The Mile High Denver Chapter of ARMA welcomes you to our virtual meeting!

Similar documents
The FBI Cyber Program. Bauer Advising Symposium //UNCLASSIFIED

defending against advanced persistent threats: strategies for a new era of attacks agility made possible

How a Company s IT Systems Can Be Breached Despite Strict Security Protocols

What s Wrong with Information Security Today? You are looking in the wrong places for the wrong things.

Defending Against Data Beaches: Internal Controls for Cybersecurity

Common Cyber Threats. Common cyber threats include:

Fighting Advanced Threats

10 Smart Ideas for. Keeping Data Safe. From Hackers

Advanced Persistent Threats

Advanced Persistent. From FUD to Facts. A Websense Brief By Patrick Murray, Senior Director of Product Management

Advanced & Persistent Threat Analysis - I

When less is more (Spear-Phishing and Other Methods to Steal Data) Alexander Raczyński

ENDPOINT SECURITY WHITE PAPER. Endpoint Security and Advanced Persistent Threats

Beyond the Hype: Advanced Persistent Threats

24/7 Visibility into Advanced Malware on Networks and Endpoints

Spyware. Michael Glenn Technology Management 2004 Qwest Communications International Inc.

INDUSTRY OVERVIEW: HEALTHCARE

Data Center security trends

2012 Bit9 Cyber Security Research Report

Agenda , Palo Alto Networks. Confidential and Proprietary.

Who Drives Cybersecurity in Your Business? Milan Patel, K2 Intelligence. AIBA Quarterly Meeting September 10, 2015

SECURITY REIMAGINED SPEAR PHISHING ATTACKS WHY THEY ARE SUCCESSFUL AND HOW TO STOP THEM. Why Automated Analysis Tools are not Created Equal

Malware, Phishing, and Cybercrime Dangerous Threats Facing the SMB State of Cybercrime

Endpoint & Server Protection. Brent Biernat First Vice President Network Services May 13, 2014

White Paper. Why Next-Generation Firewalls Don t Stop Advanced Malware and Targeted APT Attacks

WHAT EVERY CEO, CIO AND CFO NEEDS TO KNOW ABOUT CYBER SECURITY.

Cyber/IT Risk: Threat Intelligence Countering Advanced Adversaries Jeff Lunglhofer, Principal, Booz Allen. 14th Annual Risk Management Convention

PUBLIC SAFETY CYBER SECURITY

Certified Ethical Hacker Exam Version Comparison. Version Comparison

Information Security and Risk Management

The Impact of Cybercrime on Business

THE DIGITAL AGE THE DEFINITIVE CYBERSECURITY GUIDE FOR DIRECTORS AND OFFICERS

Spear Phishing Attacks Why They are Successful and How to Stop Them

Advanced Persistent Threats

Spam, Spyware, Malware and You! Don't give up just yet! Presented by: Mervin Istace Provincial Library Saskatchewan Learning

Secure Your Mobile Workplace

Networking for Caribbean Development

EY Cyber Security Hacktics Center of Excellence

Anti-exploit tools: The next wave of enterprise security

Who s Doing the Hacking?

Protecting Your Data, Intellectual Property, and Brand from Cyber Attacks

Comprehensive Malware Detection with SecurityCenter Continuous View and Nessus. February 3, 2015 (Revision 4)

Breaking the Cyber Attack Lifecycle

ITAR Compliance Best Practices Guide

Security and Privacy

Intel Cyber-Security Briefing: Trends, Solutions, and Opportunities

APT Advanced Persistent Threat Time to rethink?

An Introduction on How to Better Protect Your Computer and Sensitive Data

Analytic and Predictive Modeling of Cyber Threat Entities J. Wesley Regian, Ph.D.

Cybersecurity Kill Chain. William F. Crowe, CISA, CISM, CRISC, CRMA September 2015 ISACA Jacksonville Chapter Meeting August 13, 2015

Cyber Security Presentation Cyber Security Month Curtis McNay, Director of IT Security

Cyber Threats Insights from history and current operations. Prepared by Cognitio May 5, 2015

How Your Current IT Security System Might Be Leaving You Exposed TAKEAWAYS CHALLENGES WHITE PAPER

Incident Response. Proactive Incident Management. Sean Curran Director

Advanced Cyber Threats in State and Local Government

Symantec Advanced Threat Protection: Network

Unknown threats in Sweden. Study publication August 27, 2014

Detailed Description about course module wise:

INDUSTRY OVERVIEW: FINANCIAL

What Do You Mean My Cloud Data Isn t Secure?

A Case for Managed Security

Modular Network Security. Tyler Carter, McAfee Network Security

Incident Response. Six Best Practices for Managing Cyber Breaches.

Preparing for a Cyber Attack PROTECT YOUR PEOPLE AND INFORMATION WITH SYMANTEC SECURITY SOLUTIONS

Device Hardening, Vulnerability Remediation and Mitigation for Security Compliance

Cyber Security in Taiwan's Government Institutions: From APT To. Investigation Policies

CYBER SECURITY THREAT REPORT Q1

How We're Getting Creamed

Trends in Advanced Threat Protection

EMERGING THREATS & STRATEGIES FOR DEFENSE. Stephen Coty Chief Security

Internet security: Shutting the doors to keep hackers off your network

Malware. Stopping cyberattacks. Sponsored by

Course Content Summary ITN 261 Network Attacks, Computer Crime and Hacking (4 Credits)

Security A to Z the most important terms

Content Security: Protect Your Network with Five Must-Haves

September 20, 2013 Senior IT Examiner Gene Lilienthal

Modern Cyber Threats. how yesterday s mind set gets in the way of securing tomorrow s critical infrastructure. Axel Wirth

Cyber - Security and Investigations. Ingrid Beierly August 18, 2008

I ve been breached! Now what?

Practical Steps To Securing Process Control Networks

SPEAR PHISHING UNDERSTANDING THE THREAT

The Fundamental Failures of End-Point Security. Stefan Frei Research Analyst Director

Data- centric Security: A New Information Security Perimeter Date: March 2015 Author: Jon Oltsik, Senior Principal Analyst

Information Security Addressing Your Advanced Threats

Advanced Targeted Attacks

Unit 3 Cyber security

Belmont Savings Bank. Are there Hackers at the gate? 2013 Wolf & Company, P.C.

Cybersecurity Awareness. Part 1

Protect Your IT Infrastructure from Zero-Day Attacks and New Vulnerabilities

Cyber Security for audit committees

Information Security Threat Trends

Effective Methods to Detect Current Security Threats

Office 365 Cloud App Security MARKO DJORDJEVIC CLOUD BUSINESS LEAD EE TREND MICRO EMEA LTD.

NATIONAL CYBER SECURITY AWARENESS MONTH

Targeted Intrusion Remediation: Lessons From The Front Lines. Jim Aldridge

Proactive Credential Monitoring as a Method of Fraud Prevention and Risk Mitigation. By Marc Ostryniec, vice president, CSID

How To Hack A Corporate Network

Perspectives on Cybersecurity in Healthcare June 2015

Effective Methods to Detect Current Security Threats

Applying the 80/20 approach for Operational Excellence. How to combat new age threats, optimize investments and increase security.

Transcription:

The Mile High Denver Chapter of ARMA welcomes you to our virtual meeting!

March 18 th Meeting ediscovery and Social Media -- What Records Managers Need to Know By: Kelly Twigger Americans spend an average of 7.6 hours per month on social media. The use of social media for marketing has supplanted traditional forms of media as businesses can reach millions more consumers via social media at a tiny fraction of the cost. New platforms come online weekly, and users flock to them faster than an organization can say firewall. We'll discuss the implications of social media on information management, open records and ediscovery and talk about the types of policies and guidelines to consider in accepting the use of social media and working to educate your users on its potential implications for your organization. Presenter Kelly Twigger is a Principal at ESI Attorneys, an Information Law and ediscovery law firm in Colorado, Kelly is equally at home on the basketball court and in court, likely a testament to her undying tenacity, love for strategic sports, and an uncanny eye for game-winning strategies. She calls the shots like she sees them (she s blunt and brutally honest), and like any great athlete, attorney, or coach, thinks six moves ahead in order to create plays that don t just work they shine.

Annual MHD Spring Seminar April 15, 2014 Mark your calendars! Invite your colleagues! This all day event will be amazing! This year we are excited to again, offer a two-track seminar. The seminar includes an amazing keynote from Travis White on Innovation. Stay tuned to our website, http://www.armadenver.org/, for more information! Where : PPA Event Center, 2105 Decauter St., Denver, Colorado 80211

Why Should Information Managers Care About Hackers? Patrick Cunningham, CIP, FAI Motorola Solutions, Inc. February 18, 2014

Agenda What are the new threats and risks? Cyberthreats 101 Insiders Disasters Defending the organization Attributes of information Using risk appropriately

Cyberthreats 101 Adversaries Types Methods

NEW COMPUTER SECURITY THREATS Hacking of DuPont, Johnson & Johnson, GE Were Google-Type Attacks HACKING Hackers Penetrate Nasdaq Computers CYBER CRIME CYBER ESPIONAGE Google Hack Attack Was Ultra Sophisticated UK Infrastructure Faces Cyber Threat, Says GCHQ Chief

Adversaries Script Kiddies The traditional teenager in the basement thrill seeker, notoriety, peer recognition Hacktivists Anonymous political orientation, disruptive Cyber-criminals Direct financial motivation State-sponsored or Professional Espionage, trade secret theft, disruption of critical infrastructure

Types of Cyberthreats Basic malware Viruses, trojan horses, botnets Crimeware Password and credential stealing, key loggers Advanced malware Stealthy, custom-written software incorporating aspects of the above, but designed to be undetectable Any adversary can use any level of malware even the script kiddie can access advanced malware ultimately, what the adversary does with the access they gain is what determines how they are classified

Methods / Vectors of Attack Social Engineering Phishing Spear phishing Whaling Website poisoning Advertising poisoning Infected downloads Porn and warez are now generally seen to be vectors for malware Mobile devices and social media increasing targets and vectors

Advanced Persistent Threat Mandiant coined APT as... What is APT? Group of sophisticated, determined and coordinated attackers that have been systematically compromising U.S. government and commercial computer networks.... Conventional information security defenses don t work. The attackers successfully evade anti-virus, network intrusion detection and other best practices. APT is a methodology, not a type of attack Best estimates are that there are 25+ groups that are associated with APT style campaigns

Targeted Attack Methodology Attacker researches his target Social Engineering Victim Clicks on link Attacker http://example.com/abc.html Attacker creates custom email Victim Slides taken from Symantec Slides related to Google Aurora attack Jan 2010

Targeted Attack Methodology Payload Install and Execution http://example.com/abc.html Victim Malicious Server Backdoor Program Malicious Server Confidential Information Attacker Slides taken from Symantec Slides related to Google Aurora attack Jan 2010

What is Unique About the APT? Method of entry Exploits Malware Spread Traditional Attack Generic email to large numbers of people. Hit or miss with no targets. Known vulnerabilities, typically unpatched in some machines One size fits all. Typically already on commercial virus checker signature lists Random spread to as many machines as possible, via email lists, or open ports, etc. Targets of opportunity. Advanced Persistent Threat - Research on personal details of targets - Selective spear phishing custom, tailored emails Unknown Zero-day exploits; no vendor patch exists Custom code not found on virus signature lists. Adversary monitors virus checker and modifies their code once it has been identified commercially. Manual, controlled spread to targeted machines based on research (e.g. key-logging of infected machines) External Command & control systems Communications Single server Control Server to infected units. Detectable and blockable with current tools Multiple paths to multiple control points Duration of attack Days or weeks Years, i.e. Persistent Infected units initiate communications with control server. Communications Infrequent and not detectable. Use web site, HTTS, Gmail, etc. Communications encrypted to avoid monitoring/detection Adversary Motive Script kiddies, thrill seeker, or limited criminal element Denial of Service (DOS), ID theft, public recognition Well organized, well funded, organized crime or nation state sponsored Serious theft of intellectual property, large financial gain, injection of malware in to products

Are You Oversharing?

Loose Lips and All That

Insiders This is what an insider threat looks like. Hanjuan Jin, February, 2007. Education: University of Science and Technology of China, University of Notre Dame, Illinois Institute of Technology Naturalized United States Citizen Employed by Motorola, 1998 to 2007 Guilty, Theft of Trade Secrets, 2012

Defending the Organization Against the Insider Threat

Today s Defensive Methods Data Loss Prevention (DLP) Key words provided by the business (code words and other unique identifiers) Includes classification flags Continual watch on outbound email and Internet traffic Data Classification Default classification in document management systems Anomaly Detection in EDMS High volume downloads High volume searches Searches out of bounds File Sharing Websites High volume downloads / uploads Anomalous behavior identification

Future Defensive Methods Anomaly Detection High volume data transfers High numbers of virus infections High volume of login failures Network connections from at risk IP addresses (i.e. competitors) Geolocation anomalies Improbable physical locations over time Source IP address of concern (competitors) End point DLP implementation Additional mandatory templates for highly sensitive documents Phone home capability for highly sensitive documents

So Why Should a Records Manager Care About This? How long does your retention schedule say to retain security logs? Are you aware that the technology exists to capture every bit of data going to or from your organization s network? Who knows (or should know) where the records are? Do you know where your organization s crown jewels reside? Are you a target for the bad guys? Are your records management systems?

Disasters The traditional range of disasters continue to be a focus for risk assessment Most organizations must now also consider: Malware and outages due to malware cleanup Cloud outages Data privacy breaches Third party provider outages Impacts to mobile workforce The attack surface is increasing exponentially

Attributes of Information The new role for records management means incorporating a variety of attributes into information stores and indices to enable better protection and risk identification

Attributes Record series / category / retention period Vital record flag Data privacy / PII / PHI flag PCI flag Security classification Crown jewels?

Speaking About Risk Effectively What is the likelihood of something happening? What is the real impact to the business? What is the cost to solve the issue? What is the cost if nothing is done? Does your organization have appropriate insurance coverage?

Communicating Risk Don t overplay the risk Look at the risks from the point of view of senior management If a risk is going to be accepted, have a formal process to communicate the risk and get signoff on the risk at the appropriate level Have a focus on materiality at what point is a loss reportable?

Takeaways Understand the threats to your organization Meet your Information Security team and work with them Consider adding other attributes to an EDMS or to any system tracking records Look at risk in a big picture way

Questions?

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information