth level
Instant Messenger traffic – one day in June 2006
ƒ
ƒ
ƒ
Almost 1 billion different sessions with more than 7 billion IM messages sent
Aproximately 93 million users logged in with 64 million different users becoming
engaged in conversations
Approximately 1.5 million new users that were not registered within Microsoft
Messenger were invited to join
Planetary‐
Planetary‐Scale Views on a Large Instant‐
Scale Views on a Large Instant‐Messaging Network
Jure Leskovec Carnegie Mellon University and Erik Horvitz Microsoft Research
Jure Leskovec Carnegie Mellon University and Erik Horvitz Microsoft Research
Critical Infrastructure Protection
Threat Trends
Exponential Growth of IDs
Increasingly Sophisticated Malware
Identity and access management challenging Anti‐
Anti‐malware alone is not sufficient Number of variants from over 7,000 malware families (1H07)
Number of Digital IDs
B2C styles
ƒ Click to edit MasterB2Etext
– Second level
ƒ Third level Internet
– Fourth level
Client/server
ƒ Fifth level
Mainframe
B2B
Mobility
Pre‐
Pre‐1980s
1980s
1990s
2000s
Crime On The Rise
Attacks Getting More Sophisticated
Traditional defenses are inadequate
Largest segment by $ spent on defense
National Interest
Source: Microsoft Security Intelligence Report (January – June 2007)
Largest area by
$ lost
Spy
Fastest growing segment
Thief
Personal Gain
GUI
Applications
Drivers
Trespasser
Personal Fame
User
O/S
Vandal
Curiosity
Largest area by Author
volume
Examples:
• Spyware
• Rootkits
• Application attacks
• Phishing/Social engineering
Hardware
Physical
Script‐
Script‐Kiddy
Amateur
Expert
Specialist
Critical Infrastructure Protection
CIIP Partnership Fundamentals
ƒ Click to edit Master text styles
ƒ
Embraces
– Secondcore
levelaspects of terms "public-private" and "partnership"
ƒ Third
ƒ Provides
the level
structure, processes, and environment for "Trusted
– Fourth level
Collaboration"
ƒ Fifth
ƒ Aligns industry
and level
government requirements, priorities, goals and
objectives
ƒ
Flexible and adaptable to address changing risk landscape
ƒ
Provides value for both government and industry members
ƒ
Focuses on continual improvement and assessment of lessons
learned
Critical Infrastructure Protection
International Partnerships
International
ƒƒ Click
to edit Telecommunication
Master text styles Union
-– Second
Member of
the ITU’s Development Sector to build cyber security
level
-
ƒ
capacity and promote effective risk management skills
ƒ Third level
Contributed to report for national administrations with a
– Fourth
level for addressing cybersecurity at the
management
framework
national level
and for
organizing and implementing a national
ƒ Fifth
level
cybersecurity strategy
International Botnet Task Force
-
-
Dedicated to sharing information about botnets, including
intelligence, technical details, and strategies in order to combat the
botnet problems
Includes 130 law enforcement participants from over 30 countries,
and 50 industry participants from over 40 private companies
Critical Infrastructure Protection
National-level Partnerships
Japan
ƒ
ƒJapan Computer Emergency Click to edit Master
text styles
Response Team Coordination Center
– Second level ƒNational Infrastructure Security ƒ Third level Center
– Fourth level
ƒ Fifth level
Australia
ƒInfrastructure Assurance Advisory Group
United Kingdom
ƒCentre for the Protection of National Infrastructure
ƒVendor Security Information Exchange
United States
ƒCritical Infrastructure Partnership Advisory Council
ƒNetwork Security and Information Exchange
ƒNational Security Telecommunications Advisory Committee
Critical Infrastructure Protection
Private Sector Partnerships
ƒ Click to edit Master text styles
– Second level
ƒ Third level
– Fourth level
Industry Consortium for ƒ Fifth level
Advancement of Security on the Internet
ƒEnhances the global security landscape by driving excellence and innovation in security response practices
ƒEnables its members to proactively collaborate to analyze, mitigate, and resolve multi‐vendor, global security challenges
Software Assurance Forum for Excellence in Code
ƒ Dedicated to increasing trust in ICT products and services through the advancement of proven software assurance methods
ƒ Paper released tomorrow: Fundamental Practices for Secure Software Development: A Guide to the Most Common and Effective Secure Development Practices in Use Today
Critical Infrastructure Protection
Resources
ƒ
Critical Infrastructure Resiliency Exercise Guide
cipteam@microsoft.com
ƒ Click
to edit Master text styles
ƒ
Security
Intelligence Report
– Second level
http://www.microsoft.com/downloads/Search.aspx?displaylang=en#
ƒ Third level
ƒ Security Cooperation Program
– Fourth level
http://www.microsoft.com/Industry/government/scp.mspx
ƒ Fifth level
ƒ Microsoft Security
Response Center
secure@microsoft.com
ƒ
SAFECode
www.safecode.org
ƒ
ICASI
www.icasi.org
My Contact Information:
Cheri McGuire – cheri.mcguire@microsoft.com
Critical Infrastructure Protection
ƒ Click to edit Master text styles
– Second level
ƒ Third level
– Fourth level
ƒ Fifth level
© 2008 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.
The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
Critical Infrastructure Protection
Related documents
Chapter 1Computer Concept
Chapter 1Computer Concept
Lecture Assignment 5 - Oakton Community College
Lecture Assignment 5 - Oakton Community College
Application software assignment
Application software assignment
Job Title Office/Department Location (Building) Supervisor
Job Title Office/Department Location (Building) Supervisor
Organizing for Resilient Operational Response Click to edit Master text styles ƒ
Organizing for Resilient Operational Response Click to edit Master text styles ƒ
Download
advertisement