OFFICE of the CHIEF INFORMATION SECURITY OFFICER Information Security and Privacy Annual Report
|
|
- Evelyn Wells
- 8 years ago
- Views:
Transcription
1 OFFICE of the CHIEF INFORMATION SECURITY OFFICER 2011 Information Security and Privacy Annual Report
2 From the UW Chief Information Security Officer R The UW Office of the Chief Information Security Officer promotes a culture of information security and privacy. Services are designed to help UW units understand risks by analyzing and forecasting threats to information security, researching applicable information security and privacy laws, providing education on safeguarding institutional information, consulting on incident management, and managing policies and strategic solutions for UW s institutional information. More info ciso.uw.edu The Information Age is in full bloom at the University of Washington. The University s ability to succeed in its critical mission is dependent on dynamic and powerful information and communication technologies. Unprecedented access to an enormous and ever-growing volume of information and the ability to create, process, analyze and use it conveniently is now essential. However, these benefits come with unique security and privacy challenges. The goal of the Office of the Chief Information Security Officer (CISO) is to help the University community understand and manage those challenges. This goal allows the Office of the CISO team members to meet and collaborate with talented and dedicated colleagues across the entire University, and we view this as a privilege. It s a front-row seat on the inner workings of an incredible world of education, research, culture, and community events. Credits UW Office of the CISO WRITING: Kirk Bailey, Suzanne Blais, Bryan Egan, Zephyr McLaughlin, Ann Nagel, Daniel Schwalbe, Leif Tishendorf, Braden Vinroe CREATIVE DIRECTION AND EDITING: Melissa Albin-Wurzer PHOTOGRAPHY: Melissa Albin-Wurzer, Zephyr McLaughlin, Braden Vinroe UW Creative Communications DESIGN: Karin Mellskog Table of Contents Risk Management...1 Information Security and Privacy Landscape Accomplishments...2 Consulting...3 Threat Report...4 Visualizing Information Security and Privacy...6 Information Assurance Atlas...6 Privacy Program Updates...7 Data Security Agreement...7 Cloud Services Initiative...7 Incident Management Update Things to Do to Secure Data And 5 Do Nots Goals...9
3 Risk Management The Office of the CISO takes a multi-faceted approach to addressing the UW s information security and privacy. We believe this approach supports the efforts to secure and protect UW data. On a semi-annual basis, representatives from the Office of the CISO, Office of Research, UW Medicine, and Office of Planning and Budgeting assess information security and privacy risk for all of the UW; this includes scoring 63 objectives and 49 threats. Direction and reviews for this risk assessment are provided by the Privacy Assurance and Systems Security Council, chaired by the UW CISO. Results are used to inform the UW s information security and privacy initiatives and services. ACCT ORG 5.00 POL ACCT ORG POL PHY ASSET AUD RISK SAMPLE RISK REPORT PHY ASSET AUD RISK TECH PRI Risk Assessment Based On: 63 Objectives 49 Threats TECH PRI OPS IM OPS IM IMON EDU Capability Level Risk Score IMON EDU Threat Index Score High Medium Overall Risk Low ORG POL AUD RISK PRI IM EDU IMON OPS TECH PHY ASSET ACCT Spring Fall Biennium Goal Information Security and Privacy Landscape Developing and implementing a successful plan to address security and privacy challenges, assess risks, and protect UW information involves contending with the diverse elements of a changing landscape, including: Rollout of innovative technology across the UW with less time and resources to understand and address institutional risk. Reliance on Web-based technology, such as mobile technology, that is increasingly challenging to identify and secure. Increasing threats that target UW confidential information and intellectual property. Inconclusive forensic evidence for new technology solutions may result in the need for the UW to issue data breach notifications. This may cause unnecessary financial harm to the individuals the UW serves and unnecessary financial, operational, compliance, and reputational harm to the UW. Resource constraints that make UW institutional information, information systems, computerized devices and technology infrastructure more vulnerable INFORMATION SECURITY AND PRIVACY ANNUAL REPORT UW OFFICE OF THE CISO 1
4 Security by the Numbers In 2011, on average 7,000 s per month received by / 200 trouble tickets per month handled by Information Security Engineers 50,000 intrusion attempts per day blocked by the intrusion prevention service 2011 Seminars The Office of the CISO staff led Information Assurance Seminars and information sessions on the following topics: Children, Information, and the UW Personally Identifiable Information (PII) and Social Media PII and the Underground Economy Best Practices for Securing UW Confidential Information Information Security Threat Landscape Information Security and Privacy Risk Management Privacy and Incident Management Policies 2011 assessment tools to help departments and business units assess risks and make 2011 Accomplishments Risk Management and Intelligence Published operational activity and trend reports. Initiated development of risk calculated decisions about information security and privacy. Developed initial concept for the Information Assurance Atlas. Policy Finalized policies for information security and privacy roles and responsibilities, incident management, and privacy. Published UW standard Online Privacy Statement and Web Site Terms and Conditions of Use. Audit & Compliance Strengthened UW s due care position by creating an authoritative list of information security and privacy laws applicable to UW. Established ongoing collaboration meetings with UW Internal Audit, UW Medicine IT Services, UW Medicine Compliance, and School of Medicine. Privacy Developed a foundation for a comprehensive privacy program that respects personally identifiable information and helps UW address privacy obligations and risks. Operational Management Enhanced security services and vulnerability assessment consulting services for departments and business units. Upgraded intrusion prevention systems to expand capabilities and performance. Organization & Authority Expanded the Privacy Assurance and Systems Security (PASS) Council membership to include additional representation from the School of Medicine and the Office of Research. In addition to the CISO chairing the PASS Council, members of the Office of the CISO participated in the following committees and councils: Data Management Committee Information Technology Risk Council Cloud Computing Compliance Committee UW Medicine Security Program Executive Committee UW Computing Directors Digital Millennium Copyright Act Committee Husky Card Advisory Committee Emergency Management Planning Committee Compliance Operations and Financial Council Steering Committee UW Healthcare Component Compliance Group Patient Privacy Advisory Committee Education Expanded the CISO website to include risk advisories and best practices for phishing, multifunction devices, and social media. Began publishing quarterly newsletters. Supported curriculum development or guest lectures for the Information School, Mathematics, and UW Bothell. Reviewed research proposals for Applied Physics Laboratory and the Information School. Supported rollout review for the Center for Commercialization s security industry-related product. Provided information security and privacy seminars for the UW community. C 2 UW OFFICE OF THE CISO 2011 INFORMATION SECURITY AND PRIVACY ANNUAL REPORT
5 Consulting In 2011, we collaborated on specific topics, provided in-depth vulnerability assessments for departments and units, or supported projects in the following areas: BUSINESS UNIT, DEPARTMENT, COLLEGE, OR SCHOOL SECURITY PRIVACY OUTREACH BUSINESS UNIT, DEPARTMENT, COLLEGE, OR SCHOOL SECURITY PRIVACY OUTREACH Applied Physics Lab Arts & Sciences Dean s Office Attorney General s Office UW Division Center for Commercialization (C4C) Computer Science & Engineering Educational Outreach Foster School of Business Information School Intercollegiate Athletics (ICA) Library Systems School of Law School of Medicine School of Nursing The Graduate School The UW President s Office UW Bothell IT UW Tacoma IT External Affairs Government Relations Media Relations and Communications Office of Public Records and Open Meetings News and Information UW Marketing Finance & Facilities (F2) Financial Management Records Management Procurement Services Student Fiscal Services Internal Audit Treasury Investment Management Risk Management Facilities Services Transportation Services Campus Engineering and Operations Emergency Management Finance and Business Services Human Resources HR Campus Operations HR Information Systems Office of Planning and Budgeting Strategic Capital Resource Planning Information & Data Management Office of Research Office of Sponsored Programs Office of Research Information Systems Human Subjects Division Student Life Housing and Food Services Office of the Registrar Campus Life Student Financial Aid & Scholarships UW Police Department Undergraduate Academic Affairs Dream Project First Year Programs University Advancement Advancement Services Alumni Relations UW Information Technology Information Management Networks, Data Centers & Telecommunications Technology Management UW Medicine Compliance ITS Security Affiliate Institutions Seattle Children s Fred Hutchinson Cancer Research Center Northwest Hospital 2011 INFORMATION SECURITY AND PRIVACY ANNUAL REPORT UW OFFICE OF THE CISO 3
6 Threat Report: 99% of What Happens is Not in the News News stories in 2011 were replete with phishing scams, point of sale system hacks, or website compromises that released the information of thousands even hundreds of thousands of users addresses, passwords, credit card information, and other personal details. While it is important to be aware of the latest threats facing the UW in the ever-growing online world, it should not be forgotten that old players don t always leave the field. In 2011, approximately 14 million events were stopped at the network border by the UW TippingPoint Intrusion Prevention System (IPS) systems. Over 10 million of those blocks were for MS-RPC: Microsoft Server Service Buffer Overflow (see Table 1 below and Table 2 next page) which includes a number of exploits such as Sasser, released in 2004, Spybot, also released in 2004, and Conficker, released in These viruses may no longer be in the news, but they are still very much alive, infecting systems, causing headaches around the world, and threatening the UW network. News reports lead the public to believe that most exploits originate abroad in places such as China, the Russian Federation, or Romania, but in actuality, many viruses and scams are conceived here in the United States. (See Table 3 next page.) The importance of patching systems and updating antivirus software is not always taken seriously, and neither are common practices. Because the United States has one of the world s largest number of personal computer users, it also has the potential to possess one of the world s largest populations of infected and insecure computers. To help mitigate the risk of infected machines at UW, individuals should routinely check for and apply software patches and ensure that their antivirus is up to date. Department IT staff play a vital role by routinely communicating about and assisting users with patches and updates, and the Office of the CISO strives to keep departments and users informed about the information security threat landscape. Safeguarding personal data, computers, systems, and UW institutional information means striking a balance between staying informed of new threats while being aware of threats that no longer make the news. Table 1: A count of activities blocked by the UW TippingPoint Intrusion Prevention System (IPS) by type of activity. Invalid TCP Traffic: Possible nmap Scan (No Flags) Stacheldraht: Agent-to-Master Ping (General) DNS: Version Request (UDP) MS-SQL: Slammer-Sapphire Worm MS-RPC: DCOM ISystemActivator Overflow HTTP: PHP Code Injection SMB: ASN.1 Bitstring Processing Heap Overflow MS-RPC: LSASS Active Directory Interface Overflow Invalid TCP Traffic: Possible Recon Scan (SYN FIN) MS-RPC: Microsoft Server Service Buffer Overflow 119, , , , , , , , ,096 10,604,682 Scale is discontinuous due to large number of blocks of Exploits such as Sasser, Spybot, and Conficker. 4 UW OFFICE OF THE CISO 2011 INFORMATION SECURITY AND PRIVACY ANNUAL REPORT
7 Table 2: A count of activities blocked by the IPS on various ports. The most common blocks are for Windows File Sharing (445), and HTTP (80). Port # (Description) Scale is discontinuous due to large amount of blocked activity on Port (SMB) 11,163, (HTTP) 771, (Unknown*) (Unknown*) 1434 (Microsoft SQL) 135 (Remote Procedure Call) 443 (HTTPS) 53 (DNS) 139 (NetBIOS) (Unknown*) 279, , , , , , ,278 75,595 * Blocks on unknown ports are likely related to botnets or Peer-to-peer (P2P) activities. Table 3: Number of activities blocked by UW s TippingPoint devices by geographical location, as determined by Autonomous System Number (ASN). United States 2,483,001 Russian Federation 1,500,344 Taiwan Brazil 1,143,323 1,053,704 China South Korea Romania Japan Poland Hungary 471, , , , , , INFORMATION SECURITY AND PRIVACY ANNUAL REPORT UW OFFICE OF THE CISO 5
8 Visualizing Information Security and Privacy With competing priorities and resource constraints, how do we as the UW community identify and protect our most important assets? P How do we show due care? What can we do to protect our information and systems in an effective and efficient manner? The UW Information Assurance Atlas Program will help address these and other challenging questions. By aggregating existing and new data sources the Atlas will provide important views of assets, threats, and risks. Information Assurance Atlas An information assurance atlas program with tools and services designed to support transparency, facilitate collaboration, and inform decision making around data, security, privacy, and risk. In fall 2011, the Office of the CISO developed the initial Atlas concept. Program planning and development will begin in If you are interested in following the Atlas progress, please contact ciso@uw.edu. Atlas Executive Summaries CISO Analysis Management Decisions Department/Unit Overview Communication, Information, Sharing, and Education Maps Risk Data Use Resources Policy and Best Practices Sources Existing Data Sources Data Provided by the Office of the CISO Data Provided by Department/Unit 6 UW OFFICE OF THE CISO 2011 INFORMATION SECURITY AND PRIVACY ANNUAL REPORT
9 P Privacy Program Updates The Privacy Program made notable advancements in The Office of the CISO published a list of the privacy and information security laws that impart a duty upon the University to protect information. Our website summarizes the laws by subject area (Financial, Health Care, Research, etc.) and identifies the UW Subject Matter Expert (SME) and resources. We hosted the First Annual SME Symposium in December, where the SMEs were able to share their experiences and learn of legislative and enforcement developments in each area. We will continue to monitor legislative developments, and provide updates and confer with SMEs as necessary was a key year for federal legislative initiatives in the field of Data Privacy. As of this writing, several items of legislation are again circulating throughout Congress. The Obama Administration has devoted resources and made several statements regarding the importance placed on data privacy. A key battleground concerns the enforcement of eventual policies, and whether this will lie with the Federal Communications Commission or the Federal Trade Commission. Data Security Agreement Other privacy projects included the revision of the Data Security Agreement (DSA) used in contract negotiations, as well as the addition of several interpretive documents to aid campus in the understanding and use of the DSA. A workshop was held in June with campus leaders to explain the revised DSA and accompanying materials, as well as to support the use and understanding of those materials. Acceptance of the documents by our key collaborators on campus has been widespread. Increased use of the documents has been seen at earlier and more critical stages of procurement and contract negotiations, reducing the University s risk and preserving the integrity of confidential information. Cloud Services Initiative As part the University s efforts to contract with Cloud service providers, the Office of CISO provided support by investigating and reviewing providers security strategies and operational practices. This included assessing risks and understanding answers to key questions for each provider: Does the provider have strong security controls? Does the provider have a qualified and experienced security team? What are the provider s policies related to security and privacy concerns? Where will the University users data reside and, if not inside the USA, what does that mean? If the service is compromised, what is the provider s capability for responding and recovering from the incident? Can the University s security professionals have access to the provider s investigation reports? What priority will University users have in that recovery process? 2011 INFORMATION SECURITY AND PRIVACY ANNUAL REPORT UW OFFICE OF THE CISO 7
10 Incident Management Update Improvements to the incident response process at the University made great progress in Many of these improvements are due to the final approval of Administrative Policy Statement (APS) 2.5, Information Security and Privacy Incident Management Policy. 2 This policy improves the incident response process in a number of key ways. Potential information security events are now investigated based on data type instead of physical location. This gives Subject Matter Experts direct oversight of incidents. 10 Things to Do to Secure Data 1. Do know your data what you have, how much, and where. 2. Do think before sharing information on social networks. 3. Do audit data access permissions regularly. 4. Do use different passwords for different applications and systems. 5. Do update software regularly. 6. Do assess risks to your critical assets regularly. 7. Do assume that your data or systems could be compromised. 8. Do configure auditing, logging, and alerting on critical systems. 9. Do use the Data Security Agreement when sharing confidential data with vendors. 10. Do segment critical systems and sensitive data. And 5 Do Nots 1. Do not open attachments or click on links in unexpected or suspicious Do not assume vendors are doing what you think they are doing. 3. Do not retain unnecessary stores of confidential data. 4. Do not assume that cloud solutions are secure and robust. 5. Do not keep records past their retention period. Per APS 2.5, the designated officials mentioned in the chart below are responsible for responding to and managing information security and privacy incidents at the University. As needed, those designated officials assemble an incident management team with the appropriate Subject Matter Experts; the team provides advice on how business processes, laws, compliance obligations, and risks may impact the University. Designated Official Type of Information Organizational Area University Facility Security Officer, or his or her designee Chief Privacy Officer for the non-uw Medicine components of the hybrid entity, or his or her designee Chief Privacy Officer for UW Medicine, or his or her designee University Chief Information Security Officer, or his or her designee National security information or national security systems Protected health information Protected health information All information unrelated to national security information, national security systems, or protected health information All areas of the University Non-UW Medicine healthcare components of the University UW Medicine All areas of the University Administrative Policy Statement 2.5 also clearly states that University employees should report any potential incident and gives the investigative team the ability to garner resources to perform the investigations in a timely manner. In addition to the high-level policy approvals, the Office of the CISO continued developing internal procedures. The creation of an internal incident response plan has already led to faster response time and better cooperation with departments and business units when investigating potential incidents. 8 UW OFFICE OF THE CISO 2011 INFORMATION SECURITY AND PRIVACY ANNUAL REPORT
11 Goals Risk Management and Intelligence Complete development of risk assessment tools to help departments and business units assess risks and make calculated decisions about information security and privacy. Plan and develop the first phase of the Information Assurance Atlas. Streamline threat analysis to provide timely information to departments and business units. Policy Revise Administrative Policy Statement (APS) 2.1, Information Systems Security and APS 2.10, Minimum Data Security Standards. Publish University-wide Social Media and Networking Guidelines. Audit & Compliance Map the common requirements in the information security and privacy laws that are applicable to the University. Privacy Develop guidance and tools to help departments implement key concepts in APS 2.2, University Privacy Policy. Establish institutional resources for department and business unit risk assessment and consulting. Education Publish online information security and privacy training. Continue to provide quarterly information security and privacy seminars for the University community Seminars In 2012, the Office of the CISO will hold quarterly Information Assurance Seminars with a roundtable format. Each quarter there will be a topic relating to information security and privacy best practices and risk management strategies. We will also provide the latest updates on continuously evolving subjects, such as the threat landscape, privacy laws and regulations, and mobile device security. More info ciso.washington.edu/events/ 2011 INFORMATION SECURITY AND PRIVACY ANNUAL REPORT UW OFFICE OF THE CISO 9
12 ciso.uw.edu
An Information Security and Privacy Perspective for Procurement Services Projects
MANAGEMENT OF DATA: An Information Security and Privacy Perspective for Procurement Services Projects Presentation for: Procurement Services Senior Leadership Meeting Presented by: Ann Nagel, Associate
More informationEvaluation Report. Office of Inspector General
Evaluation Report OIG-08-035 INFORMATION TECHNOLOGY: Network Security at the Office of the Comptroller of the Currency Needs Improvement June 03, 2008 Office of Inspector General Department of the Treasury
More informationInformation Security Plan May 24, 2011
Information Security Plan May 24, 2011 REVISION CONTROL Document Title: Author: HSU Information Security Plan John McBrearty Revision History Revision Date Revised By Summary of Revisions Sections Revised
More informationEnd-user Security Analytics Strengthens Protection with ArcSight
Case Study for XY Bank End-user Security Analytics Strengthens Protection with ArcSight INTRODUCTION Detect and respond to advanced persistent threats (APT) in real-time with Nexthink End-user Security
More informationLAMAR STATE COLLEGE - ORANGE INFORMATION RESOURCES SECURITY MANUAL. for INFORMATION RESOURCES
LAMAR STATE COLLEGE - ORANGE INFORMATION RESOURCES SECURITY MANUAL for INFORMATION RESOURCES Updated: June 2007 Information Resources Security Manual 1. Purpose of Security Manual 2. Audience 3. Acceptable
More informationNATIONAL CYBER SECURITY AWARENESS MONTH
NATIONAL CYBER SECURITY AWARENESS MONTH Tip 1: Security is everyone s responsibility. Develop an awareness framework that challenges, educates and empowers your customers and employees to be part of the
More informationNew York State Department of Financial Services. Report on Cyber Security in the Insurance Sector
New York State Department of Financial Services Report on Cyber Security in the Insurance Sector February 2015 Report on Cyber Security in the Insurance Sector I. Introduction Cyber attacks against financial
More informationINSTANT MESSAGING SECURITY
INSTANT MESSAGING SECURITY February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in part
More informationGEARS Cyber-Security Services
Florida Department of Management Services Division of State Purchasing Table of Contents Introduction... 1 About GEARS... 2 1. Pre-Incident Services... 3 1.1 Incident Response Agreements... 3 1.2 Assessments
More informationUniversity System of Maryland University of Maryland, College Park Division of Information Technology
Audit Report University System of Maryland University of Maryland, College Park Division of Information Technology December 2014 OFFICE OF LEGISLATIVE AUDITS DEPARTMENT OF LEGISLATIVE SERVICES MARYLAND
More informationINFORMATION SECURITY GOVERNANCE ASSESSMENT TOOL FOR HIGHER EDUCATION
INFORMATION SECURITY GOVERNANCE ASSESSMENT TOOL FOR HIGHER EDUCATION Information security is a critical issue for institutions of higher education (IHE). IHE face issues of risk, liability, business continuity,
More information2010 AICPA Top Technology Initiatives. About the Presenter. Agenda. Presenter: Dan Schroeder, CPA/CITP Habif, Arogeti, & Wynne, LLP
2010 AICPA Top Technology Initiatives Presenter: Dan Schroeder, CPA/CITP Habif, Arogeti, & Wynne, LLP Georgia Society of CPAs Annual Convention June 16, 2010 About the Presenter Partner-in-Charge, Habif,
More informationCisco IPS Tuning Overview
Cisco IPS Tuning Overview Overview Increasingly sophisticated attacks on business networks can impede business productivity, obstruct access to applications and resources, and significantly disrupt communications.
More informationINDUSTRIAL CONTROL SYSTEMS CYBER SECURITY DEMONSTRATION
INDUSTRIAL CONTROL SYSTEMS CYBER SECURITY DEMONSTRATION Prepared for the NRC Fuel Cycle Cyber Security Threat Conference Presented by: Jon Chugg, Ken Rohde Organization(s): INL Date: May 30, 2013 Disclaimer
More informationNetwork Security Policy
Network Security Policy I. PURPOSE Attacks and security incidents constitute a risk to the University's academic mission. The loss or corruption of data or unauthorized disclosure of information on campus
More informationInformation Security Program CHARTER
State of Louisiana Information Security Program CHARTER Date Published: 12, 09, 2015 Contents Executive Sponsors... 3 Program Owner... 3 Introduction... 4 Statewide Information Security Strategy... 4 Information
More informationPersonal Information Threats & Risks: Responding to an Evolving Landscape with an Integrated Data Protection Approach
Personal Information Threats & Risks: Responding to an Evolving Landscape with an Integrated Data Protection Approach Don MacPherson January 2012 Discussion Items 1. Threats and risks to personal information
More informationMedical Device Security Health Imaging Digital Capture. Security Assessment Report for the Kodak CR V4.1
Medical Device Security Health Imaging Digital Capture Security Assessment Report for the Kodak CR V4.1 Version 1.0 Eastman Kodak Company, Health Imaging Group Page 1 Table of Contents Table of Contents
More informationBest Practices for Building a Security Operations Center
OPERATIONS SECURITY Best Practices for Building a Security Operations Center Diana Kelley and Ron Moritz If one cannot effectively manage the growing volume of security events flooding the enterprise,
More informationOctober 10, 2013. Report on Web Applications #13-205
Office o f Auditi n g & Advisory Services The University of Texas Health Scie n ce Ce nter a t Ho us to n October 10, 2013 Report on Web Applications #13-205 We have completed our audit of web application
More informationHow To Prevent Hacker Attacks With Network Behavior Analysis
E-Guide Signature vs. anomaly-based behavior analysis News of successful network attacks has become so commonplace that they are almost no longer news. Hackers have broken into commercial sites to steal
More informationData Security and Healthcare
Data Security and Healthcare Complex data flows Millions of electronic medical records across many systems New and emerging business relationships Changing and maturing compliance frameworks Diverse population
More informationStrategic Plan for Technology 2015-2020
Florida Gulf Coast University Strategic Plan for Technology 2015-2020 Information Resource Committee I. Overview of the Process Information Resource Committee In the Fall of 2014, the Planning and Budget
More informationCisco Security Optimization Service
Cisco Security Optimization Service Proactively strengthen your network to better respond to evolving security threats and planned and unplanned events. Service Overview Optimize Your Network for Borderless
More informationHIGH-RISK SECURITY VULNERABILITIES IDENTIFIED DURING REVIEWS OF INFORMATION TECHNOLOGY GENERAL CONTROLS
Department of Health and Human Services OFFICE OF INSPECTOR GENERAL HIGH-RISK SECURITY VULNERABILITIES IDENTIFIED DURING REVIEWS OF INFORMATION TECHNOLOGY GENERAL CONTROLS AT STATE MEDICAID AGENCIES Inquiries
More informationIT Best Practices Audit TCS offers a wide range of IT Best Practices Audit content covering 15 subjects and over 2200 topics, including:
IT Best Practices Audit TCS offers a wide range of IT Best Practices Audit content covering 15 subjects and over 2200 topics, including: 1. IT Cost Containment 84 topics 2. Cloud Computing Readiness 225
More informationHoneyBOT User Guide A Windows based honeypot solution
HoneyBOT User Guide A Windows based honeypot solution Visit our website at http://www.atomicsoftwaresolutions.com/ Table of Contents What is a Honeypot?...2 How HoneyBOT Works...2 Secure the HoneyBOT Computer...3
More informationDescription: Course Details:
Course: Malicious Network Traffic Analysis Duration: 5 Day Hands-On Lab & Lecture Course Price: $ 3,495.00 Description: There are a tremendous amount of network based attacks to be aware of on the internet
More informationAnatomy of a Breach: A case study in how to protect your organization. Presented By Greg Sparrow
Anatomy of a Breach: A case study in how to protect your organization Presented By Greg Sparrow Agenda Background & Threat landscape Breach: A Case Study Incident Response Best Practices Lessons Learned
More informationMalicious Network Traffic Analysis
Malicious Network Traffic Analysis Uncover system intrusions by identifying malicious network activity. There are a tremendous amount of network based attacks to be aware of on the internet today and the
More informationNetworking for Caribbean Development
Networking for Caribbean Development BELIZE NOV 2 NOV 6, 2015 w w w. c a r i b n o g. o r g N E T W O R K I N G F O R C A R I B B E A N D E V E L O P M E N T BELIZE NOV 2 NOV 6, 2015 w w w. c a r i b n
More informationSECURING YOUR SMALL BUSINESS. Principles of information security and risk management
SECURING YOUR SMALL BUSINESS Principles of information security and risk management The challenge Information is one of the most valuable assets of any organization public or private, large or small and
More informationAuburn Montgomery. Registration and Security Policy for AUM Servers
Auburn Montgomery Title: Responsible Office: Registration and Security Policy for AUM Servers Information Technology Services I. PURPOSE To outline the steps required to register and maintain departmental
More informationProtecting Your Organisation from Targeted Cyber Intrusion
Protecting Your Organisation from Targeted Cyber Intrusion How the 35 mitigations against targeted cyber intrusion published by Defence Signals Directorate can be implemented on the Microsoft technology
More informationSecurity for NG9-1-1 SYSTEMS
The Next Generation of Security for NG9-1-1 SYSTEMS The Challenge of Securing Public Safety Agencies A white paper from L.R. Kimball JANUARY 2010 866.375.6812 www.lrkimball.com/cybersecurity L.R. Kimball
More informationMedical Device Security Health Imaging Digital Capture. Security Assessment Report for the Kodak DR V2.0
Medical Device Security Health Imaging Digital Capture Security Assessment Report for the Kodak DR V2.0 Version 1.0 Eastman Kodak Company, Health Imaging Group Page 1 Table of Contents Table of Contents
More informationAdvice from the Trenches: Preparing for the Challenges and Pressures of a Security Incident Investigation
Advice from the Trenches: Preparing for the Challenges and Pressures of a Security Incident Investigation Marshall Heilman Managing Director Craig A. Hoffman Partner Who we are Marshall Heilman Craig Hoffman
More informationThrough the Security Looking Glass. Presented by Steve Meek, CISSP
Through the Security Looking Glass Presented by Steve Meek, CISSP Agenda Presentation Goal Quick Survey of audience Security Basics Overview Risk Management Overview Organizational Security Tools Secure
More informationSecurity Controls for the Autodesk 360 Managed Services
Autodesk Trust Center Security Controls for the Autodesk 360 Managed Services Autodesk strives to apply the operational best practices of leading cloud-computing providers around the world. Sound practices
More informationMedical Device Security Health Imaging Digital Capture. Security Assessment Report for the Kodak Capture Link Server V1.00
Medical Device Security Health Imaging Digital Capture Security Assessment Report for the Kodak Capture Link Server V1.00 Version 1.0 Eastman Kodak Company, Health Imaging Group Page 1 Table of Contents
More informationINFORMATION SECURITY INCIDENT MANAGEMENT PROCESS
INFORMATION SECURITY INCIDENT MANAGEMENT PROCESS Effective Date June 9, 2014 INFORMATION SECURITY INCIDENT MANAGEMENT PROCESS OF THE HELLER SCHOOL FOR SOCIAL POLICY AND MANAGEMENT Table of Contents 1.
More informationInformation Technology Strategic Plan 2014-2017
Information Technology Strategic Plan 2014-2017 Leveraging information technology to create a competitive advantage for UW-Green Bay Approved December 2013 (Effective January 2014 December 2017) Contents
More informationDefending Against Data Beaches: Internal Controls for Cybersecurity
Defending Against Data Beaches: Internal Controls for Cybersecurity Presented by: Michael Walter, Managing Director and Chris Manning, Associate Director Protiviti Atlanta Office Agenda Defining Cybersecurity
More informationHow To Protect Your Network From Attack From A Network Security Threat
Cisco Security Services Cisco Security Services help you defend your business from evolving security threats, enhance the efficiency of your internal staff and processes, and increase the return on your
More informationInformation Security Program Management Standard
State of California California Information Security Office Information Security Program Management Standard SIMM 5305-A September 2013 REVISION HISTORY REVISION DATE OF RELEASE OWNER SUMMARY OF CHANGES
More informationState of Minnesota. Office of Enterprise Technology (OET) Enterprise Vulnerability Management Security Standard
State of Minnesota Office of Enterprise Technology (OET) Enterprise Vulnerability Management Security Standard Approval: Enterprise Security Office (ESO) Standard Version 1.00 Gopal Khanna
More informationInternet Security Protecting Your Business. Hayden Johnston & Rik Perry WYSCOM
Internet Security Protecting Your Business Hayden Johnston & Rik Perry WYSCOM Introduction Protecting Your Network Securing Your Information Standards & Best Practices Tools & Options Into The Future Creating
More informationGlobal Partner Management Notice
Global Partner Management Notice Subject: Critical Vulnerabilities Identified to Alert Payment System Participants of Data Compromise Trends Dated: May 4, 2009 Announcement: To support compliance with
More informationSECURITY MANAGEMENT PRACTICES
FAULKNER SECURITY MANAGEMENT PRACTICES Insightful, real-world reports for meeting today s complex security and business continuity challenges FREE PREVIEW AVAILABLE See inside for details guest authors
More informationMedical Device Security Health Imaging Digital Capture. Security Assessment Report for the Kodak DryView 8150 Imager Release 1.0.
Medical Device Security Health Imaging Digital Capture Security Assessment Report for the Kodak DryView 8150 Imager Release 1.0 Page 1 of 9 Table of Contents Table of Contents... 2 Executive Summary...
More informationNorth American Electric Reliability Corporation (NERC) Cyber Security Standard
North American Electric Reliability Corporation (NERC) Cyber Security Standard Symantec Managed Security Services Support for CIP Compliance Overviewview The North American Electric Reliability Corporation
More informationDepartment of Education. Network Security Controls. Information Technology Audit
O L A OFFICE OF THE LEGISLATIVE AUDITOR STATE OF MINNESOTA FINANCIAL AUDIT DIVISION REPORT Department of Education Network Security Controls Information Technology Audit May 5, 2010 Report 10-17 FINANCIAL
More informationPCI 3.0 Making Payment Security Business As Usual
PCI 3.0 Making Payment Security Business As Usual Katie Todd, Office of the Treasurer, Columbia University Ruth Harpool, Managing Director, Treasury Operations, Indiana University Joseph Goodman, Outreach
More informationMicrosoft s cybersecurity commitment
Microsoft s cybersecurity commitment Published January 2015 At Microsoft, we take the security and privacy of our customers data seriously. This focus has been core to our culture for more than a decade
More informationGetting Ahead of Malware
IT@Intel White Paper Intel Information Technology Security December 2009 Getting Ahead of Malware Executive Overview Since implementing our security event monitor and detection processes two years ago,
More informationData Security Incident Response Plan. [Insert Organization Name]
Data Security Incident Response Plan Dated: [Month] & [Year] [Insert Organization Name] 1 Introduction Purpose This data security incident response plan provides the framework to respond to a security
More informationBALTIMORE CITY COMMUNITY COLLEGE INFORMATION TECHNOLOGY SECURITY PLAN
BALTIMORE CITY COMMUNITY COLLEGE INFORMATION TECHNOLOGY SECURITY PLAN FEBRUARY 2011 TABLE OF CONTENTS PURPOSE... 4 SCOPE... 4 INTRODUCTION... 4 SECTION 1: IT Security Policy... 5 SECTION 2: Risk Management
More informationBlack Box Penetration Testing For GPEN.KM V1.0 Month dd "#$!%&'(#)*)&'+!,!-./0!.-12!1.03!0045!.567!5895!.467!:;83!-/;0!383;!
Sample Penetration Testing Report Black Box Penetration Testing For GPEN.KM V1.0 Month dd "#$%&'#)*)&'+,-./0.-121.030045.5675895.467:;83-/;0383; th, yyyy A&0#0+4*M:+:#&*#0%+C:,#0+4N:
More informationHow To Audit The Mint'S Information Technology
Audit Report OIG-05-040 INFORMATION TECHNOLOGY: Mint s Computer Security Incident Response Capability Needs Improvement July 13, 2005 Office of Inspector General Department of the Treasury Contents Audit
More informationU.S. Department of Energy Office of Inspector General Office of Audits and Inspections
U.S. Department of Energy Office of Inspector General Office of Audits and Inspections Audit Report The Department's Configuration Management of Non-Financial Systems OAS-M-12-02 February 2012 Department
More informationNewcastle University Information Security Procedures Version 3
Newcastle University Information Security Procedures Version 3 A Information Security Procedures 2 B Business Continuity 3 C Compliance 4 D Outsourcing and Third Party Access 5 E Personnel 6 F Operations
More informationUniversity Information Technology Security Program Standard
University Information Technology Security Program Standard July 2012 Version 3.0 This standard establishes requirements and general principles for initiating, implementing, maintaining, and improving
More informationLEEDS BECKETT UNIVERSITY. Information Security Policy. 1.0 Introduction
LEEDS BECKETT UNIVERSITY Information Security Policy 1.0 Introduction 1.1 Information in all of its forms is crucial to the effective functioning and good governance of our University. We are committed
More informationINFORMATION TECHNOLOGY DIVISIONAL PLAN 2009 2014 SUMMARY - DRAFT -
INFORMATION TECHNOLOGY DIVISIONAL PLAN 2009 2014 SUMMARY - DRAFT - Mission and Aspirations The mission of the Division of Information Technology is to provide students, faculty and staff with the technology
More informationTitle: Data Security Policy Code: 1-100-200 Date: 11-6-08rev Approved: WPL INTRODUCTION
Title: Data Security Policy Code: 1-100-200 Date: 11-6-08rev Approved: WPL INTRODUCTION The purpose of this policy is to outline essential roles and responsibilities within the University community for
More information2014 Entry Form (Complete one for each entry.) Fill out the entry name exactly as you want it listed in the program.
2014 Entry Form (Complete one for each entry.) Fill out the entry name exactly as you want it listed in the program. Entry Name HFA Submission Contact Phone Email Qualified Entries must be received by
More informationComprehensive Malware Detection with SecurityCenter Continuous View and Nessus. February 3, 2015 (Revision 4)
Comprehensive Malware Detection with SecurityCenter Continuous View and Nessus February 3, 2015 (Revision 4) Table of Contents Overview... 3 Malware, Botnet Detection, and Anti-Virus Auditing... 3 Malware
More informationGlobal Network Pandemic The Silent Threat Darren Grabowski, Manager NTT America Global IP Network Security & Abuse Team
Global Network Pandemic The Silent Threat Darren Grabowski, Manager NTT America Global IP Network Security & Abuse Team The Internet is in the midst of a global network pandemic. Millions of computers
More informationFive keys to a more secure data environment
Five keys to a more secure data environment A holistic approach to data infrastructure security Compliance professionals know better than anyone how compromised data can lead to financial and reputational
More informationManaging internet security
Managing internet security GOOD PRACTICE GUIDE Contents About internet security 2 What are the key components of an internet system? 3 Assessing internet security 4 Internet security check list 5 Further
More informationManaged Intrusion, Detection, & Prevention Services (MIDPS) Why E-mail Sorting Solutions? Why ProtectPoint?
Managed Intrusion, Detection, & Prevention Services (MIDPS) Why E-mail Sorting Solutions? Why ProtectPoint? Why? Focused on Managed Intrusion Security Superior-Architected Hardened Technology Security
More informationUser Security Education and System Hardening
User Security Education and System Hardening Topic 1: User Security Education You have probably received some form of information security education, either in your workplace, school, or other settings.
More informationUNCLASSIFIED. Briefing to Critical Infrastructure Sector Organizations on the Canadian Cyber Incident Response Centre (CCIRC)
Briefing to Critical Infrastructure Sector Organizations on the Canadian Cyber Incident Response Centre (CCIRC) Cyber in the News 1 Tactics, Techniques and Procedures These observed tactics, techniques
More informationWho Drives Cybersecurity in Your Business? Milan Patel, K2 Intelligence. AIBA Quarterly Meeting September 10, 2015
Who Drives Cybersecurity in Your Business? Milan Patel, K2 Intelligence AIBA Quarterly Meeting September 10, 2015 The Answer 2 Everyone The relationship between the board, C-suite, IT, and compliance leaders
More informationHow To Protect Your Network From Attack From Outside From Inside And Outside
IT 4823 Information Security Administration Firewalls and Intrusion Prevention October 7 Notice: This session is being recorded. Lecture slides prepared by Dr Lawrie Brown for Computer Security: Principles
More informationREPORT ON AUDIT OF LOCAL AREA NETWORK OF C-STAR LAB
REPORT ON AUDIT OF LOCAL AREA NETWORK OF C-STAR LAB Conducted: 29 th March 5 th April 2007 Prepared By: Pankaj Kohli (200607011) Chandan Kumar (200607003) Aamil Farooq (200505001) Network Audit Table of
More informationCITRUS COMMUNITY COLLEGE DISTRICT GENERAL INSTITUTION ELECTRONIC MAIL AND BULK ELECTRONIC DISTRIBUTION
CITRUS COMMUNITY COLLEGE DISTRICT GENERAL INSTITUTION AP 3723 ELECTRONIC MAIL AND BULK ELECTRONIC DISTRIBUTION 1.0 Purpose Citrus Community College District electronic mail (email) services support the
More informationNational Cyber Security Policy -2013
National Cyber Security Policy -2013 Preamble 1. Cyberspace 1 is a complex environment consisting of interactions between people, software and services, supported by worldwide distribution of information
More informationCounselorMax and ORS Managed Hosting RFP 15-NW-0016
CounselorMax and ORS Managed Hosting RFP 15-NW-0016 Posting Date 4/22/2015 Proposal submission deadline 5/15/2015, 5:00 PM ET Purpose of the RFP NeighborWorks America has a requirement for managed hosting
More informationCodes of Connection for Devices Connected to Newcastle University ICT Network
Code of Connection (CoCo) for Devices Connected to the University s Author Information Security Officer (Technical) Version V1.1 Date 23 April 2015 Introduction This Code of Connection (CoCo) establishes
More informationThe Protection Mission a constant endeavor
a constant endeavor The IT Protection Mission a constant endeavor As businesses become more and more dependent on IT, IT must face a higher bar for preparedness Cyber preparedness is the process of ensuring
More informationSymantec Endpoint Protection Analyzer Report
Symantec Endpoint Protection Analyzer Report For Symantec Customer Table of Contents Statement of Confidentiality... 3 1. Introduction... 4 2. Environmental Analysis Overview... 5 2.1 Findings Overview...
More informationIf you know the enemy and know yourself, you need not fear the result of a hundred battles.
Rui Pereira,B.Sc.(Hons),CIPS ISP/ITCP,CISSP,CISA,CWNA/CWSP,CPTE/CPTC Principal Consultant, WaveFront Consulting Group ruiper@wavefrontcg.com 1 (604) 961-0701 If you know the enemy and know yourself, you
More informationHEALTH INSURANCE MARKETPLACES GENERALLY PROTECTED PERSONALLY IDENTIFIABLE INFORMATION BUT COULD IMPROVE CERTAIN INFORMATION SECURITY CONTROLS
Department of Health and Human Services OFFICE OF INSPECTOR GENERAL HEALTH INSURANCE MARKETPLACES GENERALLY PROTECTED PERSONALLY IDENTIFIABLE INFORMATION BUT COULD IMPROVE CERTAIN INFORMATION SECURITY
More informationTechnology Blueprint. Protect Your Email Servers. Guard the data and availability that enable business-critical communications
Technology Blueprint Protect Your Email Servers Guard the data and availability that enable business-critical communications LEVEL 1 2 3 4 5 SECURITY CONNECTED REFERENCE ARCHITECTURE LEVEL 1 2 4 5 3 Security
More informationEnterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006
Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 April 2013 Hologic and the Hologic Logo are trademarks or registered trademarks of Hologic, Inc. Microsoft, Active Directory,
More informationIncident Response. Proactive Incident Management. Sean Curran Director
Incident Response Proactive Incident Management Sean Curran Director Agenda Incident Response Overview 3 Drivers for Incident Response 5 Incident Response Approach 11 Proactive Incident Response 17 2 2013
More informationDEFENSE THROUGHOUT THE VULNERABILITY LIFE CYCLE WITH ALERT LOGIC THREAT AND LOG MANAGER
DEFENSE THROUGHOUT THE VULNERABILITY LIFE CYCLE WITH ALERT LOGIC THREAT AND Introduction > New security threats are emerging all the time, from new forms of malware and web application exploits that target
More informationInternet threats: steps to security for your small business
Internet threats: 7 steps to security for your small business Proactive solutions for small businesses A restaurant offers free WiFi to its patrons. The controller of an accounting firm receives a confidential
More informationUniversity of Wisconsin-Madison Policy and Procedure
Page 1 of 14 I. Policy II. A. The, the units of the UW-Madison Health Care Component and each individual or unit within UW-Madison that is a Business Associate of a covered entity (hereafter collectively
More informationFor more information on SQL injection, please refer to the Visa Data Security Alert, SQL Injection Attacks, available at www.visa.
Global Partner Management Notice Subject: Visa Data Security Alert Malicious Software and Internet Protocol Addresses Dated: April 10, 2009 Announcement: The protection of account information is a responsibility
More informationWeb App Security Audit Services
locuz.com Professional Services Web App Security Audit Services The unsecured world today Today, over 80% of attacks against a company s network come at the Application Layer not the Network or System
More informationDATA SECURITY AGREEMENT. Addendum # to Contract #
DATA SECURITY AGREEMENT Addendum # to Contract # This Data Security Agreement (Agreement) is incorporated in and attached to that certain Agreement titled/numbered and dated (Contract) by and between the
More informationUCF Security Incident Response Plan High Level
UCF Security Incident Response Plan High Level Chris Vakhordjian Information Security Officer Computer Services & Telecommunications Division of IT&R Revision 1.1, 7 June 2007 Information Security Office
More informationThe Panoptix Building Efficiency Solution: Ensuring a Secure Delivery of Building Efficiency
logo The Panoptix Building Efficiency Solution: Ensuring a Secure Delivery of Building Efficiency Understanding the Multiple Levels of Security Built Into the Panoptix Solution Published: October 2011
More informationCYBER SECURITY AND RISK MANAGEMENT. An Executive level responsibility
CYBER SECURITY AND RISK MANAGEMENT An Executive level responsibility Cyberspace poses risks as well as opportunities Cyber security risks are a constantly evolving threat to an organisation s ability to
More informationInformation Security
IT Orientation at Penn Information Security May 8, 2013 Joshua Beeman University Information Security Officer jbeeman@isc.upenn.edu (215) 746-7077 www.upenn.edu/computing/security security@isc.upenn.edu
More informationMicrosoft Systems Architecture 2.0 (MSA 2.0) Security Review An analysis by Foundstone, Inc.
Microsoft Systems Architecture 2.0 (MSA 2.0) Security Review An analysis by Foundstone, Inc. Foundstone Labs October, 2003 Table of Contents Table of Contents...2 Introduction...3 Scope and Approach...3
More information