Institute of Internal Auditors 2019 CONNECT WITH THE IIA CHICAGO #IIACHI
|
|
- Laureen Russell
- 5 years ago
- Views:
Transcription
1 Institute of Internal Auditors 2019 CONNECT WITH THE IIA CHICAGO #IIACHI 1
2 Auditing Cyber Defense Technologies STEPHEN HEAD EXPERIS FINANCE APRIL 1, 2019 Institute of Internal Auditors 2019 CONNECT WITH THE IIA CHICAGO #IIACHI 2
3 Agenda Topic Cyber Risks Endpoint Protection Next-Generation Layer 7 Firewalls Multifactor Authentication Filtering Vulnerability Scanning Penetration Testing Security Information and Event Management (SIEM) Intrusion Detection (IDS)/Intrusion Prevention (IPS) Security Operations Center (SOC) Threat Intelligence Computer Forensics Cloud Security Summary Institute of Internal Auditors 2019 CONNECT WITH THE IIA CHICAGO #IIACHI 3
4 Headlines Highlight Increased Risk
5 Not IF, but WHEN You Will Be Attacked Pundits extoll the costs of breaches and cyber attacks, but few offer anything beyond anecdotal data collected through surveys. According to the Ponemon Institute, as of 2018: $3.86 million is the average total cost of a data breach 6.4% increase in the total cost of a data breach since 2017 $148 is the average cost per lost or stolen record The only cost that truly matters is the one your organization must deal with! Source: Ponemon Institute
6 Organizations Are Dealing With Multiple Impacts Data Losses Are Only One Aspect of a Broader Issue Source:
7 What Regulators are Saying Cybercriminals can cause significant financial losses for regulated entities as well as for consumers whose private information may be revealed and/or stolen for illicit purposes. The number of cyber events has been steadily increasing and estimates of potential risk to our financial services industry are stark. Given the seriousness of the issue and the risk to all regulated entities, certain regulatory minimum standards are warranted. Source: New York State DFS 23 NYCRR 500
8 Emerging Global Risk and Trends German Steel Mill Hackers struck a steel mill in Germany by manipulating and disrupting control systems resulting in massive damage... we fully expect a business to fail due to the financial consequences of a cyberattack. 1 Cyber-attacks are costing businesses $400 - $500 billion a year 2 Cyber resiliency should be part of BCM efforts Hollywood Presbyterian Medical Center Ransomware locked doctors out of patient records for more than a week. Hackers demanded $3.6M 1 Source: Lloyd s insurer Aegis London 2 Source: Forbes, The Business of Cybersecurity:2015 Market Size, Cyber Crime, Employment and Industry Statistics, October 2015
9 Source:
10 Attackers, Targets and Motivations are Evolving Threat Actors Motives Attack Targets Risks Nation State Political Agenda Military Agenda Economic Harm Intellectual Property Sensationalism Critical Infrastructure Competitive Impact Service Disruptions Design Disclosure Criminal Underground Theft Fraud Ransom Personal Information Credit Card Data Device Manipulation Regulatory Sanctions Lawsuits Loss of Reputation Hactivists Political Agenda Personal Agenda Social Change Corporate Sensitive Key Employee Information Brand Damage Business Disruption Loss of Reputation Lone Wolves Thrill Seeking Personal Gain Social Status Device Control Vandalism Harassment Business Disruption Brand Damage Personal Safety Insiders Financial Gain Social/Political Gain Revenge Device Control Vandalism Harassment Competitive Impact Business Disruption Loss of Reputation
11 Anatomy of an Attack Each attack type is unique, but most have a similar structure Planning/Information Gathering Initial Attack and Breach Establish Command and Control Additional Exploitation Data Exfiltration and Persistence Phases Information available on the internet Information coerced via various means Identify vulnerable systems, services, processes Gain access to internal network or systems Establish a means of controlling base for gathering more network details and exploitation Malware takes effect Search for information sources Additional credentials/ authorizations Attempt additional exploits Remove or extract data obtained Avoid discovery Example Identify Employees and Contact Information Create a spoofed web site Send malicious link Wait for results Test for access, connectivity, conduct scans, identify resources Identify additional vulnerabilities, execute exploits, collect information Identify additional vulnerabilities The right sensors when monitored and acted upon can prevent or detect attacks at each critical phase
12 Endpoint Protection This category consists of software that is designed to provide the necessary protections to prevent the endpoint (server, client, mobile device, etc.) from attacks by malware, bots, or intruders. Modern endpoint protection software uses multiple methods to determine the identity of hostile or unknown software packages. Symantec, for example, has a Host Intrusion Prevention System (HIPS) component. Cylance uses a proprietary database of malware attributes and blocks such from executing when it detects the software. Institute of Internal Auditors 2019 IIA CHICAGO CHAPTER JOIN 12
13 Endpoint Protection Examples: Symantec, McAfee, Cylance Audit Considerations: Distribution to all endpoints Endpoint detection settings Alerts generated from endpoint software Institute of Internal Auditors 2019 IIA CHICAGO CHAPTER JOIN 13
14 Next-Generation Layer 7 Firewalls Layer 7 capabilities indicate that the device can efficiently examine application code and report any anomalies or malicious indicators. According to Gartner, 75% of attacks now take place at the application layer. A majority of recent vulnerabilities affect web applications. Next generation devices often incorporate features normally found in separate devices such as intrusion detection, malware detection, sandboxing, etc. Institute of Internal Auditors 2019 IIA CHICAGO CHAPTER JOIN 14
15 Next-Generation Layer 7 Firewalls Examples: Palo Alto, Checkpoint, Cisco and Fortinet Audit Considerations: Failure to implement key features Proper sizing of hardware, features installed, and network throughput to ensure adequate capacity Lack of log retention or no aggregation and correlation of logs Institute of Internal Auditors 2019 IIA CHICAGO CHAPTER JOIN 15
16 Multifactor Authentication Multifactor Authentication (MFA) prevents identity theft by using two or more methods to confirm the identity of the user. Many of the solutions perform MFA by providing a secondary check of the user s identity by communicating to the user some form of code that the user must enter after successfully submitting an ID/password combination. The user must enter this code into some sort of portal or application that is provided by the solution. The code is verified on the backend to confirm the identity of the user. Institute of Internal Auditors 2019 IIA CHICAGO CHAPTER JOIN 16
17 Multifactor Authentication Examples: Google authenticator, LastPass authenticator, Microsoft authenticator, Okta Audit Considerations: Exempting certain classes of users Access paths that bypass multifactor Authentication that pretends to be but is not truly multifactor Institute of Internal Auditors 2019 IIA CHICAGO CHAPTER JOIN 17
18 Filtering This involves filtering incoming mail, identifying whether such mail is part of a phishing campaign, and automatically removing even if received by users after the fact. This would occur if the was not identified as malicious when it was initially received by the organization s server, but was later flagged by the security industry as part of a criminal effort. Filtering may also involve egress filtering of PII. Institute of Internal Auditors 2019 IIA CHICAGO CHAPTER JOIN 18
19 Filtering Example: Proofpoint Audit Considerations: Administration procedures should be formalized Filtering should encompass the entire enterprise and not just certain business units Filtering is tuned to minimize type 1 and 2 errors Is PII subject to filtering? Institute of Internal Auditors 2019 IIA CHICAGO CHAPTER JOIN 19
20 Vulnerability Scanning There are many commercial vulnerability scanners. Most of these are well designed and have robust research organizations supporting them. The best scanners not only indicate what vulnerabilities exist, but also provide guidance regarding the software company s recommended fix for these issues. Vulnerability scanning software allows the user to mark certain findings as either false positives or as accepted risk. Unfortunately, this feature is sometimes used to mask vulnerabilities that should be remediated. Institute of Internal Auditors 2019 IIA CHICAGO CHAPTER JOIN 20
21 Vulnerability Scanning Examples: Nessus, Qualys, Nmap Audit Considerations: Scan should not omit key infrastructure components Incorrectly designating vulnerabilities as false positive or accepted risk without proper vetting Scans should be periodically conducted (at least quarterly) and actionable items acted upon promptly Institute of Internal Auditors 2019 IIA CHICAGO CHAPTER JOIN 21
22 Penetration Testing Penetration Testing, also called Ethical Hacking, is the process of ensuring that adequate security controls have been applied to technological components of a system by attempting to subvert such controls. With some of the newer pen testing tools, the user is not required to have any additional skills other than to learn the commands that must be run from the user interface no programming, system administration, network administration, or other skills are needed. This may be an overselling our their capabilities. Testers should hold a Certified Ethical Hacker (CEH) certification or have equivalent real-world experience. Institute of Internal Auditors 2019 IIA CHICAGO CHAPTER JOIN 22
23 Penetration Testing Examples: MetaSploit, Rapid7, Kali Linux Audit Considerations: Sufficient time should be provided to perform the testing, otherwise it is not a true test Designating parts of the infrastructure as outof-scope results in a less than complete pen test (usually omitting the worst offenders) Pen tests should be performed at least annually Institute of Internal Auditors 2019 IIA CHICAGO CHAPTER JOIN 23
24 Security Information and Event Management (SIEM) Typically, log data is collected from every kind of technology possible in order to accumulate the maximum amount of data firewalls, routers, smart switches, wireless access points, intrusion detection/protection systems, antivirus/endpoint protection solutions, etc. The result is: Real time monitoring of all IT infrastructure Correlation of events Analysis and reporting of security incidents Integrated with threat intelligence Centralized storage of logs Institute of Internal Auditors 2019 IIA CHICAGO CHAPTER JOIN 24
25 Security Information and Event Management (SIEM) Examples: AlienVault, Splunk Audit Considerations: The SIEM needs to be connected to all key infrastructure elements in order to be effective. The SIEM needs to be tuned with proper rules or use cases set up to that instruct the SIEM on what to do with the data and how to label it with regard to the degree of risk. Lack of log retention or aggregation. Escalation procedures for notifications from the SIEM should be formalized. Institute of Internal Auditors 2019 IIA CHICAGO CHAPTER JOIN 25
26 Intrusion Detection (IDS) / Intrusion Prevention (IPS) These devices have grown significantly in capability and complexity over the years, to the point where they can no longer be considered simply technology that detects and/or blocks traffic based upon certain attributes, but also has many other features that allow for prevention and analysis. Modern deployments in this area are often categorized as IDPS, since it intends to meet both the detection and prevention requirements. The value-add of IDS/IPS is the richness of the data that it can send to the SIEM. Institute of Internal Auditors 2019 IIA CHICAGO CHAPTER JOIN 26
27 Intrusion Detection (IDS) / Intrusion Prevention (IPS) Examples: Products offered by McAfee, Darktrace, Trend Micro, Cisco Audit Considerations: Sensors are not appropriately placed IDS/IPS is not being updated regularly IDS/IPS is not properly tuned (i.e., too many false positives caused the System Administrator to turn down the sensitivity thereby negating the usefulness of the detective component) Lack of log retention or aggregation Institute of Internal Auditors 2019 IIA CHICAGO CHAPTER JOIN 27
28 Security Operations Center (SOC) The focus of a SOC is to monitor for security incidents that occur and react to them in a timely manner. Often, the SOC receives alerts about incidents from the SIEM, although there may be other channels through which data flows. Once they receive a notification, the SOC analysts will examine the data received and try to determine a cause for the incident. SOCs can be staffed in a number of ways. In many cases, a third-party security company is hired to provide coverage from a professional SOC facility. Institute of Internal Auditors 2019 IIA CHICAGO CHAPTER JOIN 28
29 Security Operations Center (SOC) Examples: Can be internal or outsourced Audit Considerations: Processes for triaging potential vulnerabilities and handling escalation of communications should be formalized Since this is a 24x7 operation, formal procedures for handoff of issues during shift change is important Service Level Agreements (SLAs) should be in place with escalation depending on the severity of the event Institute of Internal Auditors 2019 IIA CHICAGO CHAPTER JOIN 29
30 Threat Intelligence Threat intelligence provides access to technical and adversary intelligence collected by a vendor through thousands of monitored sensors and other proprietary mechanisms to give early warning of potential attacks. It may also be integrated with sensors deployed at the perimeter of the organization s own network, to provide a more complete picture of what is happening to other organizations and how that correlates with early signs that may be showing up in IDS/IPS alerts and firewall messages. Institute of Internal Auditors 2019 IIA CHICAGO CHAPTER JOIN 30
31 Threat Intelligence Examples: FireEye, Deepsight, LookingGlass Audit Considerations: Threat intelligence should be integrated into the SIEM and SOC in order to be useful Intelligence should be updated continuously as attacks often appear first in time zones where the business day is just getting started The provider should have a sufficiently large footprint for its information to be useful Institute of Internal Auditors 2019 IIA CHICAGO CHAPTER JOIN 31
32 Computer Forensics Computer forensics is the practice of using digital data and records to support an investigation into that behavior, be it criminal, civil, or corporate. There are many categories of computer forensics. What they have in common is the gathering and correlation of evidence without destroying or otherwise tainting its usefulness if law enforcement is brought into the investigation. Institute of Internal Auditors 2019 IIA CHICAGO CHAPTER JOIN 32
33 Computer Forensics Examples: EnCase, FTK Audit Considerations: Users should have proper training in how to handle evidence and exercise proper chain-ofcustody. In reviewing digital evidence, one must take special care to not taint the original. Often this means reviews should be performed against a copy of the media and never against the original. Institute of Internal Auditors 2019 IIA CHICAGO CHAPTER JOIN 33
34 Cloud Security Cloud providers will often have security services that either are included as part of the agreement or can be purchased separately. Some of the areas that should be focused on when setting up service agreements include: Governance Compliance Availability Data Security Identity and Access Management Disaster Recovery and Business Continuity Planning Institute of Internal Auditors 2019 IIA CHICAGO CHAPTER JOIN 34
35 Cloud Security Examples: AWS, Azure Audit Considerations: What type of SOC report is available? What optional security features have been included in the contract (or omitted)? Have all contracted for security features been implemented? How are cloud security features into the SIEM and SOC? Institute of Internal Auditors 2019 IIA CHICAGO CHAPTER JOIN 35
36 Stephen Head Director, IT Risk Advisory Services Experis Finance Questions and Answers? END OF PRESENTATION Institute of Internal Auditors 2019 CONNECT WITH THE IIA CHICAGO #IIACHI
37 Stephen Head Director, IT Risk Advisory Services Experis Finance Thank you for your time and attention! IIA CHAPTER CHICAGO 59 TH ANNUAL SEMINAR Institute of Internal Auditors 2019 CONNECT WITH THE IIA CHICAGO #IIACHI
Business continuity management and cyber resiliency
Baker Tilly refers to Baker Tilly Virchow Krause, LLP, an independently owned and managed member of Baker Tilly International. Business continuity management and cyber resiliency Introductions Eric Wunderlich,
More informationCyber Insurance: What is your bank doing to manage risk? presented by
Cyber Insurance: What is your bank doing to manage risk? David Kitchen presented by Lisa Micciche Today s Agenda Claims Statistics Common Types of Cyber Attacks Typical Costs Incurred to Respond to an
More informationNORTH AMERICAN SECURITIES ADMINISTRATORS ASSOCIATION Cybersecurity Checklist for Investment Advisers
Identify Protect Detect Respond Recover Identify: Risk Assessments & Management 1. Risk assessments are conducted frequently (e.g. annually, quarterly). 2. Cybersecurity is included in the risk assessment.
More informationWHITEPAPER HEALTHCARE S KEY TO DEFEATING CYBERATTACKS
July 2018 WHITEPAPER HEALTHCARE S KEY TO DEFEATING CYBERATTACKS JUST WHAT THE DOCTOR ORDERED... PROTECT PATIENT DATA, CLINICAL RESEARCH AND CRITICAL INFRASTRUCTURE HEALTHCARE S KEY TO DEFEATING IOT CYBERATTACKS
More informationEFFECTIVELY TARGETING ADVANCED THREATS. Terry Sangha Sales Engineer at Trustwave
EFFECTIVELY TARGETING ADVANCED THREATS Terry Sangha Sales Engineer at Trustwave THE CHALLENGE PROTECTING YOUR ENVIRONMENT IS NOT GETTING EASIER ENDPOINT POINT OF SALE MOBILE VULNERABILITY MANAGEMENT CYBER
More information10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS
10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS WHITE PAPER INTRODUCTION BANKS ARE A COMMON TARGET FOR CYBER CRIMINALS AND OVER THE LAST YEAR, FIREEYE HAS BEEN HELPING CUSTOMERS RESPOND
More informationlocuz.com SOC Services
locuz.com SOC Services 1 Locuz IT Security Lifecycle services combine people, processes and technologies to provide secure access to business applications, over any network and from any device. Our security
More informationRSA NetWitness Suite Respond in Minutes, Not Months
RSA NetWitness Suite Respond in Minutes, Not Months Overview One can hardly pick up a newspaper or turn on the news without hearing about the latest security breaches. The Verizon 2015 Data Breach Investigations
More informationDATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE
DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE EXECUTIVE SUMMARY ALIGNING CYBERSECURITY WITH RISK The agility and cost efficiencies
More informationPass4suresVCE. Pass4sures exam vce dumps for guaranteed success with high scores
Pass4suresVCE http://www.pass4suresvce.com Pass4sures exam vce dumps for guaranteed success with high scores Exam : CS0-001 Title : CompTIA Cybersecurity Analyst (CySA+) Exam Vendor : CompTIA Version :
More informationData Security and Privacy : Compliance to Stewardship. Jignesh Patel Solution Consultant,Oracle
Data Security and Privacy : Compliance to Stewardship Jignesh Patel Solution Consultant,Oracle Agenda Connected Government Security Threats and Risks Defense In Depth Approach Summary Connected Government
More informationCybersecurity Auditing in an Unsecure World
About This Course Cybersecurity Auditing in an Unsecure World Course Description $5.4 million that s the average cost of a data breach to a U.S.-based company. It s no surprise, then, that cybersecurity
More informationINCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Data Theft
Automate Response Congratulations on selecting IncidentResponse.com to retrieve your custom incident response playbook guide. This guide has been created especially for you for use in within your security
More informationINCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Elevation of Privilege
Automate Response Congratulations on selecting IncidentResponse.com to retrieve your custom incident response playbook guide. This guide has been created especially for you for use in within your security
More information2017 Annual Meeting of Members and Board of Directors Meeting
2017 Annual Meeting of Members and Board of Directors Meeting Dan Domagala; "Cybersecurity: An 8-Point Checklist for Protecting Your Assets" Join this interactive discussion about cybersecurity trends,
More informationTechnology Risk Management in Banking Industry. Rocky Cheng General Manager, Information Technology, Bank of China (Hong Kong) Limited
Technology Risk Management in Banking Industry Rocky Cheng General Manager, Information Technology, Bank of China (Hong Kong) Limited Change in Threat Landscape 2 Problem & Threats faced by Banking Industry
More informationOne Hospital s Cybersecurity Journey
MAY 11 12, 2017 SAN FRANCISCO, CA One Hospital s Cybersecurity Journey SanFrancisco.HealthPrivacyForum.com #HITprivacy Introduction Senior Director Information Systems Technology, Children s Mercy Hospital
More informationCyber Risks in the Boardroom Conference
Cyber Risks in the Boardroom Conference Managing Business, Legal and Reputational Risks Perspectives for Directors and Executive Officers Preparing Your Company to Identify, Mitigate and Respond to Risks
More informationCybersecurity. Overview. Define Cyber Security Importance of Cyber Security 2017 Cyber Trends Top 10 Cyber Security Controls
Cybersecurity Hospitality Finance and Technology Professionals June 27, 2017 Presented by: Harvey Johnson, CPA Partner Overview Define Cyber Security Importance of Cyber Security 2017 Cyber Trends 1 About
More informationTHE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION
BREACH & ATTACK SIMULATION THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION Cymulate s cyber simulation platform allows you to test your security assumptions, identify possible security gaps and receive
More informationProtecting organisations from the ever evolving Cyber Threat
Protecting organisations from the ever evolving Cyber Threat Who we are .At a glance 16+ Up to 190B 2B+ Dell SecureWorks is one of the most promising MSSPs in the GCC region MSS Market Report on GCC, Frost
More informationInformation Security Is a Business
Information Security Is a Business Continuity Issue: Are You Ready? Dr. Nader Mehravari Cyber Risk and Resilience Management Team CERT Division Software Engineering Institute Carnegie Mellon University
More informationwith Advanced Protection
with Advanced Email Protection OVERVIEW Today s sophisticated threats are changing. They re multiplying. They re morphing into new variants. And they re targeting people, not just technology. As organizations
More informationCyber Security Technologies
1 / Cyber Security Technologies International Seminar on Cyber Security: An Action to Establish the National Cyber Security Center Lisbon, 12 th September 2013 23 / Key highlights - Thales Group Thales
More informationDHG presenter. August 17, Addressing the Evolving Cybersecurity Landscape. DHG Birmingham CPE Seminar 1
Addressing the Evolving Cybersecurity Tom Tollerton, CISSP, CISA, PCI QSA Manager Cybersecurity Advisory Services DHG presenter Tom Tollerton, Manager DHG IT Advisory 704.367.7061 tom.tollerton@dhgllp.com
More informationDelivering Integrated Cyber Defense for the Cloud Generation Darren Thomson
Delivering Integrated Cyber Defense for the Generation Darren Thomson Vice President & CTO, EMEA Region Symantec In 2009 there were 2,361,414 new piece of malware created. In 2015 that number was 430,555,582
More informationLayer Security White Paper
Layer Security White Paper Content PEOPLE SECURITY PRODUCT SECURITY CLOUD & NETWORK INFRASTRUCTURE SECURITY RISK MANAGEMENT PHYSICAL SECURITY BUSINESS CONTINUITY & DISASTER RECOVERY VENDOR SECURITY SECURITY
More informationINCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Unauthorized Access
Automate Response Congratulations on selecting IncidentResponse.com to retrieve your custom incident response playbook guide. This guide has been created especially for you for use in within your security
More informationAre we breached? Deloitte's Cyber Threat Hunting
Are we breached? Deloitte's Cyber Threat Hunting Brochure / report title goes here Section title goes here Have we been breached? Are we exposed? How do we proactively detect an attack and minimize the
More informationCyber Security Incident Response Fighting Fire with Fire
Cyber Security Incident Response Fighting Fire with Fire Arun Perinkolam, Senior Manager Deloitte & Touche LLP Professional Techniques T21 CRISC CGEIT CISM CISA AGENDA Companies like yours What is the
More informationNEXT GENERATION SECURITY OPERATIONS CENTER
DTS SOLUTION NEXT GENERATION SECURITY OPERATIONS CENTER SOC 2.0 - ENHANCED SECURITY O&M SOC 2.0 - SUCCESS FACTORS SOC 2.0 - FUNCTIONAL COMPONENTS DTS SOLUTION SOC 2.0 - ENHANCED SECURITY O&M SOC 2.0 Protecting
More informationSECURITY & PRIVACY DOCUMENTATION
Okta s Commitment to Security & Privacy SECURITY & PRIVACY DOCUMENTATION (last updated September 15, 2017) Okta is committed to achieving and preserving the trust of our customers, by providing a comprehensive
More informationNew York Cybersecurity. New York Cybersecurity. Requirements for Financial Services Companies (23NYCRR 500) Solution Brief
Publication Date: March 10, 2017 Requirements for Financial Services Companies (23NYCRR 500) Solution Brief EventTracker 8815 Centre Park Drive, Columbia MD 21045 About EventTracker EventTracker s advanced
More informationEliminating the Blind Spot: Rapidly Detect and Respond to the Advanced and Evasive Threat
WHITE PAPER Eliminating the Blind Spot: Rapidly Detect and Respond to the Advanced and Evasive Threat Executive Summary Unfortunately, it s a foregone conclusion that no organisation is 100 percent safe
More informationA Comprehensive Guide to Remote Managed IT Security for Higher Education
A Comprehensive Guide to Remote Managed IT Security for Higher Education About EventTracker EventTracker enables its customers to stop attacks and pass IT audits. EventTracker s award-winning product suite
More informationISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002
ISO 27002 COMPLIANCE GUIDE How Rapid7 Can Help You Achieve Compliance with ISO 27002 A CONTENTS Introduction 2 Detailed Controls Mapping 3 About Rapid7 8 rapid7.com ISO 27002 Compliance Guide 1 INTRODUCTION
More informationUniversity of Pittsburgh Security Assessment Questionnaire (v1.7)
Technology Help Desk 412 624-HELP [4357] technology.pitt.edu University of Pittsburgh Security Assessment Questionnaire (v1.7) Directions and Instructions for completing this assessment The answers provided
More informationCybersecurity Threat Modeling ISACA Atlanta Chapter Geek Week Conference
www.pwc.com 2016 ISACA Atlanta Chapter Geek Week Conference Highlights from surveys 38% Amount of security incidents In 2015, 38% more security incidents were detected than in 2014. $4.9M Cost of security
More informationPersonal Cybersecurity
Personal Cybersecurity The Basic Principles Jeremiah School, CEO How big is the issue? 9 8 7 6 5 4 3 2 1 Estimated global damages in 2018 0 2016 2018 2020 2022 2024 2026 2028 2030 Internet Users Billions
More informationRansomware A case study of the impact, recovery and remediation events
Ransomware A case study of the impact, recovery and remediation events Palindrome Technologies 100 Village Court Suite 102 Hazlet, NJ 07730 www.palindrometech.com Peter Thermos President & CTO Tel: (732)
More informationUnderstanding Cyber Insurance & Regulatory Drivers for Business Continuity
Understanding Cyber Insurance & Regulatory Drivers for Business Continuity Lily Yeoh, CISSP, CBCP lily@cb1security.com https://www.cb1security.com Agenda BC/DR Business Drivers Recent Regulatory & Cyber
More informationTHE SIX ESSENTIAL CAPABILITIES OF AN ANALYTICS-DRIVEN SIEM
THE SIX ESSENTIAL CAPABILITIES OF AN ANALYTICS-DRIVEN SIEM Modern threats demand analytics-driven security and continuous monitoring Legacy SIEMs are Stuck in the Past Finding a mechanism to collect, store
More informationKeys to a more secure data environment
Keys to a more secure data environment A holistic approach to data infrastructure security The current fraud and regulatory landscape makes it clear that every firm needs a comprehensive strategy for protecting
More informationCybersecurity Today Avoid Becoming a News Headline
Cybersecurity Today 2017 Avoid Becoming a News Headline Topics Making News Notable Incidents Current State of Affairs Common Points of Failure Three Quick Wins How to Prepare for and Respond to Cybersecurity
More informationCybersecurity and Hospitals: A Board Perspective
Cybersecurity and Hospitals: A Board Perspective Cybersecurity is an important issue for both the public and private sector. At a time when so many of our activities depend on information systems and technology,
More informationE-guide Getting your CISSP Certification
Getting your CISSP Certification Intro to the 10 CISSP domains of the Common Body of Knowledge : The Security Professional (CISSP) is an information security certification that was developed by the International
More informationCYBER SECURITY RISK ASSESSMENT: WHAT EVERY PENSION GOVERNMENTAL ENTITY NEEDS TO KNOW
CYBER SECURITY RISK ASSESSMENT: WHAT EVERY PENSION GOVERNMENTAL ENTITY NEEDS TO KNOW May 2018 Ed Plawecki General Counsel & Director of Government Relations UHY LLP Jamie See Manager UHY LLP Iowa Public
More informationCybersecurity What Companies are Doing & How to Evaluate. Miguel Romero - NAIC David Gunkel & Dan Ford Rook Security
Cybersecurity What Companies are Doing & How to Evaluate Miguel Romero - NAIC David Gunkel & Dan Ford Rook Security Learning Objectives At the end of this presentation, you will be able to: Explain the
More informationHealthcare HIPAA and Cybersecurity Update
Baker Tilly refers to Baker Tilly Virchow Krause, LLP, an independently owned and managed member of Baker Tilly International. Healthcare HIPAA and Cybersecurity Update Agenda > Introductions > Cybersecurity
More informationCipherCloud CASB+ Connector for ServiceNow
ServiceNow CASB+ Connector CipherCloud CASB+ Connector for ServiceNow The CipherCloud CASB+ Connector for ServiceNow enables the full suite of CipherCloud CASB+ capabilities, in addition to field-level
More informationInstitute of Internal Auditors 2019 CONNECT WITH THE IIA CHICAGO #IIACHI
Institute of Internal Auditors 2019 CONNECT WITH THE IIA CHICAGO CHAPTER: @IIACHI #IIACHI WWW.FACEBOOK.COM/IIACHICAGO HTTPS://WWW.LINKEDIN.COM/GROUPS/1123977 1 CAE Communications and Common Audit Committee
More informationCCISO Blueprint v1. EC-Council
CCISO Blueprint v1 EC-Council Categories Topics Covered Weightage 1. Governance (Policy, Legal, & Compliance) & Risk Management 1.1 Define, implement, manage and maintain an information security governance
More informationCybersecurity The Evolving Landscape
Cybersecurity The Evolving Landscape 1 Presenter Zach Shelton, CISA Principal DHG IT Advisory Zach.Shelton@DHG.com Raleigh, NC 14+ years of experience in IT Consulting 11+ years of experience with DHG
More information10 FOCUS AREAS FOR BREACH PREVENTION
10 FOCUS AREAS FOR BREACH PREVENTION Keith Turpin Chief Information Security Officer Universal Weather and Aviation Why It Matters Loss of Personally Identifiable Information (PII) Loss of Intellectual
More informationWhat can we lose not implementing proper security in our IT environment? Aleksandar Pavlovic Security Account Manager Cisco
What can we lose not implementing proper security in our IT environment? Aleksandar Pavlovic Security Account Manager Cisco Increasing Digital Traffic Creates a Greater Attack Surface Global IP Traffic
More informationFTA 2017 SEATTLE. Cybersecurity and the State Tax Threat Environment. Copyright FireEye, Inc. All rights reserved.
FTA 2017 SEATTLE Cybersecurity and the State Tax Threat Environment 1 Agenda Cybersecurity Trends By the Numbers Attack Trends Defensive Trends State and Local Intelligence What Can You Do? 2 2016: Who
More informationCybersecurity: Considerations for Internal Audit. Gina Gondron Senior Manager Frazier & Deeter Geek Week August 10, 2016
Cybersecurity: Considerations for Internal Audit Gina Gondron Senior Manager Frazier & Deeter Geek Week August 10, 2016 Agenda Key Risks Incorporating Internal Audit Resources Questions 2 San Francisco
More informationPreparing for a Breach October 14, 2016
Preparing for a Breach October 14, 2016 Jeremy Gilbert, GCFE, GASF, EnCE, CPA Manager, DHG Forensics forensics 1 Agenda Medical data breaches Why? Types? Frequency? Impact of a data breach How to prepare
More informationCyber-Threats and Countermeasures in Financial Sector
Michael Mavroforakis, PhD Group CISO & CDO SEV: Workshop on Digital Enablers (Cloud & Cybersecurity) 27th March 2018 Agenda: CYBERSECURITY Potential Targets Attack Examples Insider vs Outsider Threats
More informationIndustry 4.0 = Security 4.0?
Competence Series Industry 4.0 = Security 4.0? 1 IT Security made in Europe Industry 4.0 = Security 4.0? Industry 4.0 is the term used to describe the fourth industrial revolution, the future of industrial
More informationto Enhance Your Cyber Security Needs
Our Service to Enhance Your Cyber Security Needs Since the business critical systems by its nature are ON all of the time and the increasingly connected world makes you open your organization to everything
More informationChecklist for Evaluating Deception Platforms
Checklist for Evaluating Deception Platforms With over 700 reported breaches occurring annually, a modern day adaptive security defense requires a combination of prevention, detection, response, and prediction
More information10 Cybersecurity Questions for Bank CEOs and the Board of Directors
4 th Annual UBA Bank Executive Winter Conference February, 2015 10 Cybersecurity Questions for Bank CEOs and the Board of Directors Dr. Kevin Streff Founder, Secure Banking Solutions 1 Board of Directors
More informationProtecting Against Modern Attacks. Protection Against Modern Attack Vectors
Protecting Against Modern Attacks Protection Against Modern Attack Vectors CYBER SECURITY IS A CEO ISSUE. - M C K I N S E Y $4.0M 81% >300K 87% is the average cost of a data breach per incident. of breaches
More informationSymantec Security Monitoring Services
24x7 real-time security monitoring and protection Protect corporate assets from malicious global threat activity before it impacts your network. Partnering with Symantec skilled and experienced analysts
More informationCyberArk Privileged Threat Analytics
CyberArk Privileged Threat Analytics Table of Contents The New Security Battleground: Inside Your Network 3 Privileged account security 3 Collect the right data 4 Detect critical threats 5 Alert on critical
More informationNYS DFS Cybersecurity Requirements. Stephen Head Senior Manager Risk Advisory Services
NYS DFS Cybersecurity Requirements Stephen Head Senior Manager Risk Advisory Services December 5, 2017 About Me Stephen W. Head Mr. Head is a Senior Manager with Experis Finance, and has over thirty-five
More informationExternal Supplier Control Obligations. Cyber Security
External Supplier Control Obligations Cyber Security Control Title Control Description Why this is important 1. Cyber Security Governance The Supplier must have cyber risk governance processes in place
More informationIntroduction to Threat Deception for Modern Cyber Warfare
Introduction to Threat Deception for Modern Cyber Warfare Joseph R. Salazar Technical Deception Engineer CISSP, CEH, EnCE 1 Introduction AGENDA Attacker Playbook The Need for Deception Deception as Detection
More informationCombating Cyber Risk in the Supply Chain
SESSION ID: CIN-W10 Combating Cyber Risk in the Supply Chain Ashok Sankar Senior Director Cyber Strategy Raytheon Websense @ashoksankar Introduction The velocity of data breaches is accelerating at an
More informationGovernance Ideas Exchange
www.pwc.com.au Anatomy of a Hack Governance Ideas Exchange Robert Di Pietro October 2018 Cyber Security Anatomy of a Hack Cyber Security Introduction Who are the bad guys? Profiling the victim Insights
More informationBUILDING AND MAINTAINING SOC
BUILDING AND MAINTAINING SOC Digit Oktavianto KOMINFO 7 December 2016 digit dot oktavianto at gmail dot com 1 Digit Oktavianto Profile in 1 Page Currently working as a Security Architect Professional Certifications:
More informationManaging Cybersecurity Risk
Managing Cybersecurity Risk Maureen Brundage Andy Roth August 9, 2016 Managing Cybersecurity Risk Cybersecurity: The Current Legal and Regulatory Environment Cybersecurity Governance: Considerations for
More informationSIEM (Security Information Event Management)
SIEM (Security Information Event Management) Topic: SECURITY and RISK Presenter: Ron Hruby Topics Threat landscape Breaches and hacks Leadership and accountability Evolution of security technology What
More informationThe GenCyber Program. By Chris Ralph
The GenCyber Program By Chris Ralph The Mission of GenCyber Provide a cybersecurity camp experience for students and teachers at the K-12 level. The primary goal of the program is to increase interest
More informationBuilding an Effective Threat Intelligence Capability. Haider Pasha, CISSP, C EH Director, Security Strategy Emerging Markets Office of the CTO
Building an Effective Threat Intelligence Capability Haider Pasha, CISSP, C EH Director, Security Strategy Emerging Markets Office of the CTO The Race To Digitize Automotive Telematics In-vehicle entertainment
More information2018 IT Priorities: Cybersecurity, Cloud Outsourcing & Risk Management. Follow Along
2018 IT Priorities: Cybersecurity, Cloud Outsourcing & Risk Management Today s Speakers Olivia Munro Senior Marketing Specialist Eze Castle Integration Bob Shaw Director, Technical Architecture Eze Castle
More informationMust Have Items for Your Cybersecurity or IT Budget in 2018
Must Have Items for Your Cybersecurity or IT Budget in 2018 CBAO Regional Meeting Dan Desko (Senior Manager, IT Risk Advisory) Matt Dunn (Senior Security Analyst, IT Risk Advisory) Who is Schneider Downs?
More informationProtecting Against Online Fraud. F5 EMEA Webinar August 2014
Protecting Against Online Fraud F5 EMEA Webinar August 2014 Agenda Fraud threat trends and business challenges Web fraud protection Mobile fraud protection Security operations center Example architecture
More informationIntroduction. Deployment Models. IBM Watson on the IBM Cloud Security Overview
IBM Watson on the IBM Cloud Security Overview Introduction IBM Watson on the IBM Cloud helps to transform businesses, enhancing competitive advantage and disrupting industries by unlocking the potential
More informationInformation Security Controls Policy
Information Security Controls Policy Classification: Policy Version Number: 1-00 Status: Published Approved by (Board): University Leadership Team Approval Date: 30 January 2018 Effective from: 30 January
More informationSecurity by Default: Enabling Transformation Through Cyber Resilience
Security by Default: Enabling Transformation Through Cyber Resilience FIVE Steps TO Better Security Hygiene Solution Guide Introduction Government is undergoing a transformation. The global economic condition,
More informationDHS Cybersecurity. Election Infrastructure as Critical Infrastructure. June 2017
DHS Cybersecurity Election Infrastructure as Critical Infrastructure June 2017 Department of Homeland Security Safeguard the American People, Our Homeland, and Our Values Homeland Security Missions 1.
More informationCYBERBIT P r o t e c t i n g a n e w D i m e n s i o n
CYBERBIT P r o t e c t i n g a n e w D i m e n s i o n CYBETBIT in a Nutshell A leader in the development and integration of Cyber Security Solutions A main provider of Cyber Security solutions for the
More informationSecurity+ SY0-501 Study Guide Table of Contents
Security+ SY0-501 Study Guide Table of Contents Course Introduction Table of Contents About This Course About CompTIA Certifications Module 1 / Threats, Attacks, and Vulnerabilities Module 1 / Unit 1 Indicators
More informationCyber Security Panel Discussion Gary Hayes, SVP & CIO Technology Operations. Arkansas Joint Committee on Energy March 16, 2016
Cyber Security Panel Discussion Gary Hayes, SVP & CIO Technology Operations Arkansas Joint Committee on Energy March 16, 2016 CenterPoint Energy, Inc. (NYSE: CNP) Regulated Electric and Natural Gas Utility
More informationCYBER RESILIENCE & INCIDENT RESPONSE
CYBER RESILIENCE & INCIDENT RESPONSE www.nccgroup.trust Introduction The threat landscape has changed dramatically over the last decade. Once the biggest threats came from opportunist attacks and preventable
More informationBuilding Resilience in a Digital Enterprise
Building Resilience in a Digital Enterprise Top five steps to help reduce the risk of advanced targeted attacks To be successful in business today, an enterprise must operate securely in the cyberdomain.
More informationCourse overview. CompTIA Security+ Certification (Exam SY0-501) Study Guide (G635eng v107)
Overview This course is intended for those wishing to qualify with CompTIA Security+. CompTIA's Security+ Certification is a foundation-level certificate designed for IT administrators with 2 years' experience
More informationCyber Security in M&A. Joshua Stone, CIA, CFE, CISA
Cyber Security in M&A Joshua Stone, CIA, CFE, CISA Agenda About Whitley Penn, LLP The Threat Landscape Changed Cybersecurity Due Diligence Privacy Practices Cybersecurity Practices Costs of a Data Breach
More informationDeMystifying Data Breaches and Information Security Compliance
May 22-25, 2016 Los Angeles Convention Center Los Angeles, California DeMystifying Data Breaches and Information Security Compliance Presented by James Harrison OM32 5/25/2016 3:00 PM - 4:15 PM The handouts
More informationTHE ACCENTURE CYBER DEFENSE SOLUTION
THE ACCENTURE CYBER DEFENSE SOLUTION A MANAGED SERVICE FOR CYBER DEFENSE FROM ACCENTURE AND SPLUNK. YOUR CURRENT APPROACHES TO CYBER DEFENSE COULD BE PUTTING YOU AT RISK Cyber-attacks are increasingly
More informationInformation Security Incident Response Plan
Information Security Incident Response Plan Purpose It is the objective of the university to maintain secure systems and data. In order to comply with federal, state, and local law and contractual obligations,
More informationCritical Information Infrastructure Protection Law
Critical Information Infrastructure Protection Law CCD COE Training 8 September 2009 Tallinn, Estonia Maeve Dion Center for Infrastructure Protection George Mason University School of Law Arlington, Virginia.
More informationSolution Pack. Managed Services Virtual Private Cloud Security Features Selections and Prerequisites
Solution Pack Managed Services Virtual Private Cloud Security Features Selections and Prerequisites Subject Governing Agreement DXC Services Requirements Agreement between DXC and Customer including DXC
More informationThe Resilient Incident Response Platform
The Resilient Incident Response Platform Accelerate Your Response with the Industry s Most Advanced, Battle-Tested Platform for Incident Response Orchestration The Resilient Incident Response Platform
More informationCyber Security Updates and Trends Affecting the Real Estate Industry
Cyber Security Updates and Trends Affecting the Real Estate Industry What, Why, and How? Agenda Cyber Security Today Changes to Security Standards and Trends Protecting Yourself and Your Organization Takeways
More informationCYBERSECURITY RISK LOWERING CHECKLIST
CYBERSECURITY RISK LOWERING CHECKLIST The risks from cybersecurity attacks, whether external or internal, continue to grow. Leaders must make thoughtful and informed decisions as to the level of risk they
More informationTackling Cybersecurity with Data Analytics. Identifying and combatting cyber fraud
Tackling Cybersecurity with Data Analytics Identifying and combatting cyber fraud San Antonio IIA iheartaudit Conference February 24, 2017 What We ll Cover + Current threat landscape + Common security
More informationProtecting your next investment: The importance of cybersecurity due diligence
Protecting your next investment: The importance of cybersecurity due diligence Oct. 11, 2018 Baker Tilly Virchow Krause, LLP. All rights reserved. Baker Tilly refers to Baker Tilly Virchow Krause, LLP,
More information