LA Digital Government Summit

What Every Employee Should Know about Cyber Security

If you know your enemies and know yourself, you will not be imperiled in a hundred battles.

Wednesday September 4, 2013 Los Angeles Hotel Downtown Los Angeles

Dr. Robert Pittman, CISM Chief Information Security Officer County of Los Angeles

LA Digital Government Summit

AGENDA
County of Los Angeles Thumbnail Employees are the New Perimeter Security Triangle Framework Evolution of the CISO Information Security Program Pillars National Cyber Pledge Summary Questions

LA Digital Government Summit

Thumbnail
Largest populous County in the nation (> 11 million) Larger than 46 states and only exceeded by eight states If were a nation, would have the 19th largest economy in the world Employs a workforce of ~ 101,000 Thirty-five (35) major departments grouped by business clusters Annual budget for FY 2013-14 was $24.7 billion

LA Digital Government Summit

Employees are the New Perimeter
(User and Data) Information Technology Consumerization Cloud Computing Changing Threat Landscape Privacy and Regulatory Requirements

LA Digital Government Summit

LA Digital Government Summit Evolution of the CISO Traditional Role Tomorrow's Demand

LA Digital Government Summit

CISO Attributes

C I S O

= = = =

Character Intuition Skills Objectivity

Source: Malcolm Harkins; Intel CISO, Managing Risk and Information Security, 2013

LA Digital Government Summit

Information Security Program Pillars

Security Awareness Security Recognition

Application Security Incident Response Risk Management Governance

IT OPERATIONS
8

CISO

LA Digital Government Summit

Security Training Methodology

Policy

Behavior

Awareness

Education

Knowledge of Technology

LA Digital Government Summit

2013 Cyber Pledge
The volume of cyber threats targeting governments, businesses, schools, home users ... essentially anyone who is online ... continues to increase. Did you know? Cyber Crime victims in the U.S. lost over $400 million in 2012 73% of Americans have been victims of Cyber Crime 75 million scam emails are sent every day 59% of employees who leave a company steal data on the way out

In the face of these online dangers it is important that we remind ourselves of the importance of following good cyber security practices. Cyber Security Is Our Shared Responsibility and by taking proactive steps every day, we can improve our ability to stay safe. We invite you to join with thousands of other individuals across the country who are asserting their commitment to online safety. By signing the MS-ISAC National Cyber Pledge you are affirming that you will take security seriously and use good practices both at home and at work. The Pledge contest runs through September 30th. After you sign the pledge, please tell your friends, family, co-workers, neighbors ... everyone you can! If we each pledge to do our part to make our piece of cyber space just a little bit more secure, we can truly make a difference in helping protect our nation's cyber security. Thank you for being a part of this important effort!!! After you Submit the pledge you will be asked to copy and paste a link to receive your digital certificate, which is yours for you to save or print out to display.

LA Digital Government Summit

2013 Cyber Pledge (2)

The contest ends September 30th, 2013 and you may sign the pledge by visiting:

http://msisac.cisecurity.org/cyber-pledge/

LA Digital Government Summit

SUMMARY
Cyber security threat (warfare) is real, it is not fiction Employees are the new perimeter Convergence with law enforcement is HUGE Information security and privacy responsibility belong to every employee; the CISO is the conductor and champion Formalize information security program is imperative Security awareness assist with risk mitigation Continuum of employees, processes, and technologies

LA Digital Government Summit

Questions?

Thanks for your attention!

rpittman@cio.lacounty.gov