Security plays a key role in every digital action of our lives. This Cybersecurity Awareness Month, Nasdaq spotlights cybersecurity champions who are innovating the space to safeguard against cyber-attacks. Join us as we focus on cyber security and digital best practices.
Nasdaq Information Security Leaders
Cybersecurity Awareness Month
Creating a Cyber Safe Board
Christopher Hetner, Former Senior Cybersecurity Advisor to the Securities and Exchange Commission (SEC) Chair, Senior Cyber Risk Advisor to the National Association of Corporate Directors (NACD) and Senior Advisor to the Chertoff Group, shares his journey to leadership in cybersecurity,
Read the guide to discover Nasdaq’s key learnings to facilitate a stronger, more engaged board for your organization.
We believe technology should empower your organization and its board to operate at their fullest potential—without putting confidentiality of data at risk.
As boards of directors continue to oversee their companies’ response to the coronavirus pandemic, cybersecurity remains top of mind.
A future-ready board can help by adding value and augmenting opportunity identification.
Digital solutions can help bolster engagement, improve board transparency and accountability, and create an audit trail of conversations, meeting minutes, and tasks.
Tapping into the Rapidly Growing Cybersecurity Market Through ETFs
For investors looking to capitalize on the exponential growth in the global cybersecurity market, thematic indexes and linked exchange-traded funds (ETFs) provide the opportunity to tap into innovative companies combatting global cyber threats.LEARN MORE
TradeTalks on Cybersecurity
Types of Major Cyber Threats
Bot-network operators are hackers; however, instead of breaking into systems for the challenge or bragging rights, they take over multiple systems in order to coordinate attacks and to distribute phishing schemes, spam, and malware attacks. The services of these networks are sometimes made available in underground markets (e.g., purchasing a denial-of-service attack, servers to relay spam, or phishing attacks, etc.).
Criminal groups seek to attack systems for monetary gain. Specifically, organized crime groups are using spam, phishing, and spyware/malware to commit identity theft and online fraud. International corporate spies and organized crime organizations also pose a threat to the United States through their ability to conduct industrial espionage and large-scale monetary theft and to hire or develop hacker talent.
Foreign Intelligence Services
Foreign intelligence services use cyber tools as part of their information-gathering and espionage activities. In addition, several nations are aggressively working to develop information warfare doctrine, programs, and capabilities. Such capabilities enable a single entity to have a significant and serious impact by disrupting the supply, communications, and economic infrastructures that support military power - impacts that could affect the daily lives of U.S. citizens across the country.
The disgruntled organization insider is a principal source of computer crime. Insiders may not need a great deal of knowledge about computer intrusions because their knowledge of a target system often allows them to gain unrestricted access to cause damage to the system or to steal system data. The insider threat also includes outsourcing vendors as well as employees who accidentally introduce malware into systems.
Hackers break into networks for the thrill of the challenge or for bragging rights in the hacker community. While remote cracking once required a fair amount of skill or computer knowledge, hackers can now download attack scripts and protocols from the Internet and launch them against victim sites. Thus, while attack tools have become more sophisticated, they have also become easier to use. According to the Central Intelligence Agency, the large majority of hackers do not have the requisite expertise to threaten difficult targets such as critical U.S. networks. Nevertheless, the worldwide population of hackers poses a relatively high threat of an isolated or brief disruption causing serious damage.
Individuals or organizations with malicious intent carry out attacks against users by producing and distributing spyware and malware. Several destructive computer viruses and worms have harmed files and hard drives, including the Melissa Macro Virus, the Explore.Zip worm, the CIH (Chernobyl) Virus, Nimda, Code Red, Slammer, and Blaster.
Individuals, or small groups, who execute phishing schemes in an attempt to steal identities or information for monetary gain. Phishers may also use spam and spyware/malware to accomplish their objectives.
Individuals or organizations who distribute unsolicited e-mail with hidden or false information in order to sell products, conduct phishing schemes, distribute spyware/malware, or attack organizations (i.e., denial of service).
Terrorists seek to destroy, incapacitate, or exploit critical infrastructures in order to threaten national security, cause mass casualties, weaken a target economy, and damage public morale and confidence.
(Source: Government Accountability Office (GAO), Department of Homeland Security's (DHS's) Role in Critical Infrastructure
Careers at Nasdaq
At Nasdaq, you will be inspired by colleagues, encouraged to innovate, and rewarded for excellence in a collaborative and forward-thinking workplace.