1 / 7

Threats

Threats. Top Threats. Top Attack Types. China. Supply Chain Attacks. Email Attacks. Network Attacks. Spam & Phish. Russia. North Korea. Email Defenses. Supplier Mgt. Network Defenses. Criminals. Employees. Applications. Sensitive Data. Iran.

heatherp
Télécharger la présentation

Threats

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Threats Top Threats Top Attack Types China Supply Chain Attacks Email Attacks Network Attacks Spam & Phish Russia North Korea Email Defenses Supplier Mgt Network Defenses Criminals Employees Applications Sensitive Data Iran Attacks are increasingly focused on Supply Chain

  2. China’s Long-Term Economic Plan “Made in China 2025” Initiative • Agriculture • Aviation and aerospace • Biotechnology and advanced medical equipment • Electrical power • High-end robotics • Information technology • Maritime engineering • New energy automotive technology • Innovation • Whole of government • Green growth • Diversification • Shared prosperity • New materials and composites • Rail transportation

  3. World’s Largest Companies, 2004-2016 Nationality of World’s 10 Largest Companies (according to annual Forbes Global 2000 List)

  4. Government Cyber and Information Security Reform Efforts • CUI-Controlled Unclassified Information established by E.O. 13356. Defines safeguarding and promotes authorized information sharing. Applied to industry through DFARS 252.204.-7012; FAR 52.204-21 and FAR 2017-016 • FAR 52.204-21-Stregnthens Contract Language • FAR 2017-016-Adding CUI Requirements • DFARS 252.204-7012-Safeguarding Covered Defense Information and Cyber Incident Reporting • NIST SP 800-171-Annual compliance of the Tier 1-4 Supply Chain • Delivering Uncompromised –Adding Security to the Acquisition Process • Cybersecurity Maturity Model Certification (CMMC)

  5. Overall Private Industry Concerns • Lack of uniform approach across the government drives costs and impairs effective compliance • CMMC implementation will need to be carefully managed to prevent supplier disruption. • Block contract changes without additional funding. • Additional burden on smaller companies to comply Primes held liable for cyber-related issues at subs. • Lack of clarity in standards, or which level applies, could lead to disputes with DoD, subs, or other suppliers. • Cyber sensors implicate wiretap and privacy laws.

  6. Be Prepared

  7. QUESTIONS

More Related