IDENTIFYING THREATS IN A GLOBAL MARKETPLACE IDENTIFYING THREATS IN A GLOBAL MARKETPLACE Ira S. Somerson, BCFE, CPP Ira S. Somerson, BCFE, CPP Loss Management Consultants, Inc. Loss Management Consultants, Inc. stitute for Global Management Stud stitute for Global Management Stud And Temple CIBER And Temple CIBER Global Security Concerns Global Security Concerns October 2 & 3, 2003 October 2 & 3, 2003 The Philadelphia Federal Reserve The Philadelphia Federal Reserve
Global Security ConcernsGlobalSecurityConcerns October 2 & 3, 2003October2&3,2003 The Philadelphia Federal ReserveThePhiladelphiaFederalReserve IDENTIFYING THREATS IN A GLOBAL MARKETPLACEIDENTIFYINGTHREATSINAGLOBALMARKETPLACE Ira S. Somerson, BCFE, CPPIraS.Somerson,BCFE,CPP Loss Management Consultants, Inc.LossManagementConsultants,Inc. Overseas Security Advisory CouncilOverseasSecurityAdvisoryCouncil LMCLMC™™
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
IDENTIFYING THREATS IN A GLOBAL MARKETPLACEIDENTIFYING THREATS IN A GLOBAL MARKETPLACEIra S. Somerson, BCFE, CPPIra S. Somerson, BCFE, CPP
Loss Management Consultants, Inc.Loss Management Consultants, Inc.
Institute for Global Management StudiesInstitute for Global Management StudiesAnd Temple CIBERAnd Temple CIBER
THREATS BY INDUSTRY: 2003 to DateTHREATS BY INDUSTRY: 2003 to Date
LMCLMC™™Overseas Security Advisory Council - 2003Overseas Security Advisory Council - 2003
THREATS TO BE CONSIDERED IN ANTHREATS TO BE CONSIDERED IN AN INTERNATIONAL ENVIRONMENT INTERNATIONAL ENVIRONMENT
TERRORISMTERRORISM PERSONAL SECURITYPERSONAL SECURITY PERSONNEL SECURITYPERSONNEL SECURITY PHYSICAL SECURITY OF FACILITYPHYSICAL SECURITY OF FACILITY INFORMATION AND DATA SECURITYINFORMATION AND DATA SECURITY COMMUNICATIONS SECURITYCOMMUNICATIONS SECURITY INFRASTRUCTURE SECURITYINFRASTRUCTURE SECURITY
LMCLMC™™Overseas Security Advisory Council - 2003Overseas Security Advisory Council - 2003
THREATS TO BE CONSIDERED IN ANTHREATS TO BE CONSIDERED IN AN INTERNATIONAL ENVIRONMENT INTERNATIONAL ENVIRONMENT
DISGRUNTLED INSIDERSDISGRUNTLED INSIDERS CIVIL UNREST AND/OR CULTURAL CIVIL UNREST AND/OR CULTURAL
CONFLICTSCONFLICTS CRIMINAL THREATSCRIMINAL THREATS ECONOMIC COMPETITIONECONOMIC COMPETITION ACTS OF INTELLIGENCE SERVICES ACTS OF INTELLIGENCE SERVICES ACTS OF WARACTS OF WAR
LMCLMC™™Overseas Security Advisory Council - 2003Overseas Security Advisory Council - 2003
LMCLMC™™
LESSONS FROM RECENTLESSONS FROM RECENTCYBER ATTACK CASE STUDIESCYBER ATTACK CASE STUDIES
TERRORIST GROUPSTERRORIST GROUPS TERRORIST SYMPATHIZERS AND ANTI-TERRORIST SYMPATHIZERS AND ANTI-
U.S. HACKERSU.S. HACKERS TARGETED NATION-STATESTARGETED NATION-STATES THRILL SEEKERSTHRILL SEEKERS
INSTITUTE FOR SECURITY TECHNOLOGY STUDIESINSTITUTE FOR SECURITY TECHNOLOGY STUDIESAT DARTMOUTH COLLEGE, 9/22/01AT DARTMOUTH COLLEGE, 9/22/01
LMCLMC™™
CYBER ATTACKERS HAVE RECENTLY:CYBER ATTACKERS HAVE RECENTLY:
DEFACED ELECTRONIC INFORMATION DEFACED ELECTRONIC INFORMATION SITES IN THE UNITED STATES AND SITES IN THE UNITED STATES AND ALLIED COUNTRIES AND SPREAD ALLIED COUNTRIES AND SPREAD DISINFORMATION AND PROPAGANDA.DISINFORMATION AND PROPAGANDA.
INSTITUTE FOR SECURITY TECHNOLOGY STUDIESINSTITUTE FOR SECURITY TECHNOLOGY STUDIESAT DARTMOUTH COLLEGE, 9/22/01AT DARTMOUTH COLLEGE, 9/22/01
LMCLMC™™
CYBER ATTACKERS HAVE RECENTLY:CYBER ATTACKERS HAVE RECENTLY:
INSTITUTE FOR SECURITY TECHNOLOGY STUDIESINSTITUTE FOR SECURITY TECHNOLOGY STUDIESAT DARTMOUTH COLLEGE, 9/22/01AT DARTMOUTH COLLEGE, 9/22/01
DENIED SERVICE TO LEGITIMATE DENIED SERVICE TO LEGITIMATE COMPUTER USERS IN THE U.S. AND COMPUTER USERS IN THE U.S. AND ABROAD BY USE OF:ABROAD BY USE OF: WORMSWORMS VIRUSESVIRUSES OTHER COMPUTER WEAKNESSESOTHER COMPUTER WEAKNESSES
LMCLMC™™
CYBER ATTACKERS HAVE RECENTLY:CYBER ATTACKERS HAVE RECENTLY:
COMMITTED UNAUTHORIZED COMMITTED UNAUTHORIZED INTRUSIONS INTO SYSTEMS AND INTRUSIONS INTO SYSTEMS AND NETWORKS BELONGING TO THE NETWORKS BELONGING TO THE UNITED STATES AND ALLIED UNITED STATES AND ALLIED COUNTRIES, RESULTING IN CRITICAL COUNTRIES, RESULTING IN CRITICAL INFRASTRUCCTURE OUTAGES AND INFRASTRUCCTURE OUTAGES AND CORRUPTION OF VITAL DATA.CORRUPTION OF VITAL DATA.
INSTITUTE FOR SECURITY TECHNOLOGY STUDIESINSTITUTE FOR SECURITY TECHNOLOGY STUDIESAT DARTMOUTH COLLEGE, 9/22/01AT DARTMOUTH COLLEGE, 9/22/01
ONLINE RESOURCESONLINE RESOURCES www.cert.org (The Carnegie Mellon Computer
Emergency Response Team) www.fedcirc.gov (The Federal Computer Incident
Response Center) www.incidents.org (community and business
collaboration of victimization) www.ists.dartmouth.edu (The Institute for Security
Technology Studies at Dartmouth) www.nipe.gov (The National Infrastructure Protection
COUNTERMEASURESCOUNTERMEASURES HOW HOW OFTENOFTEN WILL THE RISK OCCUR? WILL THE RISK OCCUR?
LMCLMC™™Overseas Security Advisory Council - 2003Overseas Security Advisory Council - 2003
SECURITY RISK COSTSSECURITY RISK COSTS LEGAL & DAMAGE CONTROLLEGAL & DAMAGE CONTROL EXPECTED REVENUE LOSSEXPECTED REVENUE LOSS
SHAREHOLDER VALUESHAREHOLDER VALUE REPUTATION (GOOD WILL)REPUTATION (GOOD WILL)
LOSS OF PRODUCTIVITYLOSS OF PRODUCTIVITY MARKET SHARE & TIMINGMARKET SHARE & TIMING
RELATIONSHIPS WITH CONTRACTORSRELATIONSHIPS WITH CONTRACTORS
LMCLMC™™
FINANCIAL IMPACT FINANCIAL IMPACT OF SECURITY LOSSESOF SECURITY LOSSES
IMPACT TO OTHER PRODUCT DESIGNIMPACT TO OTHER PRODUCT DESIGN EMPLOYEE MORALEEMPLOYEE MORALE
COST TO SERCURE (AFTER THE FACT)COST TO SERCURE (AFTER THE FACT) RESEARCH & DEVELOPMENT RESEARCH & DEVELOPMENT
SPECIAL EQUIPMENT CAPITALIZEDSPECIAL EQUIPMENT CAPITALIZED STAFF RECRUITING & TRAININGSTAFF RECRUITING & TRAINING
OVERHEAD COSTSOVERHEAD COSTS DEBT SERVICEDEBT SERVICE
LMCLMC™™
COST OF PROGRAMCOST OF PROGRAM
PREDICTABILITY OFPREDICTABILITY OFLOSSLOSS
COMPUTATION OFCOMPUTATION OFINFORMATION LOSSINFORMATION LOSS
NET PRESENT LOSSNET PRESENT LOSS ORORNET PRESENT GAINNET PRESENT GAIN
NET PRESENT VALUENET PRESENT VALUE
LMCLMC™™
EXAMPLEEXAMPLECOST OF ONECOST OF ONEINFORMATION LOSSINFORMATION LOSS $1,000,000.00 $1,000,000.00
COST DIVIDED BY POTENTIALCOST DIVIDED BY POTENTIALFOR LOSS TO OCCUR OVER AFOR LOSS TO OCCUR OVER ATEN-YEAR PERIOD. IF ONLYTEN-YEAR PERIOD. IF ONLYONCE, DIVIDE BY 10=COST/YRONCE, DIVIDE BY 10=COST/YR 100,000.00 100,000.00
LESS COST OF PROGRAM/YR LESS COST OF PROGRAM/YR 75,000.00 75,000.00
NET PRESENT VALUE -------------------- $ 25,000.00NET PRESENT VALUE -------------------- $ 25,000.00