LAB2 R12: Optimize Your Supply Chain Cyber Security
|
|
- Cornelius Shelton
- 6 years ago
- Views:
Transcription
1 LAB2 R12: Optimize Your Supply Chain Cyber Security Post Conference Summary Allan Thomson Jamison M. Day, Ph.D.
2 Table of Contents INTRODUCTION... 3 SUPPLY CHAIN CYBER SECURITY TRENDS... 4 Outsourcing Increases Threat Surface Area... 4 Increase in Use of Supply Chain Partner Threat Vector... 4 Scarce Resources for Internal Detection and Defense... 4 Recently Publicized Supply Chain Cyber Incidents... 5 CYBER SECURITY IN SUPPLIER SELECTION EFFORTS... 6 Supplier Selection: Cyber Security Best Practices... 6 Vendor & Service Provider Contracts: Cyber Security Best Practices... 6 SUPPLY CHAIN CYBER STRATEGY MATRIX 4 QUADRANTS... 7 Recommended Threat Management Activities for All Quadrants... 8 Quadrant I Maturity & Access... 9 Quadrant II Maturity & Access... 9 Quadrant III Maturity & Access... 9 Quadrant IV Maturity & Access... 9 METRICS FOR SUPPLY CHAIN CYBER SECURITY
3 Introduction Thank you for spending some of your valuable time at RSA Conference 2017 attending our Learning Lab, Optimize Your Supply Chain Cyber Security. There were so many great sessions, and your participation in our Lab means a lot to us. We hope you found it as engaging and educational as we did, and that your Lab interactions provided some valuable ideas to take back to your organization. This summary is designed to recap the concepts we discussed together during the Learning Lab. The issues relating supply chain management and cyber security are complex and varied, and two hours was barely enough time to scratch the surface. We both felt that many people contributed key insights that will help mature cyber security awareness and overall enterprise security posture vis à vis supply chain partners. Both of us were glad to see such enthusiastic and insightful participation from this Lab s participants. If you have any follow up questions on our lab please feel free to contact us directly. Thank you. Allan Thomson Jamison M. Day, Ph.D. 3
4 Supply Chain Cyber Security Trends Outsourcing Increases Threat Surface Area Supports focus on core competencies Extends information system endpoints beyond organization cyber defense perimeter Hackers are increasingly exploiting this Increase in Use of Supply Chain Partner Threat Vector Up 22% from 2014 to 2015 o ( security/information security survey.html) 80% of breaches originate in supply chain o ( growing need to manage third party and vendor risk/) Scarce Resources for Internal Detection and Defense 79% of U.S. companies lack the tools & resources for effective internal cyber security o ( ponemon executive study) Monitoring the extended information supply chain presents an even greater burden Efficient allocation of cyber security resources often requires triage decisions 4
5 Recently Publicized Supply Chain Cyber Incidents COGENT HEALTHCARE BREACH (2013) ( mistake causes data breach/) Transcription provider stored notes on a website Failure to activate a firewall left patients personal information exposed AT&T BREACH (2014) ( security/att breach by vendor awakens new insider threat concerns.html) Employees at a service provider violated privacy & security guidelines Accessed accounts to obtain codes that unlock phones for sale in other markets GOODWILL BREACH (2014) ( at goodwill vendor lasted 18 months/) Retail POS vendor compromised by malicious hackers Installation of infostealer.rawpos malware (undetectable til Sep 5, 2014) Affected more than 330 Goodwill locations for over 18 months Allowed theft of customer credit card information TARGET BREACH (2013) ( target corp days after 2013 breach/) External defenses were found to be robust at detecting and blocking attacks Heating & Air Conditioning provider compromised by malware (via ) Target VPN credentials obtained Poor network segmentation allowed access to every POS registers in every store Password policies not being enforced/followed Default passwords in some internal systems Services/systems missing critical security patches Vulnerability scanning program in place, but no or slow remediation was taken U.S. OFFICE OF PERSONNEL MANAGEMENT (2014) ( up on the opm breach/ & report slams opm on data breach/) Background check providers hacked by Chinese; credentials used to access OPM Exploited enterprise management software vulnerability Loaded keystroke logging malware on workstations of database administrators Exfiltration included: background investigation, personnel, fingerprint OPM lacked: o Comprehensive cyber asset inventory o Vulnerability scanning program o Multi factor authentication o Visibility on network traffic 5
6 Cyber Security in Supplier Selection Efforts Supplier Selection: Cyber Security Best Practices CYBER ASSET INVENTORY Obtain a list of IPs, CIDRs, ASNs, etc. being used by the company. If they do not know what assets need protection, they are unlikely to be very secure. CYBER SECURITY CERTIFICATIONS Review any certification documentation to assess cyber security assurance practices o ISO o Cyber Essentials o PCI Compliance (where applicable) 3 RD PARTY RISK ASSESSMENT Examine company practices for o Security patches o Spam & malicious o Employee cyber security training o Access control permissions o Intrusion detection o Equipment (clear chain of custody / firmware validation) o Network architecture o Brand security PENETRATION TESTING Have a 3 rd party perform a penetration test. Examine corrective actions taken from previous tests and after presenting the results of the current test. THREAT INTELLIGENCE RESEARCH Analyze available intel from o Threat Intelligence Feeds o Vulnerability scans (e.g. Nessus) o Domain reputation monitoring o Content in social media, dark web, forums, chat channels, Pastebin, etc. BUILD CYBER SECURITY TEAM RELATIONSHIP Initiate direct communication between your cyber security teams to assess threat management maturity. Vendor & Service Provider Contracts: Cyber Security Best Practices Consider requiring: o Cyber security insurance o Rapid notification of any breach o Collaboration in cyber defense activities 6
7 Supply Chain Cyber Strategy Matrix 4 Quadrants Each of your supply chain partners is different; some require access to sensitive systems or data while others don t, and some have strong approaches to managing cyber security while others struggle. The following matrix provides a generalized framework for allocating your cyber security resources among a diverse range of supply chain partners. Our session also discussed the importance of supply chain partner criticality. That is, the importance of and/or the lack of alternatives to a supply chain partner. In these cases, it may be important to elevate the level of threat management effort. 7
8 Recommended Threat Management Activities for All Quadrants For every partner, regardless of what quadrant they are in, your company should employ automated and passive defense solutions (which do not require continuous activity to keep in place) whenever possible to reduce the manual effort required from your cyber security team. UNIQUE VPN KEYS SEGMENTED DMZS Since every partner is a potential attack vector, be sure to use segmented demilitarized zones (DMZs) and unique VPN keys for each partner. Not only does this allow for more tailored management across a variety of attack surfaces, but it appropriately quarantines any critical threat arising from another organization without affecting others ability to interact with your company. Deliberating for days or weeks on how to deal with a threat after learning about one gives attackers time to gain a greater foothold into your networks and/or exfiltrate more information. Therefore, determine in advance what situations justify cutting off vendor access, and set up the processes for doing so. FIREWALLS ANTI MALWARE ANTI VIRUS INTRUSION DETECTION SYSTEMS INTRUSION PREVENTION SYSTEMS ADVANCED AUTHENTICATION The proper use of firewalls, anti malware, anti virus, intrusion detection systems, intrusion prevention systems, and multi factor authentication require little on going effort and provide a significant increase in security. 3 RD PARTY THREAT MONITORING The cyber asset inventory obtained during supplier selection should provide a list of IP ranges and domain names that can be monitored with alerts. As threat intelligence feeds report significant indicators of compromise associated with those addresses, your cyber security team can contact the affected partner to ask them how they are responding to the security vulnerability and therefore your own and how they are going to address the issue and make improvements. 8
9 Quadrant I Maturity & Access Risk: est Actions: o Assess more often than contract renewal o Ensure sound cyber security practices are maintained Relationship: o Preferably establish direct ties between security operations center teams (if willing) o Otherwise, via ISAC/ISAO Quadrant II Maturity & Access Risk: Moderate Actions o Regular sharing of suspicious activity, IOCs, threat intel o Engage for response and remediation o Joint red team and penetration testing efforts Relationship o Most valuable supply chain cyber security allies o Strong regular connection between security operations center teams o Leverage cooperation and collaboration whenever possible Quadrant III Maturity & Access Risk: Moderate Actions o Regular vulnerability scans (e.g. Nessus) o Monitor access and use Relationship o Communicate when unsafe practices are identified o Encourage awareness of the need for cyber security Quadrant IV Maturity & Access Risk: est Actions o Enforce stringent access policies o Remain alert for indications of unauthorized activity o Employ active defense techniques (network activity monitoring, behavioral analysis, APT defense) o Pre define policies and procedures for quickly severing access Relationship o Ensure your cyber security team is involved in vendor performance reviews o Regularly update your understanding of threat risk & weigh it against value obtained from the vendor 9
10 Metrics for Supply Chain Cyber Security Unfortunately, coordinating supply chain management and cyber security management is often difficult and traditional organizational incentive structures are not helping. Supply chain organizations typically evaluate performance based on total cost savings while the value of cyber security efforts is seldom understood until there is an incident. However, as information related supply chain interactions continue to expand the surface area subject cyber threat beyond controlled organizational boundaries, this coordination is increasingly important. Our discussion suggested that developing valuation metrics for cyber security that can inform total cost of ownership (TCO) may provide the missing link for incentivizing inter departmental activities that enhance supply chain cyber security. Even simple estimates of expected value (likelihood * estimated impact) could provide a useful starting point for evolving the relationship as well as a better understanding of the return on investment from cyber security efforts. 10
11 SESSION ID: LAB2-R12 Optimize Your Supply Chain Cyber Security Jamison M. Day, Ph.D. Principal Data Scientist LookingGlass Cyber Allan Thomson CTO LookingGlass Cyber
12 Chatham House Rules Participants are free to use the information received, but neither the identity nor the affiliation of the speaker(s), nor that of any other participant, may be revealed.
13 In Supply Chains, Success & Security are Interdependent Outsourcing and strategic partnerships allow your organization to focus on improving its core competencies As others provide supporting functions necessary to your business, you extend information system endpoints outside your own defense perimeter Hackers not only know this, they are exploiting it!
14 Important Breach Trends Up to 80% of Breaches now Originate in the Supply Chain Howarth, Fran. The Growing Need to Manage Third Party and Vendor Risk. RSA Blog on Mar 31, Cyber Incidents Involving Business Partners Up 22% 2014 to 2015 PWC: 2017 Global State of Information Security
15 Recent Vendor-Originating Cyber Incidents
16 DISCUSSION: Your Nightmare Scenarios Summarize your top three (3) supply chain cyber incident nightmare scenarios Consider financial performance Brand reputation customer loyalty Estimate your organization s expected financial loss from each scenario
17 Streamlining Your Supply Chain Cyber Security Monitoring your extended supply chain s information systems is an additional burden 79% of U.S. companies lack the resources & tools for internal detection and defense Ponemon Institute 2016 External Threats Report For efficient allocation of cyber security resources, triage effort based on partners Access to sensitive systems/data Cyber security maturity
18 Contracts Don t Guarantee Cyber Security Each new supply chain partner increases your organization s attack surface area Integrating cyber security into your supply contracts does not make you safe! Each day presents new opportunities for threat actors Cyber security teams must efficiently allocate limited resources
19 Cyber Security in Supplier Selection Practices Cyber Asset Inventory Cyber Security Certifications ISO Cyber Essentials PCI compliance (where applicable) 3 rd Party Risk Assessment - Examine Practices for: Security patches Spam & malicious Employee cyber security training Access control permissions Intrusion detection Equipment Network architecture Brand security 3 rd Party Penetration Testing Examine corrective actions taken Threat Intelligence Research Threat intelligence feeds Vulnerability scans (e.g. Nessus) Domain reputation monitoring Content in online channels Forums, Pastebin, dark web, social media, etc. Build relationship with supplier s cyber security team Contractually require cyber security insurance, rapid notification of any breach, and collaboration in cyber defense activities
20 Discussion: Supply Chain Partner Cyber Security Evaluation What steps does your company take to evaluate the cyber risk associated with candidate supply chain partners? How and when is your cyber security team made aware of new supply chain partners? How might you alter the supplier selection practices at your organization to enhance its cyber security?
21 Cyber Maturity / Trust in Partner LookingGlass Supply Chain Cyber Strategy Matrix I. Periodic Assessment II. Collaborative Encourage All Partners Towards Cyber Maturity III. Continuous Monitoring IV. 3 rd Party Integrated Outsourcing Drives Greater Need for Access Partner Access / Impact to Company Systems / Data
22 Maturity Exercise: Supply Chain Partner Classification Identify several of your organization s supply chain partners Categorize each of them into one of the four quadrants Try to identify at least three within each quadrant I. Periodic Assessment III. Continuous Monitoring Access II. Collaborative IV. 3 rd Party Discuss the characteristics of at least 4 different partners and why you feel they should be categorized in the quadrant you placed them in.
23 Actions for All Quadrants (I, II, III, IV) Automated & Passive Defense Solutions Unique VPN keys & segmented DMZs for each partner Allows tailored management & provides rapid quarantine capability Firewalls Anti-malware Anti-virus Advanced authentication Intrusion detection systems Intrusion prevention systems Advanced authentication 3 rd party threat monitoring Great way to encourage cyber maturity Rate and discuss your organization s maturity in applying each of these cyber security solutions Does your organization use any other supply chain cyber defense solutions for securing itself from all partners? What steps could your organization take to enhance its ability to use all of these solutions?
24 Maturity Quadrant I: Periodic Assessment Maturity & Access I. Periodic Assessment II. Collaborative For your supply chain partners in Quadrant I III. Continuous Monitoring Access IV. 3 rd Party How does your organization ensure supply chain cyber security with these partners? What kind of cyber security-focused relationships do you maintain with these partners? What steps could your organization take to improve supply chain cyber security with these partners?
25 Maturity Periodic Assessment Profile Risk: est I. Periodic Assessment II. Collaborative Actions: Assess more often than contract renewal Ensure sound cyber security practices are maintained III. Continuous Monitoring Access IV. 3 rd Party Relationship: Preferably establish direct ties between security operations center teams (if willing) Otherwise, via ISAC/ISAO
26 Maturity Quadrant II: Collaborative Maturity & Access I. Periodic Assessment II. Collaborative For your supply chain partners in Quadrant II III. Continuous Monitoring Access IV. 3 rd Party How does your organization ensure supply chain cyber security with these partners? What kind of cyber security-focused relationships do you maintain with these partners? What steps could your organization take to improve supply chain cyber security with these partners?
27 Maturity Collaborative Profile Risk: Moderate I. Periodic Assessment II. Collaborative Actions Regular sharing of suspicious activity, IOCs, threat intel Engage for response and remediation Joint red-team and penetration testing efforts III. Continuous Monitoring Access IV. 3 rd Party Relationship Most valuable supply chain cyber security allies Strong regular connection between security operations center teams Leverage cooperation and collaboration whenever possible
28 Maturity Quadrant III: Continuous Monitoring Maturity & Access I. Periodic Assessment II. Collaborative For your supply chain partners in Quadrant III III. Continuous Monitoring Access IV. 3 rd Party How does your organization ensure supply chain cyber security with these partners? What kind of cyber security-focused relationships do you maintain with these partners? What steps could your organization take to improve supply chain cyber security with these partners?
29 Maturity Continuous Monitoring Profile Risk: Moderate I. Periodic Assessment II. Collaborative Actions Regular vulnerability scans (e.g. Nessus) Monitor access and use III. Continuous Monitoring Access IV. 3 rd Party Relationship Communicate when unsafe practices are identified Encourage awareness of the need for cyber security
30 Maturity Quadrant IV: 3 rd Party Maturity & Access I. Periodic Assessment II. Collaborative For your supply chain partners in Quadrant IV III. Continuous Monitoring Access IV. 3 rd Party How does your organization ensure supply chain cyber security with these partners? What kind of cyber security-focused relationships do you maintain with these partners? What steps could your organization take to improve supply chain cyber security with these partners?
31 Maturity 3 rd Party Profile Risk: est I. Periodic Assessment II. Collaborative Actions Enforce stringent access policies Remain alert for indications of unauthorized activity Employ active defense techniques (network activity monitoring, behavioral analysis, APT defense) Pre-define policies and procedures for quickly severing access III. Continuous Monitoring Access IV. 3 rd Party Relationship Ensure your cyber security team is involved in vendor performance reviews Regularly update your understanding of threat risk & weigh it against value obtained from the vendor
32 Exercise: Supply Chain Cyber Security Metrics How does your company measure the value of supply chain cyber security? How might your company improve these metrics? Review your list of potential organization improvements Which of these are most likey and least likely to provide a good return on investment?
33 Discussion: Conclusions What were the most valuable insights that surfaced during this session? How do you hope to change the supply chain and cyber security practices in your organization?
34 Apply What actions will you take within the next 3 weeks? What actions will you take within the next 3 months?
35 Go Ahead Connect Your Organization. SAFELY!!!
Combating Cyber Risk in the Supply Chain
SESSION ID: CIN-W10 Combating Cyber Risk in the Supply Chain Ashok Sankar Senior Director Cyber Strategy Raytheon Websense @ashoksankar Introduction The velocity of data breaches is accelerating at an
More informationISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002
ISO 27002 COMPLIANCE GUIDE How Rapid7 Can Help You Achieve Compliance with ISO 27002 A CONTENTS Introduction 2 Detailed Controls Mapping 3 About Rapid7 8 rapid7.com ISO 27002 Compliance Guide 1 INTRODUCTION
More informationService. Sentry Cyber Security Gain protection against sophisticated and persistent security threats through our layered cyber defense solution
Service SM Sentry Cyber Security Gain protection against sophisticated and persistent security threats through our layered cyber defense solution Product Protecting sensitive data is critical to being
More informationCyber Resilience - Protecting your Business 1
Cyber Resilience - Protecting your Business 1 2 Cyber Resilience - Protecting your Business Cyber Resilience - Protecting your Business 1 2 Cyber Resilience - Protecting your Business Cyber Resilience
More informationExternal Supplier Control Obligations. Cyber Security
External Supplier Control Obligations Cyber Security Control Title Control Description Why this is important 1. Cyber Security Governance The Supplier must have cyber risk governance processes in place
More informationHow to Optimize Cyber Defenses through Risk-Based Governance. Steven Minsky CEO of LogicManager & Author of the RIMS Risk Maturity Model
How to Optimize Cyber Defenses through Risk-Based Governance Steven Minsky CEO of LogicManager & Author of the RIMS Risk Maturity Model The Goal: Risk-Based Operationalization Incident Management IT/IS
More informationalign security instill confidence
align security instill confidence cyber security Securing data has become a top priority across all industries. High-profile data breaches and the proliferation of advanced persistent threats have changed
More informationBEYOND CJIS: ENHANCED SECURITY, NOT JUST COMPLIANCE
BEYOND CJIS: ENHANCED SECURITY, NOT JUST COMPLIANCE PROTECT LIFE. PROTECT TRUTH. 1 OVERVIEW Because digital evidence files are among a police agency s most sensitive assets, security is in many ways the
More informationDesigning and Building a Cybersecurity Program
Designing and Building a Cybersecurity Program Based on the NIST Cybersecurity Framework (CSF) Larry Wilson lwilson@umassp.edu ISACA Breakfast Meeting January, 2016 Designing & Building a Cybersecurity
More informationCCISO Blueprint v1. EC-Council
CCISO Blueprint v1 EC-Council Categories Topics Covered Weightage 1. Governance (Policy, Legal, & Compliance) & Risk Management 1.1 Define, implement, manage and maintain an information security governance
More informationTechnology Risk Management in Banking Industry. Rocky Cheng General Manager, Information Technology, Bank of China (Hong Kong) Limited
Technology Risk Management in Banking Industry Rocky Cheng General Manager, Information Technology, Bank of China (Hong Kong) Limited Change in Threat Landscape 2 Problem & Threats faced by Banking Industry
More informationEBOOK 4 TIPS FOR STRENGTHENING THE SECURITY OF YOUR VPN ACCESS
EBOOK 4 TIPS FOR STRENGTHENING THE SECURITY OF YOUR VPN ACCESS HOW SECURE IS YOUR VPN ACCESS? Remote access gateways such as VPNs and firewalls provide critical anywhere-anytime connections to the networks
More informationSage Data Security Services Directory
Sage Data Security Services Directory PROTECTING INFORMATION ASSETS ENSURING REGULATORY COMPLIANCE FIGHTING CYBERCRIME Discover the Sage Difference Protecting your business from cyber attacks is a full-time
More informationCloudSOC and Security.cloud for Microsoft Office 365
Solution Brief CloudSOC and Email Security.cloud for Microsoft Office 365 DID YOU KNOW? Email is the #1 delivery mechanism for malware. 1 Over 40% of compliance related data in Office 365 is overexposed
More information10 FOCUS AREAS FOR BREACH PREVENTION
10 FOCUS AREAS FOR BREACH PREVENTION Keith Turpin Chief Information Security Officer Universal Weather and Aviation Why It Matters Loss of Personally Identifiable Information (PII) Loss of Intellectual
More informationThe SANS Institute Top 20 Critical Security Controls. Compliance Guide
The SANS Institute Top 20 Critical Security Controls Compliance Guide February 2014 The Need for a Risk-Based Approach A common factor across many recent security breaches is that the targeted enterprise
More informationA Measurement Companion to the CIS Critical Security Controls (Version 6) October
A Measurement Companion to the CIS Critical Security Controls (Version 6) October 2015 1 A Measurement Companion to the CIS Critical Security Controls (Version 6) Introduction... 3 Description... 4 CIS
More informationAre we breached? Deloitte's Cyber Threat Hunting
Are we breached? Deloitte's Cyber Threat Hunting Brochure / report title goes here Section title goes here Have we been breached? Are we exposed? How do we proactively detect an attack and minimize the
More informationDATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE
DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE EXECUTIVE SUMMARY ALIGNING CYBERSECURITY WITH RISK The agility and cost efficiencies
More informationCybersecurity The Evolving Landscape
Cybersecurity The Evolving Landscape 1 Presenter Zach Shelton, CISA Principal DHG IT Advisory Zach.Shelton@DHG.com Raleigh, NC 14+ years of experience in IT Consulting 11+ years of experience with DHG
More informationA company built on security
Security How we handle security at Flywheel Flywheel was founded in 2012 on a mission to create an exceptional platform to help creatives do their best work. As the leading WordPress hosting provider for
More informationSOLUTION BRIEF RSA ARCHER IT & SECURITY RISK MANAGEMENT
RSA ARCHER IT & SECURITY RISK MANAGEMENT INTRODUCTION Organizations battle growing security challenges by building layer upon layer of defenses: firewalls, antivirus, intrusion prevention systems, intrusion
More informationDelivering Integrated Cyber Defense for the Cloud Generation Darren Thomson
Delivering Integrated Cyber Defense for the Generation Darren Thomson Vice President & CTO, EMEA Region Symantec In 2009 there were 2,361,414 new piece of malware created. In 2015 that number was 430,555,582
More informationData Security and Privacy : Compliance to Stewardship. Jignesh Patel Solution Consultant,Oracle
Data Security and Privacy : Compliance to Stewardship Jignesh Patel Solution Consultant,Oracle Agenda Connected Government Security Threats and Risks Defense In Depth Approach Summary Connected Government
More informationIBM Global Technology Services Provide around-the-clock expertise and protect against Internet threats.
IBM Global Technology Services Provide around-the-clock expertise and protect against Internet threats. Enhancing cost to serve and pricing maturity Keeping up with quickly evolving ` Internet threats
More informationEFFECTIVELY TARGETING ADVANCED THREATS. Terry Sangha Sales Engineer at Trustwave
EFFECTIVELY TARGETING ADVANCED THREATS Terry Sangha Sales Engineer at Trustwave THE CHALLENGE PROTECTING YOUR ENVIRONMENT IS NOT GETTING EASIER ENDPOINT POINT OF SALE MOBILE VULNERABILITY MANAGEMENT CYBER
More informationWhat It Takes to be a CISO in 2017
What It Takes to be a CISO in 2017 Doug Copley Deputy CISO Sr. Security & Privacy Strategist February 2017 IMAGINE You re the CISO In Bangladesh Of a bank On a Friday when you re closed You realize 6 huge
More informationThreat Containment and Operations. Yong Kwang Kek, Director of Presales SE, APJ
Threat Containment and Operations Yong Kwang Kek, Director of Presales SE, APJ 2018-07-19 1 1 2017 Infoblox Inc. All Rights 2013 Infoblox Inc. All Reserved. Rights Reserved. Three Aspects of Security #1
More informationChanging the Game: An HPR Approach to Cyber CRM007
Speakers: Changing the Game: An HPR Approach to Cyber CRM007 Michal Gnatek, Senior Vice President, Marsh & McLennan Karen Miller, Sr. Treasury & Risk Manager, FireEye, Inc. Learning Objectives At the end
More informationANATOMY OF AN ATTACK!
ANATOMY OF AN ATTACK! Are Your Crown Jewels Safe? Dom Kapac, Security Evangelist WHAT DO WE MEAN BY CROWN JEWELS? Crown jewels for most organizations are critical infrastructure and data Data is a valuable
More informationlocuz.com SOC Services
locuz.com SOC Services 1 Locuz IT Security Lifecycle services combine people, processes and technologies to provide secure access to business applications, over any network and from any device. Our security
More informationNEN The Education Network
NEN The Education Network School e-security Checklist This checklist sets out 20 e-security controls that, if implemented effectively, will help to ensure that school networks are kept secure and protected
More informationISE North America Leadership Summit and Awards
ISE North America Leadership Summit and Awards November 6-7, 2013 Presentation Title: Presenter: Presenter Title: Company Name: Embracing Cyber Security for Top-to-Bottom Results Larry Wilson Chief Information
More informationCybersecurity Threat Modeling ISACA Atlanta Chapter Geek Week Conference
www.pwc.com 2016 ISACA Atlanta Chapter Geek Week Conference Highlights from surveys 38% Amount of security incidents In 2015, 38% more security incidents were detected than in 2014. $4.9M Cost of security
More informationSecurity Architecture
Security Architecture RDX s top priority is to safeguard our customers sensitive information. Introduction RDX understands that our customers have turned over the keys to their sensitive data stores to
More informationInformation Technology General Control Review
Information Technology General Control Review David L. Shissler, Senior IT Auditor, CPA, CISA, CISSP Office of Internal Audit and Risk Assessment September 15, 2016 Background Presenter Senior IT Auditor
More informationCarbon Black PCI Compliance Mapping Checklist
Carbon Black PCI Compliance Mapping Checklist The following table identifies selected PCI 3.0 requirements, the test definition per the PCI validation plan and how Carbon Black Enterprise Protection and
More informationTHE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION
BREACH & ATTACK SIMULATION THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION Cymulate s cyber simulation platform allows you to test your security assumptions, identify possible security gaps and receive
More information10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS
10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS WHITE PAPER INTRODUCTION BANKS ARE A COMMON TARGET FOR CYBER CRIMINALS AND OVER THE LAST YEAR, FIREEYE HAS BEEN HELPING CUSTOMERS RESPOND
More informationSurprisingly Successful: What Really Works in Cyber Defense. John Pescatore, SANS
Surprisingly Successful: What Really Works in Cyber Defense John Pescatore, SANS 1 Largest Breach Ever 2 The Business Impact Equation All CEOs know stuff happens in business and in security The goal is
More informationCYBER RISK MANAGEMENT: ADDRESSING THE CHALLENGE SIMON CRUMPLIN, FOUNDER & CEO
CYBER RISK MANAGEMENT: ADDRESSING THE CHALLENGE SIMON CRUMPLIN, FOUNDER & CEO INFORMATION SECURITY PAINS CISO RESPONSIBILITY WITHOUT AUTHORITY INVENTORY TO MANAGE ALERTS WITHOUT MEANING ASSETS SPREAD ACROSS
More informationCyber Protections: First Step, Risk Assessment
Cyber Protections: First Step, Risk Assessment Presentation to: Presented to: Mark LaVigne, Deputy Director NYSAC November 21, 2017 500 Avery Lane Rome, NY 13441 315.338.5818 www.nystec.com In this presentation
More informationATTIVO NETWORKS THREATDEFEND INTEGRATION WITH MCAFEE SOLUTIONS
PARTNER BRIEF ATTIVO NETWORKS THREATDEFEND INTEGRATION WITH MCAFEE SOLUTIONS INTRODUCTION Attivo Networks has partnered with McAfee to detect real-time in-network threats and to automate incident response
More informationTHE ACCENTURE CYBER DEFENSE SOLUTION
THE ACCENTURE CYBER DEFENSE SOLUTION A MANAGED SERVICE FOR CYBER DEFENSE FROM ACCENTURE AND SPLUNK. YOUR CURRENT APPROACHES TO CYBER DEFENSE COULD BE PUTTING YOU AT RISK Cyber-attacks are increasingly
More informationCYBERARK GDPR ADVISORY. SECURE CREDENTIALS. SECURE ACCESS. A PRIVILEGED ACCOUNT SECURITY APPROACH TO GDPR READINESS
CYBERARK GDPR ADVISORY. SECURE CREDENTIALS. SECURE ACCESS. A PRIVILEGED ACCOUNT SECURITY APPROACH TO GDPR READINESS 2017 CYBERARK GDPR ADVISORIES: PRACTICAL STEPS TO GDPR READINESS There is no personal
More informationCybersecurity: Considerations for Internal Audit. Gina Gondron Senior Manager Frazier & Deeter Geek Week August 10, 2016
Cybersecurity: Considerations for Internal Audit Gina Gondron Senior Manager Frazier & Deeter Geek Week August 10, 2016 Agenda Key Risks Incorporating Internal Audit Resources Questions 2 San Francisco
More informationNew York Cybersecurity. New York Cybersecurity. Requirements for Financial Services Companies (23NYCRR 500) Solution Brief
Publication Date: March 10, 2017 Requirements for Financial Services Companies (23NYCRR 500) Solution Brief EventTracker 8815 Centre Park Drive, Columbia MD 21045 About EventTracker EventTracker s advanced
More informationGetting Started with Cybersecurity
2 Incidents per week: Since 2016, U.S. K-12 school districts have experienced more than two cyber incidents per week on average. Fastest growing cyber incidents in K12 schools Most common cyber incidents
More informationNEXT GENERATION SECURITY OPERATIONS CENTER
DTS SOLUTION NEXT GENERATION SECURITY OPERATIONS CENTER SOC 2.0 - ENHANCED SECURITY O&M SOC 2.0 - SUCCESS FACTORS SOC 2.0 - FUNCTIONAL COMPONENTS DTS SOLUTION SOC 2.0 - ENHANCED SECURITY O&M SOC 2.0 Protecting
More informationTHE POWER OF TECH-SAVVY BOARDS:
THE POWER OF TECH-SAVVY BOARDS: LEADERSHIP S ROLE IN CULTIVATING CYBERSECURITY TALENT SHANNON DONAHUE DIRECTOR, INFORMATION SECURITY PRACTICES 1 IT S A RISK-BASED WORLD: THE 10 MOST CRITICAL UNCERTAINTIES
More informationTeradata and Protegrity High-Value Protection for High-Value Data
Teradata and Protegrity High-Value Protection for High-Value Data 12.16 EB7178 DATA SECURITY Table of Contents 2 Data Centric Security: Providing High-Value Protection for High-Value Data 3 Visibility:
More informationIT SECURITY OFFICER. Department: Information Technology. Pay Range: Professional 18
Pierce County Classification Description IT SECURITY OFFICER Department: Information Technology Job Class #: 634900 Pay Range: Professional 18 FLSA: Exempt Represented: No Classification descriptions are
More informationNebraska CERT Conference
Nebraska CERT Conference Security Methodology / Incident Response Patrick Hanrion Security Center of Excellence Sr. Security Consultant Agenda Security Methodology Security Enabled Business Framework methodology
More informationInformation Security Policy
April 2016 Table of Contents PURPOSE AND SCOPE 5 I. CONFIDENTIAL INFORMATION 5 II. SCOPE 6 ORGANIZATION OF INFORMATION SECURITY 6 I. RESPONSIBILITY FOR INFORMATION SECURITY 6 II. COMMUNICATIONS REGARDING
More informationALIENVAULT USM FOR AWS SOLUTION GUIDE
ALIENVAULT USM FOR AWS SOLUTION GUIDE Summary AlienVault Unified Security Management (USM) for AWS is a unified security platform providing threat detection, incident response, and compliance management
More informationProtect Your Organization from Cyber Attacks
Protect Your Organization from Cyber Attacks Leverage the advanced skills of our consultants to uncover vulnerabilities our competitors overlook. READY FOR MORE THAN A VA SCAN? Cyber Attacks by the Numbers
More informationCyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS
Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS Continual disclosed and reported
More informationFrom Managed Security Services to the next evolution of CyberSoc Services
From Managed Security Services to the next evolution of CyberSoc Services Gianluca Busco Arré Country Manager pandasecurity.com MSSP / MDR Where the Industry is going leaders and laggers MSSP industry
More informationSharing What Matters. Accelerating Incident Response and Threat Hunting by Sharing Behavioral Data
Sharing What Matters Accelerating Incident Response and Threat Hunting by Sharing Behavioral Data Dan Gunter, Principal Threat Analyst Marc Seitz, Threat Analyst Dragos, Inc. August 2018 Today s Talk at
More informationCyber security tips and self-assessment for business
Cyber security tips and self-assessment for business Last year one in five New Zealand SMEs experienced a cyber-attack, so it s essential to be prepared. Our friends at Deloitte have put together this
More information2017 Annual Meeting of Members and Board of Directors Meeting
2017 Annual Meeting of Members and Board of Directors Meeting Dan Domagala; "Cybersecurity: An 8-Point Checklist for Protecting Your Assets" Join this interactive discussion about cybersecurity trends,
More informationWHITE PAPER. HELPING BANKS SECURE DATA DURING AND AFTER DIGITIZATION An Infosys solution
WHITE PAPER HELPING BANKS SECURE DATA DURING AND AFTER DIGITIZATION An Infosys solution Abstract The banking industry is adopting digital technologies to renew how they deliver services to customers and
More informationObjectives of the Security Policy Project for the University of Cyprus
Objectives of the Security Policy Project for the University of Cyprus 1. Introduction 1.1. Objective The University of Cyprus intends to upgrade its Internet/Intranet security architecture. The University
More informationKenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data
Kenna Platform Security A technical overview of the comprehensive security measures Kenna uses to protect your data V3.0, MAY 2017 Multiple Layers of Protection Overview Password Salted-Hash Thank you
More informationREAL-WORLD STRATEGIES FOR MEDICAL DEVICE SECURITY
SEPTEMBER 11 13, 2017 BOSTON, MA REAL-WORLD STRATEGIES FOR MEDICAL DEVICE SECURITY HealthcareSecurityForum.com/Boston/2017 #HITsecurity Brian Selfridge Partner, Meditology Services https://www.meditologyservices.com/
More informationKeys to a more secure data environment
Keys to a more secure data environment A holistic approach to data infrastructure security The current fraud and regulatory landscape makes it clear that every firm needs a comprehensive strategy for protecting
More informationCybersecurity Panel: Cutting through Cybersecurity Hype with Practical Tips to Protect your Bank
Cybersecurity Panel: Cutting through Cybersecurity Hype with Practical Tips to Protect your Bank NJ Bankers Association Annual Convention May 19, 2017 Presented by: Jeremy Burris, Principal, S.R. Snodgrass,
More informationK12 Cybersecurity Roadmap
K12 Cybersecurity Roadmap Introduction Jason Brown, CISSP Chief Information Security Officer Merit Network, Inc jbrown@merit.edu @jasonbrown17 https://linkedin.com/in/jasonbrown17 2 Agenda 3 Why Use the
More informationSecuring Your Most Sensitive Data
Software-Defined Access Securing Your Most Sensitive Data Company Overview Digital Growth Means Digital Threats Digital technologies offer organizations unprecedented opportunities to innovate their way
More informationSecurity Solutions. Overview. Business Needs
Security Solutions Overview Information security is not a one time event. The dynamic nature of computer networks mandates that examining and ensuring information security be a constant and vigilant effort.
More informationSECURITY & PRIVACY DOCUMENTATION
Okta s Commitment to Security & Privacy SECURITY & PRIVACY DOCUMENTATION (last updated September 15, 2017) Okta is committed to achieving and preserving the trust of our customers, by providing a comprehensive
More informationPresented by Ingrid Fredeen and Pamela Passman. Copyright 2017NAVEXGlobal,Inc. AllRightsReserved. Page 0
Cyber Security and Inside Threats: Turning Policies into Practices Presented by Ingrid Fredeen and Pamela Passman Copyright 2017NAVEXGlobal,Inc. AllRightsReserved. Page 0 Presented By Ingrid Fredeen, J.D.
More informationNERC CIP VERSION 6 BACKGROUND COMPLIANCE HIGHLIGHTS
NERC CIP VERSION 6 COMPLIANCE BACKGROUND The North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) Reliability Standards define a comprehensive set of requirements
More informationNORTH AMERICAN SECURITIES ADMINISTRATORS ASSOCIATION Cybersecurity Checklist for Investment Advisers
Identify Protect Detect Respond Recover Identify: Risk Assessments & Management 1. Risk assessments are conducted frequently (e.g. annually, quarterly). 2. Cybersecurity is included in the risk assessment.
More informationMay 14, :30PM to 2:30PM CST. In Plain English: Cybersecurity and IT Exam Expectations
May 14, 2018 1:30PM to 2:30PM CST In Plain English: Cybersecurity and IT Exam Expectations Options to Join Webinar and audio Click on the link: https://www.webcaster4.com/webcast/page/584/24606 Choose
More informationdeep (i) the most advanced solution for managed security services
deep (i) the most advanced solution for managed security services TM deep (i) suite provides unparalleled threat intelligence and incident response through cutting edge Managed Security Services Cybersecurity
More informationSecure the value chain. Risk management in the omnichannel consumer and retail environment
Secure the value chain Risk management in the omnichannel consumer and retail environment Table of contents See the dark side 2 of security Review developing 2 security trends Address organizational 3
More informationTransforming Security from Defense in Depth to Comprehensive Security Assurance
Transforming Security from Defense in Depth to Comprehensive Security Assurance February 28, 2016 Revision #3 Table of Contents Introduction... 3 The problem: defense in depth is not working... 3 The new
More informationTotal Security Management PCI DSS Compliance Guide
Total Security Management PCI DSS Guide The Payment Card Industry Data Security Standard (PCI DSS) is a set of regulations to help protect the security of credit card holders. These regulations apply to
More informationProtecting Against Modern Attacks. Protection Against Modern Attack Vectors
Protecting Against Modern Attacks Protection Against Modern Attack Vectors CYBER SECURITY IS A CEO ISSUE. - M C K I N S E Y $4.0M 81% >300K 87% is the average cost of a data breach per incident. of breaches
More informationAT&T Endpoint Security
AT&T Endpoint Security November 2016 Security Drivers Market Drivers Online business 24 x 7, Always on Globalization Virtual Enterprise Business Process / IT Alignment Financial Drivers CapEx / OpEx Reduction
More informationDefensible Security DefSec 101
Defensible Security DefSec 101 Security Day November 2017 Information Security Branch Paul Falohun Senior Security Analyst Dan Lathigee Senior Project Manager Content 1 Introduction 2 DefSec for PSO 3
More informationOffice 365 Buyers Guide: Best Practices for Securing Office 365
Office 365 Buyers Guide: Best Practices for Securing Office 365 Microsoft Office 365 has become the standard productivity platform for the majority of organizations, large and small, around the world.
More informationForeScout Extended Module for Splunk
Enterprise Strategy Group Getting to the bigger truth. ESG Lab Review ForeScout Extended Module for Splunk Date: May 2017 Author: Tony Palmer, Senior Lab Analyst Abstract This report provides a first look
More informationEnterprise Cybersecurity Best Practices Part Number MAN Revision 006
Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 April 2013 Hologic and the Hologic Logo are trademarks or registered trademarks of Hologic, Inc. Microsoft, Active Directory,
More informationDepartment of Management Services REQUEST FOR INFORMATION
RESPONSE TO Department of Management Services REQUEST FOR INFORMATION Cyber-Security Assessment, Remediation, and Identity Protection, Monitoring, and Restoration Services September 3, 2015 250 South President
More informationDHG presenter. August 17, Addressing the Evolving Cybersecurity Landscape. DHG Birmingham CPE Seminar 1
Addressing the Evolving Cybersecurity Tom Tollerton, CISSP, CISA, PCI QSA Manager Cybersecurity Advisory Services DHG presenter Tom Tollerton, Manager DHG IT Advisory 704.367.7061 tom.tollerton@dhgllp.com
More informationOnapsis: The CISO Imperative Taking Control of SAP
Onapsis: The CISO Imperative Taking Control of SAP Cyberattacks @onapsis 2016 Key SAP Cyber-Security Trends Over 95% of the SAP systems we have assessed, were exposed to vulnerabilities that could lead
More informationRSA Solution Brief. Managing Risk Within Advanced Security Operations. RSA Solution Brief
RSA Solution Brief Managing Risk Within Advanced Security Operations RSA Solution Brief How do you advance your security operations function? Increasingly sophisticated security threats and the growing
More informationFTA 2017 SEATTLE. Cybersecurity and the State Tax Threat Environment. Copyright FireEye, Inc. All rights reserved.
FTA 2017 SEATTLE Cybersecurity and the State Tax Threat Environment 1 Agenda Cybersecurity Trends By the Numbers Attack Trends Defensive Trends State and Local Intelligence What Can You Do? 2 2016: Who
More informationCriminal Justice Information Security (CJIS) Guide for ShareBase in the Hyland Cloud
Criminal Justice Information Security (CJIS) Guide for ShareBase in the Hyland Cloud Introduction The Criminal Justice Information Security (CJIS) Policy is a publically accessible document that contains
More informationBusiness continuity management and cyber resiliency
Baker Tilly refers to Baker Tilly Virchow Krause, LLP, an independently owned and managed member of Baker Tilly International. Business continuity management and cyber resiliency Introductions Eric Wunderlich,
More informationSecurity Gaps from the Field
Security Gaps from the Field Reconnaissance, Theft, and Looking Them in the Eye Helping you grow your business with scalable IT services & solutions Bruce Ward, CISM, Vice President for today s challenges
More informationTOP 10 IT SECURITY ACTIONS TO PROTECT INTERNET-CONNECTED NETWORKS AND INFORMATION
INFORMATION TECHNOLOGY SECURITY GUIDANCE TOP 10 IT SECURITY ACTIONS TO PROTECT INTERNET-CONNECTED NETWORKS AND INFORMATION ITSM.10.189 October 2017 INTRODUCTION The Top 10 Information Technology (IT) Security
More informationSIEM: Five Requirements that Solve the Bigger Business Issues
SIEM: Five Requirements that Solve the Bigger Business Issues After more than a decade functioning in production environments, security information and event management (SIEM) solutions are now considered
More informationDaxko s PCI DSS Responsibilities
! Daxko s PCI DSS Responsibilities According to PCI DSS requirement 12.9, Daxko will maintain all applicable PCI DSS requirements to the extent the service prov ider handles, has access to, or otherwise
More informationCYBERSECURITY RISK LOWERING CHECKLIST
CYBERSECURITY RISK LOWERING CHECKLIST The risks from cybersecurity attacks, whether external or internal, continue to grow. Leaders must make thoughtful and informed decisions as to the level of risk they
More informationSecure Access & SWIFT Customer Security Controls Framework
Secure Access & SWIFT Customer Security Controls Framework SWIFT Financial Messaging Services SWIFT is the world s leading provider of secure financial messaging services. Their services are used and trusted
More informationTHREAT INTELLIGENCE: UNDERSTANDING WHAT IT IS AND WHY YOU NEED IT
THREAT INTELLIGENCE: UNDERSTANDING WHAT IT IS AND WHY YOU NEED IT Threat Intelligence: The term Threat Intelligence is often thrown around too liberally and can mean many different things to different
More informationCylance Axiom Alliances Program
Alliances Program Cylance Axiom Alliances Program Program Overview The Cylance Axiom Alliances Program is a community of cybersecurity solution providers working together to deliver a prevention-first
More information