Tima Soni Presents on UN Organization Cyber Security Measures (seen above with Alon Goldenberg, Amana Ahmed, Tima and Andrew Sinclair)

Changing the Economics for Computer Network Defense

​Borderless Cyber USA sponsored a conference called Changing the Economics for Computer Network Defense 21-22 June 2017 at the Alexander Hamilton U.S. Custom House, a historic venue and home of the Smithsonian’s National Museum of the American Indian in New York City. The conference focused on how cybersecurity experts are changing the economics for computer network defense, decreasing the cost to defend, while turning up the heat on attackers.

Tima Soni, Chief of UNICC’s ISS (Information Security Services), Clients – Projects Division, presented on ‘CISO as a Service for UN Partners’ along with many other speakers (see caption at right). Andrew Sinclair, UNICC’s Information Security Specialist, Amana Ahmed, Market Research and Communications Aide, as well as UNICC ‘job shadower’ Alon Goldenberg joined Tima for her session and several roundtable discussions.

Attendees came from all industries and sectors, including C-level executives, directors, and senior managers responsible for threat intelligence, incident response, risk, and audit. Cyber security stakeholders in financial services, retail, healthcare, manufacturing, utilities, international business, government, and other industries participated, including ITU, NSA, Department of Homeland Security, Israel National Cyber Security Authority, National Cyber Security Centrum, National Center of Incident Readiness and Strategy for Cybersecurity, National Cybersecurity Center of Excellence, Cisco, IBM, Ernst & Young and Wells Fargo.

Dr. Ed Amoroso, former AT&T Chief Security Officer, in his Keynote: A Random Walk Through Cyber Security, called on the U.S. President to demand an immediate rewrite of the U.S. Executive Order on Cybersecurity. First and foremost, Amoroso believes the focus should be on declaring the NIST framework to be the only security compliance framework used by civilian agencies. Ed took attendees on a random walk through current issues and concepts of enterprise cyber security with scheduled stops at virtualized distributed protections, Hillary Clinton’s email, and breaking into early soda machines.

The conference provideds actionable advice from trusted experts on:

• Using bitcoin blockchain technology to increase security
• Ransomware and the Cybersecurity Executive Order
• How banks can and must respond to new threats
• The mind-blowing future of cyber defense
• International collaborations that make cyber truly borderless.

Tima Soni’s presentation focused on the following:

• The International Computing Centre’s (UNICC) information security services covers cyber security oversight and governance, as well as operational components for many of the United Nations Partner Organizations.
• The UNICC develops solutions to improve information security management capabilities, to meet the needs of the UN’s cyber security strategic goals concerning growing cyber threats. Solutions in support of these UN agencies include a variety of information security initiatives such as incident response, security roadmaps, information security awareness programs, etc.
• The organization provides ‘CISO as a Service,’ which operates within a Client’s structure, in contact with the Client’s senior executives. The CISO service acts along with the Client’s executives on strategic guidance and business alignments, CIOs on assurance, technical teams on expertise, end-users on awareness as well as 3rd parties possibly representing the Client.
• These services provided help to strengthen relationships with the cyber community at large on behalf of United Nations organizations and to foster a reputation for excellence. UNICC is thus uniquely positioned to quickly disseminate cyber threat alerts and other critical information to organizations across the world.

During this session, the Head of Information Security Services at UNICC spoke about her current role as the CISO for several UN agencies. She’ll address the unique perspectives and challenges her team faces when working for many different types of agencies around the globe.

Also discussed will be how they share knowledge when ever possible on the different identified common weaknesses, strengths, threats and risks affecting the agencies they support.

Presentations included:

• Olga Livingston, NPPD Office of the Chief Economist, DHS-‘Costs of Cyber Incidents’-she focused on how to estimate the benefits of cybersecurity investments
• Omar Santos Principal Engineer, Cisco PSIRT- ‘Incident response, forensics, and vulnerability management’- he focused on how to tackle and investigate attacks
• Tima Soni, Head, ISS, Client and Projects Division, United Nations, International Computing Centre – ‘CISO as a Service for UN Partners’- she described what the UNICC is, what are our services, where do we fit in the UN family, focused on information security services, CISO as a Service and ISO 27001
• Tim McBride, Associate Director National Cybersecurity Center of Excellence (NCCoE), National Institute of Standards and Technology – ‘An Overview of the President’s Executive Order and NIST’s Role in the Evolution of Cybersecurity’ – he focused on making cybersecurity a major priority to make the country safe.The President has mandated the use of the NIST Cybersecurity Framework across government to manage their cybersecurity risks.

A Cyber Threat Collaborations and Alliances to Improve Global Defenses Against Cyber Adversaries panel included:

• Fred Hintermister, Manager, Electricity ISAC, North American Electric Reliability Corporation (moderator)
• David Primor, Head of the Technology Division, Israeli National Cyber Security Authority
• David Willems, Head of Monitoring and Response, National Cyber Security Center
• Ko Ikai, Counsellor, National center of Incident readiness and Strategy for Cybersecurity (NISC)
• Marco Obiso, Cybersecurity Coordinator, International Telecommunication Union (ITU).