Educa&onal Event Spring 2015. Cyber Security - Implications for Records Managers Art Ehuan

Similar documents
GLOBAL FORENSIC AND DISPUTE SERVICES CYBER PROTECTION SPECIALISTS

Penetration Testing Services. Demonstrate Real-World Risk

Cybersecurity: Protecting Your Business. March 11, 2015

DATA BREACHES: WHEN COMPLIANCE IS NOT ENOUGH

Cyber Risks in the Boardroom

Presented by Evan Sylvester, CISSP

Data Security: Fight Insider Threats & Protect Your Sensitive Data

CYBER SECURITY AND RISK MANAGEMENT. An Executive level responsibility

PII Compliance Guidelines

A Database Security Management White Paper: Securing the Information Business Relies On. November 2004

Statement of Qualifications Cybercrime & data breach

WRITTEN TESTIMONY OF

Keynote: FBI Wednesday, February 4 noon 1:10 p.m.

San Francisco Chapter. Presented by Mike O. Villegas, CISA, CISSP

Brief. The BakerHostetler Data Security Incident Response Report 2015

Cybersecurity The role of Internal Audit

KASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES.

Data Security Incident Response Plan. [Insert Organization Name]

SOMEBODY'S WATCHING YOU! Maritime Cyber Security White Paper. Safeguarding data through increased awareness

Security and Privacy

Managing Privileged Identities in the Cloud. How Privileged Identity Management Evolved to a Service Platform

Information Technology Policy

Protecting What Matters Most. Terry Ray Chief Product Strategist Trending Technologies Session 11

TODAY S AGENDA. Trends/Victimology. Incident Response. Remediation. Disclosures

Cyber Security and the Board of Directors

Cyber security Building confidence in your digital future

Risky Business. Is Your Cybersecurity in Cruise Control? ISACA Austin Chapter Meeting May 5, 2015

Information Security and Risk Management

Build (develop) and document Acceptance Transition to production (installation) Operations and maintenance support (postinstallation)

The Importance of Privacy & Data Security in a Changing World

Who Drives Cybersecurity in Your Business? Milan Patel, K2 Intelligence. AIBA Quarterly Meeting September 10, 2015

Cyber Security An Exercise in Predicting the Future

For more information on SQL injection, please refer to the Visa Data Security Alert, SQL Injection Attacks, available at

How a Company s IT Systems Can Be Breached Despite Strict Security Protocols

MANAGING CYBER RISK IN THE SUPPLY CHAIN

Reducing Cyber Risk in Your Organization

MANAGING Cybersecurity Risk AND DISCLOSURE OBLIGATIONS

Information Security Addressing Your Advanced Threats

CIP Supply Chain Risk Management (RM ) Statement of Jacob S. Olcott Vice President, BitSight Technologies January 28, 2016

Case Study: Hiring a licensed Security Provider

The SQL Injection Threat & Recent Retail Breaches

Into the cybersecurity breach

2012 Data Breach Investigations Report

I ve been breached! Now what?

Critical Controls for Cyber Security.

External Supplier Control Requirements

September 20, 2013 Senior IT Examiner Gene Lilienthal

2010 Data Breach Investigations Report

Anatomy of a Breach: A case study in how to protect your organization. Presented By Greg Sparrow

Addressing the SANS Top 20 Critical Security Controls for Effective Cyber Defense

Data Privacy: The High Cost of Unprotected Sensitive Data 6 Step Data Privacy Protection Plan

Cybersecurity Framework Security Policy Mapping Table

WILLIAM OETTINGER PHONE (702)

InfoSec Academy Pen Testing & Hacking Track

NATIONAL CYBER SECURITY AWARENESS MONTH

Reducing the Cost and Complexity of Web Vulnerability Management

Cyber Resilience Implementing the Right Strategy. Grant Brown Security specialist,

Cyber Threat Intelligence Move to an intelligencedriven cybersecurity model

Preparing for a Cyber Attack PROTECT YOUR PEOPLE AND INFORMATION WITH SYMANTEC SECURITY SOLUTIONS

The data breach lifecycle: From prevention to response IAPP global privacy summit March 6, 2014 (4:30-5:30) Draft v

THE DIGITAL AGE THE DEFINITIVE CYBERSECURITY GUIDE FOR DIRECTORS AND OFFICERS

Agenda , Palo Alto Networks. Confidential and Proprietary.

5.5. Penetration Tests. Report of the Auditor General of the Ville de Montréal to the City Council and to the Urban Agglomeration Council

What s Lurking in Your Network & The Business Impact of Data Breaches. Colby Clark Director of Incident Management FishNet Security

Utica College. Information Security Plan

Cyber - Security and Investigations. Ingrid Beierly August 18, 2008

Everything You Wanted to Know about DISA STIGs but were Afraid to Ask

Cyber Security Threats: What s Next and How Do We Reduce the Risks?

INDUSTRY OVERVIEW: HEALTHCARE

Real World Healthcare Security Exposures. Brian Selfridge, Partner, Meditology Services

Data Loss Prevention Program

A Small Business Approach to Big Business Cyber Security. Brent Bettis, CISSP 23 September, 2014

Incident Response. Proactive Incident Management. Sean Curran Director

KEY STEPS FOLLOWING A DATA BREACH

HIPAA CRITICAL AREAS TECHNICAL SECURITY FOCUS FOR CLOUD DEPLOYMENT

Seven Things To Consider When Evaluating Privileged Account Security Solutions

Defensible Strategy To. Cyber Incident Response

Is your Organization SAFE?

WHAT EVERY CEO, CIO AND CFO NEEDS TO KNOW ABOUT CYBER SECURITY.

CYBERSECURITY HOT TOPICS

Best Practices in Incident Response. SF ISACA April 1 st Kieran Norton, Senior Manager Deloitte & Touch LLP

Chairman Johnson, Ranking Member Carper, and Members of the committee:

Standard: Information Security Incident Management

Cyber Security. John Leek Chief Strategist

Executive Summary Program Highlights for FY2009/2010 Mission Statement Authority State Law: University Policy:

HEALTH INSURANCE MARKETPLACES GENERALLY PROTECTED PERSONALLY IDENTIFIABLE INFORMATION BUT COULD IMPROVE CERTAIN INFORMATION SECURITY CONTROLS

INFORMATION SECURITY TESTING

SINGAPORE HEALTHCARE ENTERPRISE RISK MANAGEMENT CONGRESS Data Breach : The Emerging Threat to Healthcare Industry

Network Security: Policies and Guidelines for Effective Network Management

What is Management Responsible For?

The Cyber Attack and Hacking Epidemic A Legal and Business Survival Guide

Information Security Services

Iowa Health Information Network (IHIN) Security Incident Response Plan

PCI DSS Overview and Solutions. Anwar McEntee

RETHINKING CYBER SECURITY Changing the Business Conversation

Security Information Management (SIM)

Developing Secure Software in the Age of Advanced Persistent Threats

We believe successful global organisations can confront fraud, corruption and abuse PwC Finland Forensic Services

Cybersecurity Awareness. Part 1

Transcription:

Educa&onal Event Spring 2015 Cyber Security - Implications for Records Managers Art Ehuan

Risk to Corporate Information The protection of mission dependent intellectual property, or proprietary data critical to the ongoing operation of a company, should be of high interest to corporate executives.

Risk to Corporate Information PROTECTED HEALTH INFORMATION PERSONAL IDENTIFIABLE INFORMATION TM INTELLECTUAL PROPERTY & TRADE SECRETS COMPANY FINANCIAL RECORDS CORPORATE ENTITY SENSITIVE INTERNAL DOCUMENTS

Where Does Stolen Information Go?

Where Does Stolen Information Go?

Cyber Threat Actors (Past) Cyber threats in the past were more localized in nature. o Cyber crime in the past mostly involved unsophisticated attacks to deface websites of corporations and governments o Notoriety and bragging rights were the primary drivers for this malicious behavior o Minimal involvement of Organized Crime and Nation State actors

Cyber Threat Actors (Now) Corporations have a Myriad of Cyber Criminals to contend with o Hacker groups are interested in data for fraud purposes and sale to other criminals o Organized Crime groups are involved in enterprise level activity to target and steal any and all types of data o Nation-States cyber actors are increasingly targeting corporations for their information o Regardless of the size of the business, there are no organizations that are immune from cyber attack o The Cybercrime wave is here.

Cyber Threat Actors (Now)

How are Corporations Breached? Compromise of corporate information by intruders/insiders 30% of malicious breaches occur via SQL injection 28% of malicious breaches occur via targeted attacks 27% of malicious breaches occur via advanced malware Organizations that suffered malicious breaches credited a lack of in-house expertise as the main reason for failing to prevent breaches.

Priority for Securing the Corporation Identifying cyber threats to your company is crucial This should not be your company s breach notification process.

Priority for Securing the Corporation o To protect information, a corporation must know/ understand what data they manage or store, who is authorized to access the information, how it must be protected and how is must be disposed of when no longer required for business operations o Information classification provides the framework by which information can be categorized by criticality to the corporation and the controls to protect from unauthorized access or disclosure o Information classification should be implemented in a manner that is easy to understand and implement o If information is no longer required for business operations or regulatory/legal requirements, disposed of it

Priority for Securing the Corporation

Priority for Securing the Corporation o From the outside of your enterprise, it is assumed that security is effective until proven otherwise. o Our approach can be in full view of your staff to limit the potential for unexpected results. o A breach through testing is better than an unexpected one by adversaries.

Priority for Securing the Corporation Reconnaissance and Iden,fica,on Control Evalua,on Scanning and Discovery Post Exploita,on Exploita,on and Compromise Escala,on of Privileges

Priority for Securing the Corporation o Patch and configuration management is one of the most underappreciated facets of information security o Proper patch management can provide a significant reduction in a corporations risk profile by eliminating known vulnerabilities to the organization o A process driven configuration management should be established and adhered to in strict fashion to reduce risk

Priority for Securing the Corporation o Corporations that do not manage the Administrator / Root accounts within their environment are exposing their information to extensive risk of exploitation o Restricting the number and role of Administrator and Root accounts is critical o The first, second and third goal of each and every cyber attack is to acquire Root or Administrator access to systems o Root and Administrator access provide a malicious actor with the keys to the kingdom

Secure the Supplier/Vendor Chain o Suppliers and vendors that have access to the corporate network must be vetted for cyber security controls to ensure they can not be used to access your data without authorization o Require through contractual language that suppliers/vendors protect your data o Audit or access suppliers/vendors to verify that data is being protected o Only provide the access that is required for the supplier/vendor to provide services o ISO 27036 is the international standard for supplier relationships

Board and CEO Awareness 1. Who is ultimately responsible for Cyber Security in your organization? Is it buried in IT or at Board level? 2. Do you have a cyber security strategy that is aligned with your business strategy, and is it updated according to evolving needs? 3. Where and what are the most critical assets? How does management determine which assets are critical? 4. Do you have a documented, up to date and regularly tested incident response plan? How are you monitoring and reporting on cyber security incidents (24/7?) and how has the number of breeches changed over the last 18 months? Have any been disclosed to Regulators? 5. How much would a cyber security breach impact the organization, and can management demonstrate the rationale behind its assessment? 6. Does your internal Cyber Security leadership team, include expertise in HR, PR, Legal, Marketing/CRM and Risk in addition to IT? Have they and the Board been through a cyber Simulation Practice workshop? 7. Are you managing Cyber Risk on your corporate Risk Register and how has the threat level changed over the last 18 months? 8. Have you ever conducted a company-wide security awareness program? 9. Is cyber security covered in your contracts with third parties? How do you assess their level of preparation? 10. What measures have you introduced in the event of a breach of Payment Card Information (PCI), Personal Identifiable Information (PII) or Protected Health Information (PHI) and regulatory requirements to report.

o o Art Ehuan Art Ehuan is a Managing Director with Alvarez & Marsal's Global Forensic and Dispute Services in San Antonio, Texas. He is a strategic information security specialist with more than 20 years of experience working with U.S. and international clients and governments. Art Ehuan has extensive, high-profile industry and law enforcement experience in the field of information security. Mr. Ehuan has a specialization in nation-state strategic advisory services, including incident response, digital investigations, data protection and e-discovery, for corporate and government agencies, and provides domestic and global thought leadership on these topics. Mr. Ehuan also serves as a lecturer on cyber crime for the U.S. State Department, Diplomatic Security Service, Anti-Terrorism Assistance Program. o Mr. Ehuan has received industry credentials including: EnCase Certified Examiner (EnCE ), Certified Information Systems Security Professional (CISSP), Cisco Certified Network Professional (CCNP), Cisco Certified Design Professional (CCDP) and Certified Forensics Computer Examiner (CFCE). He also maintains the Information Assessment Methodology (IAM) credentials with the National Security Agency (NSA). o o Managing Director, Alvarez & Marsal aehuan@alvarezandmarsal.com +1 571 331 7763 Mr. Ehuan was previously an Adjunct Professor and Lecturer at George Washington University, Georgetown University and Duke University, where he taught courses on cyber crime, incident response, digital investigations and computer forensics. He is a contributing author of Techno- Security s Guide to E-Discovery and Digital Forensics from Elsevier Publishing. Mr. Ehuan earned a bachelor of arts degree from the University of California, Los Angeles. He graduated with a master of science in Management from Rensselaer Polytechnic Institute.

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information