Security is No Longer Optional. Cheaper More Secure Higher Quality Cheaper More Secure Pick Only 2 Higher Quality Threats Tech-Savvy Generation Organized Crime Groups ‘H-Activism’ State Sponsored Cyber-Crime Threats Targets Tech-Savvy Generation Payment Card Information Organized Crime Groups ‘H-Activism’ State Sponsored Cyber-Crime Consumer Data Reliance on Service Availability Intellectual Property Threats Targets Enablers Tech-Savvy Generation Organized Crime Groups ‘H-Activism’ State Sponsored Cyber-Crime Payment Card Information Consumer Data Reliance on Service Availability Intellectual Property Threat Intelligence Cloud Computing Outsourcing Decentralized Technology Recent Cyber Attacks High DigiNotar CA Sony PSN Arizona DPS FBI – Infragard CitiGroup Spanish Govm’t (hard + soft) “Stuxnet- Iran Centrifuge” RSA Comodo CA GlobalSign CA StartCom CA PBS.org PayPal IMF Epic Games Codemasters Sony BMG Sony Pictures EA Battlefield Hero (beta) Sega Nintendo Riot Games Malaysia Govm’t Sony Greece Square Enix Bethesda Software CIA Motorola US Senate Unveillance EA Forums Estimated Impact HBGary Federal Northrop Grumman Google EA Neverwinter Nights US Chamber of Commerce Lockheed-Martin (Intrusion via RSA trust) Low Low Skill Set / Sophistication / Cleverness High “I divide the entire set of Fortune 2,000 firms into two categories… …those that know they’ve been compromised and those that don’t know it yet.” Dmitri Alperovitch Vice President, Threat Research McAfee Proactive Protection: Content, Transactions, Uptime Keep bad things from happening. Proactive Protection: Content, Transactions, Uptime Keep bad things from happening. Reactive Protection: Logging, Forensics, Tracking Know if happening, what exactly happened, and how. Security is a Business Issue. Put Security into a Business Context through Risk Management Risk Management Business Risk Impact Impact Probability Probability Cost Cost = Business Value Informed Business Decision Modeling an alternative DVD distribution model Cams Russian DVD US Retail DVD R5 = 3.0 Million Downloads (49%) US Retail DVD = 0.7M Downloads (12%) US Retail DVD Russian DVD Cams Estimated Loss to Piracy (unrealized revenue to Top 10 Mature Markets) R5 Differential = R5 Impact Lower-Quality Cam, Better cam, US Retail Compromise wk 10 of Theatrical Total ALL Piracy: $38.9M (incl R5) Piracy without R5: $32.0M R5 Only: $6.9M Estimated Russia 52 Wk HE Revenue: $1.05M Piracy impacts calculated to TOP 10 Mature Markets using the “Disney-developed Piracy Impact Model”, which has been freely shared with other studios. Estimated Net Result: Loss of $5.85M Have the right people at the table. Cheaper More Secure Higher Quality + + Revolutionary Security Models Revolutionary Business Models