Post on 22-Jan-2017
War Against Terrorism: The Role of Today’s CIO
Ayo Rotibi Managing Director
Forts & Shields Ltd (US, Kenya, Nigeria)
“The Internet is a prime example of how terrorists can behave in a truly transnational way; in response, States need to think and function in an equally transnational manner.”
Ban ki-moon
The Art of War
The Art of War is simple
enough. Find out where
your enemy is. Get at
him as soon as you can.
Strike him as hard as
you can and as often as
you can, and keep
moving on. (Ulysses S. Grant)
18th US President. Led the Union to victory over the Confederacy in the American Civil War
www.terror.net – The Modern Terrorists
Internet-aided terrorism is a dynamic phenomenon and transnational
Terrorist websites target three different audiences: current and potential supporters; international public opinion; and enemy publics
Ways contemporary terrorists use the Internet:
•From conducting psychological warfare to gathering information, from training to fundraising, from propagandizing to recruiting, and from networking to planning and coordinating terrorist acts.
www.terror.net – The Modern Terrorists
Workplace has been the primary target of terrorism
•WTC Building, Garisa University, Westgate Mall
Many workplaces upon which citizens rely to reach work are relatively unprotected
•St Pancreas Underground
"We use Facebook to schedule the protests, Twitter to co-ordinate and YouTube to tell the world.“ An
Egyptian Arab Spring Activist
www.terror.net – The Modern Terrorists
Dateline: September 2013
•Al Qaeda opens first official Twitter account
•@shomokhalislam, issued 29 tweets, followed one account, and attracted 1,532 followers in 24 hours (including several high-profile digital jihadists)
@shomokhalislam
www.terror.net – The Modern Terrorists
Breaking News... Amazon Halts sales of ISIS propaganda Magazine
Darknet – The New Terror Frontier
Adopted platform for direct communication among global jihadi activists •Over 50,000 sites and 300 forums for terrorist
organizations
•Used to distribute material for recruitment, training, and coordination of terrorist
• Informed the travel warning and closure of some US embassies in August 2013
Darknet – The New Terror Frontier
A Course in the Art of Recruiting • https://ia800300.us.archive.org/32/items/ACourseInTheArtOfRecruiting-
RevisedJuly2010/A_Course_in_the_Art_of_Recruiting_-_Revised_July2010.pdf
ISIS and the Lonely Young American • http://www.nytimes.com/2015/06/28/world/americas/isis-online-recruiting-american.html
Kenya’s Global Terrorism Index (GTI)
Year Incidents Fatalities Injuries Properties GTI Rank (out of 162)
2009 1 0 0 0 4.47 27
2010 12 19 159 4 4.81 24
2011 38 37 98 7 5.15 19
2012 73 98 410 34 6.06 14
2013 74 201 442 22 6.58 12
http://www.visionofhumanity.org/#page/indexes/terrorism-index/2013/KEN/FATA
Cyber-threat Barometer: Any Ideas?
Leading Cyber Attack Method
•Social Engineering
Leading Threat
•Insider (with Authorized Access)
Leading Vulnerability
•People
Kenya’s Cyber Goals
Enhance the nation’s cybersecurity posture in a manner that facilitates the country’s growth, safety, and prosperity.
Build national capability by raising cybersecurity awareness and developing Kenya’s workforce to address cybersecurity needs.
Foster information sharing and collaboration among relevant stakeholders to facilitate an information sharing environment focused on achieving the Strategy’s goals and objectives.
Insider threat
Have legitimate access to systems
Often familiar with the organization's data
Abuse privileges to harm the organization
Circumvent security controls of which they are aware
Have physical proximity to data
Harder to defend against than attacks from outsiders
The 58% Theory-The Insider Family
The Rogue Employee
•AKA: Shadow IT, Rogue IT
•Description: They have many aliases, but one definite goal – to take valuable data and leverage it into monetary gain, revenge or even some revolutionary crusade
The 58% Theory-The Insider Family
Fired / Disgruntled Worker
•AKA: Pinch a Penny from a 1 million Transactions
•Description: Think Office Space – where workers on their way out devise a way to rip off the company
The 58% Theory-The Insider Family
3rd Party and Outside Insider
•AKA: The Ulterior Motivator
•Description: Your temporary contractor or third-party vendor is around so much that your office is almost his second home. He may fraternize with employees and gain the trust of your crew – but who is really watching over
The 58% Theory-The Insider Family
Inadvertent Users
•AKA: Not the Brightest Crayon in the Box
•Description: Believe it not, inadvertent insider threats make up a good portion of data breaches– thanks to the consumerization of IT, the mobility of data and the smartphone trend, it is easier for company data to move beyond traditional firewalls
The 58% Theory-The Insider Family
Personalization Guru
•AKA: The Guy Who Brings Home to Work
•Description: This guy is a disaster waiting to happen. They are the ones who want their workstation to be a basic clone of their personal laptop. They want to have all the applications, tools and software –to bypass admin rights
The 58% Theory-The Insider Family
The Night Janitor
•AKA: The Unsuspecting Pirate
•Description: The support staff is in your office at strange hours with no supervision really at all. Don't let the false characterizations and stereotypes fool you – criminals and social engineers would not lose a sweat getting employed as a janitor just to have your server room to themselves.
Exposure in the Workplace
Types of Sensitive Corporate Information Employees Access (http://www.ponemon.org/blog/the-security-impact-of-mobile-device-use-by-employees)
Exposure in the Workplace
Types of Personal Tasks Employees Do in the Workplace (http://www.ponemon.org/blog/the-security-impact-of-mobile-device-use-by-employees)
Exposure in the Workplace
Content Accessed on Mobile Devices As Permitted By Enterprise (http://www.ponemon.org/blog/the-security-impact-of-mobile-device-use-by-employees)
Food For Thought
What Will You Do If You Knew You
Were Under Surveillance?
4 Cyber-Breach Questions
What: •Happened? Was Stolen? Was Compromised?
How:
•Did They Do It? To Prevent Reoccurrence?
Who:
•Did It? Is Affected?
When:
•Did They Do It? Can Recovery Begin?
CIOs must leverage this singular advantage and take a stand on the new encryption regime introduced by FB, Google and Apple
Nothing is Hidden Under the Hood
Every online activity leaves a Digital Footprint
The Role of The CIO
Due Care: Conduct a reasonable person would exercise in a particular situation
•Security is Good Business
•Security is Everybody’s Business
Due Diligence: Gathers facts to make an informed decision
•Additional Internal Control procedure – Network Forensics
Threat awareness, assessment, and perception
Efficient information flow within corporations, between corporations, and between corporations and local and federal government agencies
National Domestic Communication Assistance Center
Core functions: • Law Enforcement
Coordination
• Industry Relations
• Technology Sharing
• CALEA Implementation
Government's first ever attempt to develop a centre for electronic surveillance knowledge management, and facilitate the sharing of technical solutions and know-how among law enforcement agencies
What if...
...we all work together for a common purpose?
...we aspire to build a Regional NDCAC to foster stronger collaboration and complement Kenya CIRT/CERT?
...we foster stronger collective relationship with LEA and Government
...we leave this conference with a resolution to make SOMETING happen?
...we...?
Proposed Initiatives
Initiate targeted knowledge dissemination programs
Provide real time knowledge dissemination to corporate members
Develop lessons learned from corporate incidences
Modify existing Users and Internet Usage Policies to include Internal Surveillance
Establish a Regional NDCAC
A Little Story
Breaking News
Eiffel Tower for Sale!
Moral Lesson:
Share Information
Conclusion
CIOs have been dragged into the War Against Terrorism
The Enterprise landscape has changed forever – FACT
The Internet offers us opportunity to prevent, detect and deter acts of terrorism
CIOs have a responsibility to secure their enterprise
CIOs need to know about human psychology and behavioural attitude
Real-time Digital Forensics will become a major tool in identifying these threat agents
CIO must determine that their enterprise network does not become a recruitment ground or a conduit for fund-raising and propaganda
For Further Information and Demo:
•Email: arotibi@isecureconsulting.com
•Phone: +254-786-834-158, +254-772-299-802
•Skype: arotibi
•Forts & Shields, 63 Mandera Rd, Kileleshwa, Nairobi, Kenya
•www.fortsandshields.com
•www.isecureconsulting.com
Questions