Why The Security You Bought Yesterday, Won t Save You Today
|
|
- Caitlin Alexandrina Morton
- 8 years ago
- Views:
Transcription
1 9th Annual Courts and Local Government Technology Conference Why The Security You Bought Yesterday, Won t Save You Today Ian Robertson Director of Information Security Michael Gough Sr. Risk Analyst
2 About Us Ian Robertson - CISSP, CCNP ian@cybersecurityguy.com Michael Gough - CISSP, CISA HackerHurricane.com 2
3 Agenda Common Attacks Today Typical Network Security Controls Why the Typical Controls Won t Work Against Today s Common Attacks Why The Security You Bought Yesterday Won t Save You Today What You Can Do To Shore Up Your Defenses Many for Little or No Money! HackerHurricane.com 3
4 Agenda Common Attacks Today Typical Network Security Controls Why the Typical Controls Won t Work Against Today s Common Attacks Why The Security You Bought Yesterday Won t Save You Today What You Can Do To Shore Up Your Defenses Many for Little or No Money! HackerHurricane.com 4
5 Security Research and Statistics Verizon Data Breach Report PandaLabs Reports Hands-On Experience HackerHurricane.com 5
6 Breach Threats Threat Agents by % Records Breached External Agents Hacking Malware Internal Agents Misuse Social Error Partner Agents Physical* 3% 3% 3% 1% 1% 1% 94% 94% 98% 0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100% Source: Verizon 2010 Data Breach Investigations Report HackerHurricane.com 6
7 Breach Threat Vectors Top Hacking and Malware Vectors by % Records Breached SQL Injection 89% Web Drive-By Downloads 19% Web User-Initiated Exploit 9% Source: Verizon 2010 Data Breach Investigations Report 0% 10% 20% 30% 40% 50% 60% 70% 80% 90% HackerHurricane.com 7
8 Malware and USB Flash Drives HackerHurricane.com 8
9 Who s Behind It? Highly motivated Has time and resources Wants what you have Source: Verizon 2010 Data Breach Investigations Report HackerHurricane.com 9
10 What Do They Want? Anything they can use to get or make money Financial Accounts Sensitive Personal Information Confidential Records Information they can use for other purposes HackerHurricane.com 10
11 Who s Discovering It? HackerHurricane.com Source: Verizon 2010 Data Breach Investigations Report11
12 How Long Does It Take to Discover? Source: Verizon 2010 Data Breach Investigations Report HackerHurricane.com 12
13 How Long Does It Take to Discover? 156 Days on Average Source: Trustwave Global Security Report 2010 HackerHurricane.com 13
14 But Don t We Have Logs? Absolutely! Useful for SQL Injection Less useful for malware Not really being leveraged who wants to look at them? Who does look at them? Show of hands! Source: Verizon 2010 Data Breach Investigations Report HackerHurricane.com 14
15 Typical Attacks Today Organized Crime for Financial Gain SQL Injection User Web-Based Attacks USB Flash Drives We Aren t Catching Them (Until It s Too Late) HackerHurricane.com 15
16 Agenda Common Attacks Today Typical Network Security Controls Why the Typical Controls Won t Work Against Today s Common Attacks Why The Security You Bought Yesterday Won t Save You Today What You Can Do To Shore Up Your Defenses Many for Little or No Money! HackerHurricane.com 16
17 Typical Network Security Controls Firewall Intrusion Detection/Prevention System Web Filter SPAM Blocker (SMTP Gateway) Anti-Virus (Anti-Malware) Account Passwords (Old School) HackerHurricane.com 17
18 Typical Network Security Controls Firewall Allows only certain traffic to come into and go out of your network from/to the Internet Typically allows web, and DNS in/out of your network from/to the Internet Intrusion Detection/Prevention System Monitors your network traffic for suspicious activity Typically is set to monitor traffic at your Internet perimeter (in front of or behind your firewall) HackerHurricane.com 18
19 Typical Network Security Controls Web Filter Blocks websites based upon categorical filter (gambling, sex, social websites, etc.) Typically blocks websites that would violate HR policies SPAM Blocker Blocks based upon keywords (e.g. v!agra), sender info, block list, or heuristical analysis Typically blocks incoming at the Internet perimeter (SMTP gateway) HackerHurricane.com 19
20 Typical Network Security Controls Anti-Malware Blocks software which is identified in a signature database from running Typically scans for signature patterns when files are accessed, with full scans on occasion. Account Passwords Allows authorized users to log in Typically doesn t enforce strong passwords and may have easy-to-guess password reset questions HackerHurricane.com 20
21 Typical Network Security Controls from a Hacker s Perspective Perimeter Controls (Firewall, IDS, Web Filter, SPAM Blocker) Your Data (Yum!) Internal Controls (Anti-Malware)
22 Agenda Common Attacks Today Typical Network Security Controls Why the Typical Controls Won t Work Against Today s Common Attacks Why The Security You Bought Yesterday Won t Save You Today What You Can Do To Shore Up Your Defenses Many for Little or No Money! HackerHurricane.com 22
23 SQL Injection Attacks Involves tricking a web application into executing database commands it wasn t intended to by using user-input form fields. HackerHurricane.com 23
24 SQL Injection Example SELECT (FIRST_NAME, LAST_NAME, ADDRESS) FROM MASTER_DATABASE WHERE LAST_NAME = [USER INPUT] AND RECORD_TYPE = PUBLIC ; HackerHurricane.com 24
25 SQL Injection Example SELECT (FIRST_NAME, LAST_NAME, ADDRESS) FROM MASTER_DATABASE WHERE LAST_NAME = * ;-- AND RECORD_TYPE = PUBLIC ; HackerHurricane.com 25
26 SQL Injection vs. Common Controls Firewall Intrusion Detection/Prevention System Web Filter SPAM Blocker Anti-Malware Account Passwords Access is allowed to your web X application. Most won t detect this, and those that do generate nearly constant alerts and are ignored. Most are completely blind X to HTTPS websites. Access is allowed to your web X application. X Not based. X Not malware. Often doesn t need any, but attacks can be combined with a compromised user X account. HackerHurricane.com 26
27 User Web-Based Attacks Exploits a vulnerability in software that automatically runs when you browse a website Java, Flash, Acrobat, QuickTime, IE, FireFox Frequently uses 0-Day exploits (new and unknown) Exploits are hosted on the attacker s website or on legitimate, compromised websites Legitimate advertising used (big $ s involved organized crime) Initial download grabs other malware after the initial infection (which is what your anti-virus is often detecting, if anything) 100% User initiated result of user clicking/browsing HackerHurricane.com 27
28 Firewall Intrusion Detection/Prevention System Web Filter SPAM Blocker Anti-Malware Account Passwords User Web-Based Attacks vs. Common Controls Users are allowed to access websites X through the firewall. Looks like normal web browsing and doesn t have signatures for new malware. Most are completely blind to X HTTPS websites. Approved sites are compromised and X hosting malware. X Not based. X Doesn t detect 0-day malware. X Uses the user s account permissions. HackerHurricane.com 28
29 USB Flash Drives USB Flash Drives are easily infected on home and third party computers with lesser security controls By default, Windows XP and Vista will automatically execute files when they are plugged in (Windows 7 default is disabled) Executes using the logged-in user permissions Known to have been intentionally planted to gain access to systems Would your users pick them up and plug them in? Show of hands! HackerHurricane.com 29
30 USB Flash Drives vs. Common Controls Firewall X The firewall doesn t see this as it s not network-based. Intrusion Detection/Prevention System X This IDS doesn t see this as it s not network-based. Host-based IDS/IPS aren t likely to have signatures for it. Web Filter X The web filter doesn t see this as it s not network-based. SPAM Blocker X Not based. Anti-Malware? Doesn t detect 0-day malware. May detect older malware. Account Passwords X Uses the user s account permissions. HackerHurricane.com 30
31 Agenda Common Attacks Today Typical Network Security Controls Why the Typical Controls Won t Work Against Today s Common Attacks Why The Security You Bought Yesterday Won t Save You Today What You Can Do To Shore Up Your Defenses Many for Little or No Money! HackerHurricane.com 31
32 SQL Injection What To Do Find out where your weaknesses are Fix and/or monitor them (in priority order) Prevent future coding errors from getting introduced Test on a regular basis HackerHurricane.com 32
33 SQL Injection Action Plan 1. Find out where your weaknesses are. A. Make a list of your applications that are Internetfacing and use database credentials that allow them to access Sensitive Personal Information. B. Use security professionals to perform penetration tests against these applications. C. Check the password recovery/reset functionality on these applications to see if they can be easily recovered/reset. HackerHurricane.com 33
34 SQL Injection Action Plan 2. Fix and/or monitor them (in priority order) A. Remove unnecessary access to the SPI if the application doesn t need it by changing database credentials and permissions (easiest) B. Have developers re-write the code C. Log, alert and respond to critical messages (SQL syntax errors, administrator account login failures, etc.) D. Create/update your Incident Response Plan so you know what immediate action to take if you get any of these alerts HackerHurricane.com 34
35 SQL Injection Action Plan 3. Prevent future coding errors from getting introduced A. Train developers on secure code development (Google, local OWASP chapter, and OWASP resources, SANS courses, Austin BSides and LASCON conferences) B. Ensure database administrators are assigning unique accounts with limited privileges for each application C. Implement a code review process to include security D. Have developers perform security testing as part of code unit testing (IBM AppScan, HP WebInspect, FindBugs, manual, etc.) E. Have security professionals perform penetration testing prior to production implementation HackerHurricane.com 35
36 SQL Injection Action Plan 4. Test on a regular basis. A. Have security professionals perform penetration testing of all your Internet-facing web applications on an annual basis. HackerHurricane.com 36
37 User Web-Based Attacks What You Should Do Find out where your weaknesses are Fix your weaknesses Prevent future infections HackerHurricane.com 37
38 User Web-Based Attacks Action Plan 1. Find out where your weaknesses are A. Perform a full malware scan on all your systems and identify those that are infected B. Maintain an accurate hardware and software inventory for every machine on your network C. Make a list of all the web-executable software you have (Java, QuickTime, Adobe Reader, Flash, RealPlayer, etc.) D. Identify all users who have Administrative privileges E. Identify all the categories of websites that are allowed which aren t needed for business purposes F. Identify any systems which haven t been hardened HackerHurricane.com 38
39 User Web-Based Attacks Action Plan 2. Fix your weaknesses A. Re-image any computer which is suspected or confirmed to have an infection no exceptions! B. Patch all web-executable software immediately C. Remove Administrative rights from user accounts (as much as possible) D. Block websites that aren t needed for business purposes (especially advertising sites) E. Limit user s time on the web F. Harden your systems (start with the Federal Desktop Core Configuration standard USGCB or CIS) HackerHurricane.com 39
40 User Web-Based Attacks Action Plan 3. Prevent future infections A. Perform routine full malware scans on all your systems B. Monitor security and vendor mailing lists for vulnerabilities, workarounds and patches and apply them immediately (absolutely no less than once a month) C. Harden all systems before they are ever deployed D. Don t deploy new users with Administrative privileges (unless you must) E. Consider using FireFox and/or Chrome browsers w/ add-ons such as NoScript and AdBlock (requires user training) F. Train users to avoid clicking on bad links (bad search results, spoofed links) G. Teach users Don t Click on That HackerHurricane.com 40
41 USB Flash Drives What You Should Do Follow the User Web-Based Action Plan items, plus 4. Disable AutoRun/AutoPlay on all of your Windows systems (part of system hardening) 5. Identify all users who require the use of USB Flash Drives. 6. Disable the USB ports for all users those who don t (a Windows registry key) 7. Provide all those who do with an encrypted flash drive (e.g. IronKey) 8. Implement a policy prohibiting the use of personal flash drives in your organization s computers, and vice-versa HackerHurricane.com 41
42 In Closing You now know the major issues and how to fix them in priority order some for little or no money. So it s up to you. Don t let your network be a HackerHurricane.com 42
43 Q & A This presentation, along with other valuable security tips, can be found at: HackerHurricane.com 43
Protecting Your Organisation from Targeted Cyber Intrusion
Protecting Your Organisation from Targeted Cyber Intrusion How the 35 mitigations against targeted cyber intrusion published by Defence Signals Directorate can be implemented on the Microsoft technology
More informationWhat s Wrong with Information Security Today? You are looking in the wrong places for the wrong things.
What s Wrong with Information Security Today? You are looking in the wrong places for the wrong things. AGENDA Current State of Information Security Data Breach Statics Data Breach Case Studies Why current
More informationCyber Exploits: Improving Defenses Against Penetration Attempts
Cyber Exploits: Improving Defenses Against Penetration Attempts Mark Burnette, CPA, CISA, CISSP, CISM, CGEIT, CRISC, QSA LBMC Security & Risk Services Today s Agenda Planning a Cyber Defense Strategy How
More informationHost Hardening. Presented by. Douglas Couch & Nathan Heck Security Analysts for ITaP 1
Host Hardening Presented by Douglas Couch & Nathan Heck Security Analysts for ITaP 1 Background National Institute of Standards and Technology Draft Guide to General Server Security SP800-123 Server A
More informationCybercrime myths, challenges and how to protect our business. Vladimir Kantchev Managing Partner Service Centrix
Cybercrime myths, challenges and how to protect our business Vladimir Kantchev Managing Partner Service Centrix Agenda Cybercrime today Sources and destinations of the attacks Breach techniques How to
More informationComputer Security CS 426 Lecture 36. CS426 Fall 2010/Lecture 36 1
Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls CS426 Fall 2010/Lecture 36 1 Announcements There will be a quiz on Wed There will be a guest lecture on Friday, by Prof. Chris Clifton
More informationNetworking for Caribbean Development
Networking for Caribbean Development BELIZE NOV 2 NOV 6, 2015 w w w. c a r i b n o g. o r g N E T W O R K I N G F O R C A R I B B E A N D E V E L O P M E N T BELIZE NOV 2 NOV 6, 2015 w w w. c a r i b n
More informationCyber Security Presentation Cyber Security Month Curtis McNay, Director of IT Security
Cyber Security Presentation Cyber Security Month Curtis McNay, Director of IT Security The IT Security Office (ITSO) What We Do? Risk Assessment Network and System Security Monitoring Vulnerability Scanning
More informationCommon Cyber Threats. Common cyber threats include:
Common Cyber Threats: and Common Cyber Threats... 2 Phishing and Spear Phishing... 3... 3... 4 Malicious Code... 5... 5... 5 Weak and Default Passwords... 6... 6... 6 Unpatched or Outdated Software Vulnerabilities...
More informationThis session was presented by Jim Stickley of TraceSecurity on Wednesday, October 23 rd at the Cyber Security Summit.
The hidden risks of mobile applications This session was presented by Jim Stickley of TraceSecurity on Wednesday, October 23 rd at the Cyber Security Summit. To learn more about TraceSecurity visit www.tracesecurity.com
More informationNetwork and Host-based Vulnerability Assessment
Network and Host-based Vulnerability Assessment A guide for information systems and network security professionals 6600 Peachtree-Dunwoody Road 300 Embassy Row Atlanta, GA 30348 Tel: 678.443.6000 Toll-free:
More information2012 Data Breach Investigations Report
2012 Data Breach Investigations Report A study conducted by the Verizon RISK Team with cooperation from the Australian Federal Police, Dutch National High Tech Crime Unit, Irish Reporting & Information
More informationLocking down a Hitachi ID Suite server
Locking down a Hitachi ID Suite server 2016 Hitachi ID Systems, Inc. All rights reserved. Organizations deploying Hitachi ID Identity and Access Management Suite need to understand how to secure its runtime
More informationNational Endowment for the Arts Evaluation Report. Table of Contents. Results of Evaluation... 1. Areas for Improvement... 2. Exit Conference...
NEA OIG Report No. R-13-03 Table of Contents Results of Evaluation... 1 Areas for Improvement... 2 Area for Improvement 1: The agency should implement ongoing scanning to detect vulnerabilities... 2 Area
More informationTop five strategies for combating modern threats Is anti-virus dead?
Top five strategies for combating modern threats Is anti-virus dead? Today s fast, targeted, silent threats take advantage of the open network and new technologies that support an increasingly mobile workforce.
More informationAppalachian Regional Commission Evaluation Report. Table of Contents. Results of Evaluation... 1. Areas for Improvement... 2
Report No. 13-35 September 27, 2013 Appalachian Regional Commission Table of Contents Results of Evaluation... 1 Areas for Improvement... 2 Area for Improvement 1: The agency should implement ongoing scanning
More informationNetwork/Cyber Security
Network/Cyber Security SCAMPS Annual Meeting 2015 Joe Howland,VC3 Source: http://www.information-age.com/technology/security/123458891/how-7-year-old-girl-hacked-public-wi-fi-network-10-minutes Security
More informationGlobal Partner Management Notice
Global Partner Management Notice Subject: Critical Vulnerabilities Identified to Alert Payment System Participants of Data Compromise Trends Dated: May 4, 2009 Announcement: To support compliance with
More informationTHE ROLE OF IDS & ADS IN NETWORK SECURITY
THE ROLE OF IDS & ADS IN NETWORK SECURITY The Role of IDS & ADS in Network Security When it comes to security, most networks today are like an egg: hard on the outside, gooey in the middle. Once a hacker
More informationCritical Security Controls
Critical Security Controls Session 2: The Critical Controls v1.0 Chris Beal Chief Security Architect MCNC chris.beal@mcnc.org @mcncsecurity on Twitter The Critical Security Controls The Critical Security
More informationChapter 4 Application, Data and Host Security
Chapter 4 Application, Data and Host Security 4.1 Application Security Chapter 4 Application Security Concepts Concepts include fuzzing, secure coding, cross-site scripting prevention, crosssite request
More informationImportance of Web Application Firewall Technology for Protecting Web-based Resources
Importance of Web Application Firewall Technology for Protecting Web-based Resources By Andrew J. Hacker, CISSP, ISSAP Senior Security Analyst, ICSA Labs January 10, 2008 ICSA Labs 1000 Bent Creek Blvd.,
More informationToday s Topics. Protect - Detect - Respond A Security-First Strategy. HCCA Compliance Institute April 27, 2009. Concepts.
Protect - Detect - Respond A Security-First Strategy HCCA Compliance Institute April 27, 2009 1 Today s Topics Concepts Case Study Sound Security Strategy 2 1 Security = Culture!! Security is a BUSINESS
More informationBasic Computer Security Part 2
Basic Computer Security Part 2 Presenter David Schaefer, MBA OCC Manager of Desktop Support Adjunct Security Instructor: Walsh College, Oakland Community College, Lawrence Technology University Welcome
More informationIT Security Risks & Trends
IT Security Risks & Trends Key Threats to All Businesses 1 1 What do the following have in common? Catholic church parish Hospice Collection agency Main Street newspaper stand Electrical contractor Health
More informationGFI White Paper PCI-DSS compliance and GFI Software products
White Paper PCI-DSS compliance and Software products The Payment Card Industry Data Standard () compliance is a set of specific security standards developed by the payment brands* to help promote the adoption
More informationTHREAT VISIBILITY & VULNERABILITY ASSESSMENT
THREAT VISIBILITY & VULNERABILITY ASSESSMENT Date: April 15, 2015 IKANOW Analysts: Casey Pence IKANOW Platform Build: 1.34 11921 Freedom Drive, Reston, VA 20190 IKANOW.com TABLE OF CONTENTS 1 Key Findings
More informationWeb Security. Discovering, Analyzing and Mitigating Web Security Threats
Web Security Discovering, Analyzing and Mitigating Web Security Threats Expectations and Outcomes Mitigation strategies from an infrastructure, architecture, and coding perspective Real-world implementations
More informationAgenda. 3 2012, Palo Alto Networks. Confidential and Proprietary.
Agenda Evolution of the cyber threat How the cyber threat develops Why traditional systems are failing Need move to application controls Need for automation 3 2012, Palo Alto Networks. Confidential and
More informationWho Drives Cybersecurity in Your Business? Milan Patel, K2 Intelligence. AIBA Quarterly Meeting September 10, 2015
Who Drives Cybersecurity in Your Business? Milan Patel, K2 Intelligence AIBA Quarterly Meeting September 10, 2015 The Answer 2 Everyone The relationship between the board, C-suite, IT, and compliance leaders
More informationDEFENSE THROUGHOUT THE VULNERABILITY LIFE CYCLE WITH ALERT LOGIC THREAT AND LOG MANAGER
DEFENSE THROUGHOUT THE VULNERABILITY LIFE CYCLE WITH ALERT LOGIC THREAT AND Introduction > New security threats are emerging all the time, from new forms of malware and web application exploits that target
More informationDefending Against Data Beaches: Internal Controls for Cybersecurity
Defending Against Data Beaches: Internal Controls for Cybersecurity Presented by: Michael Walter, Managing Director and Chris Manning, Associate Director Protiviti Atlanta Office Agenda Defining Cybersecurity
More informationPresented by Evan Sylvester, CISSP
Presented by Evan Sylvester, CISSP Who Am I? Evan Sylvester FAST Information Security Officer MBA, Texas State University BBA in Management Information Systems at the University of Texas Certified Information
More informationFranchise Data Compromise Trends and Cardholder. December, 2010
Franchise Data Compromise Trends and Cardholder Security Best Practices December, 2010 Franchise Data Security Agenda Cardholder Data Compromise Overview Breach Commonalities Hacking Techniques Franchisee
More informationCyber Crime: You Are the Target
Cyber Crime: You Are the Target When talking about computer crime, we often hear the observation from computer users that they aren t rich and therefore what they have isn t worth much to a cyber criminal.
More informationONLINE BANKING SECURITY TIPS FOR OUR BUSINESS CLIENTS
$ ONLINE BANKING SECURITY TIPS FOR OUR BUSINESS CLIENTS Boston Private Bank & Trust Company takes great care to safeguard the security of your Online Banking transactions. In addition to our robust security
More informationQuick Heal Exchange Protection 4.0
Quick Heal Exchange Protection 4.0 Customizable Spam Filter. Uninterrupted Antivirus Security. Product Highlights Built-in defense keeps your business communications and sensitive information secure from
More informationDesktop Security. Overview and Technology Guidance. Michael Ramsey Network Specialist, NC DPI
Desktop Security Overview and Technology Guidance Michael Ramsey Network Specialist, NC DPI Desktop Security Best practices for both the technical type and the typical user Defensive Layering Top Vulnerabilities
More informationSound Business Practices for Businesses to Mitigate Corporate Account Takeover
Sound Business Practices for Businesses to Mitigate Corporate Account Takeover This white paper provides sound business practices for companies to implement to safeguard against Corporate Account Takeover.
More informationStrategies to Mitigate Targeted Cyber Intrusions Mitigation Details
CYBER SECURITY OPERATIONS CENTRE 13/2011 21 July 2011 Strategies to Mitigate Targeted Cyber Intrusions Mitigation Details INTRODUCTION 1. This document provides further information regarding DSD s list
More informationSecurity Threat Kill Chain What log data would you need to identify an APT and perform forensic analysis?
Security Threat Kill Chain What log data would you need to identify an APT and perform forensic analysis? This paper presents a scenario in which an attacker attempts to hack into the internal network
More informationTHE 80/20 RULE FOR SECURITY
M I C R O S O L V E D, I N C. Smarter Security Designed For You THE 80/20 RULE FOR SECURITY HOW TO GET MORE SECURITY FOR LESS By: Valerie Thomas, Security Analyst, with Brent Huston, CEO and Security Evangelist
More information74% 96 Action Items. Compliance
Compliance Report PCI DSS 2.0 Generated by Check Point Compliance Blade, on July 02, 2013 11:12 AM 1 74% Compliance 96 Action Items Upcoming 0 items About PCI DSS 2.0 PCI-DSS is a legal obligation mandated
More informationQuarterly Report: Symantec Intelligence Quarterly
Symantec Intelligence Quarterly: Best Practices and Methodologies Quarterly Report: Symantec Intelligence Quarterly Symantec Intelligence Quarterly: Best Practices and Methodologies Contents Symantec
More informationTargeted attacks: Tools and techniques
Targeted attacks: Tools and techniques Performing «red-team» penetration tests Lessons learned Presented on 17/03/2014 For JSSI OSSIR 2014 By Renaud Feil Agenda Objective: Present tools techniques that
More informationFive Tips to Reduce Risk From Modern Web Threats
Five Tips to Reduce Risk From Modern Web Threats By Chris McCormack, Senior Product Marketing Manager and Chester Wisniewski, Senior Security Advisor Modern web threats can infect your network, subvert
More informationReduce the Cost of PCI DSS Compliance with Unified Vulnerability Management
WHITE PAPER Reduce the Cost of PCI DSS Compliance with Unified Vulnerability Management A Requirement-by-Requirement Guide Table of Contents Introduction 3 What are the PCI Data Security Standards 3 The
More informationJustin Kallhoff CISSP, C EH, GPCI, GCIH, GSEC, GISP, GCWN, GCFA. Tristan Lawson CISSP, C EH, E CSA, GISP, GSEC, MCSA, A+, Net+, Server+, Security+
Justin Kallhoff CISSP, C EH, GPCI, GCIH, GSEC, GISP, GCWN, GCFA Tristan Lawson CISSP, C EH, E CSA, GISP, GSEC, MCSA, A+, Net+, Server+, Security+ Justin Kallhoff CISSP, C EH, GPCI, GCIH, GSEC, GISP, GCWN,
More informationSANS Top 20 Critical Controls for Effective Cyber Defense
WHITEPAPER SANS Top 20 Critical Controls for Cyber Defense SANS Top 20 Critical Controls for Effective Cyber Defense JANUARY 2014 SANS Top 20 Critical Controls for Effective Cyber Defense Summary In a
More informationSection 12 MUST BE COMPLETED BY: 4/22
Test Out Online Lesson 12 Schedule Section 12 MUST BE COMPLETED BY: 4/22 Section 12.1: Best Practices This section discusses the following security best practices: Implement the Principle of Least Privilege
More information2014 Entry Form (Complete one for each entry.) Fill out the entry name exactly as you want it listed in the program.
2014 Entry Form (Complete one for each entry.) Fill out the entry name exactly as you want it listed in the program. Entry Name HFA Submission Contact Phone Email Qualified Entries must be received by
More informationEndpoint Business Products Testing Report. Performed by AV-Test GmbH
Business Products Testing Report Performed by AV-Test GmbH January 2011 1 Business Products Testing Report - Performed by AV-Test GmbH Executive Summary Overview During November 2010, AV-Test performed
More informationCHAPTER 3 : INCIDENT RESPONSE FIVE KEY RECOMMENDATIONS GLOBAL THREAT INTELLIGENCE REPORT 2015 :: COPYRIGHT 2015 NTT INNOVATION INSTITUTE 1 LLC
: INCIDENT RESPONSE FIVE KEY RECOMMENDATIONS 1 FIVE KEY RECOMMENDATIONS During 2014, NTT Group supported response efforts for a variety of incidents. Review of these engagements revealed some observations
More informationScott Lucas: I m Scott Lucas. I m the Director of Product Marketing for the Branch Solutions Business Unit.
Juniper Networks Next Generation Security for a Cybercrime World Lior Cohen Principal Solutions Architect Scott Lucas Director of Product Marketing, Branch Solutions Service Layer Technologies Business
More informationSeven for 7: Best practices for implementing Windows 7
Seven for 7: Best practices for implementing Windows 7 The early reports are in, and it s clear that Microsoft s Windows 7 is off to a fast start thanks in part to Microsoft s liberal Windows 7 beta program
More informationHow To Protect A Network From Attack From A Hacker (Hbss)
Leveraging Network Vulnerability Assessment with Incident Response Processes and Procedures DAVID COLE, DIRECTOR IS AUDITS, U.S. HOUSE OF REPRESENTATIVES Assessment Planning Assessment Execution Assessment
More informationAvoiding Malware in Your Dental Practice. 10 Best Practices to Defend Your Data
Avoiding Malware in Your Dental Practice 10 Best Practices to Defend Your Data Avoiding Malware in Your Dental Practice Like most small business owners, you must protect your dental practice s computer
More informationTop tips for improved network security
Top tips for improved network security Network security is beleaguered by malware, spam and security breaches. Some criminal, some malicious, some just annoying but all impeding the smooth running of a
More informationThe Top Web Application Attacks: Are you vulnerable?
QM07 The Top Web Application Attacks: Are you vulnerable? John Burroughs, CISSP Sr Security Architect, Watchfire Solutions jburroughs@uk.ibm.com Agenda Current State of Web Application Security Understanding
More informationSecurity Analytics The Beginning of the End(Point)
Security Analytics The Beginning of the End(Point) Arie Joosse Arie.Joosse@nexthink.com It s 10am, what do you know about your endpoints? What applications are running? New ones that you didn t deploy
More informationOpen an attachment and bring down your network?
Open an attachment and bring down your network? Many people think this will never happen to them, but virus attacks can come from unlikely sources and can strike when you least expect it. They can wreak
More informationTop Five Data Security Trends Impacting Franchise Operators. Payment System Risk September 29, 2009
Top Five Data Security Trends Impacting Franchise Operators Payment System Risk September 29, 2009 Top Five Data Security Trends Agenda Data Security Environment Compromise Overview and Attack Methods
More informationAvoiding Malware in Your Dental Practice. 10 Best Practices to Defend Your Data
Avoiding Malware in Your Dental Practice 10 Best Practices to Defend Your Data Avoiding Malware in Your Dental Practice Like most small business owners, you must protect your dental practice s computer
More informationFighting Advanced Threats
Fighting Advanced Threats With FortiOS 5 Introduction In recent years, cybercriminals have repeatedly demonstrated the ability to circumvent network security and cause significant damages to enterprises.
More information5 Steps to Advanced Threat Protection
5 Steps to Advanced Threat Protection Agenda Endpoint Protection Gap Profile of Advanced Threats Consensus Audit Guidelines 5 Steps to Advanced Threat Protection Resources 20 Years of Chasing Malicious
More informationDon t Fall Victim to Cybercrime:
Don t Fall Victim to Cybercrime: Best Practices to Safeguard Your Business Agenda Cybercrime Overview Corporate Account Takeover Computer Hacking, Phishing, Malware Breach Statistics Internet Security
More informationStaying Secure After Microsoft Windows Server 2003 Reaches End of Life. Trevor Richmond, Sales Engineer Trend Micro
Staying Secure After Microsoft Windows Server 2003 Reaches End of Life Trevor Richmond, Sales Engineer Trend Micro Windows Server 2003 End of Life- Why Care? The next big vulnerability (Heartbleed/Shellshock)
More informationCORE Security and the Payment Card Industry Data Security Standard (PCI DSS)
CORE Security and the Payment Card Industry Data Security Standard (PCI DSS) Addressing the PCI DSS with Predictive Security Intelligence Solutions from CORE Security CORE Security +1 617.399-6980 info@coresecurity.com
More informationAn Analysis of the Capabilities Of Cybersecurity Defense
UNIDIRECTIONAL SECURITY GATEWAYS An Analysis of the Capabilities Of Cybersecurity Defense Michael Firstenberg, Director of Industrial Security Waterfall Security Solutions Proprietary Information -- Copyright
More informationPresentation Objectives
Gerry Cochran, IT Specialist Jennifer Van Tassel, Associate Examiner Office of the State Comptroller Thomas P. DiNapoli State & Local Government Accountability Andrew A. SanFilippo Executive Deputy Comptroller
More informationCyber Essentials Scheme
Cyber Essentials Scheme Requirements for basic technical protection from cyber attacks June 2014 December 2013 Contents Contents... 2 Introduction... 3 Who should use this document?... 3 What can these
More informationTop 20 Critical Security Controls
Top 20 Critical Security Controls July 2015 Contents Compliance Guide 01 02 03 04 Introduction 1 How Rapid7 Can Help 2 Rapid7 Solutions for the Critical Controls 3 About Rapid7 11 01 INTRODUCTION The Need
More informationWhat you need to know to keep your computer safe on the Internet
What you need to know to keep your computer safe on the Internet Tip 1: Always install Operating System updates The most important steps for any computer user is to always install updates, especially security
More informationCisco IPS Tuning Overview
Cisco IPS Tuning Overview Overview Increasingly sophisticated attacks on business networks can impede business productivity, obstruct access to applications and resources, and significantly disrupt communications.
More informationPayment Card Industry Self-Assessment Questionnaire
How to Complete the Questionnaire The questionnaire is divided into six sections. Each section focuses on a specific area of security, based on the requirements included in the PCI Data Security Standard.
More informationPC Security and Maintenance
PC Security and Maintenance by IMRAN GHANI PC Maintenance and Security-Forecast. Major sources of danger. Important steps to protect your PC. PC Security Tools. PC Maintenance Tools. Tips. PC Security-
More informationCourse: Information Security Management in e-governance. Day 1. Session 5: Securing Data and Operating systems
Course: Information Security Management in e-governance Day 1 Session 5: Securing Data and Operating systems Agenda Introduction to information, data and database systems Information security risks surrounding
More informationCMPT 471 Networking II
CMPT 471 Networking II Firewalls Janice Regan, 2006-2013 1 Security When is a computer secure When the data and software on the computer are available on demand only to those people who should have access
More informationWindows Operating Systems. Basic Security
Windows Operating Systems Basic Security Objectives Explain Windows Operating System (OS) common configurations Recognize OS related threats Apply major steps in securing the OS Windows Operating System
More informationLarry Wilson Version 1.0 November, 2013. University Cyber-security Program Controls Book
Larry Wilson Version 1.0 November, 2013 University Cyber-security Program s Book Cyber-security s Summary Council on Cyber-security Critical Security s (CSC) CSC-01 CSC-02 CSC-03 CSC-04 CSC-05 IT Asset
More informationIBM Security Strategy
IBM Security Strategy Intelligence, Integration and Expertise Kate Scarcella CISSP Security Tiger Team Executive M.S. Information Security IBM Security Systems IBM Security: Delivering intelligence, integration
More informationNATIONAL CYBER SECURITY AWARENESS MONTH
NATIONAL CYBER SECURITY AWARENESS MONTH Tip 1: Security is everyone s responsibility. Develop an awareness framework that challenges, educates and empowers your customers and employees to be part of the
More informationEmerging Network Security Threats and what they mean for internal auditors. December 11, 2013 John Gagne, CISSP, CISA
Emerging Network Security Threats and what they mean for internal auditors December 11, 2013 John Gagne, CISSP, CISA 0 Objectives Emerging Risks Distributed Denial of Service (DDoS) Attacks Social Engineering
More informationComputer Viruses: How to Avoid Infection
Viruses From viruses to worms to Trojan Horses, the catchall term virus describes a threat that's been around almost as long as computers. These rogue programs exist for the simple reason to cause you
More informationRSA Enterprise Compromise Assessment Tool (ECAT) Date: January 2014 Authors: Jon Oltsik, Senior Principal Analyst and Tony Palmer, Senior Lab Analyst
ESG Lab Review RSA Enterprise Compromise Assessment Tool (ECAT) Date: January 2014 Authors: Jon Oltsik, Senior Principal Analyst and Tony Palmer, Senior Lab Analyst Abstract: This ESG Lab review documents
More informationITEC441- IS Security. Chapter 15 Performing a Penetration Test
1 ITEC441- IS Security Chapter 15 Performing a Penetration Test The PenTest A penetration test (pentest) simulates methods that intruders use to gain unauthorized access to an organization s network and
More informationSophistication of attacks will keep improving, especially APT and zero-day exploits
FAQ Isla Q&A General What is Isla? Isla is an innovative, enterprise-class web malware isolation system that prevents all browser-borne malware from penetrating corporate networks and infecting endpoint
More informationBelmont Savings Bank. Are there Hackers at the gate? 2013 Wolf & Company, P.C.
Belmont Savings Bank Are there Hackers at the gate? 2013 Wolf & Company, P.C. MEMBER OF PKF NORTH AMERICA, AN ASSOCIATION OF LEGALLY INDEPENDENT FIRMS 2013 Wolf & Company, P.C. About Wolf & Company, P.C.
More informationStreamlining Web and Email Security
How to Protect Your Business from Malware, Phishing, and Cybercrime The SMB Security Series Streamlining Web and Email Security sponsored by Introduction to Realtime Publishers by Don Jones, Series Editor
More informationJumpstarting Your Security Awareness Program
Jumpstarting Your Security Awareness Program Michael Holcomb Director, Information Security HO20110473 1 Jumpstarting Your Security Awareness Program Classification: Confidential Owner: Michael Holcomb
More informationHoneywell Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Honeywell Process Solutions (HPS) June 4, 2014
Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Process Solutions (HPS) June 4, Industrial Cyber Security Industrial Cyber Security is the leading provider of cyber security
More informationYour security is our priority
Your security is our priority Welcome to our Cash Management newsletter for businesses. You will find valuable information about how to limit your company s risk for fraud. We offer a wide variety of products
More information3 day Workshop on Cyber Security & Ethical Hacking
3 day Workshop on Cyber Security & Ethical Hacking 1 st day-highlights-hands On Phishing Attack Hammad Mashkoor Lari Freelancer What is Cyber Security? What is Ethical hacking? What is Computer Science?
More informationApplying machine learning techniques to achieve resilient, accurate, high-speed malware detection
White Paper: Applying machine learning techniques to achieve resilient, accurate, high-speed malware detection Prepared by: Northrop Grumman Corporation Information Systems Sector Cyber Solutions Division
More informationHow We're Getting Creamed
ed Attacks How We're Getting Creamed By Ed Skoudis June 9, 2011 ed Attacks - 2011 Ed Skoudis 1 $ cut -f5 -d: /etc/passwd grep -i skoudis Ed Skoudis Started infosec career at Bellcore in 1996 working for
More informationModern Cyber Threats. how yesterday s mind set gets in the way of securing tomorrow s critical infrastructure. Axel Wirth
Modern Cyber Threats how yesterday s mind set gets in the way of securing tomorrow s critical infrastructure Axel Wirth Healthcare Solutions Architect Distinguished Systems Engineer AAMI 2013 Conference
More informationComprehensive Malware Detection with SecurityCenter Continuous View and Nessus. February 3, 2015 (Revision 4)
Comprehensive Malware Detection with SecurityCenter Continuous View and Nessus February 3, 2015 (Revision 4) Table of Contents Overview... 3 Malware, Botnet Detection, and Anti-Virus Auditing... 3 Malware
More informationCyber - Security and Investigations. Ingrid Beierly August 18, 2008
Cyber - Security and Investigations Ingrid Beierly August 18, 2008 Agenda Visa Cyber - Security and Investigations Today s Targets Recent Attack Patterns Hacking Statistics (removed) Top Merchant Vulnerabilities
More informationRational AppScan & Ounce Products
IBM Software Group Rational AppScan & Ounce Products Presenters Tony Sisson and Frank Sassano 2007 IBM Corporation IBM Software Group The Alarming Truth CheckFree warns 5 million customers after hack http://infosecurity.us/?p=5168
More informationA Decision Maker s Guide to Securing an IT Infrastructure
A Decision Maker s Guide to Securing an IT Infrastructure A Rackspace White Paper Spring 2010 Summary With so many malicious attacks taking place now, securing an IT infrastructure is vital. The purpose
More information