Information Security for the Rest of Us



Similar documents
Network/Cyber Security

SECURITY 2.0 LUNCHEON

Check Point and Security Best Practices. December 2013 Presented by David Rawle

This session was presented by Jim Stickley of TraceSecurity on Wednesday, October 23 rd at the Cyber Security Summit.

Cyber Security. John Leek Chief Strategist

Breaking the Cyber Attack Lifecycle

Cyber Security An Exercise in Predicting the Future

What s Wrong with Information Security Today? You are looking in the wrong places for the wrong things.

Protecting What Matters Most. Terry Ray Chief Product Strategist Trending Technologies Session 11

Cyber- Attacks: The New Frontier for Fraudsters. Daniel Wanjohi, Technology Security Specialist

Universities and Schools Under Cyber-Attack: How to Protect Your Institution of Excellence

Information Security Addressing Your Advanced Threats

Client Security Risk Assessment Questionnaire

Real World Healthcare Security Exposures. Brian Selfridge, Partner, Meditology Services

Compliance. Review. Our Compliance Review is based on an in-depth analysis and evaluation of your organization's:

Perspectives on Cybersecurity in Healthcare June 2015

Addressing the SANS Top 20 Critical Security Controls for Effective Cyber Defense

Modern Cyber Threats. how yesterday s mind set gets in the way of securing tomorrow s critical infrastructure. Axel Wirth

NEXPOSE ENTERPRISE METASPLOIT PRO. Effective Vulnerability Management and validation. March 2015

Cyber Security and Information Assurance Controls Prevention and Reaction NOVEMBER 2013

Emerging Network Security Threats and what they mean for internal auditors. December 11, 2013 John Gagne, CISSP, CISA

Top Ten Technology Risks Facing Colleges and Universities

WHAT EVERY CEO, CIO AND CFO NEEDS TO KNOW ABOUT CYBER SECURITY.

Cybersecurity: An Innovative Approach to Advanced Persistent Threats

SECURITY. Risk & Compliance Services

Cyber Security Pr o t e c t i n g y o u r b a n k a g a i n s t d a t a b r e a c h e s

How Attackers are Targeting Your Mobile Devices. Wade Williamson

Sophistication of attacks will keep improving, especially APT and zero-day exploits

Network Security. Intertech Associates, Inc.

CYBERSECURITY: PROTECTING YOUR ORGANIZATION AGAINST CYBER ATTACKS. Viviana Campanaro CISSP Director, Security and Compliance July 14, 2015

Cyber Security, Fraud and Corporate Account Takeovers LBA Bank Counsel Conference December 2014

How To Protect Yourself From Cyber Threats

NATIONAL CYBER SECURITY AWARENESS MONTH

HIPAA Compliance Evaluation Report

SECURITY PLATFORM FOR HEALTHCARE PROVIDERS

State of South Carolina Policy Guidance and Training

Attachment A. Identification of Risks/Cybersecurity Governance

Making the difference between read to output, and read to copy GOING BEYOND BASIC FILE AUDITING FOR DATA PROTECTION

How To Protect Yourself From A Hacker Attack

Security Management. Keeping the IT Security Administrator Busy

Defending Against Data Beaches: Internal Controls for Cybersecurity

The Value of Vulnerability Management*

How to effectively respond to an information security incident

INSIGHTS CUPP COMPUTING MOBILE SECURITY MULTINATIONAL DECISIONMAKERS STUDY 2015

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

Applying the 80/20 approach for Operational Excellence. How to combat new age threats, optimize investments and increase security.

What IT Auditors Need to Know About Secure Shell. SSH Communications Security

10 Potential Risk Facing Your IT Department: Multi-layered Security & Network Protection. September 2011

Incident Response. Proactive Incident Management. Sean Curran Director

The Top Ten of Information Security - For 2015

Plan of Attack 5 Step Plan

How to Secure Your Environment

Device Hardening, Vulnerability Remediation and Mitigation for Security Compliance

The Onslaught of Cyber Security Threats and What that Means to You

Digital Pathways. Penetration Testing

FIRN Secure Internet Bundled Services:

BUILDING A SECURITY OPERATION CENTER (SOC) ACI-BIT Vancouver, BC. Los Angeles World Airports

John Essner, CISO Office of Information Technology State of New Jersey

Practical Steps To Securing Process Control Networks

Building The Human Firewall. Andy Sawyer, CISM, C CISO Director of Security Locke Lord

September 20, 2013 Senior IT Examiner Gene Lilienthal

Agenda , Palo Alto Networks. Confidential and Proprietary.

Cloud Assurance: Ensuring Security and Compliance for your IT Environment

PCI Compliance for Cloud Applications

Are you prepared to be next? Invensys Cyber Security

Lunch & Learn Series Subscribe!

Cybercrime myths, challenges and how to protect our business. Vladimir Kantchev Managing Partner Service Centrix

ensure prompt restart of critical applications and business activities in a timely manner following an emergency or disaster

Enterprise Desktop Management Security Strategy. Liz Cummings. July 16, Enterprise Desktop Management Security Strategy 1

Paul Vlissidis Group Technical Director NCC Group plc

UIT Security is responsible for developing security best practices, promoting security awareness, coordinating security issues, and conducting

CYBERSECURITY - STRATEGIES. What any company or enterprise must have in mind regarding cybersecurity.

Introduction. Jason Lawrence, MSISA, CISSP, CISA Manager, EY Advanced Security Center Atlanta, Georgia

How To Secure An Extended Enterprise

Password Management Evaluation Guide for Businesses

PCI Assessments 3.0 What Will the Future Bring? Matt Halbleib, SecurityMetrics

How we see malware introduced Phishing Targeted Phishing Water hole Download (software (+ free ), music, films, serialz)

INCIDENT RESPONSE CHECKLIST

Intelligent Security Design, Development and Acquisition

How-To Guide: Cyber Security. Content Provided by

The Evolution of Data Breaches

Anatomy of a Breach: A case study in how to protect your organization. Presented By Greg Sparrow

Chapter 1 The Principles of Auditing 1

Endpoint & Server Protection. Brent Biernat First Vice President Network Services May 13, 2014

SANS Top 20 Critical Controls for Effective Cyber Defense

Small Firm Focus: A Practical Approach to Cybersecurity Friday, May 29 9:00 a.m. 10:15 a.m.

US companies experience and attitudes towards security threats

2012 Data Breach Investigations Report

Hack Proofing Your Organization

CYBERSECURITY & EXPECTATIONS FOR INDEPENDENT GROCERS

Cyber Security. An Executive Imperative for Business Owners. 77 Westport Plaza, St. Louis, MO p f

The SMB Cyber Security Survival Guide

Simplifying Security & Compliance Innovating IT Managed Services. Data Security Threat Landscape and IT General Controls

Enterprise Cybersecurity: Building an Effective Defense

By: Gerald Gagne. Community Bank Auditors Group Cybersecurity What you need to do now. June 9, 2015

Cybersecurity. Are you prepared?

Chief Security Strategist Symantec Public Sector

Altius IT Policy Collection Compliance and Standards Matrix

Cyber Self Assessment

Top 20 Critical Security Controls

Transcription:

Secure Your Way Forward. AuditWest.com Information Security for the Rest of Us Practical Advice for Small Businesses Brian Morkert President and Chief Consultant 1

Introduction President Audit West IT Audit Security Assessment Incident Response & Forensics Consulting Services Director of Security Services GCSIT Solutions Managed Security Consulting Services Senior Consultant Parametrix, Inc. IT Project Management InfoSec Management Agenda Attack Lifecycle Types of Attacks Traditional AV and Firewalls Don t Work Testing What is Appropriate Security Awareness Training Managed Services and Outsourcing Incident Response 2

The Value of Information CC Information Banking Information ACH Fraud Personal Information Identity Theft Account Hijacking Credentials Extortion Ransomware Account Hijacking Industrial Espionage Attack Lifecycle Source: https://en.wikipedia.org/wiki/advanced_persistent_threat 3

Attack Lifecycle Deployment to exfiltration can happen in minutes Most businesses never detect attacks Assume compromise 243 Median number of days a breach is active before detection. Some as long as 5 years. Threat Actor Tactics Watering Hole Attacks Social Engineering / Phishing 3 rd party vendors (Target) Zero Day Malware Exploit Kits Stolen Equipment Stolen Credentials Insider Ransomware 4

Threat Actor Tactics Threat Actor Tactics 5

Threat Actor Tactics Threat Actor Tactics 6

Light Beam Demo Data Breach An incident in which sensitive, protected or confidential data has potentially been viewed, stolen or used by an individual unauthorized to do so. 7

Security Incident An event that impacts the Confidentiality, Integrity, or Availability of an information resource or asset. Incident Identification Identified by CC Provider (CPP) 3 rd Party Monitoring NextGen Firewall Appliances NetFlow Data Suspicious Activity Malware 8

Why Traditional A/V Doesn t Work Anti virus is dead. Brian Dye, VP of Information Security, Symantec Corporation in an interview with the Wall Street Journal, May 4, 2014 Why Traditional A/V Doesn t Work Signature based (Hashes) Requires knowledge of malware Signatures need to be distributed Over 90,000 new pieces of malware daily Impossible to keep up 30 40% effective Still needed 9

Why Traditional Firewalls Don t Work Traditional filtering technology No application awareness / visibility Inability to extend architecture to mobile devices Signature based for IDS/AV No application level granularity InfoSec for SMBs Know your assets Bad things happen Train your personnel Deploy the fundamentals Control access Trust but Verify Strategize on BYOD Have and enforce policies 10

Watch Your Assets! Know where your critical systems and information are. Workstations? Servers? Cloud? Backups? Mobile Devices? Storage Arrays? Bad Things Happen Be prepared Have good backups Test them regularly Have a recovery strategy (i.e. where) Maintain offline backups (CryptoWall) Document restoration procedures Consider leveraging cloud tech 243 Median number of days attackers on network before detection. 11

Train Staff Security awareness training Conduct phishing tests regularly SMBs are a huge target Cloud based services provide this. Deploy the Basics NextGen Firewalls (Palo Alto, Cisco, Juniper, Sonicwall, etc.) Wireless Security Anti Malware on endpoints and servers Be rigorous about patching OS and application (Flash, Java, etc.) If short staffed, outsource Consider compliance requirements (PCI, HIPAA, FISMA, NIST, GLBA, etc.) 12

Control Access Be granular about who has access to what, and when. Monitor for violation attempts Strict control on administrative accounts Require periodic password changes Remote users? Two factor authentication? Consider outsourcing Trust but Verify Conduct background checks Read vendor contracts If sharing customer data with another vendor, perform due diligence on controls 13

Strategize on BYOD Policies Wiping capability Access requirements Enforcement Policies Acceptable Use Policy (AUP) Data Destruction Remote Access 3 rd Party Access Physical Security 14

Anti malware Consider Outsourcing AV software needs to be monitored Backup and recovery If you don t have the internal resources to manage Security / firewall monitoring 24x7 capability Testing What is Appropriate? Penetration Testing Can my network be breached? Does not identify all attack vectors Can be expensive Normally for testing well founded security program Vulnerability Assessment Involves more scanning Less costly / more efficient Identifies most / all potential attack vectors 15

Possible Breach? Now What? Have a team Have a plan Document EVERYTHING! Crime scene photos Secure premises and stop loss Work with service providers / regulators Notify affected customers if appropriate Don t destroy evidence 2015 Breach Statistics 159 Breaches made public 153m records All types of organizations All types of tactics Compared to 297/68m for 2014 16

There are two types of companies: those who have been hacked, and those who don t yet know they have been hacked. John Chambers Chief Executive Officer of Cisco Q&A Brian Morkert 360 265 0421 bmorkert@auditwest.com @bmorkert 17

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information