Dom Nessi Burns Engineering March 29, 2017 CYBERSECURITY TRENDS 2017 REPORT

Transcription

1 Dom Nessi Burns Engineering March 29, 2017 CYBERSECURITY TRENDS 2017 REPORT

2 TOPICS Recent Cybersecurity News Past Cybersecurity News Role of Cybersecurity Major Trends Featured Speakers Matthew Dahl, Manager-Global Threat Analysis & Legal Counsel CrowdStrike Baird McNaught, Aviation Cyber Initiative, U.S. Department of Homeland Security

3 RECENT CYBERSECURITY NEWS The CIA was hacked The hackers found the CIA s hacking tools and are now using them against the CIA to find additional hacking tools The CIA is using other hacking tools to hack the hackers The hackers, in turn, are now hacking the CIA s new hacking attempts

4 PAST CYBERSECURITY NEWS Over the past few years numerous major US companies and organizations have been hacked: Target, Staples and Home Depot Primera Blue Cross, Anthem and Community Health Systems Sony J.P Morgan Chase Bank and Agricultural Bank of China plus 98 other banks Federal Reserve Bank, FDIC, IRS and the U.S. Office of Personnel Management The U.S. Office of Personnel Management The U.S. Office of Personnel Management

5 THE ROLE OF CYBERSECURITY Cybersecurity is evolving from focusing on basics such as improving the perimeter network defense to the CIA Triad of: Protecting Confidentiality Ensuring Integrity Maintaining Availability

6 HOW DOES THIS IMPACT AIRPORTS TODAY? Look at the BIT Agenda and Topics Discussed Business Intelligence Passenger Facing Mobile Apps - ACRIS Internet of Things Expanded Biometrics for Passenger Processing Future Passenger Processing

7 HOW DOES THIS IMPACT AIRPORTS TODAY? Cybersecurity researchers have discovered a zero-day vulnerability that would enable attackers to gain access to many major antivirus software brands on the market today and use the software to hijack a user's computer. Researchers from Israel-based cybersecurity firm Cybellum have found that a 15-year-old legitimate feature of Windows called Microsoft Application Verifier that exists in every single version of the operating system can be exploited to enable hackers to inject malicious code into computers

8 HOW DOES THIS IMPACT AIRPORTS TODAY? Instead of trying to hide from antivirus software, the technique enables attackers to seize control of the antivirus and install malware that hijacks the user's machine to do pretty much anything the hacker wants, from installing backdoors to sending data out to the hacker's server or stealing and encrypting user data. malicious code into computers. The flaw affects all major antivirus products like Avast, AVG, Avira, Bitdefender, Comodo, ESET, F-Secure, Kaspersky, Malwarebytes, McAfee, Norton, Panda, Quick Heal and Trend Micro, as well as many other small brands.

9 MAJOR TRENDS 54% of cybersecurity professionals anticipate a successful cyberattack on their organization in the next 12 months 52% of organizations are increasing their security budget by an average of 21% Cloud infrastructure (33%) and cloud applications (28%) are the primary focus areas for new spending,, with training/education for staff (23%) and mobile device management (23%) tied for the third spot

10 THREE BIGGEST OBSTACLES TO STRONGER CYBERSECURITY Lack of skilled employees (45%) Lack of budget (45%) Lack of security awareness among employees (40%) Lack of collaboration between departments (32%)

11 THREE PRIORITY CAPABILITIES Threat Detection (62%) Increased analytical capabilities, including risk assessment (45%) Threat blocking (39%)

12 SECURITY CONCERNS ON MOBILITY Data leakage on BYOD (69%) Download of unsafe applications (64%) Introduction of malware into the IT infrastructure through mobile devices (63%)

13 INVESTMENT PRIORITIES Percent Train/Certify Existing Staff Deploy Third Party Solutions Partner with a Managed Services Provider Percent Hire Additional Security Personnel

14 CONFIDENCE IN SECURITY 62% Are moderately to not at all confident 31% Confidence 4% 7% 11% 47% Not Confident Slightly Confident Moderately Confident Confident Very Confident

15 ATTACK DISCOVERY Average time to discover a successful attack has occurred 200 days Average time attackers dwelled in the network 40 days

16 SECURITY PROGRAM EFFECTIVENESS 89% believe their program is less than effective 11 Rating Not Sure Very Ineffective Somewhat Ineffective Neither Effective or Ineffective Somewhat Effective Effective

17 MOST IMPORTANT STEP NOT TAKEN Security Governance Committee (83%) Risk Assessment/Vulnerability Analysis (79%) Management Awareness on Cybersecurity Issues (71%) Penetration Testing (61%) Patch management program (53%) Change management program (48%)

18 ACI ASSISTING AIRPORTS ACI Security Benchmarking Tool ACI Cybersecurity Fundamentals Training (for technical staff) Potentially starting in ACI-NA

19 GUEST SPEAKERS Matthew Dahl, Manager-Global Threat Analysis & Legal Counsel CrowdStrike Baird McNaught, Aviation Cyber Initiative, U.S. Department of Homeland Security