Information Security Addressing Your Advanced Threats

Transcription

1 Information Security Addressing Your Advanced Threats

2 Where We are Going Information Security Landscape The Threats You Face How To Protect Yourself This Will Not Be Boring

3 What Is Information Security? The protection of information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide confidentiality, integrity, and availability. Achieved through implementing technical, management, and operational measures designed to protect the confidentiality, availability, and integrity of information. The goal of an information security program is to reduce, manage, and understand the risk to information under the control of the organization. 3

4 What Is Primarily Targeted? Customer Data (Financial Gain) Payment Card Information Financial Account Information Social Security Numbers Drivers Licenses or Government Issued IDs Medical Insurance ID Number Medical Information Corporate Data (Competitive Advantage) Trade Secrets/Intellectual Property Usernames and Passwords Cyber Attacks to Disrupt Operations

5 Compliance is a Driver HIPAA EI3PA PCI GLBA PII

6 Your Primary Concern Data Breach

7 What is a Data Breach? A data breach is a security incident in which sensitive, protected or confidential data is copied, transmitted, viewed, stolen or used by an individual unauthorized to do so May involve financial information such as credit card or bank details, personal health information (PHI), Personally identifiable information (PII), trade secrets of corporations or intellectual property. 7

8 Why Do You Care? Lost Revenue Regulatory Fines Compliance Concerns Disclosure Fees Lawsuits Damaged Reputation Loss of Consumer Confidence Loss of Competitive Advantage

9 What You Are Not Protecting Mobile Devices USB Flash Drives Cloud Storage Laptops and Desktops Servers

10 What You Are Protecting Brand Confidential Materials Personal / Health Information Credit Information Intellectual Property

11

12 How Are We Doing? Largest Data Breaches Target Home Depot Anthem Ebay Sony U.S. Office of Personnel Management Ashley Madison Blue Cross Blue Shield P F Changs

13 Security Stats are Disheartening Verizon notes a significant increase in cyber espionage, which they define as incidents that include unauthorized network or system access to state-affiliated actors. In addition, third-party vendors who were connected to the target organizations were often compromised to gain initial access, as well, forcing organizations to revisit supply chain security policies and controls for all connections into their networks With its IDS and IPS monitoring services, Dell noted 45 billion events related to post-infection malware activity, which underscores the severity of the problem Third Parties are Our Best Notification Dwell time is killing us Sources: Verizon DBIR 2014, Verizon DBIR 2015, Dell 2015 Annual Threat Report

14 Computer Security Landscape Not Everyone Can Be Trusted Your Reputation Is at Stake Your Money Isn t Safe Your Information Isn t Safe You Are A Target

15 Who Are Your Primary Threats? Hactivists Insiders Russians China

16 Hacktivists Motivation Brand Disruption Remains External (Primarily) Methods Distributed Denial of Service (DDoS) Website Defacements Data Disclosure Targets Whomever They Do Not Agree With

17 Insiders Motivation Money Already has Access to Data Sometimes Unintentional Methods

18 IP Theft - Insider 12/22 - Employee Resigned from Company 12/02 - Google Search for is good company to work for? 12/10 Copied Projects Folder to desktop Folder Contained Proprietary Designs

19 IP Theft - Insider 1:10AM Laptop was Powered on 1:11AM Laptop recognized USB Drive 1:13AM The Projects folder was moved to USB 2:03AM Laptop was Powered Off

20 Russia Motivation Money Smash and Grab Methods Phishing s (malicious links) Drive by Downloads Circumventing Your $ystem Ransomware

21 Business Compromise Attack On Your Wire Tran$fer Process They Do Their Homework Multiple Schemes Total U.S. Victims 7,066 Total Global Loss - $1.2 Billion

22 Business Compromise

23 Business Compromise

24 Ransomware

25 The Dreaded

26 What Could Go Wrong?

27 AV Worked (kinda)

28 Feel Safe?

29 State Sponsored Motivation Secrets and Intellectual Property Low and Slow Methods Spear-Phishing (malicious attachments) Undetected Malware Hacking WaterHoling

30 Who Should Be Worried?

31 Oops

32

33 Why Phishing?

34 Cleared Defense Contractor 20% of Environment Had Been Compromised Attackers Changed Methods Three Times At Least 8 Different C&C Servers Seven Different Indicators of Compromise (IOCs) Three Different Malware Variants

35 Cleared Defense Contractor

36

37 Cleared Defense Contractor #2

38 Security Testing for Protection External Systems Internal Systems Web Applications Wireless Networks Remote Access

39 Protecting Your Mobile Media Encrypt..Encrypt..Encrypt Laptops Removable Media Smartphone Backups

40 Protecting Your Cloud The Cloud is Not Always More Secure Security is Your Responsibility Cloud Place Your Data at Risk It is Now More Targeted You Lose Some Control

41 Authentication is King Passwords are Keys to the Kingdom With Your Password.. I am You Your Password is NOT Hard to Get Must Be Strong and Changed Often Should Be Supplemented

42 User Awareness Training 90% of Computer Security is the User There is No Patch Train After Testing Make the Training Personal Topics: Pre-Texting Phishing Tailgating Baiting Password Management

43 Network Monitoring Intrusion Detection/Prevention Monitoring Logging Asset Discovery Reporting 24X7 Security Guard

44 The Soft Side of Security Policies Are Important I Didn t Break the Rules if There Are None I Now Know What To Do Accountability

45 Transfer The Remaining Risk

46 InfoSec Top Ten Understand Your Sensitive Data Monitor Your Perimeter Do Not Rely on Static Protections Alone Apply Security Patches Social Awareness Training/Exercises If It is Mobile, Encrypt It Passwords Are They Key Protect Them Perform Security/Risk Assessments Expect Security from Your Partners Develop The Needed Policies

47 Bill Dean Director of Computer Forensics Director of Security Assessments