Auditing After a Cyber Attack JAX IIA Chapter Meeting Cybersecurity and Law Enforcement

Similar documents
External Supplier Control Requirements

Secure Code Development

Cybersecurity. Are you prepared?

Cyber Security and Information Assurance Controls Prevention and Reaction NOVEMBER 2013

Collateral Effects of Cyberwar

KEY STEPS FOLLOWING A DATA BREACH

Hans Henrik Berthing, CPA, CISA, CGEIT, CRISC, CIA

What Directors need to know about Cybersecurity?

Cybersecurity: Considerations for Internal Audit. IIA Atlanta Chapter Meeting January 9, 2015

RLI PROFESSIONAL SERVICES GROUP PROFESSIONAL LEARNING EVENT PSGLE 123. Cybersecurity: A Growing Concern for Small Businesses

CYBERSECURITY HOT TOPICS

ALERT LOGIC FOR HIPAA COMPLIANCE

Aalborg Universitet. Cyber Assurance - what should the IT auditor focus on? Berthing, Hans Henrik Aabenhus. Publication date: 2014

Web application security Executive brief Managing a growing threat: an executive s guide to Web application security.

State of Security Survey GLOBAL FINDINGS

Mean Time to Fix (MTTF) IT Risk s Dirty Little Secret Joe Krull, CPP, CISSP, IAM, CISA, A.Inst.ISP, CRISC, CIPP

Cyber- Attacks: The New Frontier for Fraudsters. Daniel Wanjohi, Technology Security Specialist

Technical Testing. Application, Network and Red Team Testing DATA SHEET. Test your security defenses. Expert Testing, Analysis and Assessments

POLICIES TO MITIGATE CYBER RISK

CSCI 454/554 Computer and Network Security. Instructor: Dr. Kun Sun

CYBERSECURITY EXAMINATION SWEEP SUMMARY

Research Topics in the National Cyber Security Research Agenda

Cybercrime & Cybersecurity: the Ongoing Battle International Hellenic University

Cybercrime myths, challenges and how to protect our business. Vladimir Kantchev Managing Partner Service Centrix

Combating a new generation of cybercriminal with in-depth security monitoring. 1 st Advanced Data Analysis Security Operation Center

SCAC Annual Conference. Cybersecurity Demystified

PREPARE YOUR INCIDENT RESPONSE TEAM

Addressing Cyber Security in Oracle Utilities Applications

How to complete the Secure Internet Site Declaration (SISD) form

10 Smart Ideas for. Keeping Data Safe. From Hackers

Cybersecurity: Protecting Your Business. March 11, 2015

CYBER SECURITY AND RISK MANAGEMENT. An Executive level responsibility

Ed McMurray, CISA, CISSP, CTGA CoNetrix

Cybersecurity: A Growing Concern for All Businesses. RLI Design Professionals Design Professionals Learning Event DPLE 160 October 7, 2015

Securing Your Web Application against security vulnerabilities. Ong Khai Wei, IT Specialist, Development Tools (Rational) IBM Software Group

NATIONAL CYBER SECURITY AWARENESS MONTH

New York State Department of Financial Services. Report on Cyber Security in the Insurance Sector

CYBER SECURITY THREAT REPORT Q1

Cyber Security. John Leek Chief Strategist

Combating a new generation of cybercriminal with in-depth security monitoring

Passing PCI Compliance How to Address the Application Security Mandates

White Paper. Data Security. The Top Threat Facing Enterprises Today

SECURITY CONSIDERATIONS FOR LAW FIRMS

Protect the data that drives our customers business. Data Security. Imperva s mission is simple:

Managing the Unpredictable Human Element of Cybersecurity

Cybersecurity Kill Chain. William F. Crowe, CISA, CISM, CRISC, CRMA September 2015 ISACA Jacksonville Chapter Meeting August 13, 2015

Cloud Assurance: Ensuring Security and Compliance for your IT Environment

RETHINKING CYBER SECURITY Changing the Business Conversation

Using the HITRUST CSF to Assess Cybersecurity Preparedness 1 of 6

Contemporary Web Application Attacks. Ivan Pang Senior Consultant Edvance Limited

OCIE Technology Controls Program

Chairman Johnson, Ranking Member Carper, and Members of the committee:

Bellevue University Cybersecurity Programs & Courses

Universities and Schools Under Cyber-Attack: How to Protect Your Institution of Excellence

The Impact of Cybercrime on Business

CYBERSECURITY NEXUS ROBERT E STROUD INTERNATIONAL PRESIDENT, ISACA RAMSÉS GALLEGO INTERNATIONAL VICE PRESIDENT, ISACA

Guidelines for Website Security and Security Counter Measures for e-e Governance Project

Proactive Credential Monitoring as a Method of Fraud Prevention and Risk Mitigation. By Marc Ostryniec, vice president, CSID

Perspectives on Cybersecurity in Healthcare June 2015

Testimony of Dan Nutkis CEO of HITRUST Alliance. Before the Oversight and Government Reform Committee, Subcommittee on Information Technology

InfoSec Academy Application & Secure Code Track

Security and Privacy

Security Assessment through Google Tools -Focusing on the Korea University Website

MEMORANDUM. Date: October 28, Federally Regulated Financial Institutions. Subject: Cyber Security Self-Assessment Guidance

By: Gerald Gagne. Community Bank Auditors Group Cybersecurity What you need to do now. June 9, 2015

HEALTH CARE AND CYBER SECURITY:

Cloud Security:Threats & Mitgations

Impact of Data Breaches

IT AUDIT WHO WE ARE. Current Trends and Top Risks of /9/2015. Eric Vyverberg. Randy Armknecht. David Kupinski

Table of Contents. Page 2/13

Client Update NFA Adopts Interpretive Notice Regarding Information Systems Security Programs

Where every interaction matters.

External Supplier Control Requirements

NSA/DHS Centers of Academic Excellence for Information Assurance/Cyber Defense

Information Technology Risk Management

THE HUMAN FACTOR AT THE CORE OF FEDERAL CYBERSECURITY

SOMEBODY'S WATCHING YOU! Maritime Cyber Security White Paper. Safeguarding data through increased awareness

2015 Michigan NASCIO Award Nomination. Cyber Security Initiatives: Michigan Cyber Disruption Response Strategy

CGI Cyber Risk Advisory and Management Services for Insurers

A PROVEN THREAT A TRUSTED SOLUTION MCCANN CYBER SECURITY SOLUTIONS

PCI DSS Overview and Solutions. Anwar McEntee

Building The Human Firewall. Andy Sawyer, CISM, C CISO Director of Security Locke Lord

INFORMATION SECURITY FOR YOUR AGENCY

N-Dimension Solutions Cyber Security for Utilities

Table of Contents. Application Vulnerability Trends Report Introduction. 99% of Tested Applications Have Vulnerabilities

ETHICAL HACKING APPLICATIO WIRELESS110 00NETWORK APPLICATION MOBILE MOBILE0001

Transcription:

Auditing After a Cyber Attack JAX IIA Chapter Meeting Cybersecurity and Law Enforcement Copyright Elevate Consult LLC. All Rights Reserved 1

Presenter Ray Guzman MBA, CISSP, CGEIT, CRISC, CISA Over 25 years of diversified expertise in: Technology Infrastructure Development Implementing ERP Solutions Developing Information Security Programs Business Continuity/Disaster Recovery Planning Risk Management IT Auditing Adjunt Professor at several South Florida Colleges 2

Topic Agenda Cyber security Trends in 2013 The rise of cyber attacks against service providers The threat and challenges healthcare providers face The role of the Internal Auditor to thwart cyberattacks Auditing a service provider after a cyber attack 3

Cyber security Trends in 2013 Perspective Case Study: NASA (Paul K. Martin, Inspector General) Testimony before the Subcommittee on Investigations and Oversight, House Committee on Science, Space, and Technology February 2012 In 2010 and 2011, NASA reported 5,408 computer security incidents that resulted in the installation of malicious software on or unauthorized access to its systems Some of these intrusions have affected thousands of NASA computers Resulted in the theft of export-controlled and otherwise sensitive data Estimated cost to NASA of more than $7 million 4

Cyber security Trends in 2013 According to NASA s Inspector General: NASA spends more than $1.5 billion annually on its ITrelated activities So, what is the problem? NASA s Chief Information Officer Lacks Visibility of and Oversight Authority for Key NASA IT Assets 5

Cyber security Trends in 2013 Wayne Gretzky, also known as the great one said; A good hockey player plays where the puck is. A great hockey player plays where the puck is going to be. Are we learning from Cyber Security Trends? 6

Cyber security Trends in 2013 Are we learning from Cyber Security Trends? MacAfee's 2013 threats predictions; 1. Ransomware resurges and takes on mobile devices 2. Mobile malware goes on a shopping spree 3. Mobile tap and pay worms bump and infect 4. Botnets phone home 5. Online marketplaces offer click to hack services 7

Cyber security Trends in 2013 Are we learning from Cyber Security Trends? Open Web Application Security Project (OWASP) OWASP is an open community organization All of the OWASP tools, documents, forums, and chapters are free and open to anyone interested in improving application security OWASP advocates approaching application security as: People Process Technology 8

Cyber security Trends in 2013 Are we learning from Cyber Security Trends? Open Web Application Security Project (OWASP) Top 5 Vulnerabilities of 2010 Top 5 Vulnerabilities of 2013 A1 Injection A3 Broken Authentication and Session Management A2 Cross-Site Scripting (XSS) A4 Insecure Direct Object References A6 Security Misconfiguration A1 Injection A3 Broken Authentication and Session Management A2 Cross-Site Scripting (XSS) A4 Insecure Direct Object References A6 Security Misconfiguration 9

Cyber security Trends in 2013 Lessons learned: The means to carry out Cyber attacks will continue to evolve to overcome countermeasures Cyber attacks can t be defeated by just throwing money at the problem Visibility: How can you protect what you don t know you have in your network? Reduce the attack surface of software applications Software assurance: Reduce software vulnerabilities 10

The rise of cyber attacks against healthcare service providers The problem for health care service providers; As predicted, HITRUST has seen a marked increase in the frequency and sophistication of cyber attacks targeted at healthcare organizations, Daniel Nutkis, Chief Executive Officer, HITRUST 11

The rise of cyber attacks against healthcare service providers The problem for health care service providers; New Kid on the block Financial services and retail organizations have more experience and insight mitigating the risk posed by cyber threats 12

The rise of cyber attacks against healthcare service providers The problem for health care service providers; Healthcare, education, and government accounted for nearly two-thirds of all identities breached in 2012. Symantec Corporation Internet Security Threat Report 2013 :: Volume 18 13

The rise of cyber attacks against healthcare service providers The problem for health care service providers; 14

The threat and challenges healthcare providers face The threat Symantec saw a 42 percent increase in the targeted attack rate in 2012 compared with the preceding 12 months. Internet Security Threat Report 2013 :: Volume 18 Why would a hacker be more interested on Electronic Health Records (EHR) than credit card information? 15

The threat and challenges healthcare providers face The threat Hackers know about: The push to share and exchange medical information electronically The push for compliance The push for security: protect the confidentiality, integrity and availability of EHRs The urgency to do it all while keeping costs low 16

The threat and challenges healthcare providers face The threat Hackers have the upper hand, but why? Hackers don t have competing motives But even more important; Element of surprise Resources Time 17

The threat and challenges healthcare providers face The Challenge: Regulatory and compliance pressures: Dissimilar technologies that don t work together Millions of new patients coming into the system Industry that was not traditionally the focus of cybercrime, but it is now becoming the biggest target Lack of awareness and education to deal with increasing cyber security threats and attacks 18

The role of the Internal Auditor to thwart cyber-attacks Protecting Critical EHRs Review the organization s Cyber Security strategy Review the organization s incident response and communication plans Review the organization s critical assets and associated risks How are vulnerabilities identified? How are risks disclosed? 19

The role of the Internal Auditor to thwart cyber-attacks Protecting Critical EHRs Examine information security controls to ensure they are sufficient for regulatory requirements and follow industry best practices Monitor cloud Monitor suppliers Monitor the networks Monitor software 20

The role of the Internal Auditor to thwart cyber-attacks Protecting Critical EHRs Identify what digital information is leaving the organization Where is it going? How is it tracked? Who is monitoring the cyber risk? 21

Auditing a service provider after a cyber attack Forensic investigative and analytical skills and abilities are needed Technical skills Building a digital audit trail Understand computer fraud techniques Understand information collected from various computer logs Understand the inner workings of web servers, firewalls, attack methodology, security procedures & penetration testing 22

Auditing a service provider after a cyber attack Forensic investigative and analytical skills and abilities are needed Review: Computer Incident Response Plan and its performance after the cyber attack Chain-of-custody process Information Security Policies and Procedures Organizational and legal protocols for incident handling 23

Reference Documents NASA Testimony Before Congress in February 2012 McAfee Threats Report Third Quarter 2012 OWASP Top 10 Report for 2013 HITRUST Guidance for Healthcare Organizations to Assess Cybersecurity Preparedness 24

Thank You! Q & A 25

Auditing After a Cyber Attack THANK YOU! Copyright Elevate Consult LLC. All Rights Reserved 26

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information