Fear Not What Security Can Do to Your Firm; Instead, Imagine What Your Firm Can Do When Secured!

Fear Not What Security Can Do to Your Firm; Instead, Imagine What Your Firm Can Do When Secured! Presented by: Kristen Zarcadoolas, Jim Soenksen, and Ed Sale

PART 2: plan, act, repeat (from the look, plan, act, repeat methodology) Putting the Puzzle Pieces Together

Presentation Goals Review of Part 1 Translating Assessment into a plan and act Securing Management Buy-In Security Technologies Selecting, Deploying, and Maintaining the Right Technologies for your Firm

Review of Part 1 Top IT Concerns Security Best Practices look: Phase 1 in Building a Proactive Security Program Using SANS Defense in Depth as a Blueprint Business Benefits

Translate Assessment into a plan Risk = Threat x Vulnerability x Cost Quantify Exposure and Risk to Critical Assets Create a Risk Management Plan and Roadmap Identify Available Resources

Securing Management Buy-In Security Education Firm s Exposure Risk Management Plan and Roadmap Independent Third Party Advice Client Requirements Regulatory Compliance Peer Pressure Competitive Advantage ROSI Significant Event

Security Technologies SANS Defense in Depth Network Attacks Host Attacks Security Vulnerabilities Authorizing Users and Data Privacy Business Losses

Defensive Wall #1: Blocking Network Attacks Y o u r F ir m? W o r k s ta tio n s F ile S e r v e r P e r im e t e r M a il S e r v e r L a p to p s S e c u r e W e b F ilt e r I n t r a n e t F ir e w a ll D a t a b a s e M S S P r o v id e r ID S /IP S In s id e D o m a in C o n t r o lle r A V / S p y w a r e G a t e w a y D is c o v e r y & M it ig a ttio n In t e r n e t ID S /IP S O u t s id e D D o S D e f e n s e F ilt e r in g R o u t e r D M Z M a il F ilt e r A n t i- V ir u s A n t i -S p a m W e b S e r v e r T e r m in a l S e r v e r F ile T r a n s f e r S e r v e r Filtering Router (NAT) Firewall and AntiVirus / Spyware Gateways Secure E-Mail / Anti- Spam Secure Web Filtering Discovery and Mitigation IDS / IPS Managed Security Services DDoS Defense Tools

Defensive Wall #2: Blocking Host Attacks Host IPS Spyware Removal Personal Firewalls and Scan and Block Systems Personal AntiVirus RootKit Detection and Removal Host IPS Personal Firewall Personal AntiVirus Spyware & RootKit Removal

Defensive Wall #3: Eliminating Security Vulnerabilities Workstations File Server Intranet Mail Server Laptops Database Domain Controller Vulnerability Testing Patch & Configuration Management Web Server DMZ Mail Filter Anti-Virus Anti-Spam Terminal Server File Transfer Server Vulnerability Management and Penetration Testing Patch and Configuration Management and Compliance Application Security Testing

Defensive Wall #4: Safely Supporting Authorized Users ID and Access Management File Encryption Secure Communication PKI VPN Secure Remote Access Strong Authentication

Defensive Wall #5: Minimizing Business Losses and Maximizing Effectiveness Secure Information Management Fraud in Business Transactions Security Skills Development Forensics Tools Regulatory Compliance Tools Log Management Business Recovery Back-Up

Selecting the Technologies that are Right for Your Firm Vendor Reputation robust solutions, customer service, warranty and support, longevity Effectiveness of Solution Appropriateness of Solution to Organization Price Maintenance & Ongoing Costs User Training Requirements Resource Requirements employee time, systems, network, disk, backup Multi-Vendor Environment vs. Single-Vendor

Deploying the Technologies that are Right for Your Firm Other Companies Experiences Evaluation Period Test Plan Does It Really Work? Will It Work (Easily) with My Existing Equipment?

Maintaining the Technologies that are Right for Your Firm Frequency of Updates Underlying O/S Platform and Robustness Configuration and Tuning Disruptive Upgrades

Proactive Security Program = Business Enabler look - ID Critical Assets and Assess Risk plan - Develop a Proactive Security Program act - Implement Tailored InfoSec Roadmap including Policies, Training, and Technology repeat - Ongoing Monitoring, Auditing, Updating, & Adjusting

Helpful Sites www.cert.org www.csrc.nist.gov www.infragard.net/index.htm www.sans.org www.pivotgroup.net

For More Information, Please Contact Us Directly: Pivot Group Jim Soenksen (404) 419 2163 Kristen Zarcadoolas (213) 341 1494 www.pivotgroup.net

What to Consider When Securing Your Firm s Telecommunications What Questions Do You Have?

THANK YOU from Kristen Zarcadoolas, Jim Soenksen, and Ed Sale