Rethinking Cyber Security Threats
|
|
- Mariah Ray
- 8 years ago
- Views:
Transcription
1 Rethinking Cyber Security Threats (ISC)² Update U.S. Government Advisory Board Meeting February 17, 2010 Frank Chow CISSP ISSAP ISSMP CSSLP CGEIT CRISC CISM CISA Chairperson of Professional Information Security Association / Security Manager of Automated Systems (HK) Ltd. Copyright , 2013, (ISC) 2 All Rights Reserved
2 Who is (ISC) 2? The International Information Systems Security Certification Consortium HQs in US and with Office in London, Hong Kong and Tokyo A global not-for-profit organization known for world class education and Gold Standard certifications. Founded in 1989 by multiple professional associations. Develops and maintains the (ISC)² CBK, a taxonomy of information security topics. The CBK is a critical body of knowledge that defines global industry standards, serving as a common framework of terms and principles that allow professionals worldwide to discuss, debate and resolve matters pertaining to the field. Nearly 90,000 security professionals worldwide in over 135 countries 2
3 PISA ( 專 業 資 訊 保 安 協 會 ) PISA SIG -(ISC) 2 Hong Kong Chapter Not-for-profit organization Facilitate knowledge and information sharing among the PISA members Promote the highest quality of technical and ethical standards to the information security profession, Promote best-practices in information security control, Promote security awareness to the IT industry and general public in Hong Kong, Be the de facto representative body of local information security professionals 3
4 Agenda Definition Cyber Security Challenges Cyber Security Inside Out How to Survive in Cyber Attack? Addressing Cyber Security Challenges on a Global Scale 4
5 Copyright , (ISC) 2 All Rights Reserved DEFINITION
6 Definition According to H.R Cyber Security Information Act : cybersecurity: The vulnerability of any computing system, software program, or critical infrastructure to, or their ability to resist, intentional interference, compromise, or incapacitation through the misuse of, or by unauthorized means of, the Internet, public or private telecommunications systems or other similar conduct that violates Federal, State, or international law, that harms interstate commerce of the United States, or that threatens public health or safety. Source: U.S. National CyberSecurity 6
7 (ISC)² Update U.S. Government Advisory Board Meeting February 17, 2010 CYBER SECURITY CHALLENGES Copyright , 2013, (ISC) 2 All Rights Reserved
8 How many devices you have? 8
9 They use tablet Is it secure? 9
10 Tablets in meeting room Is it secure? 10
11 ecrime Market Current Pricing Source: APWG 11
12 Hack Household Appliances Source: ScienceNordic 12
13 Global Risk Trends Cyber Attack is considered as one of the top five in the most likely Risk in 2012 as per Global Risks Report. Source: World Economic Forum 13
14 Global Risk 2013 Source: World Economic Forum 14
15 Motivations Behind Attacks Source: 15
16 Cyber Attack Trends Source: 16
17 Distribution of Attack Techniques Source: 17
18 Distribution of Targets Source: 18
19 Ranking of Five Types of Cyber Crime Source: The Impact of Cybercrime on Business Ponemon Institute Research Report,
20 (ISC)² Update U.S. Government Advisory Board Meeting February 17, 2010 Cyber Security Inside Out Copyright , 2013, (ISC) 2 All Rights Reserved
21 Cyber Security Game Changers Source: ISACA/ 21
22 Cyber Attack Approach 22
23 Cyber Attack Approach Perform SQL ARP EXEC Scan Send with malware Admin Admin Opens with Malware Operator Internet Acct Operator Hacker Hacker performs sends an an ARP with (Address malware Resolution Protocol) Scan 2. recipient opens the and the 5. Once malware the Slave gets installed Database quietly is found, hacker sends 3. an SQL Using EXEC the information commandthat malware gets, hacker is able to take control of the recipient s PC! 6. Performs another ARP Scan 7. Takes control of Data Slave Database Master DB Master DB Source: Example from 2006 SANS SCADA Security Summit, INL 23
24 What we can do in Cyber Security? Social Media Security Computer Forensics Physical Access Logical Access Organization Data Cyber Security Incident Response Mobile Security Source: ISACA/ 24
25 Cyber Security Components Well Defined Structure Roles & Responsibility Skilled Resources R&D Lab & Testing Lab Standards & Best Practices Security Operation Center Cyber Security Cell Security Analytics Malware Detection Cyber Security Command Centre Threat Intelligence Feed Evolving Threat Research Anomaly Detection Contextualized Intelligence Interface & Interlock Source: ISACA/ Law Enforcement Agency CERT Risk Intelligence Service Providers Other Countries CERT & Intelligence Agencies 25
26 Cyber Security Components Cyber Security Resources Strategic Advisory Cyber Security Service Portfolio Operational / Post-Event BCP / DR Preparedness against Cyber attacks Cyber Security Training and Awareness Computer Forensics DDOS Test Enterprise Security Architecture Threat Modeling Social Media Security Mobile Security Simulation Exercises Regulatory Readiness(FISMA, TRA, Indian Act etc.) Incident Response (Virus/Malware/Botnets) Cloud Security Effectiveness Measurement of Policies/Procedures/Infra Design of Security Intelligence Centre Penetration Testing Vulnerability Assessment Interface & Interlock Law Enforcement Agency CERT Risk Intelligence Service Provider Enterprise Risk Management Source: ISACA/ 26
27 Computer Forensic Computer Forensic provides a post-intrusion / incident analysis in order to identify, preserve, analyse meaningful evidence and provide a detailed forensic report and recommendation on the security incident. Computer Forensics Coverage Network Forensics Media Forensics System Forensics Web Server Forensics LAN/WAN Network USB/CD Media Laptop/Desktop Log Analysis Wireless Network Mobile Device Database/ Operating Systems Mobile Trading Hard Disk Mobile Devices Intrusion/ Malware Analysis Source: ISACA/ 27
28 Approach for Computer Forensics The following are the broad steps involved in this assessment 1. Initial Study Situation awareness, identify the potential source of data Confidentiality 5. Reporting Logical Conclusion, Management and Technical Presentation 2. Data Collection Data duplication, Cloning, Extractions using specialized S/W and H/W Media Remote or Onsite Seamless Access & Secure Storage of Data Break Through Preserve Chain of Custody Intelligent Search of Suspect Data Evidence Investigation Examination, Decryption, Intelligent search on information on interest Data Concurrent Analysis Information 4. Analysis Data Interpretation, Event Correlation, Chain of Custody, Pattern Matching Source: ISACA/ 28
29 Social Media Security Rise in the use of Social Networking sites such as Twitter, LinkedIn, Facebook by corporate to communicate and build their brand names as well as by individual to share information increase the risk of data security Social Media Security Sensitive & Customer Information Gathering over Social Networking Social Engineering Awareness Assessment Corporate Social Networking Website Security Crisis Response over Social Media Social Networking Sites (FB, Orkut etc.) Community Sites, Forums & Blogs Using Search Engines Phishing Through Calls Phishing Though Mails and Websites Dumpster Drive Employee Awareness Assessment Evaluation of Social Media & Acceptable Usage Policy Malware Detection Phishing Attack Detection Hacking Attack Detection Crisis Response Plan Observing incident over Social Media Training and Awareness Source: ISACA/ 29
30 Approach for Social Media Security A comprehensive and structured approach for Social Media Security Assessment, Sensitive Customer Information from different sources like social engineering sites, forums, community sites, blogs and hacking sites will be gathered along with the automated tools and search engines like Google, AltaVista, Baidu etc. The following are the broad steps involved in this assessment Identifying & understanding Sensitive Customer Data Define the Search Pattern on the Sensitive Customer Data Information gathering from automated tools using search patterns Analysis, Validation and Reporting Social Engineering Techniques Manual Information Gathering Using Search Engines like Google Source: ISACA/ 30
31 Incident Response Incident Response Service provides on field or remote analysis by experts to identify, contaminate, recover and eradicate different variety of cyber attacks to the organisation. Virus Outbreaks DOS/DDOS/ Botnet Attacks Incident Response Service Malware Attacks Phishing Attacks Hacking Attacks Source: ISACA/ 31
32 Cyber Security Incident Response Approach A structured and proven approach for handling and responding to any kind of Cyber Security Attacks. In line with the industry best practices and experts armored with specialized tools help customer to react effectively and immediately. Preparation Identification Collection Assessment Reporting Reassess and Train Mobilize Resources Tools & Kits Authorization and Approvals Legal considerations Situation Awareness Sources of information Chain of custody Suspected behavior Live Data Acquisition Log/Network Data Acquisition OS and Database Acquisition Analyze acquired evidences Identify the level of impact Identify the source of intrusion & vulnerability Management report on extent of Damage Report on nature of the incident and compromise Eradication and recovery measures Reassess the fix Develop learning and Lessons Training and Awareness Secure Guidelines Source: ISACA/ 32
33 (ISC)² Update U.S. Government Advisory Board Meeting February 17, 2010 How to Survive in Cyber Attack? Copyright , 2013, (ISC) 2 All Rights Reserved
34 Defense in Depth 34
35 Security for Industrial Control Systems (SCADA) CYBER SECURITY CONTROLS Air-gap networks, apps and control data with firewalls, proxies PHYSICAL SECURITY CONTROLS SECURITY CONTROLS 35
36 Everything is a Target Security Management Polices, Procedures & Awareness Policy Assessments Operational Framework Consulting Training & Consulting Application Vulnerability Assessments Code Reviews Application Hardening Centralized Tool Integration Centralized Monitoring Private Public Server Internal Network Vulnerability Assessments Intrusion Detection Wireless Design Consulting Intrusion Prevention Authentication & Authorization Perimeter Vulnerability Assessments Firewalls & Proxies Intrusion Detection VPN Remote Access Data Authentication Management Identity Management Data Privacy Vulnerability Assessments Intrusion Prevention Patch Management Anti-Virus & Anti-SPAM Mobile Client Security Server Hardening Authentication & Authorization 36
37 (ISC)² Update U.S. Government Advisory Board Meeting February 17, 2010 Addressing Cyber Security Challenges on a Global Scale Copyright , 2013, (ISC) 2 All Rights Reserved
38 Introduction This CybersecurityManagement System consists of 4 main components: Cyber Security Framework; Maturity Model; Roles and Responsibilities chart; Implementation Guide. Source: ITU Regional Cyber security Forum for Africa and Arab States,
39 National Cybersecurity Management System Source: ITU Regional Cyber security Forum for Africa and Arab States,
40 National Cyber Security Framework : 5 Domains Source: ITU Regional Cyber security Forum for Africa and Arab States,
41 National Cyber Security Framework (5 Domains and 34 Processes) 1 -SP : Strategy and Policies 3 -AC : Awareness and Communication SP1 NCSec Strategy: Promulgate & endorse a National Cybersecurity Strategy AC1 SP2 Lead Institutions: Identify a lead institutions for developing a national strategy, and 1 lead institution per stakeholder category AC2 Leaders in the Government : Persuade national leaders in the government of the need for national action to address threats to and vulnerabilities of the NCSec through policy-level discussions National Cybersecurity and Capacity : Manage National Cybersecurity and capacity at the national level SP3 NCSecPolicies : Identify or define policies of the NCSec strategy AC3 Continuous Service: Ensure continuous service within each stakeholder and among stakeholders SP4 SP5 IO1 IO2 IO3 IO4 Critical Information Infrastructures Protection : Establish & integrate risk management for identifying & prioritizing protective efforts regarding CII Stakeholders : Identify the degree of readiness of each stakeholder regarding to the implementation of NCSec strategy & how stakeholders pursue the NCSec strategy & policies AC4 AC5 2 -IO : Implementation and Organisation AC6 NCSec Council : Define National Cybersecurity Council for coordination between all stakeholders, to approve the NCSec strategy NCSec Authority: Define Specific high level Authority for coordination among cybersecurity stakeholders AC8 National CERT: Identify or establish a national CERT to prepare for, detect, respond to, and recover from national cyber incidents Privacy and Personnal Data Protection : Review existing privacy regime and update it to the on-line environment AC7 AC9 AC10 National Awareness : Promote a comprehensive national awareness program so that all participants businesses, the general workforce, and the general population secure their own parts of cyberspace Awareness Programs : Implement security awareness programs and initiatives for users of systems and networks Citizens and Child Protection: Support outreach to civil society with special attention to the needs of children and individual users Research and Development : Enhance Research and Development (R&D) activities (through the identification of opportunities and allocation of funds) CSecCulture for Business: Encourage the development of a culture of security in business enterprises Available Solutions: Develop awareness of cyber risks and available solutions NCSec Communication : Ensure National Cybersecurity Communication IO5 Laws : Ensure that a lawful framework is settled and regularly levelled 4 - CC : Compliance and Communication IO6 IO7 Institutions : Identify institutions with cybersecurity responsibilities, and procure resources that enable NCSec implementation National Experts and Policymakers : Identify the appropriate experts and policymakers within government, private sector and university IO8 Training : Identify training requirements and how to achieve them CC3 IO9 IO10 Government : Implement a cybersecurity plan for government-operated systems, that takes into account changes management International Expertise: Identify international expert counterparts and foster international efforts to address cybersecurity issues, including information sharing and assistance efforts CC1 CC2 CC4 CC5 5 -EM : Evaluation and Monitoring EM1 NCSec Observatory: Set up the NCSec observatory EM3 Mechanisms for Evaluation : Define mechanisms that can be used to coordinate the activities of the EM2 lead institution, the government, the private sector and civil society, in order to monitor and evaluate the global NCSec performance Source: ITU Regional Cyber security Forum for Africa and Arab States, 2009 EM4 International Compliance & Cooperation : Ensure regulatory compliance with regional and international recommendations, standards National Cooperation: Identify and establish mechanisms and arrangements for cooperation among government, private sector entities, university and ONGs at the national level Private sector Cooperation : Encourage cooperation among groups from interdependent industries (through the identification of common threats). Incidents Handling : Manage incidents through national CERT to detect, respond to, and recover from national cyber incidents, through cooperative arrangement (especially between government and private sector) Points of Contact: Establish points of contact (or CSIRT) within government, industry and university to facilitate consultation, cooperation and information exchange with national CERT, in order to monitor and evaluate NCSec performance in each sector NCSec Assessment: Assess and periodically reassess the current state of cybersecurity efforts and develop program priorities NCSec Governance : Provide National Cybersecurity Governance 41
42 National Cyber Security Maturity Model PS Process Description Level 1 Level 2 Level 3 Level 4 Level 5 SP 1 Promulgate & endorse a National Cybersecurity Strategy Recognition of the need for a National strategy NCSec is announced & planned. NCSec is operational for all key activities NCSec is under regular review NCSec is under continuous improvement SP2 Identify a lead institution for developing a national strategy, and 1 lead institution per stakeholder category Some institutions have an individual cybersecurity strategy Lead institutions are announced for all key activities Lead institutions are operational for all key activities Lead institutions are under regular review Lead institutions are under continuous improvement SP3 Identify or define policies of the NCSec strategy Ad-hoc & Isolated approaches to policies & practices Similar & common processes announced & planned Policies and procedures are defined, documented, operational National best practices are applied &repeatable Integrated policies & procedures Transnational best practice SP4 Establish & integrate Risk management process for Identifying & prioritizing protective efforts regarding NCSec (CIIP) Recognition of the need for risk management process in CIIP CIIP are identified & planned. Risk management process is announced Risk management process is approved & operational for all CIIP CIIP risk management process is complete, repeatable, and lead to CI best practices CIIP risk management process evolves to automated workflow & integrated to enable improvement Source: ITU Regional Cyber security Forum for Africa and Arab States,
43 ce National Cybersecurity Assessment SP1 5 EM4 4 SP4 Legend: CC2 CC IO3 IO2 SP1: National Cybersecurity Strategy SP4: CIIP IO2: National Cybersecurity Authority IO3: National-CERT IO5: Cyber Law AC5: Awareness Programme CC1: International Cooperation CC2: National Coordination EM4: Cybersecurity Governance AC5 IO5 Source: ITU Regional Cyber security Forum for Africa and Arab States,
44 RACI Chart / Stakeholders SP1 SP2 SP3 NCSec Strategy Promulgate & endorse a National Cybersecurity Strategy Lead Institutions Identify a lead institutions for developing a national strategy, and 1 lead institution per stakeholder category NCSec Policies Identify or define policies of the NCSec strategy I A C C R C C C I I R I I I I I A C R C C I I R C C C C A C R C I C I R I I SP4 Critical Infrastructures Establish & integrate risk management for identifying & prioritizing protective efforts regarding NCSec (CIIP) A R R C I R C R I Source: ITU Regional Cyber security Forum for Africa R and = Arab Responsible, States, 2009 A = Accountable, C = Consulted, I = Informed Copyright ,(ISC) 2 All Rights Reserved CONFIDENTIAL 44
45 National CybersecurityManagement System Implementation Guide Source: ITU Regional Cyber security Forum for Africa and Arab States,
46 Example: Measuring the effectiveness of Security Apply the vulnerability management lifecycle... Inventory assets Identify vulnerabilities Develop baseline Prioritize based on vulnerability data, threat data, and asset classification plan Monitor known vulnerabilities Watch unpatched systems Alert other suspicious activity Eliminate highpriority vulnerabilities Establish controls Demonstrate progress Source: ITU Regional Cyber security Forum for Africa and Arab States,
47 (ISC)² Update U.S. Government Advisory Board Meeting February 17, 2010 Thank You Copyright , 2013, (ISC) 2 All Rights Reserved
National Cybersecurity Management System: Framework, Maturity Model and Implementation Guide
National Cybersecurity Management System: Framework, Maturity Model and Implementation Guide Taieb DEBBAGH, PhD, CISA Secretary General Ministry of Industry, Trade and New Technologies, Morocco ITU Regional
More informationBy: Gerald Gagne. Community Bank Auditors Group Cybersecurity What you need to do now. June 9, 2015
Community Bank Auditors Group Cybersecurity What you need to do now June 9, 2015 By: Gerald Gagne MEMBER OF PKF NORTH AMERICA, AN ASSOCIATION OF LEGALLY INDEPENDENT FIRMS 2015 Wolf & Company, P.C. Cybersecurity
More informatione-discovery Forensics Incident Response
e-discovery Forensics Incident Response NetSecurity Corporation 21351 Gentry Drive Suite 230 Dulles, VA 20166 VA DCJS # 11-5605 Phone: 703.444.9009 Toll Free: 1.866.664.6986 Web: www.netsecurity.com Email:
More informationSecurity Transcends Technology
INTERNATIONAL INFORMATION SYSTEMS SECURITY CERTIFICATION CONSORTIUM, INC. Career Enhancement and Support Strategies for Information Security Professionals Paul Wang, MSc, CISA, CISSP Paul.Wang@ch.pwc.com
More informationCYBER SECURITY AND RISK MANAGEMENT. An Executive level responsibility
CYBER SECURITY AND RISK MANAGEMENT An Executive level responsibility Cyberspace poses risks as well as opportunities Cyber security risks are a constantly evolving threat to an organisation s ability to
More informationCybersecurity: What CFO s Need to Know
Cybersecurity: What CFO s Need to Know William J. Nowik, CISA, CISSP, QSA PCIP MEMBER OF PKF NORTH AMERICA, AN ASSOCIATION OF LEGALLY INDEPENDENT FIRMS 2014 Wolf & Company, P.C. Today s Agenda Introduction
More informationEncyclopedia of Information Assurance Suggested Titles: March 25, 2013 The following titles have not been contracted.
Encyclopedia of Information Assurance Suggested Titles: March 25, 2013 The following titles have not been contracted. Administrative Awareness Case Study: Government Offices Certification and Accreditation:
More informationCybercrime & Cybersecurity: the Ongoing Battle International Hellenic University
Cybercrime & Cybersecurity: the Ongoing Battle International Hellenic University Andreas Athanasoulias, CISM, CISSP Information Security Officer & Security Consultant Brief introduction My career path
More informationCountry Case Study on Incident Management Capabilities CERT-TCC, Tunisia
Country Case Study on Incident Management Capabilities CERT-TCC, Tunisia Helmi Rais CERT-TCC Team Manager National Agency for Computer Security, Tunisia helmi.rais@ansi.tn helmi.rais@gmail.com Framework
More informationBellevue University Cybersecurity Programs & Courses
Undergraduate Course List Core Courses: CYBR 250 Introduction to Cyber Threats, Technologies and Security CIS 311 Network Security CIS 312 Securing Access Control CIS 411 Assessments and Audits CYBR 320
More informationInformation Systems Security Certificate Program
Information Technologies Programs Information Systems Security Certificate Program Accelerate Your Career extension.uci.edu/infosec University of California, Irvine Extension s professional certificate
More informationSPSP Phase III Recruiting, Selecting, and Developing Secure Power Systems Professionals: Job Profiles
PNNL-24138 SPSP Phase III Recruiting, Selecting, and Developing Secure Power Systems Professionals: Job Profiles March 2015 LR O Neil TJ Conway DH Tobey FL Greitzer AC Dalton PK Pusey Prepared for the
More informationProtecting critical infrastructure from Cyber-attack
Protecting critical infrastructure from Cyber-attack ACI-NA BIT Workshop, Session 6 (Cybersecurity) Long Beach, California October 4, 2015 Ben Trethowan Aviation Systems & Security Architect The scale
More informationInto the cybersecurity breach
Into the cybersecurity breach Tim Sanouvong State Sector Cyber Risk Services Deloitte & Touche LLP April 3, 2015 Agenda Setting the stage Cyber risks in state governments Cyber attack vectors Preparing
More informationCyber Resilience Implementing the Right Strategy. Grant Brown Security specialist, CISSP @TheGrantBrown
Cyber Resilience Implementing the Right Strategy Grant Brown specialist, CISSP @TheGrantBrown 1 2 Network + Technology + Customers = $$ 3 Perfect Storm? 1) Increase in Bandwidth (extended reach) 2) Available
More informationPOLICIES TO MITIGATE CYBER RISK
POLICIES TO MITIGATE CYBER RISK http://www.tutorialspoint.com/information_security_cyber_law/policies_to_mitigate_cyber_risk.htm Copyright tutorialspoint.com This chapter takes you through the various
More information2012 Data Breach Investigations Report
2012 Data Breach Investigations Report A study conducted by the Verizon RISK Team with cooperation from the Australian Federal Police, Dutch National High Tech Crime Unit, Irish Reporting & Information
More informationINCIDENT RESPONSE CHECKLIST
INCIDENT RESPONSE CHECKLIST The purpose of this checklist is to provide clients of Kivu Consulting, Inc. with guidance in the initial stages of an actual or possible data breach. Clients are encouraged
More informationHow To Manage Security On A Networked Computer System
Unified Security Reduce the Cost of Compliance Introduction In an effort to achieve a consistent and reliable security program, many organizations have adopted the standard as a key compliance strategy
More informationThe Next Generation of Security Leaders
The Next Generation of Security Leaders In an increasingly complex cyber world, there is a growing need for information security leaders who possess the breadth and depth of expertise necessary to establish
More informationReport on CAP Cybersecurity November 5, 2015
Agenda Number 7. Report on CAP Cybersecurity November 5, 2015 Phil Cook CISSP, CISM Manager, Information Technologies Risk #1 External Attacks PR 81 Protect and secure CAP's Information Technology assets
More informationLegislative Council Panel on Information Technology and Broadcasting. Information Security
For Information on 8 July 2013 LC Paper No. CB(4)834/12-13(05) Legislative Council Panel on Information Technology and Broadcasting Information Security Purpose This paper updates Members on the latest
More informationWAN security threat landscape and best mitigation practices. Rex Stover Vice President, Americas, Enterprise & ICP Sales
WAN security threat landscape and best mitigation practices. Rex Stover Vice President, Americas, Enterprise & ICP Sales The Cost of Cybercrime Sony $171m PlayStation 3 data breach (April 2011) $3 trillion
More informationDeveloping the Corporate Security Architecture. www.avient.ca Alex Woda July 22, 2009
Developing the Corporate Security Architecture www.avient.ca Alex Woda July 22, 2009 Avient Solutions Group Avient Solutions Group is based in Markham and is a professional services firm specializing in
More informationWhat is Management Responsible For?
What is Management Responsible For? Matthew J. Putvinski, CPA, CISA, CISSP MEMBER OF PKF NORTH AMERICA, AN ASSOCIATION OF LEGALLY INDEPENDENT FIRMS 2011 Wolf & Company, P.C. About Wolf & Company, P.C Regional
More informationFedVTE Training Catalog SPRING 2015. advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov
FedVTE Training Catalog SPRING 2015 advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov If you need any assistance please contact the FedVTE Help Desk here or email the
More informationStepping Through the Info Security Program. Jennifer Bayuk, CISA, CISM
Stepping Through the Info Security Program Jennifer Bayuk, CISA, CISM Infosec Program How to: compose an InfoSec Program cement a relationship between InfoSec program and IT Governance design roles and
More informationA Cyber Security Integrator s perspective and approach
A Cyber Security Integrator s perspective and approach Presentation to Saudi Arabian Monetary Agency March 2014 What is a Cyber Integrator? Security system requirements - Finance Building a specific response
More information(BDT) BDT/POL/CYB/Circular-002. +41 22 730 6057 +41 22 730 5484 cybersecurity@itu.int
2011 15 (BDT) BDT/POL/CYB/Circular-002 +41 22 730 6057 +41 22 730 5484 cybersecurity@itu.int 2008 2010 2010 International Telecommunication Union Place des Nations CH-1211 Geneva 20 Switzerland Tel: +41
More informationCybersecurity The role of Internal Audit
Cybersecurity The role of Internal Audit Cyber risk High on the agenda Audit committees and board members are seeing cybersecurity as a top risk, underscored by recent headlines and increased government
More informationITU National Cybersecurity/CIIP Self-Assessment Tool
ITU National Cybersecurity/CIIP Self-Assessment Tool ICT Applications and Cybersecurity Division Policies and Strategies Department ITU Telecommunication Development Sector April 2009 Revised Draft For
More informationThe Protection Mission a constant endeavor
a constant endeavor The IT Protection Mission a constant endeavor As businesses become more and more dependent on IT, IT must face a higher bar for preparedness Cyber preparedness is the process of ensuring
More informationFedVTE Training Catalog SUMMER 2015. advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov
FedVTE Training Catalog SUMMER 2015 advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov Access FedVTE online at: fedvte.usalearning.gov If you need any assistance please
More informationSecurity and Privacy
Security and Privacy Matthew McCormack, CISSP, CSSLP CTO, Global Public Sector, RSA The Security Division of EMC 1 BILLIONS OF USERS MILLIONS/BILLIONS OF APPS 2010 Cloud Big Data Social Mobile Devices
More informationIBM Security Strategy
IBM Security Strategy Intelligence, Integration and Expertise Kate Scarcella CISSP Security Tiger Team Executive M.S. Information Security IBM Security Systems IBM Security: Delivering intelligence, integration
More informationAuditing After a Cyber Attack JAX IIA Chapter Meeting Cybersecurity and Law Enforcement
Auditing After a Cyber Attack JAX IIA Chapter Meeting Cybersecurity and Law Enforcement Copyright Elevate Consult LLC. All Rights Reserved 1 Presenter Ray Guzman MBA, CISSP, CGEIT, CRISC, CISA Over 25
More information7 Homeland. ty Grant Program HOMELAND SECURITY GRANT PROGRAM. Fiscal Year 2008
U.S. D EPARTMENT OF H OMELAND S ECURITY 7 Homeland Fiscal Year 2008 HOMELAND SECURITY GRANT PROGRAM ty Grant Program SUPPLEMENTAL RESOURCE: CYBER SECURITY GUIDANCE uidelines and Application Kit (October
More informationCyber Security. BDS PhantomWorks. Boeing Energy. Copyright 2011 Boeing. All rights reserved.
Cyber Security Automation of energy systems provides attack surfaces that previously did not exist Cyber attacks have matured from teenage hackers to organized crime to nation states Centralized control
More informationIntroduction. Jason Lawrence, MSISA, CISSP, CISA Manager, EY Advanced Security Center Atlanta, Georgia jason.lawrence@ey.com Twitter: @ethical_infosec
Introduction Jason Lawrence, MSISA, CISSP, CISA Manager, EY Advanced Security Center Atlanta, Georgia jason.lawrence@ey.com Twitter: @ethical_infosec More than 20 years of experience in cybersecurity specializing
More informationLINUX / INFORMATION SECURITY
LINUX / INFORMATION SECURITY CERTIFICATE IN LINUX SYSTEM ADMINISTRATION The Linux open source operating system offers a wide range of graphical and command line tools that can be used to implement a high-performance,
More informationJort Kollerie SonicWALL
Jort Kollerie Cloud 85% of businesses said their organizations will use cloud tools moderately to extensively in the next 3 years. 68% of spend in private cloud solutions. - Bain and Dell 3 Confidential
More informationSECURITY. Risk & Compliance Services
SECURITY Risk & Compliance s V1 8/2010 Risk & Compliances s Risk & compliance services Summary Summary Trace3 offers a full and complete line of security assessment services designed to help you minimize
More informationSession 334 Incident Management. Jeff Roth, CISA, CGEIT, CISSP
Session 334 Incident Management Jeff Roth, CISA, CGEIT, CISSP SPEAKER BIOGRAPHY Jeff Roth, CISA, CGEIT Jeff Roth has over 25 years experience in IT audit, security, risk management and IT Governance experience
More informationUsing SIEM for Real- Time Threat Detection
Using SIEM for Real- Time Threat Detection Presentation to ISSA Baltimore See and secure what matters Joe Magee CTO and Co-Founder March, 27 2013 About us Vigilant helps clients build and operate dynamic,
More informationCYBER SECURITY INFORMATION SHARING & COLLABORATION
Corporate Information Security CYBER SECURITY INFORMATION SHARING & COLLABORATION David N. Saul Senior Vice President & Chief Scientist 28 June 2013 Discussion Flow The Evolving Threat Environment Drivers
More informationFINRA Publishes its 2015 Report on Cybersecurity Practices
Securities Litigation & Enforcement Client Service Group and Data Privacy & Security Team To: Our Clients and Friends February 12, 2015 FINRA Publishes its 2015 Report on Cybersecurity Practices On February
More informationHoneywell Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Honeywell Process Solutions (HPS) June 4, 2014
Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Process Solutions (HPS) June 4, Industrial Cyber Security Industrial Cyber Security is the leading provider of cyber security
More informationActions and Recommendations (A/R) Summary
Actions and Recommendations (A/R) Summary Priority I: A National Cyberspace Security Response System A/R 1-1: DHS will create a single point-ofcontact for the federal government s interaction with industry
More informationInformation Technology Risk Management
Find What Matters Information Technology Risk Management Control What Counts The Cyber-Security Discussion Series for Federal Government security experts... by Carson Associates your bridge to better IT
More informationNorth American Electric Reliability Corporation (NERC) Cyber Security Standard
North American Electric Reliability Corporation (NERC) Cyber Security Standard Symantec Managed Security Services Support for CIP Compliance Overviewview The North American Electric Reliability Corporation
More informationProfessional Services Overview
Professional Services Overview INFORMATION SECURITY ASSESSMENT AND ADVISORY NETWORK APPLICATION MOBILE CLOUD IOT Praetorian Company Overview HISTORY Founded in 2010 Headquartered in Austin, TX Self-funded
More informationCybersecurity and internal audit. August 15, 2014
Cybersecurity and internal audit August 15, 2014 arket insights: what we are seeing so far? 60% of organizations see increased risk from using social networking, cloud computing and personal mobile devices
More informationASSUMING A STATE OF COMPROMISE: EFFECTIVE DETECTION OF SECURITY BREACHES
ASSUMING A STATE OF COMPROMISE: EFFECTIVE DETECTION OF SECURITY BREACHES Leonard Levy PricewaterhouseCoopers LLP Session ID: SEC-W03 Session Classification: Intermediate Agenda The opportunity Assuming
More informationThe enemies ashore Vulnerabilities & hackers: A relationship that works
The enemies ashore Vulnerabilities & hackers: A relationship that works Alexandros Charvalias, Manager CISSP, CISA, ACDA Assurance & Enterprise Risk Services Cyber security maturity model How effectively
More informationPresented by Frederick J. Santarsiere
http://cinoltd.com/ Presented by Frederick J. Santarsiere CHFI, CISSP, CISM, CISA, CEH, CEI, CAP, SSCP Sec+, Net+, A+, MCSA, MCSE, MCITP, MCT CCENT, CCNA, CCNA Wireless, CCNA Voice CISCO SMBEN, SMBAM,
More informationIT Security. Securing Your Business Investments
Securing Your Business Investments IT Security NCS GROUP OFFICES Australia Bahrain China Hong Kong SAR India Korea Malaysia Philippines Singapore Sri Lanka Securing Your Business Investments! Information
More informationDefending Against Data Beaches: Internal Controls for Cybersecurity
Defending Against Data Beaches: Internal Controls for Cybersecurity Presented by: Michael Walter, Managing Director and Chris Manning, Associate Director Protiviti Atlanta Office Agenda Defining Cybersecurity
More informationFostering Incident Response and Digital Forensics Research
Fostering Incident Response and Digital Forensics Research Bruce J. Nikkel bruce.nikkel@ubs.com September 8, 2014 Abstract This article highlights different incident response topics with a focus on digital
More informationSANS Top 20 Critical Controls for Effective Cyber Defense
WHITEPAPER SANS Top 20 Critical Controls for Cyber Defense SANS Top 20 Critical Controls for Effective Cyber Defense JANUARY 2014 SANS Top 20 Critical Controls for Effective Cyber Defense Summary In a
More informationKASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES. www.kaspersky.com
KASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES www.kaspersky.com EXPERT SERVICES Expert Services from Kaspersky Lab are exactly that the services of our in-house experts, many of them global
More informationPerformanta Pty Ltd. Company Profile. May 2012. Trust. Practical. Performanta.
May 2012 Trust. Practical. Performanta. Company Overview Performanta Pty Ltd is an information security organisation that has a practical approach, competitively priced services, strong client commitment,
More informationKEY STEPS FOLLOWING A DATA BREACH
KEY STEPS FOLLOWING A DATA BREACH Introduction This document provides key recommended steps to be taken following the discovery of a data breach. The document does not constitute an exhaustive guideline,
More informationDepartment of Management Services. Request for Information
Department of Management Services Request for Information Cyber-Security Assessment, Remediation, and Identity Protection, Monitoring, and Restoration Services September 3, 2015 Submitted By: Carlos Henley
More informationCyber Security Metrics Dashboards & Analytics
Cyber Security Metrics Dashboards & Analytics Feb, 2014 Robert J. Michalsky Principal, Cyber Security NJVC, LLC Proprietary Data UNCLASSIFIED Agenda Healthcare Sector Threats Recent History Security Metrics
More informationLinux Technologies QUARTER 1 DESKTOP APPLICATIONS - ESSENTIALS QUARTER 2 NETWORKING AND OPERATING SYSTEMS ESSENTIALS. Module 1 - Office Applications
NETWORK ENGINEERING TRACK Linux Technologies QUARTER 1 DESKTOP APPLICATIONS - ESSENTIALS Module 1 - Office Applications This subject enables users to acquire the necessary knowledge and skills to use Office
More informationMicrosoft s cybersecurity commitment
Microsoft s cybersecurity commitment Published January 2015 At Microsoft, we take the security and privacy of our customers data seriously. This focus has been core to our culture for more than a decade
More informationProven LANDesk Solutions
LANDesk Solutions Descriptions Proven LANDesk Solutions IT departments face pressure to reduce costs, reduce risk, and increase productivity in the midst of growing IT complexity. More than 4,300 organizations
More informationCyber R &D Research Roundtable
Cyber R &D Research Roundtable 2 May 2013 N A T I O N A L S E C U R I T Y E N E R G Y & E N V I R O N M E N T H E A L T H C Y B E R S E C U R I T Y Changing Environment Rapidly Evolving Threat Changes
More informationCYBERSECURITY BEST PRACTICES FOR SMALL AND MEDIUM PENNSYLVANIA UTILITIES
CYBERSECURITY BEST PRACTICES FOR SMALL AND MEDIUM PENNSYLVANIA UTILITIES The information provided in this document is presented as a courtesy to be used for informational purposes only. This information
More informationAddressing Cyber Risk Building robust cyber governance
Addressing Cyber Risk Building robust cyber governance Mike Maddison Partner Head of Cyber Risk Services The future of security The business environment is changing The IT environment is changing The cyber
More informationNIST CYBERSECURITY FRAMEWORK COMPLIANCE WITH OBSERVEIT
NIST CYBERSECURITY FRAMEWORK COMPLIANCE WITH OBSERVEIT OVERVIEW The National Institute of Standards of Technology Framework for Improving Critical Infrastructure Cybersecurity (The NIST Framework) is a
More informationEmergency Response Service. 2013 IBM Corporation
Emergency Response Service Who is our team The Cyber Security Intelligence and Response team is staffed with: Highly skilled forensic analysts and consultants dedicated to incident response. Resident malware
More informationMEMORANDUM. Date: October 28, 2013. Federally Regulated Financial Institutions. Subject: Cyber Security Self-Assessment Guidance
MEMORANDUM Date: October 28, 2013 To: Federally Regulated Financial Institutions Subject: Guidance The increasing frequency and sophistication of recent cyber-attacks has resulted in an elevated risk profile
More informationIntroduction of the GCCD. (Global Cybersecurity Center for Development)
Introduction of the GCCD (Global Cybersecurity Center for Development) Contents Ⅰ Ⅱ Ⅲ Ⅳ Ⅴ Ⅵ Ⅶ Background Vision Roles and Responsibilities Organizational Structure and Facilities Partnership Plan GCCD
More informationCRYPTOGEDDON: HEALTH CARE COMPROMISE. Todd Dow, CISA, PMP Founder, cryptogeddon.com @toddhdow, toddhdow@gmail.com
CRYPTOGEDDON: HEALTH CARE COMPROMISE Todd Dow, CISA, PMP Founder, cryptogeddon.com @toddhdow, toddhdow@gmail.com WHAT IS CRYPTOGEDDON? An online scavenger hunt using hacker tools Use infosec tools to solve
More informationTop 10 Baseline Cybersecurity Controls Banks Aren't Doing
Top 10 Baseline Cybersecurity Controls Banks Aren't Doing SECURE BANKING SOLUTIONS 1 Contact Information Chad Knutson President, SBS Institute Senior Information Security Consultant Masters in Information
More informationEnterprise Cybersecurity: Building an Effective Defense
Enterprise Cybersecurity: Building an Effective Defense Chris Williams Oct 29, 2015 14 Leidos 0224 1135 About the Presenter Chris Williams is an Enterprise Cybersecurity Architect at Leidos, Inc. He has
More informationUS-CERT Overview & Cyber Threats
US-CERT Overview & Cyber Threats National Cyber Security Division United States Computer Emergency Readiness Team June 2006 Agenda Introduction to US-CERT Overview of why we depend on a secure cyberspace
More informationCyber Security and Privacy Services. Working in partnership with you to protect your organisation from cyber security threats and data theft
Cyber Security and Privacy Services Working in partnership with you to protect your organisation from cyber security threats and data theft 2 Cyber Security and Privacy Services What drives your security
More informationIndustrial Security Solutions
Industrial Security Solutions Building More Secure Environments From Enterprise to End Devices You have assets to protect. Control systems, networks and software can all help defend against security threats
More informationSIEM Implementation Approach Discussion. April 2012
SIEM Implementation Approach Discussion April 2012 Agenda What are we trying to solve? Summary Observations from the Security Assessments related to Logging & Monitoring Problem Statement Solution Conceptual
More informationPayment Card Industry Data Security Standard
Symantec Managed Security Services support for IT compliance Solution Overview: Symantec Managed Services Overviewview The (PCI DSS) was developed to facilitate the broad adoption of consistent data security
More informationHelmi Rais CERT-TCC Team Manager National Agency for Computer Security, Tunisia helmi.rais@ansi.tn helmi.rais@gmail.com
Promoting a Cybersecurity Culture: Tunisian Experience ITU Regional Cybersecurity Forum for Eastern and Southern Africa Lusaka, Zambia, 25-28 August 2008 Helmi Rais CERT-TCC Team Manager National Agency
More informationCyber Security. John Leek Chief Strategist
Cyber Security John Leek Chief Strategist AGENDA The Changing Business Landscape Acknowledge cybersecurity as an enterprise-wide risk management issue not just an IT issue How to develop a cybersecurity
More informationNess Cyber Security Services
Ness Cyber Security Services. This document discloses subject matter in which Ness A.T. Ltd. has proprietary rights. Neither the furnishing, receipt nor possession thereof confers or transfers any right
More informationAttachment A. Identification of Risks/Cybersecurity Governance
Attachment A Identification of Risks/Cybersecurity Governance 1. For each of the following practices employed by the Firm for management of information security assets, please provide the month and year
More informationInformation Technology Engineers Examination. Information Security Specialist Examination. (Level 4) Syllabus
Information Technology Engineers Examination Information Security Specialist Examination (Level 4) Syllabus Details of Knowledge and Skills Required for the Information Technology Engineers Examination
More informationConcierge SIEM Reporting Overview
Concierge SIEM Reporting Overview Table of Contents Introduction... 2 Inventory View... 3 Internal Traffic View (IP Flow Data)... 4 External Traffic View (HTTP, SSL and DNS)... 5 Risk View (IPS Alerts
More informationContinuous Network Monitoring
Continuous Network Monitoring Eliminate periodic assessment processes that expose security and compliance programs to failure Continuous Network Monitoring Continuous network monitoring and assessment
More informationINSIGHTS AND RESOURCES FOR THE CYBERSECURITY PROFESSIONAL
INSIGHTS AND RESOURCES FOR THE CYBERSECURITY PROFESSIONAL BY 2 In enterprise IT, there is a single point where everything that matters in information, technology and business converges: Cybersecurity Nexus
More informationServices. Cybersecurity. Capgemini & Sogeti. Guiding enterprises and government through digital transformation while keeping them secure
Home Secure digital transformation SMACT Advise, Protect & Monitor Why Capgemini & Sogeti? In safe hands Capgemini & Sogeti Cybersecurity Services Guiding enterprises and government through digital transformation
More informationInternet Safety and Security: Strategies for Building an Internet Safety Wall
Internet Safety and Security: Strategies for Building an Internet Safety Wall Sylvanus A. EHIKIOYA, PhD Director, New Media & Information Security Nigerian Communications Commission Abuja, NIGERIA Internet
More informationProtect the data that drives our customers business. Data Security. Imperva s mission is simple:
The Imperva Story Who We Are Imperva is the global leader in data security. Thousands of the world s leading businesses, government organizations, and service providers rely on Imperva solutions to prevent
More informationSecurity Challenges and Solutions for Higher Education. May 2011
Security Challenges and Solutions for Higher Education May 2011 Discussion Topics Security Threats and Challenges Education Risks and Trends ACH and Wire Fraud Malware and Phishing Techniques Prevention
More informationInformation Security Summit 2005
Information Security Summit 2005 Forensically Sound Information Security Management in a Risk Compliance Era Keynote Opening Address by Mr. Howard C Dickson Government Chief Information Officer Government
More informationCybercrime: risks, penalties and prevention
Cybercrime: risks, penalties and prevention Cyber attacks have been appearing in the news with increased frequency and recent victims of cybercrime have included well-known companies such as Sony, LinkedIn,
More informationMASTER OF SCIENCE IN INFORMATION ASSURANCE PROGRAM DEPARTMENT OF COMPUTER SCIENCE HAMPTON UNIVERSITY
MASTER OF SCIENCE IN INFORMATION ASSURANCE PROGRAM DEPARTMENT OF COMPUTER SCIENCE HAMPTON UNIVERSITY HTTP://SCIENCE.HAMPTONU.EDU/COMPSCI/ The Master of Science in Information Assurance focuses on providing
More informationCertified Information Systems Auditor (CISA)
Certified Information Systems Auditor (CISA) Course Introduction Course Introduction Module 01 - The Process of Auditing Information Systems Lesson 1: Management of the Audit Function Organization of the
More informationDomain 1 The Process of Auditing Information Systems
Certified Information Systems Auditor (CISA ) Certification Course Description Our 5-day ISACA Certified Information Systems Auditor (CISA) training course equips information professionals with the knowledge
More information