CYBER SECURITY INFORMATION SHARING & COLLABORATION



Similar documents
September 20, 2013 Senior IT Examiner Gene Lilienthal

By: Gerald Gagne. Community Bank Auditors Group Cybersecurity What you need to do now. June 9, 2015

WAN security threat landscape and best mitigation practices. Rex Stover Vice President, Americas, Enterprise & ICP Sales

Into the cybersecurity breach

Protecting against cyber threats and security breaches

Security and Privacy

Protect the data that drives our customers business. Data Security. Imperva s mission is simple:

Middle Class Economics: Cybersecurity Updated August 7, 2015

Combating a new generation of cybercriminal with in-depth security monitoring. 1 st Advanced Data Analysis Security Operation Center

I N T E L L I G E N C E A S S E S S M E N T

U.S. Office of Personnel Management. Actions to Strengthen Cybersecurity and Protect Critical IT Systems

Cybersecurity: What CFO s Need to Know

Combating a new generation of cybercriminal with in-depth security monitoring

Cyber/IT Risk: Threat Intelligence Countering Advanced Adversaries Jeff Lunglhofer, Principal, Booz Allen. 14th Annual Risk Management Convention

Session 9: Changing Paradigms and Challenges Tools for Space Systems Cyber Situational Awareness

Top 5 Global Bank Selects Resolution1 for Cyber Incident Response.

GETTING REAL ABOUT SECURITY MANAGEMENT AND "BIG DATA"

External Supplier Control Requirements

Keynote: FBI Wednesday, February 4 noon 1:10 p.m.

Cybersecurity Awareness. Part 1

JOINT EXPLANATORY STATEMENT TO ACCOMPANY THE CYBERSECURITY ACT OF 2015

NATIONAL CYBER SECURITY AWARENESS MONTH

Preparing for a Cyber Attack PROTECT YOUR PEOPLE AND INFORMATION WITH SYMANTEC SECURITY SOLUTIONS

Cybersecurity The role of Internal Audit

Who Drives Cybersecurity in Your Business? Milan Patel, K2 Intelligence. AIBA Quarterly Meeting September 10, 2015

Working with the FBI

Microsoft s cybersecurity commitment

Security Analytics for Smart Grid

U. S. Attorney Office Northern District of Texas March 2013

IBM Security Strategy

Address C-level Cybersecurity issues to enable and secure Digital transformation

Big Data, Big Risk, Big Rewards. Hussein Syed

Practical Steps To Securing Process Control Networks

Cyber Information-Sharing Models: An Overview

Cyber Security. BDS PhantomWorks. Boeing Energy. Copyright 2011 Boeing. All rights reserved.

The President s Critical Infrastructure Protection Board. Office of Energy Assurance U.S. Department of Energy 202/

Testimony of. Mr. Anish Bhimani. On behalf of the. Financial Services Information Sharing and Analysis Center (FS-ISAC) before the

Emerging Network Security Threats and what they mean for internal auditors. December 11, 2013 John Gagne, CISSP, CISA

ICBA Summary of FFIEC Cybersecurity Assessment Tool

10 Potential Risk Facing Your IT Department: Multi-layered Security & Network Protection. September 2011

Cybersecurity Enhancement Account. FY 2017 President s Budget

Building Blocks of a Cyber Resilience Program. Monika Josi monika.josi@safis.ch

State of Security Survey GLOBAL FINDINGS

WHAT EVERY CEO, CIO AND CFO NEEDS TO KNOW ABOUT CYBER SECURITY.

Analyzing Security for Retailers An analysis of what retailers can do to improve their network security

Data Driven Assessment of Cyber Risk:

Fostering Incident Response and Digital Forensics Research

Cisco Security Optimization Service

OCIE CYBERSECURITY INITIATIVE

Actions and Recommendations (A/R) Summary

Advanced Visibility. Moving Beyond a Log Centric View. Matthew Gardiner, RSA & Richard Nichols, RSA

CyberReady Solutions. Integrated Threat Intelligence and Cyber Operations MONTH DD, YYYY SEPTEMBER 8, 2014

IBM Security re-defines enterprise endpoint protection against advanced malware

POLICIES TO MITIGATE CYBER RISK

Breaking the Cyber Attack Lifecycle

MEMORANDUM. Date: October 28, Federally Regulated Financial Institutions. Subject: Cyber Security Self-Assessment Guidance

CORE Security and the Payment Card Industry Data Security Standard (PCI DSS)

How To Protect Yourself From A Dos/Ddos Attack

Ed McMurray, CISA, CISSP, CTGA CoNetrix

Developing a National Strategy for Cybersecurity FOUNDATIONS FOR SECURITY, GROWTH, AND INNOVATION. Cristin Flynn Goodwin J.

Bellevue University Cybersecurity Programs & Courses

Cyber-Security. FAS Annual Conference September 12, 2014

FFIEC Cybersecurity Assessment Tool

Rethinking Information Security for Advanced Threats. CEB Information Risk Leadership Council

The Impact of Cybercrime on Business

Cloak and Secure Your Critical Infrastructure, ICS and SCADA Systems

Data Privacy: The High Cost of Unprotected Sensitive Data 6 Step Data Privacy Protection Plan

Stay ahead of insiderthreats with predictive,intelligent security

CHAPTER 3 : INCIDENT RESPONSE FIVE KEY RECOMMENDATIONS GLOBAL THREAT INTELLIGENCE REPORT 2015 :: COPYRIGHT 2015 NTT INNOVATION INSTITUTE 1 LLC

Cyber Resilience Implementing the Right Strategy. Grant Brown Security specialist,

Security Intelligence Services.

Information Technology Risk Management

CYBER4SIGHT TM THREAT INTELLIGENCE SERVICES ANTICIPATORY AND ACTIONABLE INTELLIGENCE TO FIGHT ADVANCED CYBER THREATS

CYBER SECURITY GUIDANCE

Cybersecurity Delivering Confidence in the Cyber Domain

Cyber Threat Intelligence Move to an intelligencedriven cybersecurity model

Spear Phishing Attacks Why They are Successful and How to Stop Them

The Advanced Cyber Security Center (ACSC): A Cyber Threat Information Sharing Consortium. Bruce J. Bakis, The MITRE Corporation

Security Controls Implementation Plan

I D C A N A L Y S T C O N N E C T I O N

Information Security Threats and Strategies. Ted Ericson Product Marketing - ASI

Countering Insider Threats Jeremy Ho

Getting Ahead of Advanced Threats

Cybersecurity and internal audit. August 15, 2014

Cloud and Critical Infrastructures how Cloud services are factored in from a risk perspective

The Importance of Cyber Threat Intelligence to a Strong Security Posture

2015 CEO & Board University Cybersecurity on the Rise. Matthew J. Putvinski, CPA, CISA, CISSP

CYBER SECURITY AND RISK MANAGEMENT. An Executive level responsibility

Defending Against Data Beaches: Internal Controls for Cybersecurity

Agenda , Palo Alto Networks. Confidential and Proprietary.

Transcription:

Corporate Information Security CYBER SECURITY INFORMATION SHARING & COLLABORATION David N. Saul Senior Vice President & Chief Scientist 28 June 2013

Discussion Flow The Evolving Threat Environment Drivers That Shape Our Information Security Policy Sources of Security Threat Information State Street Multi-Layered Security Model Financial Services Information Sharing and Analysis Center Advanced Cyber Security Center ACSC Working Group Top Consensus Priorities Questions 2

Strengthening Our Information Security Program to Protect Against an Evolving Threat Environment Cyber-threats grow more frequent and sophisticated every day State-sponsored criminals, hacktivists and internal threats on the rise No shortage of data breach case studies RSA, Sony, LinkedIn, Global Payments Inc. A constant battle against malware, social engineering and advanced persistent threats 3

Profiling Threat Actors From Verizon s 2013 DATA BREACH INVESTIGATIONS REPORT 4

Drivers That Shape Our Information Security Policy Client Concerns - Recent waves of distributed denial-of-service (DDoS) attacks have generated considerable press and sharpened focus on the banking sector s ability to sustain attacks of increasing data volume and sophistication. Advanced Persistent Threats (APT) - Typically a group, such as a foreign government, with both the capability and motivation to persistently attack using increasingly sophisticated tools. A global cyber arms race exists, with several nation-states very active in developing world-class offensive cyber capabilities. Sophisticated malware is filtering down from the nation-state attacks to cyber-criminals. Insider Threats - Trusted resources such as employees or contractors, whose actions may, knowingly or unknowingly, compromise internal systems. Social Engineering - Increasingly sophisticated social engineering attacks continue to threaten our systems, networks and data. Targeted phishing attacks use email or malicious websites to elicit certain behaviors from users that could compromise our data or disrupt business operations. Regulatory Directives - Government regulators are increasing pressure on the financial sector to strengthen cyber security standards. 5

Sources of Security Threat Information Active threats at State Street are identified in a number of ways, with most threats identified by the IBM Security Operations Center and FireEye as part of our 24 x7 monitoring Corporate Information Security (CIS) receives threat intelligence from the following sources: Verisign idefense Security Intelligence Services Financial Services Information Sharing and Analysis Center: industry forum for collaboration on critical security threats facing the financial services sector Advanced Cyber Security Center: a cross-sector collaboration established by leading industry executives, university experts and public officials with focus on responding to advanced cyber threats IBM X-Force: researches and monitors the latest Internet threat trends Verizon Data Breach report including data from the Secret Service Department of Homeland Security: U.S. CERT and Industrial Control Systems FBI and US Cyber Command 6

State Street Multi-Layered Security Model Host Intrusion Detection Systems (HIDS) Network Intrusion Detection Systems (NIDS) Untrusted Segments Penetration Tests Firewalls Physical Security Demilitarized Zone NIDS HIDS Internal Network NIDS HIDS Endpoints Business Applications Corporate & Business Data Internal Scans External Scans Malicious Software Scans Antispam Security & Configuration Data Security Patch Program Code Scans Enterprise Security Framework Encryption Data Leakage Prevention Monitoring 7

Financial Services Information Sharing and Analysis Center (FS-ISAC) The FS-ISAC was established in 1999 by the financial services sector in response to Presidential Directive 63. Mandates that the public and private sectors share information about physical and cyber security threats and vulnerabilities to help protect the U.S. critical infrastructure. Constantly gathers reliable and timely information from financial services providers, commercial security firms, federal, state and local government agencies, law enforcement and other trusted resources. Uniquely positioned to quickly disseminate physical and cyber threat alerts and other critical information includeing analysis and recommended solutions from leading industry experts. Both Treasury and Department of Homeland Security rely on the FS-ISAC to disseminate critical information to the financial services sector in times of crisis. 8

Advanced Cyber Security Center (ACSC) The Advanced Cyber Security Center (ACSC) brings together industry, university, and government organizations to address the most advanced cyber threats. State Street is a charter member of the Advanced Cyber Security Center, and actively collaborates with member organizations to share leading threat indicators and exchange insights on emerging APT activity. Through its regional leadership ACSC bridges the space for partnerships between university, industry and government. UNIVERSITY ASSETS ACSC and Partners FEDERAL PRIORITIES INDUSTRY NEEDS 9

Advanced Cyber Security Center Key Initiatives The Advanced Cyber Security Center is a cross-sector collaboration organized to help protect the region s organizations from the rapidly evolving advanced and persistent cyber threats and to support New England s role as a center for cyber security R+D, education, talent and jobs. Three Key Initiatives: Information Sharing R&D and Education Policy Development Identify new threat indicators Share best practices Build cross-sector network in NE Development of Cyber Workforce Address hardest R&D challenges Government, Industry & Higher Ed Funded ACSC as best practice laboratory Research on information sharing, Federal legislation 10

ACSC Strengthens Short-Term Defenses and Long-Term Capability The ACSC will deliver actionable intelligence to bolster an organization s defenses in the short term and generate new defensive strategies and R+D in the longer tem. Near Term Results Medium Term Results Longer Term Results Front Line Analytics New Predictive Analytics Development Research & Development What How Identify new attack vectors Create new threat indicators Baseline current organizational capability for assessing attacking Evaluate data from attacks & breaches Examine malware Predictive analytics to anticipate attack innovations Apply predictive analytic techniques to anticipate new attack approaches (forensics, financial modeling etc.) Develop longer term innovations & defensive capability Leverage results of analytics to develop new approaches, technical solutions to deterrence Who ACSC Staff Lead + Support Member front line staff ACSC Staff Lead + Support Data modeling experts Strategic Staff Research Collaborators Data & Information Sharing 11

ACSC Working Group Top Consensus Priorities: 1. Develop next generation resilient systems with the capacity to recover from attacks and failures Integrate cognitive psychology, controls, and complex network design for systems that mitigate the impact of cyber attacks, maintain operation during attacks, and automatically recover 2. Develop Big Data security solutions responding to analytic, privacy and regulatory challenges Establish policies, processes and technology for the collection, storage, aggregation, integration, processing, analysis and reporting of large data sets across multiple platforms, jurisdictions and languages while ensuring privacy and security 3. As the Internet and IT systems go mobile, develop the security that users demand Assess the economic and risk trade-offs associated with minimizing device size and maximizing battery for the user vs. the mix of security and operating applications, users apps and data storage that can be supported. Determine how to incorporate more efficient advanced authentication mechanisms and security into mobile, virtual desktop and "bring your own device to work environments. 12

ACSC Working Group Top Consensus Priorities: 4. Develop automated real time threat sharing networks inside and between organizations that provide for federated intelligencedriven defense against cyber attacks. Develop policies and agreements for sharing data amongst organizations, and then design standards and structure for automated feeds that enable the automated collection of disparate data sets from disparate systems and data sets, protecting privacy and proprietary information through effective protocols and technology solutions. 5. Develop cyber security risk frameworks and integrate with enterprise risk frameworks. Assess the probabilities of different levels of cyber security risk and determine the policies, human resources support and economics to mitigate. 13

Key Messages State Street is executing a long-term, risk-based information security strategy that evolves to meet an ever-changing threat environment We are utilizing multiple channels of external intelligence to share information, improve threat awareness and develop responses to advanced cyber threats Participation in the FS-Information Sharing and Analysis Center and Advanced Cyber Security Center enables collaboration with peer financial services organizations, universities, and government agencies The constant flow of new information and solutions enables us to strengthen our security controls and respond to new threats quickly 14

Thank You Questions 15

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information