Cryptocurrency and Blockchain
AI and Data Analytics
Voice and Natural Language Interface
Drones and Autonomous Vehicles
Virtual and Augmented Reality
Internet of Things
Rethinking Information Security
is such a Difficult Problem to Solve
• Fundamental design of the internet as a non-hierarchical network for free exchange of information
• Ubiquitous connectivity through the Internet of Things and Industrial Control Systems
• Porous corporate networks becoming increasingly so with cloud and mobile
• Role of nation states and geopolitics
• Availability of malware
• Asymmetric nature of the problem
• Legacy systems that are particularly difficult to protect
• Complex supply chain and third party ecosystem
• Fragmented and evolving set of cyber tools producing too many alerts
• Cybersecurity skills shortage
Board Oversight of Information Security
GovernanceCreate the right governance and authorizing environment
PolicyEnsure policies are comprehensive and current
TransparencyGet the reporting and metrics you need to manage cyber risk
TestingTest the security posture of your organization and practice incident response
Resource AllocationEnsure that allocation of resources aligns with goals and desired outcomes
The typical question asked about cyber risk
• Have we eliminated our cyber risk?
Better questions to ask about cyber risk
• Do we know our critical digital assets?
• Have we effectively lessened the probability and impact of cyber risk to within our stated risk tolerances?
• Do we assess the effectiveness of our cyber risk mitigation approaches?
• Have we prepared for a breach?
• Have we created a digitally resilient organization? How do we know?
Blockchain Use Cases
• Complex, global supply chain
• Public information – real estate records, title
• Public permissioned information - degrees and transcripts
• Systems ready for disintermediation – global remittances