Upload
colloquerisq
View
25
Download
1
Embed Size (px)
Citation preview
Dr. Meskó Bertalan
Security and privacy is a top leadership concern
10
Managing risk in an increasingly connected world
“This Nexus of Forces is impacting
security in terms of new vulnerabilities.
–Ruggero Contu, Christian Canales and Lawrence Pingree. Forecast Overview: Information Security, Worldwide, 2014 Update. Gartner, Inc. June 25, 2014.
Impact of cyber attacks could be
as much as $3 trillion in lost
productivity and growth
ImplicationsJob security Customer loyalty
Intellectual property
Legal liabilityBrand reputation
$ 3.5MAverage cost of
a data breach toa company
15 % increase YoY
median # of days attackers are
present on a victim network
before detection243
level issue
is a
CEO
Security
Cybercrime costs CDN economy up to
$5.3 Billion annually, report says
IT World Canada [2013]
How hackers allegedly stole
“unlimited” amounts of cash
from banks in just a few hours
Ars Technica [2013]Ars Technica [2013]
Universities face a rising
barrage of cyberattacks
HEADLINES
Malware burrows deep
into computer BIOS to
escape AV
The Register [September 2011]
Researchers have discovered one of the
first pieces ever used in the wild that
modifies the software on the motherboard
of infected computers to ensure the
infection can’t be easily eradicated…
New York Times [2013]
Cyberattacks on the rise
against US corporations
Forget carjacking, soon
it will be carhacking
The Sydney Morning Herald [2013]
Rising cyber security risks to drivers as
their cars become increasingly powered by
and connected to computers have
prompted the US auto-safety regulator to
start a new office focusing on the threat…
Espionage malware
infects rafts of
governments,
industries around
the world
Ars Technica [2013]
Photo credit: Peter Broster
Hyper scale Infrastructure34 Regions Worldwide, 30 ONLINE…huge capacity around the world…growing every year
100+ datacenters
Top 3 networks in the world Operational
Announced/Not Operational
Central US
Iowa
West US
California
East US
Virginia
US Gov
Virginia
North Central US
Illinois
US Gov
Iowa
South Central US
Texas
Brazil South
Sao Paulo State
West Europe
Netherlands
China North *
Beijing
China South *
Shanghai
Japan East
Tokyo, Saitama
Japan West
Osaka
India South
Chennai
East Asia
Hong Kong
SE Asia
Singapore
Australia South East
Victoria
Australia East
New South Wales
* Operated by 21Vianet
India Central
Pune
Canada East
Quebec City
Canada Central
Toronto
India West
Mumbai
Germany North East
Magdeburg
Germany Central
Frankfurt
United Kingdom
Regions
North Europe
Ireland
East US 2
VirginiaFrance
Korea
“Businesses and users are going to embrace technology only if they can trust it.”
At Microsoft, we never take your trust for granted
• We are serious about our commitment to protect customers in a cloud first world.
• We live by standards and practices designed to earn your confidence.
• We collaborate with industry and regulators to build trust in the cloud ecosystem.
– Satya Nadella
A cloud you can trust
Cloud Trust Pillars
Broadly Applicable
United States
Government
Industry Specific
Region/Country
Specific
Microsoft Cloud Compliance Certifications and Attestations
Addressing Compliance in Canada
SOC 1
Type 2ISO 27018ISO 27001 SOC 2
Type 2
PCI DSS
Level 1HIPAA /
HITECH
FedRAMP
JAB P-ATOFIPS 140-2
International
Attestations
TBS Controls
3rd Party Review
Foundational PIA
Privacy Act
TBS PIA Template
Provincial Privacy Laws
Provincial PIA Templates
Cyber Defense Operations Center
Canada has a head start