Insider Threat Program: Protecting the Crown Jewels. Monday, March 2, 2:15 pm - 3:15 pm

Size: px
Start display at page:

Download "Insider Threat Program: Protecting the Crown Jewels. Monday, March 2, 2:15 pm - 3:15 pm"

Transcription

1 Insider Threat Program: Protecting the Crown Jewels Monday, March 2, 2:15 pm - 3:15 pm

2 Take Away Identify your critical information Recognize potential insider threats What happens after your critical information is compromised Examples of information of assets at risk by vertical market

3 Definitions

4 Why does it matter?

5 The insider threat is real - pretending otherwise is inviting disaster IBM Security Services 2014 Cyber Security Intelligence Index Over 95% of all incidents investigated recognize human error as a contributing factor. Outsiders instigated 56% of all investigated security incidents in 2013 which means that insiders (whether inadvertent or malicious actors) likely had a hand in 44% of incidents U.S. State of Cybercrime Security Of survey respondents who identified security incidents, 28% pointed the finger at insiders, and 32% of respondents said insider crimes are more costly or damaging than incidents perpetrated by outsiders.

6 The insider threat is real - pretending otherwise is inviting disaster The Global State of Information Security Survey 2015 Survey respondents most frequently cited insiders as the culprits of cybercrime. With regard to insider security incidents, 35% pointed the finger at current employees; other identified sources included former employees (30%) and current service providers/consultants/contractors (18%). Impact of Mobile Devices on Information Security (October 2014) A staggering 92% of surveyed IT and security professionals said that employee behaviors could have made a difference in preventing recent high-profile breaches of consumer data. More than 60% said employee carelessness was likely to have contributed to or caused the breaches.

7 Types of Insider Threat Negligent insiders Insiders who accidentally expose data such as an employee who forgets their laptop on an airplane. Malicious insiders Insiders who intentionally steal data or destroy systems such as a disgruntled employee who deletes some records on his last day of work. Compromised insiders Insiders whose access credentials or computers have been compromised by an outside attacker A program focused on one of these types of threats won t necessarily protect the organization against the others.

8 Key Categories of Malicious Insider Threat IT Sabotage IT systems are damaged or IT assets are stolen (e.g., stealing code, proprietary programs, etc.) for retribution.

9 Key Categories of Malicious Insider Threat Business Advantage The employee or contractor steals corporate data in order to have an advantage at their new employer, normally a competitor, or the employee wants to gain an advantage for a new business they plan to start.

10 Key Categories of Malicious Insider Threat Financial Gain Fraud is usually the crime involved, such as theft of Social Security Numbers, credit card and CVV numbers, etc. with making money being the primary goal.

11 Key Categories of Malicious Insider Threat Espionage The primary motive is spying for another company or nation state and directing the stolen asset to the enemy for political gain. Money is often involved in such cases, which brings us back to the financial gain motive.

12 Objective of an ITP Prevent threats from damaging your organization s assets, technology, people or reputation

13 Objective of an ITP Prevent threats from damaging your organization s assets, technology, people or reputation Detect adverse events. Identify current and new threats and assess the impact to the organization

14 Objective of an ITP Prevent threats from damaging your organization s assets, technology, people or reputation Detect adverse events. Identify current and new threats and assess the impact to the organization Respond with speed and resiliency to all incidents, mitigating damage and pre-empting further damage

15 Likelihood of an Insider Event Happening Can be broken down into three factors: Intent A measure of the insider s determination to carry out the attack Capability The degree to which an insider has the skills, knowledge and resources to be successful in the attempt Opportunity A combination of the access that an insider has to an organization's assets (this access will vary depending on their role) combined with the vulnerability of the environment

16 Best Practices Re-Use / Leverage Align & Integrate The Approach Use best practices (such as INSA, Carnegie Mellon, HoMER) as reference model Re-use / leverage on existing methodology, processes / templates, solutions Align and integrate with your existing frameworks, operating model,

17 Reference Model Carnegie Mellon Best Practices Describes 19 best practices that organizations should implement across the enterprise to prevent and detect insider threats but does not establish a logical sequence of activities Intelligence and National Security Alliance An association representing the public, private and academic sectors of the national security and intelligence communities. Issued an 11 step road-map that describes how to implement an ITP that utilizes all 19 C-M 19 practices Centre for the Protection of National Infrastructure (CPNI ) Holistic Management of Employee Risk (HoMER)

18 Intelligence and National Security Alliance (INSA) Roadmap

19 Intelligence and National Security Alliance (INSA) Roadmap

20 Carnegie Mellon Best Practices 1 Consider threats from insiders and business enterprise-wide risk assessments 2 Clearly document and consistently enforce policies and controls 3 Incorporate insider threat awareness into periodic security training for all employees 4 Beginning with the hiring process, monitor and respond to suspicious or disruptive behavior 5 Anticipate and manage negative issues in the work environment 6 Know your assets

21 Carnegie Mellon Best Practices 7 Implement strict password and account management policies and practices 8 Enforce separation of duties and least privilege 9 Define explicit security agreements or any cloud services, especially access restrictions and monitoring capabilities 10 Institute stringent access controls and monitoring policies on privileged users 11 Institutionalize system change controls 12 Use a log correlation engine or Security Event and Information Management system to log, monitor and audit employees actions

22 Carnegie Mellon Best Practices 13 Monitor and control remote access from all end points, including mobile devices 14 Develop a comprehensive employee termination policy 15 Implement secure backup and recovery processes 16 Develop a formalized insider threat program 17 Establish a baseline of normal network device behavior 18 Be especially vigilant regarding social media 19 Close the doors to unauthorized data exfiltration

23 The Crown Jewels Identify and protect the information assets that are MOST critical to your organization

24 Example Assets at Risk by Vertical Market Public companies Earnings information New product information Intellectual property Government Banking & credit companies Financial firms Retail organizations National secrets Classified & personal information Identify theft Account skimming Funds diversion Mergers & acquisition plans Non-public financial information Private research Pricing information Personal information on credit card holders CCV # on cards

25 Use your BIA Questionnaire or Survey Determine what your most critical assets are What information do you collect? How sensitive is it? What is the consequence (gain potential) of a successful compromise? How do you store the information? Who has access to the information? How do you protect your data?

26 Use your BIA Questionnaire or Survey Determine what your most critical assets are What steps are you taking to secure your computers, network, and other tools? Ensure that the Lines of Business owners are acutely aware of the findings Share your BIA results with IT Security, HR and other key stakeholders

27 Controls Various measures can be used to deter negligent activity and keep honest people honest Access controls can prevent people from obtaining sensitive data that they do not need in order to do their jobs. Encryption of data at rest can also help prevent data loss by negligent insiders in the event that they lose their laptops or other equipment. User education also matters here. Anything you can do to get employees to be more conscientious with company data can have a positive impact.

28 Controls Various measures can be used to deter negligent activity and keep honest people honest Oversight especially as it pertains to financial data. It is critical to have multiple people keeping an eye on sensitive transactions so that no one person can single-handedly circumvent company policy. Leveraging Network and Security Monitoring Tools. Appropriate and enforced HR & Security Policies.

29 In Summary

30 Questions

A Comedy of Errors: Assessing and Managing the Human Element of Cyber Risk

A Comedy of Errors: Assessing and Managing the Human Element of Cyber Risk SESSION ID: GRC-T10 A Comedy of Errors: Assessing and Managing the Human Element of Cyber Risk R Jason Straight Sr. VP, Chief Privacy Officer UnitedLex Corp. Has anyone seen this man? 2 3 4 We re getting

More information

The Enemy Within: Dealing with Insider Threats

The Enemy Within: Dealing with Insider Threats The Enemy Within: Dealing with Insider Threats PERSONAL FACTORS Greed or Financial Need Anger/Revenge Problems at Work Ideology/Identification Divided Loyalty Ingratiation Compulsive and Destructive Behavior

More information

Insider Threats: Actual Attacks by Current and Former Software Engineers

Insider Threats: Actual Attacks by Current and Former Software Engineers Insider Threats: Actual Attacks by Current and Former Software Engineers 9 June 2011 Dawn Cappelli 2007-2011 Carnegie Mellon University Agenda Introduction to the CERT Insider Threat Center CERT s Insider

More information

Cyber Risks in the Boardroom Conference

Cyber Risks in the Boardroom Conference Cyber Risks in the Boardroom Conference Managing Business, Legal and Reputational Risks Perspectives for Directors and Executive Officers Preparing Your Company to Identify, Mitigate and Respond to Risks

More information

The CERT Top 10 List for Winning the Battle Against Insider Threats

The CERT Top 10 List for Winning the Battle Against Insider Threats The CERT Top 10 List for Winning the Battle Against Insider Threats Dawn Cappelli CERT Insider Threat Center Software Engineering Institute Carnegie Mellon University Session ID: STAR-203 Session Classification:

More information

The Insider Threat Center: Thwarting the Evil Insider

The Insider Threat Center: Thwarting the Evil Insider The Insider Threat Center: Thwarting the Evil Insider The CERT Top 10 List for Winning the Battle Against Insider Threats Randy Trzeciak 14 June 2012 2007-2012 Carnegie Mellon University Notices 2011 Carnegie

More information

Cyber Security Issues

Cyber Security Issues RHC Summit 6/9/2017 Cyber Security Issues Dennis E. Leber CISO CHFS Why is it Important? Required by Law Good Business Strategy Right Thing to Do Why is it Important? According to Bitglass' 2017 Healthcare

More information

The Cyber War on Small Business

The Cyber War on Small Business The Cyber War on Small Business Dillon Behr Executive Lines Broker Risk Placement Services, Inc. Meet Our Speaker Dillon Behr Executive Lines Broker Risk Placement Services, Inc. Previously worked as Cyber

More information

Preventing Insider Sabotage: Lessons Learned From Actual Attacks

Preventing Insider Sabotage: Lessons Learned From Actual Attacks Preventing Insider Sabotage: Lessons Learned From Actual Attacks Dawn Cappelli November 14, 2005 2005 Carnegie Mellon University Report Documentation Page Form Approved OMB No. 0704-0188 Public reporting

More information

Insider Threats. Nathalie Baracaldo. School of Information Sciences. March 26 th, 2015

Insider Threats. Nathalie Baracaldo. School of Information Sciences. March 26 th, 2015 Insider Threats Nathalie Baracaldo Ph.D. Candidate date School of Information Sciences March 26 th, 2015 1 Insider Attacks According to CERT insider attackers are defined as: Currently or previously employed

More information

Data Breaches: Is IBM i Really At Risk? All trademarks and registered trademarks are the property of their respective owners.

Data Breaches: Is IBM i Really At Risk? All trademarks and registered trademarks are the property of their respective owners. Data Breaches: Is IBM i Really At Risk? HelpSystems LLC. All rights reserved. All trademarks and registered trademarks are the property of their respective owners. ROBIN TATAM, CBCA CISM PCI-P Global Director

More information

Critical Information Infrastructure Protection Law

Critical Information Infrastructure Protection Law Critical Information Infrastructure Protection Law CCD COE Training 8 September 2009 Tallinn, Estonia Maeve Dion Center for Infrastructure Protection George Mason University School of Law Arlington, Virginia.

More information

Information Security Is a Business

Information Security Is a Business Information Security Is a Business Continuity Issue: Are You Ready? Dr. Nader Mehravari Cyber Risk and Resilience Management Team CERT Division Software Engineering Institute Carnegie Mellon University

More information

security FRAUD PREVENTION Business Checklist Safeguard your money, your credit and your good name.

security FRAUD PREVENTION Business Checklist Safeguard your money, your credit and your good name. security FRAUD PREVENTION Business Checklist Safeguard your money, your credit and your good name. Security for Your Business Mitigating risk is a daily reality for business owners, but you don t have

More information

Mitigation Controls on. 13-Dec-16 1

Mitigation Controls on. 13-Dec-16 1 Mitigation Controls on 13-Dec-16 1 An organization s users are its greatest assets and its most challenging adversaries. one of the vulnerabilities posed by insiders is their knowledge of the quality of

More information

Governance Ideas Exchange

Governance Ideas Exchange www.pwc.com.au Anatomy of a Hack Governance Ideas Exchange Robert Di Pietro October 2018 Cyber Security Anatomy of a Hack Cyber Security Introduction Who are the bad guys? Profiling the victim Insights

More information

QuickBooks Online Security White Paper July 2017

QuickBooks Online Security White Paper July 2017 QuickBooks Online Security White Paper July 2017 Page 1 of 6 Introduction At Intuit QuickBooks Online (QBO), we consider the security of your information as well as your customers and employees data a

More information

DIGITAL ACCOUNTANCY FORUM CYBER SESSION. Sheila Pancholi Partner, Technology Risk Assurance

DIGITAL ACCOUNTANCY FORUM CYBER SESSION. Sheila Pancholi Partner, Technology Risk Assurance DIGITAL ACCOUNTANCY FORUM CYBER SESSION Sheila Pancholi Partner, Technology Risk Assurance Section 1: The background World s biggest data breaches 10 years ago 2007 2006 accidentally published hacked inside

More information

University of Pittsburgh Security Assessment Questionnaire (v1.7)

University of Pittsburgh Security Assessment Questionnaire (v1.7) Technology Help Desk 412 624-HELP [4357] technology.pitt.edu University of Pittsburgh Security Assessment Questionnaire (v1.7) Directions and Instructions for completing this assessment The answers provided

More information

Cyber Threat Landscape April 2013

Cyber Threat Landscape April 2013 www.pwc.co.uk Cyber Threat Landscape April 2013 Cyber Threats: Influences of the global business ecosystem Economic Industry/ Competitors Technology-led innovation has enabled business models to evolve

More information

Components and Considerations in Building an Insider Threat Program

Components and Considerations in Building an Insider Threat Program Components and Considerations in Building an Insider Threat Program Carly Huth Insider Threat Researcher, CEWM Carly L. Huth is an insider threat researcher in the Cyber Enterprise and Workforce Management

More information

NORTH AMERICAN SECURITIES ADMINISTRATORS ASSOCIATION Cybersecurity Checklist for Investment Advisers

NORTH AMERICAN SECURITIES ADMINISTRATORS ASSOCIATION Cybersecurity Checklist for Investment Advisers Identify Protect Detect Respond Recover Identify: Risk Assessments & Management 1. Risk assessments are conducted frequently (e.g. annually, quarterly). 2. Cybersecurity is included in the risk assessment.

More information

TARGET2-SECURITIES INFORMATION SECURITY REQUIREMENTS

TARGET2-SECURITIES INFORMATION SECURITY REQUIREMENTS Target2-Securities Project Team TARGET2-SECURITIES INFORMATION SECURITY REQUIREMENTS Reference: T2S-07-0270 Date: 09 October 2007 Version: 0.1 Status: Draft Target2-Securities - User s TABLE OF CONTENTS

More information

Breaches and Remediation

Breaches and Remediation Breaches and Remediation Ramona Oliver US Department of Labor Personally Identifiable Information Personally Identifiable Information (PII): Any information about an individual maintained by an agency,

More information

Checklist: Credit Union Information Security and Privacy Policies

Checklist: Credit Union Information Security and Privacy Policies Checklist: Credit Union Information Security and Privacy Policies Acceptable Use Access Control and Password Management Background Check Backup and Recovery Bank Secrecy Act/Anti-Money Laundering/OFAC

More information

6 Vulnerabilities of the Retail Payment Ecosystem

6 Vulnerabilities of the Retail Payment Ecosystem 6 Vulnerabilities of the Retail Payment Ecosystem FINANCIAL INSTITUTION PAYMENT GATEWAY DATABASES POINT OF SALE POINT OF INTERACTION SOFTWARE VENDOR Table of Contents 4 7 8 11 12 14 16 18 Intercepting

More information

NEN The Education Network

NEN The Education Network NEN The Education Network School e-security Checklist This checklist sets out 20 e-security controls that, if implemented effectively, will help to ensure that school networks are kept secure and protected

More information

A FRAMEWORK TO EFFECTIVELY DEVELOP INSIDER THREAT CONTROLS

A FRAMEWORK TO EFFECTIVELY DEVELOP INSIDER THREAT CONTROLS SESSION ID: HUM-R02 A FRAMEWORK TO EFFECTIVELY DEVELOP INSIDER THREAT CONTROLS Randy Trzeciak Director CERT National Insider Threat Center Software Engineering Institute Carnegie Mellon University Dan

More information

Cyber Resilience. Think18. Felicity March IBM Corporation

Cyber Resilience. Think18. Felicity March IBM Corporation Cyber Resilience Think18 Felicity March 1 2018 IBM Corporation Cyber Resilience Cyber Resilience is the ability of an organisation to maintain its core purpose and integrity during and after a cyber attack

More information

Cybersecurity: Considerations for Internal Audit. Gina Gondron Senior Manager Frazier & Deeter Geek Week August 10, 2016

Cybersecurity: Considerations for Internal Audit. Gina Gondron Senior Manager Frazier & Deeter Geek Week August 10, 2016 Cybersecurity: Considerations for Internal Audit Gina Gondron Senior Manager Frazier & Deeter Geek Week August 10, 2016 Agenda Key Risks Incorporating Internal Audit Resources Questions 2 San Francisco

More information

Business continuity management and cyber resiliency

Business continuity management and cyber resiliency Baker Tilly refers to Baker Tilly Virchow Krause, LLP, an independently owned and managed member of Baker Tilly International. Business continuity management and cyber resiliency Introductions Eric Wunderlich,

More information

CYBER FRAUD & DATA BREACHES 16 CPE s May 16-17, 2018

CYBER FRAUD & DATA BREACHES 16 CPE s May 16-17, 2018 CYBER FRAUD & DATA BREACHES 16 CPE s May 16-17, 2018 Cyber fraud attacks happen; they can t all be stopped. The higher order question must be how can we, as fraud examiners and assurance professionals,

More information

Cyber fraud and its impact on the NHS: How organisations can manage the risk

Cyber fraud and its impact on the NHS: How organisations can manage the risk Cyber fraud and its impact on the NHS: How organisations can manage the risk Chair: Ann Utley, Preparation Programme Manager, NHS Providers Arno Franken, Cyber Specialist, RSM Sheila Pancholi, Partner,

More information

Are we breached? Deloitte's Cyber Threat Hunting

Are we breached? Deloitte's Cyber Threat Hunting Are we breached? Deloitte's Cyber Threat Hunting Brochure / report title goes here Section title goes here Have we been breached? Are we exposed? How do we proactively detect an attack and minimize the

More information

Insider Threats to the Healthcare Industry

Insider Threats to the Healthcare Industry Insider Threats to the Healthcare Industry George J. Silowash Carnegie Mellon University Software Engineering Institute Pittsburgh, PA 15213 October 24, 2013 2013 Carnegie Mellon University Notices 2013

More information

David Fletcher Co-Principal Investigator Western Management & Consulting LLC Albuquerque, NM

David Fletcher Co-Principal Investigator Western Management & Consulting LLC Albuquerque, NM Effective Practices for The Protection of Transportation Infrastructure From Cyber Incidents: Executive Briefing Pilot David Fletcher Co-Principal Investigator Western Management & Consulting LLC Albuquerque,

More information

Welcome to the CyberSecure My Business Webinar Series We will begin promptly at 2pm EDT All speakers will be muted until that time

Welcome to the CyberSecure My Business Webinar Series We will begin promptly at 2pm EDT All speakers will be muted until that time TM Plan. Protect. Respond. Welcome to the CyberSecure My Business Webinar Series We will begin promptly at 2pm EDT All speakers will be muted until that time Registration is open for the April webinar:

More information

Integrating Cyber Security with Business Continuity Management to Build the Resilient Enterprise

Integrating Cyber Security with Business Continuity Management to Build the Resilient Enterprise February 11 14, 2018 Gaylord Opryland Resort and Convention Center, Nashville #DRI2018 Integrating Cyber Security with Business Continuity Management to Build the Resilient Enterprise Tejas Katwala CEO

More information

CYBER RESILIENCE & INCIDENT RESPONSE

CYBER RESILIENCE & INCIDENT RESPONSE CYBER RESILIENCE & INCIDENT RESPONSE www.nccgroup.trust Introduction The threat landscape has changed dramatically over the last decade. Once the biggest threats came from opportunist attacks and preventable

More information

Stephanie Zierten Associate Counsel Federal Reserve Bank of Boston

Stephanie Zierten Associate Counsel Federal Reserve Bank of Boston Stephanie Zierten Associate Counsel Federal Reserve Bank of Boston Cybersecurity Landscape Major Data Breaches (e.g., OPM, IRS) Data Breach Notification Laws Directors Derivative Suits Federal Legislation

More information

PCI Compliance. What is it? Who uses it? Why is it important?

PCI Compliance. What is it? Who uses it? Why is it important? PCI Compliance What is it? Who uses it? Why is it important? Definitions: PCI- Payment Card Industry DSS-Data Security Standard Merchants Anyone who takes a credit card payment 3 rd party processors companies

More information

Leading Authority Doug Kaminski On 3 Key Ways To Protect Your IP. #FearlessLaw on High Performance Counsel

Leading Authority Doug Kaminski On 3 Key Ways To Protect Your IP. #FearlessLaw on High Performance Counsel Leading Authority Doug Kaminski On 3 Key Ways To Protect Your IP #FearlessLaw on High Performance Counsel #BakersDozen is a series of interviews with leading professionals in the fields of law, consulting,

More information

Information Technology Disaster Recovery Planning Audit Redacted Public Report

Information Technology Disaster Recovery Planning Audit Redacted Public Report 1200, Scotia Place, Tower 1 10060 Jasper Avenue Edmonton, Alberta T5J 3R8 edmonton.ca/auditor Information Technology Disaster Recovery Planning Audit Redacted Public Report June 12, 2018 City of Edmonton

More information

Personal Cybersecurity

Personal Cybersecurity Personal Cybersecurity The Basic Principles Jeremiah School, CEO How big is the issue? 9 8 7 6 5 4 3 2 1 Estimated global damages in 2018 0 2016 2018 2020 2022 2024 2026 2028 2030 Internet Users Billions

More information

74% 2014 SIEM Efficiency Report. Hunting out IT changes with SIEM

74% 2014 SIEM Efficiency Report. Hunting out IT changes with SIEM 2014 SIEM Efficiency Report Hunting out IT changes with SIEM 74% OF USERS ADMITTED THAT DEPLOYING A SIEM SOLUTION DIDN T PREVENT SECURITY BREACHES FROM HAPPENING Contents Introduction 4 Survey Highlights

More information

External Supplier Control Obligations. Cyber Security

External Supplier Control Obligations. Cyber Security External Supplier Control Obligations Cyber Security Control Title Control Description Why this is important 1. Cyber Security Governance The Supplier must have cyber risk governance processes in place

More information

EFFECTIVELY TARGETING ADVANCED THREATS. Terry Sangha Sales Engineer at Trustwave

EFFECTIVELY TARGETING ADVANCED THREATS. Terry Sangha Sales Engineer at Trustwave EFFECTIVELY TARGETING ADVANCED THREATS Terry Sangha Sales Engineer at Trustwave THE CHALLENGE PROTECTING YOUR ENVIRONMENT IS NOT GETTING EASIER ENDPOINT POINT OF SALE MOBILE VULNERABILITY MANAGEMENT CYBER

More information

Technology Risk Management in Banking Industry. Rocky Cheng General Manager, Information Technology, Bank of China (Hong Kong) Limited

Technology Risk Management in Banking Industry. Rocky Cheng General Manager, Information Technology, Bank of China (Hong Kong) Limited Technology Risk Management in Banking Industry Rocky Cheng General Manager, Information Technology, Bank of China (Hong Kong) Limited Change in Threat Landscape 2 Problem & Threats faced by Banking Industry

More information

Information Assurance 101

Information Assurance 101 BUILT FOR SECURITY Information Assurance 101 Barbara Wert, Regulatory Compliance Specialist FoxGuard Solutions, Inc. The value of an organization lies within its information its security is critical for

More information

EC-Council Certified Incident Handler v2. Prepare to Handle and Respond to Security Incidents EC-COUNCIL CERTIFIED INCIDENT HANDLER 1

EC-Council Certified Incident Handler v2. Prepare to Handle and Respond to Security Incidents EC-COUNCIL CERTIFIED INCIDENT HANDLER 1 EC-Council Certified Incident Handler v2 Prepare to Handle and Respond to Security Incidents EC-COUNCIL CERTIFIED INCIDENT HANDLER 1 THE CRITICAL NATURE OF INCIDENT HANDLING READINESS An organized and

More information

Keys to a more secure data environment

Keys to a more secure data environment Keys to a more secure data environment A holistic approach to data infrastructure security The current fraud and regulatory landscape makes it clear that every firm needs a comprehensive strategy for protecting

More information

Question 1: What steps can organizations take to prevent incidents of cybercrime? Answer 1:

Question 1: What steps can organizations take to prevent incidents of cybercrime? Answer 1: Cybercrime Question 1: What steps can organizations take to prevent incidents of cybercrime? Answer 1: Organizations can prevent cybercrime from occurring through the proper use of personnel, resources,

More information

ISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002

ISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002 ISO 27002 COMPLIANCE GUIDE How Rapid7 Can Help You Achieve Compliance with ISO 27002 A CONTENTS Introduction 2 Detailed Controls Mapping 3 About Rapid7 8 rapid7.com ISO 27002 Compliance Guide 1 INTRODUCTION

More information

Information Security Controls Policy

Information Security Controls Policy Information Security Controls Policy Version 1 Version: 1 Dated: 21 May 2018 Document Owner: Head of IT Security and Compliance Document History and Reviews Version Date Revision Author Summary of Changes

More information

NISPOM Change 2: Considerations for Building an Effective Insider Threat Program

NISPOM Change 2: Considerations for Building an Effective Insider Threat Program NISPOM Change 2: Considerations for Building an Effective Insider Threat Program Randall Trzeciak (rft@cert.org) July 7, 2016 Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213

More information

What is ISO ISMS? Business Beam

What is ISO ISMS? Business Beam 1 Business Beam Contents 2 Your Information is your Asset! The need for Information Security? About ISO 27001 ISMS Benefits of ISO 27001 ISMS 3 Your information is your asset! Information is an Asset 4

More information

Internet of Things Toolkit for Small and Medium Businesses

Internet of Things Toolkit for Small and Medium Businesses Your Guide #IoTatWork to IoT Security #IoTatWork Internet of Things Toolkit for Small and Medium Businesses Table of Contents Introduction 1 The Internet of Things (IoT) 2 Presence of IoT in Business Sectors

More information

Is your privacy secure? HIPAA Compliance Workshop September Presented by: Andrés Castañeda, Senior Manager Steve Nouss, Partner

Is your privacy secure? HIPAA Compliance Workshop September Presented by: Andrés Castañeda, Senior Manager Steve Nouss, Partner Is your privacy secure? HIPAA Compliance Workshop September 2008 Presented by: Andrés Castañeda, Senior Manager Steve Nouss, Partner Agenda Have you secured your key operational, competitive and financial

More information

Are you safe? Your business growth strategies are at the heart of the cyber risks your organization faces

Are you safe? Your business growth strategies are at the heart of the cyber risks your organization faces Are you safe? Your business growth strategies are at the heart of the cyber risks your organization faces 36 Deloitte A Middle East Point of View Summer 2015 Cyber Security Most reports on cyber security

More information

Securing Data Centers: The Human Element

Securing Data Centers: The Human Element Securing Data Centers: The Human Element Michael Rozin Zvi Kremer April 12, 2018 Perpetrators, Threat Actors Security Personnel Targets, Enablers Securing Data Centers: The Threat Verizon London, Dec 6,

More information

Part 1: Anatomy of an Insider Threat Attack

Part 1: Anatomy of an Insider Threat Attack Part 1: Anatomy of an Insider Threat Attack Shiri Margel Data Security Research Team Lead Imperva Carrie McDaniel Emerging Products Team Lead Imperva Shiri Margel Data Security Research Team Lead Masters

More information

THE POWER OF TECH-SAVVY BOARDS:

THE POWER OF TECH-SAVVY BOARDS: THE POWER OF TECH-SAVVY BOARDS: LEADERSHIP S ROLE IN CULTIVATING CYBERSECURITY TALENT SHANNON DONAHUE DIRECTOR, INFORMATION SECURITY PRACTICES 1 IT S A RISK-BASED WORLD: THE 10 MOST CRITICAL UNCERTAINTIES

More information

RIMS Perk Session Protecting the Crown Jewels A Risk Manager's guide to cyber security March 18, 2015

RIMS Perk Session Protecting the Crown Jewels A Risk Manager's guide to cyber security March 18, 2015 www.pwc.com RIMS Perk Session 2015 - Protecting the Crown Jewels A Risk Manager's guide to cyber security March 18, 2015 Los Angeles RIMS Agenda Introductions What is Cybersecurity? Crown jewels The bad

More information

CyberArk Privileged Threat Analytics

CyberArk Privileged Threat Analytics CyberArk Privileged Threat Analytics Table of Contents The New Security Battleground: Inside Your Network 3 Privileged account security 3 Collect the right data 4 Detect critical threats 5 Alert on critical

More information

Office 365 Buyers Guide: Best Practices for Securing Office 365

Office 365 Buyers Guide: Best Practices for Securing Office 365 Office 365 Buyers Guide: Best Practices for Securing Office 365 Microsoft Office 365 has become the standard productivity platform for the majority of organizations, large and small, around the world.

More information

Cybersecurity, safety and resilience - Airline perspective

Cybersecurity, safety and resilience - Airline perspective Arab Civil Aviation Commission - ACAC/ICAO MID GNSS Workshop Cybersecurity, safety and resilience - Airline perspective Rabat, November, 2017 Presented by Adlen LOUKIL, Ph.D CEO, Resys-consultants Advisory,

More information

Cyber Fraud What can you do about it?

Cyber Fraud What can you do about it? Cyber Fraud What can you do about it? Eric Wright Shareholder June 10, 2014 What is Cyber Fraud? NetLingo definition: Cyber fraud refers to any type of deliberate deception for unfair or unlawful gain

More information

Physical security advisory services Securing your organisation s future

Physical security advisory services Securing your organisation s future Physical security advisory services Securing your organisation s future August 2018 KPMG.com/in Physical security threats on the rise In a dynamic geo-political, economic and social environment, businesses

More information

ISSMP is in compliance with the stringent requirements of ANSI/ISO/IEC Standard

ISSMP is in compliance with the stringent requirements of ANSI/ISO/IEC Standard Certification Exam Outline Effective Date: April 2013 About CISSP-ISSMP The Information Systems Security Management Professional (ISSMP) is a CISSP who specializes in establishing, presenting, and governing

More information

A practical guide to IT security

A practical guide to IT security Data protection A practical guide to IT security Ideal for the small business The Data Protection Act states that appropriate technical and organisational measures shall be taken against unauthorised or

More information

Securing Privileged Access and the SWIFT Customer Security Controls Framework (CSCF)

Securing Privileged Access and the SWIFT Customer Security Controls Framework (CSCF) Securing Privileged Access and the SWIFT Customer Security Controls Framework (CSCF) A Guide to Leveraging Privileged Account Security to Assist with SWIFT CSCF Compliance Table of Contents Executive Summary...

More information

Cybersecurity for Product Lifecycle Management A Research Roadmap

Cybersecurity for Product Lifecycle Management A Research Roadmap Cybersecurity for Product Lifecycle Management A Research Roadmap Elisa Bertino CS Department, CERIAS, and Cyber Center PLM Center Fellow Purdue University Cyber Center Why is Security Challenging in

More information

Best Practices in ICS Security for System Operators

Best Practices in ICS Security for System Operators Best Practices in ICS Security for System Operators Introduction Industrial automation and control systems have become increasingly connected to internal and external networks. This exposure has resulted

More information

Cyber Security for audit committees

Cyber Security for audit committees Cyber Security for audit committees Audit Committee Institute part of KPMG Board Leadership Centre kpmg.com/globalaci 2 Cyber in the Boardroom An introduction to cyber security for audit committes Audit

More information

ISO/IEC Solution Brief ISO/IEC EventTracker 8815 Centre Park Drive, Columbia MD 21045

ISO/IEC Solution Brief ISO/IEC EventTracker 8815 Centre Park Drive, Columbia MD 21045 Solution Brief 8815 Centre Park Drive, Columbia MD 21045 About delivers business critical software and services that transform high-volume cryptic log data into actionable, prioritized intelligence that

More information

Function Category Subcategory Implemented? Responsible Metric Value Assesed Audit Comments

Function Category Subcategory Implemented? Responsible Metric Value Assesed Audit Comments Function Category Subcategory Implemented? Responsible Metric Value Assesed Audit Comments 1 ID.AM-1: Physical devices and systems within the organization are inventoried Asset Management (ID.AM): The

More information

Understanding the Changing Cybersecurity Problem

Understanding the Changing Cybersecurity Problem Understanding the Changing Cybersecurity Problem Keith Price BBus, MSc, CGEIT, CISM, CISSP Founder & Principal Consultant 1 About About me - Specialise in information security strategy, architecture, and

More information

How technology changed fraud investigations. Jean-François Legault Senior Manager Analytic & Forensic Technology June 13, 2011

How technology changed fraud investigations. Jean-François Legault Senior Manager Analytic & Forensic Technology June 13, 2011 How technology changed fraud investigations Jean-François Legault Senior Manager Analytic & Forensic Technology June 13, 2011 The Changing Cyberfraud Landscape Underground Economy Malware Authors Organized

More information

Information Security Policy

Information Security Policy April 2016 Table of Contents PURPOSE AND SCOPE 5 I. CONFIDENTIAL INFORMATION 5 II. SCOPE 6 ORGANIZATION OF INFORMATION SECURITY 6 I. RESPONSIBILITY FOR INFORMATION SECURITY 6 II. COMMUNICATIONS REGARDING

More information

Cyber Incident Response. Prepare for the inevitable. Respond to evolving threats. Recover rapidly. Cyber Incident Response

Cyber Incident Response. Prepare for the inevitable. Respond to evolving threats. Recover rapidly. Cyber Incident Response Cyber Incident Response Prepare for the inevitable. Respond to evolving threats. Recover rapidly. Cyber Incident Response 1 2 Today, no Canadian business is immune from a potential attack. It s no longer

More information

10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS

10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS 10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS WHITE PAPER INTRODUCTION BANKS ARE A COMMON TARGET FOR CYBER CRIMINALS AND OVER THE LAST YEAR, FIREEYE HAS BEEN HELPING CUSTOMERS RESPOND

More information

FTA 2017 SEATTLE. Cybersecurity and the State Tax Threat Environment. Copyright FireEye, Inc. All rights reserved.

FTA 2017 SEATTLE. Cybersecurity and the State Tax Threat Environment. Copyright FireEye, Inc. All rights reserved. FTA 2017 SEATTLE Cybersecurity and the State Tax Threat Environment 1 Agenda Cybersecurity Trends By the Numbers Attack Trends Defensive Trends State and Local Intelligence What Can You Do? 2 2016: Who

More information

Cyber Security Incident Response Fighting Fire with Fire

Cyber Security Incident Response Fighting Fire with Fire Cyber Security Incident Response Fighting Fire with Fire Arun Perinkolam, Senior Manager Deloitte & Touche LLP Professional Techniques T21 CRISC CGEIT CISM CISA AGENDA Companies like yours What is the

More information

Does someone else own your company s reputation? EY Global Information Security Survey 2018

Does someone else own your company s reputation? EY Global Information Security Survey 2018 Does someone else own your company s reputation? EY Global Information Security Survey 2018 Perspectives for technology, media and entertainment, and telco companies Risking cyber reputations Are TMT companies

More information

Cybersecurity A Regulatory Perspective Sara Nielsen IT Manager Federal Reserve Bank of Kansas City

Cybersecurity A Regulatory Perspective Sara Nielsen IT Manager Federal Reserve Bank of Kansas City 1 Cybersecurity A Regulatory Perspective Sara Nielsen IT Manager Federal Reserve Bank of Kansas City The opinions expressed are those of the presenters and are not those of the Federal Reserve Banks, the

More information

Whitepaper on AuthShield Two Factor Authentication with SAP

Whitepaper on AuthShield Two Factor Authentication with SAP Whitepaper on AuthShield Two Factor Authentication with SAP By AuthShield Labs Pvt. Ltd Table of Contents Table of Contents...2 1.Overview...4 2. Threats to account passwords...5 2.1 Social Engineering

More information

SMALL BUSINESS CYBERSECURITY SURVIVAL GUIDE

SMALL BUSINESS CYBERSECURITY SURVIVAL GUIDE SMALL BUSINESS CYBERSECURITY SURVIVAL GUIDE Small business cybersecurity survival guide By Stephen Cobb, ESET Senior Security Researcher Computers and the internet bring many benefits to small businesses,

More information

TOP 10 IT SECURITY ACTIONS TO PROTECT INTERNET-CONNECTED NETWORKS AND INFORMATION

TOP 10 IT SECURITY ACTIONS TO PROTECT INTERNET-CONNECTED NETWORKS AND INFORMATION INFORMATION TECHNOLOGY SECURITY GUIDANCE TOP 10 IT SECURITY ACTIONS TO PROTECT INTERNET-CONNECTED NETWORKS AND INFORMATION ITSM.10.189 October 2017 INTRODUCTION The Top 10 Information Technology (IT) Security

More information

Information Technology General Control Review

Information Technology General Control Review Information Technology General Control Review David L. Shissler, Senior IT Auditor, CPA, CISA, CISSP Office of Internal Audit and Risk Assessment September 15, 2016 Background Presenter Senior IT Auditor

More information

Combating Cyber Risk in the Supply Chain

Combating Cyber Risk in the Supply Chain SESSION ID: CIN-W10 Combating Cyber Risk in the Supply Chain Ashok Sankar Senior Director Cyber Strategy Raytheon Websense @ashoksankar Introduction The velocity of data breaches is accelerating at an

More information

Information Technology Security Plan Policies, Controls, and Procedures Identify Governance ID.GV

Information Technology Security Plan Policies, Controls, and Procedures Identify Governance ID.GV Information Technology Security Plan Policies, Controls, and Procedures Identify Governance ID.GV Location: https://www.pdsimplified.com/ndcbf_pdframework/nist_csf_prc/documents/identify/ndcbf _ITSecPlan_IDGV2017.pdf

More information

Information Security Controls Policy

Information Security Controls Policy Information Security Controls Policy Classification: Policy Version Number: 1-00 Status: Published Approved by (Board): University Leadership Team Approval Date: 30 January 2018 Effective from: 30 January

More information

ICBA Summary of FFIEC Cybersecurity Assessment Tool (May 2017 Update)

ICBA Summary of FFIEC Cybersecurity Assessment Tool (May 2017 Update) ICBA Summary of FFIEC Cybersecurity Assessment Tool (May 2017 Update) June 2017 INSERT YEAR HERE Contact Information: Jeremy Dalpiaz AVP, Cyber and Data Security Policy Jeremy.Dalpiaz@icba.org ICBA Summary

More information

2005 E-Crime Watch Survey Survey Results Conducted by CSO magazine in cooperation with the U.S. Secret Service and CERT Coordination Center

2005 E-Crime Watch Survey Survey Results Conducted by CSO magazine in cooperation with the U.S. Secret Service and CERT Coordination Center OVERALL RESULTS E-Crime Watch Survey: 2005 Field Dates: 3/3/05 3/14/05 Total completed surveys: 819 Margin of Error: +/- 3.4% NOTE TO EDITOR For the purpose of this survey, electronic crime, intrusion,

More information

Security+ Guide to Network Security Fundamentals, Fourth Edition. Chapter 1 Introduction to Security

Security+ Guide to Network Security Fundamentals, Fourth Edition. Chapter 1 Introduction to Security Security+ Guide to Network Security Fundamentals, Fourth Edition Chapter 1 Introduction to Security Objectives Describe the challenges of securing information Define information security and explain why

More information

Security in a Converging IT/OT World

Security in a Converging IT/OT World Security in a Converging IT/OT World Introduction Around the winter solstice, darkness comes early to the citizens of Ukraine. On December 23, 2015, it came a little earlier than normal. In mid-afternoon,

More information

Managing IT Risk: What Now and What to Look For. Presented By Tina Bode IT Assurance Services

Managing IT Risk: What Now and What to Look For. Presented By Tina Bode IT Assurance Services Managing IT Risk: What Now and What to Look For Presented By Tina Bode IT Assurance Services Agenda 1 2 WHAT TOP TEN IT SECURITY RISKS YOU CAN DO 3 QUESTIONS 2 IT S ALL CONNECTED Introduction All of our

More information

Enhancing the Cybersecurity of Federal Information and Assets through CSIP

Enhancing the Cybersecurity of Federal Information and Assets through CSIP TECH BRIEF How BeyondTrust Helps Government Agencies Address Privileged Access Management to Improve Security Contents Introduction... 2 Achieving CSIP Objectives... 2 Steps to improve protection... 3

More information

CYBERSECURITY. Protecting Against the Financial, Regulatory and Reputational Impacts of Cyber Attack

CYBERSECURITY. Protecting Against the Financial, Regulatory and Reputational Impacts of Cyber Attack CYBERSECURITY Protecting Against the Financial, Regulatory and Reputational Impacts of Cyber Attack An Interview with the Department of Homeland Security s Office of Cybersecurity Since government agencies

More information

Breaches and Remediation

Breaches and Remediation Breaches and Remediation Ramona Oliver US Department of Labor Personally Identifiable Information Personally Identifiable Information (PII): Any information about an individual maintained by an agency,

More information