Data Breaches and Credential Theft: A Discussion on Preventative Measures



Similar documents
Protecting Your Organisation from Targeted Cyber Intrusion

Network/Cyber Security

Penetration Testing. I.T. Security Specialists. Penetration Testing 1

Contents. Identity Assurance (Scott Rea Dartmouth College) IdM Workshop, Brisbane Australia, August 19, 2008

What s Wrong with Information Security Today? You are looking in the wrong places for the wrong things.

PCI DSS 3.0 : THE CHANGES AND HOW THEY WILL EFFECT YOUR BUSINESS

Seven Strategies to Defend ICSs

Real World Healthcare Security Exposures. Brian Selfridge, Partner, Meditology Services

Multi-factor authentication

BYOD. Bring Your Own Device - Mobile Device Management.

Securing Remote Vendor Access with Privileged Account Security

Locking down a Hitachi ID Suite server

PREVENTING ZERO-DAY ATTACKS IN MOBILE DEVICES

ICT OPERATING SYSTEM SECURITY CONTROLS POLICY

The Sophisticated Attack Myth: Hiding Unsophisticated Security Programs: The Irari Rules of Classifying Sophisticated Attacks

Securing Corporate Data and Making Life Easier for the IT Admin Benefits of Pre Boot Network Authentication Technology

KEY STEPS FOLLOWING A DATA BREACH

Presentation for : The New England Board of Higher Education. Hot Topics in IT Security and Data Privacy

Preparing for a Cyber Attack PROTECT YOUR PEOPLE AND INFORMATION WITH SYMANTEC SECURITY SOLUTIONS

Modern two-factor authentication: Easy. Affordable. Secure.

Perspectives on Cybersecurity in Healthcare June 2015

Why The Security You Bought Yesterday, Won t Save You Today

Best Practices for DanPac Express Cyber Security

PDSA Special Report. Is your Company s Security at Risk

MCTS Guide to Microsoft Windows 7. Chapter 7 Windows 7 Security Features

Securing and Monitoring Access to Office 365

Universities and Schools Under Cyber-Attack: How to Protect Your Institution of Excellence

Everything You Wanted to Know about DISA STIGs but were Afraid to Ask

I ve been breached! Now what?

Host/Platform Security. Module 11

CYBER ATTACKS CASHING IN ON RETAILERS: A WEBINAR ON CYBERSECURITY

Teradata and Protegrity High-Value Protection for High-Value Data

1. For each of the 25 questions, multiply each question response risk value (1-5) by the number of times it was chosen by the survey takers.

Network Assessment. Prepared For: Prospect Or Customer Prepared By: Your Company Name

HP Security Solutions for Microsoft

IT Security Risks & Trends

HIPAA Security Alert

How we see malware introduced Phishing Targeted Phishing Water hole Download (software (+ free ), music, films, serialz)

IDENTITY & ACCESS. Privileged Identity Management. controlling access without compromising convenience

Pass-the-Hash. Solution Brief

IBM Security re-defines enterprise endpoint protection against advanced malware

Presented by: Mike Morris and Jim Rumph

The True Story of Data-At-Rest Encryption & the Cloud

Privileged. Account Management. Accounts Discovery, Password Protection & Management. Overview. Privileged. Accounts Discovery

Malware, Phishing, and Cybercrime Dangerous Threats Facing the SMB State of Cybercrime

Intelligent Security Design, Development and Acquisition

The Cloud App Visibility Blindspot

THE OPEN UNIVERSITY OF TANZANIA

Symantec Mobile Security

Hands on, field experiences with BYOD. BYOD Seminar

2015 Vulnerability Statistics Report

CYBERSECURITY BEST PRACTICES FOR SMALL AND MEDIUM PENNSYLVANIA UTILITIES

Cyber Security and Critical Information Infrastructure

Under the Hood of the IBM Threat Protection System

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

Protecting Sensitive Data Reducing Risk with Oracle Database Security

Guide to Vulnerability Management for Small Companies

Better secure IT equipment and systems

How Do Threat Actors Move Deeper Into Your Network?

DATA SECURITY HACKS, HIPAA AND HUMAN RISKS

User Authentication in the Enterprise Network

Bring Your Own Device (BYOD) and Mobile Device Management. tekniqueit.com

New Systems and Services Security Guidance

Bring Your Own Device (BYOD) and Mobile Device Management.

Software Token Security & Provisioning: Innovation Galore!

Defending against modern threats Kruger National Park ICCWS 2015

PROTECT YOUR WORLD. Identity Management Solutions and Services

Cyber Security. Securing Your Mobile and Online Banking Transactions

Average annual cost of security incidents

Additional Security Considerations and Controls for Virtual Private Networks

Information Security

THREE KEYS TO COST-EFFECTIVE SECURITY FOR YOUR SMALL BUSINESS

ENDPOINT SECURITY WHITE PAPER. Endpoint Security and Advanced Persistent Threats

Choose Your Own Device (CYOD) and Mobile Device Management. gsolutionz.com

IT Resource Management vs. User Empowerment

Cybersecurity Policies and Best Practices: Protecting small firms, large firms, and professional services from malware and other cyber-threats

SECURING YOUR SMALL BUSINESS. Principles of information security and risk management

Top 10 Tips to Keep Your Small Business Safe

Data Protection Act Bring your own device (BYOD)

Data Security for the Hospitality

Defending Against Cyber Attacks with SessionLevel Network Security

Transcription:

Data Breaches and Credential Theft: A Discussion on Preventative Measures Shawn McCabe, MCSE Michael Baker, CISSP The market leader in digital identity management.

Recent Attacks in the News Sony Pictures Entertainment (SPE) Initial infiltration was via a spear-phishing attack, exploration of network, theft of high-value credentials and finally, deployment of malware across the SPE utilizing compromised high-value creds. Target Initial infiltration was via a spear-phishing attack on Target subcontractor, malware was leveraged to parlay subcontractor s access credentials in to admin level access in to Target s network and payment processing systems. Carbanak Initial infiltration via spear-phishing attack, malware leveraged to compromise administrative credentials and learn banking procedures.

Attack Vectors/Exploits/Techniques Social Engineering Browser Exploits & Back Doors - Document/Application (Office, PDF) Remote Code Execution Weak and Stolen Creds/Credential Stuffing/ Authentication-based attacks

What Can You Do Now? People are overwhelmed to the point where inaction or doing nothing is as common as doing something. You have to start somewhere; start tomorrow! (For example, implement a policy where administrators are required to use a separate account for administrative functions).

Prevention You Can Implement Now Harden soft points that attackers look for (risk elimination) Patching Use DISA STIGS as guidelines (http://www.stigviewer.com/) Privileged Account Management and separation of duty (risk mitigation) Compartmentalized so that a compromise can be contained Accounting for employee risk (often not malicious often negligence or ignorance) Don t count on users to help you with security! Authn/Authz done with digital identity to get into key programs Prevent attacks coming through email Patching! Antivirus Disable attachments (require attachments be uploaded through a secure portal) Require email signing for internal email The average users are not [fluent in security]. They might be fluent in spreadsheets, or ebay, or sending stupid jokes over e-mail; but they re not technologists, let alone security people. -Bruce Schneier, 2006

Prevention You Can Implement Now Smart Cards For Admins - enforced for server logons For everyone? Smart Cards can be virtual!! (Smart cards advantage: no more calls to the help desk to reset passwords) Administrative password management (Just In Time access/pam/step-up access) Accounts are enabled for a certain window - password reassigned and given to a specific user, etc Require this process be secured with MFA User Education Frequent friendly reminders about social engineering, or blindly opening attachments, or temporarily giving your password to Joe in marketing. Make an effort to keep it fun and informational. Encourage secure thinking instead of resentment or boredom.

Implementing Longer-term Solutions IdM Many vendors are willing to sell you a solution for this Be aware of the need to customize most IdM solutions Some features of technology you may already own are making it easier to implement things like privileged access management as part of IdM

Implementing Longer-term Solutions Digital Identity There is overhead to managing a digital identity infrastructure A certain level of expertise required to stand it up and keep it running 80% planning - 20% implementation A well-defined PKI can help your risk/audit story, and support to HIPPA/PCI/SOX requirements Implementing Digital Identity Do it yourself? Engage a specialty company to set it up for you Have it provided to you as a managed service Enterprise? IOT? Management software It should: Make your job easer enable certificate lifecycle

About / How to Contact CSS About CSS CSS is an information and security services and software company headquartered in Cleveland, OH with operations throughout North America and resellers in the EU, Southeast Asia and Australia. Contact CSS For more information about the Certificate Management System (CMS), please contact software@css-security.com, call 877.715.5448, or visit www.csssecurity.com/cms. Michael Baker Director, Enterprise Services Western Region michael.baker@css-security.com 216-785-2976 Shawn McCabe Solution Architect shawn.mccabe@css-security.com 216-785-2321

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information