Stopping Insider Threats Before They Start: Using Leading Techniques and Predictive Analysis to Presage Your Environment
|
|
- Darcy Mathews
- 6 years ago
- Views:
Transcription
1 Stopping Insider Threats Before They Start: Using Leading Techniques and Predictive Analysis to Presage Your Environment 1 Attachmate Corporation. All rights reserved.
2 Results show that it can take more than 87 days to discover insider fraud. Source: Ponemon Institute, February Attachmate Corporation. All rights reserved.
3 of businesses polled report loss of confidential information or violation of confidentiality policy as a consequence of insecure mobile devices. 3 Attachmate Corporation. All rights reserved.
4 4 Attachmate Corporation. All rights reserved.
5 Agenda Understanding the insider threat The pitfalls of traditional fraud detection methods The mobile device challenge The benefits of continuous monitoring and riskbased alerting New approaches to stop insiders 5 Attachmate Corporation. All rights reserved.
6 Who are the insiders? How do they hide in plain sight?
7 7 Attachmate Corporation. All rights reserved. Trust, but How do you know?
8 Insider Facts Insider threats are not hackers Insider threat is not a technical or cyber security issue alone A good insider threat program should focus on deterrence, not detection Detection of insider threats has to use behavioral based techniques The science of insider threat detection and deterrence is in its infancy Source: FBI 8 Attachmate Corporation. All rights reserved.
9 The Attachmate Group, Inc. All rights reserved.
10 What Can You Do? To Protect Data? Systems? Trust? 10 Attachmate Corporation. All rights reserved.
11 Bringing New Rules and Methods to Your Efforts
12 Determine who will investigate a reported incident and how - Use case management and technology tools - Emphasize cross-group collaboration - Put Best fraud Practices prevention at the forefront of a successful business strategy - Institute a hotline - Develop a code of conduct and confirmation process - Institute continuous fraud awareness training designed to deter unethical conduct and influence an employee s responsibility to report fraud - Create a positive workplace environment and a culture of honesty. Set a moral and ethical tone at the top - Establish realistic performance goals and reward systems - Hire and promote appropriate employees. Perform background checks and credit histories on new recruits or promotions to positions of trust - Exhibit fair and balanced discipline for fraudulent behavior Traditional Fraud Prevention 12 Attachmate Corp. Corporation. All rights All reserved. rights reserved.
13 Barriers Barriers to Taking to Taking a Proactive a Proactive Approach to Approach Fraud to Fraud Traditional Systems are Based on Existing Audit Trails Originally designed for capturing logs for security infrastructure & administration; there is no log standard each app log is unique Assumptions that audit trails already exists Difficult to tie function performed in app with end user across multiple platforms / apps Account profiling isn t captured Investigations are Resource Intensive & Costly 13 Attachmate Corporation. All rights reserved.
14 Traditional Fraud Prevention Business Best Practices Benefits of Addressing Insider Threats and Identify Organizational and measure fraud risks Risk Implement and monitor internal controls Maintain a strong and independent audit committee Hire effective internal auditors Develop a code of conduct and confirmation process Institute continuous fraud awareness training designed to deter unethical conduct and influence an employee s responsibility to report fraud Contract independent external auditors Evaluate antifraud processes and controls, and develop an appropriate oversight process Determine who will investigate a reported incident and how Use case management and technology tools Emphasize cross-group collaboration Put fraud prevention at the forefront of a successful business strategy Create a positive workplace environment and a culture of honesty. Set a moral and ethical tone at the top Establish realistic performance goals and reward systems Hire and promote appropriate employees. Perform background checks and credit histories on new recruits or promotions to positions of trust Exhibit fair and balanced discipline for fraudulent behavior Institute a hotline Source: Association of Certified Fraud Examiners 14 Attachmate Corporation. All rights reserved.
15 Understanding the Power of Fraud Detection Rules
16 Implement Leading Fraud Detection Rules: What to Look For Abnormal after working hours activity Several User-IDs logged-in consecutively from the same IP Same User-IDs logged-in from different IPs consecutively User logged in without scanning physical badge earlier Real rules capturing anomalous behavior. Alerting in real-time. 16 Attachmate Corporation. Corp. All rights All reserved. rights reserved.
17 Rules Based Detection Examples: Suspicious Address Related Activity The following rules are designed to look for suspicious employee activity related to address changes in customer accounts Title Scheme Description Account Address Change from/to a Banking Facility Account Address Change to an Employee Self Address or to PO Box Redirect Account mail to any other employee address. To avoid a customer detecting their fraud, internal fraudsters will redirect customer statements and correspondences to their own mailing address, the address of a collusive employee or address of a bank facility. To avoid a customer detecting their fraud, internal fraudsters will redirect customer statements and correspondences to their own mailing address or the address of a collusive employee. To avoid a customer detecting their fraud, internal fraudsters will redirect customer statements and correspondences to their own mailing address or the address of a collusive employee. An Incident is generated when an employee changes the account address from one of bank s facilities addresses. An Incident is generated when an employee changes the account address to the same as an employee or to PO Box. An Incident is generated when an employee changes the account address to the same as any other employee address. Account mail address is suppressed Change Customer Address Back to the Original Address To avoid a customer detecting their fraud, internal fraudsters will redirect customer statements and correspondences to their own mailing address, the address of a collusive employee or address of a bank facility. To avoid a customer detecting their fraud, internal fraudsters will redirect customer statements and correspondences to their own mailing address, the address of a collusive employee or address of a bank facility. An Incident is generated when an employee suppresses an account mail address. An Incident is generated when an employee changes the customer address back to the original address The Attachmate Group, Inc. All rights reserved.
18 Rules Based Detection Examples: Suspicious Account Balance Activity The following rules are designed to look for suspicious employee activity related to account balances in customer accounts. Title Scheme Description Excessive Adjustments to Cash Figures in the Settlement Field Cash settlement system shows increase of foreign currency without foreign currency transaction. Unusual Fields Change in Teller Balancing Screen During this fraud, a Teller is skimming from the till, does a recount of the drawer to see how much extra cash has been taken in, make the difference disappears and cash in the money. Looking for excessive number of recounts may indicate the teller is trying hide skimming activity. Internal fraudsters may steal from foreign currency since it's infrequently used and less monitored than other cash. Atypical changes in a teller balancing screen may indicate that a teller is improperly adjusting the till to hide suspicious cash activity. This behavior can be base lined against the activity of other tellers to spotlight unusual or abnormal activity. An incident is generated when employee performs excessive adjustments to cash figures in the settlement field on the same day. An incident is generated when an employee report on balance of foreign currency but no foreign currency transaction exist on the same day. An incident is generated when employee performs adjustments in one of unusual field in teller balancing screen on the same day. An incident or report can also be generated is teller activity is significantly different from peers The Attachmate Group, Inc. All rights reserved.
19 Rules Based Detection Examples: Suspicious Dormant Account Activity The following rules are designed to look for suspicious employee activity in dormant accounts. Title Scheme Description Closing multiple dormant accounts Dormant account withdrawal Inactive account withdrawal To avoid detection, internal fraudsters will close accounts that they have been using to commit fraud. These mule accounts can be recently created accounts, other dormant accounts, fake accounts created by a party in collusion, etc. Internal fraudsters know that dormant accounts are infrequently monitored. They take advantage of that limited visibility to remove funds. Internal fraudsters know that inactive accounts are infrequently monitored. "Inactive" may be determined by either a flag on the system or lack of activity for a period of months. An Incident is generated when an employee closes multiple dormant accounts in a given time period. An Incident is generated when an employee withdraws money from dormant account or accounts over a given time period. An Incident is generated when an employee withdraws money from accounts with no recent activity in a given time period The Attachmate Group, Inc. All rights reserved.
20 Discover Hidden Linkages Link Analysis Reveals Connections The Attachmate Group, Inc. All rights reserved.
21 Rules Based Detection Examples: Privacy Violations Name Description Report of reports viewed Shows a list of reports that an admin has viewed in the last period. It will show user name, date, and the report(s) run. Inappropriate access of ephi Shows a list of instances of users accessing ephi inappropriately (as defined by the rules). Unauthorized permission sharing Shows a list of users that inappropriately shared their permissions with other users (as defined by the rules). Invalid login attempts Shows login attempts that did not work or otherwise were flagged as possible issues (as defined by the rules). Rules triggered Shows a list of rule violations in a given period. Application metrics Provides a list of monitored applications used by a particular employee during a given period. Improper user rights Shows a list of violations of the assignment of user rights (in a given period). assignments Suspicious login/password Provides a complete listing of login activity rules violations in a given period. activity Security incidents reviewed Shows a list of security incidents that were reviewed in a given period. Workstation use violations Shows a list of incidents generated because of improper use of workstations. Data integrity control Shows a list of incidents generated because of the violation of data integrity controls. violations ephi access/use violations Shows a list of incidents generated because of the violation of ephi access or use. Login metrics Displays information about user login behavior such as average logins per day/week/month, per person/group/overall. Patient records search metrics Displays information about user search behavior on patient records. High-risk user activity Displays information about showing what system resources high-risk users (as defined by the company) have accessed during a given period The Attachmate Group, Inc. All rights reserved.
22 Implementing Fraud Detection Systems: How They Work
23 General Architecture Luminet Users Auditors Visual replay Google-like search Compliance Officers Reports Google-like search Fraud Investigators Alerts Cases Profiles Monitored Environment Network Switch Database Server Client Server External Users ebusiness Customers Internal Users Business user Privileged IT user Mainframe AS 400 Web Server Existing Data Sources Log files Databases Reference tables The Attachmate Group, Inc. All rights reserved.
24 Luminet Architecture Queues Channel Analyzers User Event Detected Business Events Screen Client/ Server MQ Luminet Sensor HTTP VT Central Repository Analytic Engine SOA API API The Attachmate Group, Inc. All rights reserved.
25 Distributed Deployment Enterprise Operational Environment App Server App Server App Server Message Queue Internal Web Server Network Switch Mainframe Network Switch API Data HTTP Traffic Client/Server Traffic Terminal Emulation Traffic MQ Traffic Sensor Sensor Sensor Sensor Luminet Distributed Environment The Attachmate Group, Inc. All rights reserved.
26 Rules Engine Process User Events User Fact Attributes XML Data Channels Alerts Data Base Measures Rule Web Service Data File Business Entities The Attachmate Group, Inc. All rights reserved.
27 Concluding Thoughts
28 94% Breached org s found out thru a 3 rd party Source: 2012 Verizon Breach Report 28 Attachmate Corporation. All rights reserved.
29 82% Breached org s had evidence in their logs Source: 2012 Verizon Breach Report 29 Attachmate Corporation. All rights reserved.
30 Q: Why, given the variety of security technologies typically in place, do information assets remain at significant risk? A: Traditional methods fail to capture and alert on a complete trail of information. With fraud detection software, you can solve this problem. 30 Attachmate Corporation. All rights reserved.
31 Current Trends in Insider Threat: What to Look of Now The policy violator The low and slow fraudster The imposter 31 Attachmate Corporation. All rights reserved.
32 5 THINGS TO THINK ABOUT 1. When funds are gone, it s too late 2. Logs never tell the complete story 3. Focus on analysis, not just alerts. 4. Outdated methods waste time and money. 5. If you could find a way to see fraud before it starts, wouldn t you want to? 32 Attachmate Corp. All rights reserved.
33 About Attachmate
34 It s a Complex Landscape Out There You have to chart the course to business success 34 Attachmate Corporation. Corp. All rights All reserved. rights reserved.
35 It is a Tough Challenge How do you balance productivity, security, and IT investments? Attachmate Corp. All rights reserved. Attachmate Corporation. All rights reserved.
36 Why Attachmate Works for You Delivers solutions for your core challenges Works with your existing IT assets Provides global leadership you can rely on 36 Attachmate Corporation. Corp. All rights All reserved. rights reserved.
37 Questions?
38 Resources: Insider Threat Resources: Additional Luminet Customer Examples: Business Benefits of Luminet: For a free copy of our latest research, contact: Dan.Dunford@Attachmate.com 38 Attachmate Corporation. All rights reserved.
39 Dan Dunford Thank You! 39 Novell, Attachmate Inc. Corporation. Corp. All rights All reserved. rights All reserved. rights reserved.
MEETING ISO STANDARDS
WHITE PAPER MEETING ISO 27002 STANDARDS September 2018 SECURITY GUIDELINE COMPLIANCE Organizations have seen a rapid increase in malicious insider threats, sensitive data exfiltration, and other advanced
More informationSecuring Privileged Access and the SWIFT Customer Security Controls Framework (CSCF)
Securing Privileged Access and the SWIFT Customer Security Controls Framework (CSCF) A Guide to Leveraging Privileged Account Security to Assist with SWIFT CSCF Compliance Table of Contents Executive Summary...
More informationlocuz.com SOC Services
locuz.com SOC Services 1 Locuz IT Security Lifecycle services combine people, processes and technologies to provide secure access to business applications, over any network and from any device. Our security
More informationPONEMON INSTITUTE RESEARCH REPORT 2018 STUDY ON GLOBAL MEGATRENDS IN CYBERSECURITY
PONEMON INSTITUTE RESEARCH REPORT 2018 STUDY ON GLOBAL MEGATRENDS IN CYBERSECURITY Benchmark research sponsored by Raytheon. Independently conducted by Ponemon Institute LLC. February 2018 2018 Study on
More informationInternal Audit Report DATA CENTER LOGICAL SECURITY
Internal Audit Report DATA CENTER LOGICAL SECURITY Report No. SC 12 06 June 2012 David Lane Principal IT Auditor Jim Dougherty Principal Auditor Approved Barry Long, Director Internal Audit & Advisory
More informationSECURITY & PRIVACY DOCUMENTATION
Okta s Commitment to Security & Privacy SECURITY & PRIVACY DOCUMENTATION (last updated September 15, 2017) Okta is committed to achieving and preserving the trust of our customers, by providing a comprehensive
More informationWHAT IS CORPORATE ACCOUNT TAKEOVER? HOW DOES IT HAPPEN?
WHAT IS CORPORATE ACCOUNT TAKEOVER? Corporate Account Takeover (also referred to as CATO) is a type of fraud where criminals gain access to a business financial accounts to make unauthorized transactions.
More informationNeil Peters-Michaud, CHAMP Cascade Asset Management ITAM Awareness Month December 2016
Breach New Heights The role of ITAM in preventing a data breach Neil Peters-Michaud, CHAMP Cascade Asset Management ITAM Awareness Month December 2016 Agenda Why Breaches Matter to the ITAM group The cost
More informationIBM Security Vaš digitalni imuni sistem. Dejan Vuković Security BU Leader South East Europe IBM Security
IBM Security Vaš digitalni imuni sistem Dejan Vuković Security BU Leader South East Europe IBM Security Compliance vs Risk based approach & o Zakon o informacionoj bezbednose, Zakon o tajnose podataka,
More informationFFIEC Cyber Security Assessment Tool. Overview and Key Considerations
FFIEC Cyber Security Assessment Tool Overview and Key Considerations Overview of FFIEC Cybersecurity Assessment Tool Agenda Overview of assessment tool Review inherent risk profile categories Review domain
More informationA Framework for Managing Crime and Fraud
A Framework for Managing Crime and Fraud ASIS International Asia Pacific Security Forum & Exhibition Macau, December 4, 2013 Torsten Wolf, CPP Head of Group Security Operations Agenda Introduction Economic
More informationWhy you MUST protect your customer data
Why you MUST protect your customer data If you think you re exempt from compliance with customer data security and privacy laws because you re a small business, think again. Businesses of all sizes are
More informationTechnology Risk Management in Banking Industry. Rocky Cheng General Manager, Information Technology, Bank of China (Hong Kong) Limited
Technology Risk Management in Banking Industry Rocky Cheng General Manager, Information Technology, Bank of China (Hong Kong) Limited Change in Threat Landscape 2 Problem & Threats faced by Banking Industry
More informationHow Secure Do You Feel About Your HIPAA Compliance Plan? Daniel F. Shay, Esq.
How Secure Do You Feel About Your HIPAA Compliance Plan? Daniel F. Shay, Esq. Word Count: 2,268 Physician practices have lived with the reality of HIPAA for over twenty years. In that time, it has likely
More informationNext Generation Authentication
Next Generation Authentication Bring Your Own security impact Dominique Dessy Sr. Technology Consultant 1 2012 DIGITAL UNIVERSE 1.8 ZETTABYTES 1,800,000,000,000,000,000,000 2 $ 3 4 Threat Landscape 60%
More informationProtecting Against Modern Attacks. Protection Against Modern Attack Vectors
Protecting Against Modern Attacks Protection Against Modern Attack Vectors CYBER SECURITY IS A CEO ISSUE. - M C K I N S E Y $4.0M 81% >300K 87% is the average cost of a data breach per incident. of breaches
More informationData Privacy and Protection GDPR Compliance for Databases
Data Privacy and Protection GDPR Compliance for Databases Walo Weber, Senior Sales Engineer September, 2016 Agenda GDPR: who, what, why, when Requirements for databases Discovery Classification Masking
More information4 Ways to Protect Your Organization from a Data Breach
BEST PRACTICES GUIDE Patient Data Security 4 Ways to Protect Your Organization from a Data Breach Patient Data Security 2 It s a treasure trove of personal data. The proverbial pot of data gold. For every
More informationKenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data
Kenna Platform Security A technical overview of the comprehensive security measures Kenna uses to protect your data V3.0, MAY 2017 Multiple Layers of Protection Overview Password Salted-Hash Thank you
More informationWhat It Takes to be a CISO in 2017
What It Takes to be a CISO in 2017 Doug Copley Deputy CISO Sr. Security & Privacy Strategist February 2017 IMAGINE You re the CISO In Bangladesh Of a bank On a Friday when you re closed You realize 6 huge
More informationExpress Monitoring 2019
Express Monitoring 2019 WHY CHOOSE PT EXPRESS MONITORING PT Express Monitoring provides a quick evaluation of the current signaling network protection level. This service helps to discover critical vulnerabilities
More informationCITADEL INFORMATION GROUP, INC.
CITADEL INFORMATION GROUP, INC. The Role of the Information Security Assessment in a SAS 99 Audit Stan Stahl, Ph.D. President Citadel Information Group, Inc. The auditor has a responsibility to plan and
More information3/13/2015. COSO Revised: Implications for Compliance and Ethics Programs. Session Agenda. The COSO Framework
COSO Revised: Implications for Compliance and Ethics Programs Urton Anderson, CCEP Director of the Von Allmen School of Accountancy and EY Professor The University of Kentucky Session Agenda The COSO Framework
More information10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS
10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS WHITE PAPER INTRODUCTION BANKS ARE A COMMON TARGET FOR CYBER CRIMINALS AND OVER THE LAST YEAR, FIREEYE HAS BEEN HELPING CUSTOMERS RESPOND
More informationISO/IEC Controls
ISO/IEC 27001 Controls and Netwrix Auditor Mapping www.netwrix.com Toll-free: 888-638-9749 About ISO/IEC 27001 ISO/IEC 27001 is an international standard that provides requirements for establishing, implementing,
More informationIT SECURITY OFFICER. Department: Information Technology. Pay Range: Professional 18
Pierce County Classification Description IT SECURITY OFFICER Department: Information Technology Job Class #: 634900 Pay Range: Professional 18 FLSA: Exempt Represented: No Classification descriptions are
More informationDEFINITIONS AND REFERENCES
DEFINITIONS AND REFERENCES Definitions: Insider. Cleared contractor personnel with authorized access to any Government or contractor resource, including personnel, facilities, information, equipment, networks,
More informationInsider Threats: Actual Attacks by Current and Former Software Engineers
Insider Threats: Actual Attacks by Current and Former Software Engineers 9 June 2011 Dawn Cappelli 2007-2011 Carnegie Mellon University Agenda Introduction to the CERT Insider Threat Center CERT s Insider
More informationEXCERPT. NIST Special Publication R1. Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations
EXCERPT NIST Special Publication 800-171 R1 Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations An Excerpt Listing All: Security Requirement Families & Controls Security
More informationBuilt-in functionality of CYBERQUEST
CYBERQUEST Knows everything Built-in functionality of CYBERQUEST Summary Demonstration of CyberQuest functionality E-mail: office@nextgensoftware.solutions Content Intro... 3 Built-in functionality of CYBERQUEST...
More information10 FOCUS AREAS FOR BREACH PREVENTION
10 FOCUS AREAS FOR BREACH PREVENTION Keith Turpin Chief Information Security Officer Universal Weather and Aviation Why It Matters Loss of Personally Identifiable Information (PII) Loss of Intellectual
More informationUsing Threat Analytics to Protect Privileged Access and Prevent Breaches
Using Threat Analytics to Protect Privileged Access and Prevent Breaches Under Attack Protecting privileged access and preventing breaches remains an urgent concern for companies of all sizes. Attackers
More informationHIPAA Security and Privacy Policies & Procedures
Component of HIPAA Security Policy and Procedures Templates (Updated for HITECH) Total Cost: $495 Our HIPAA Security policy and procedures template suite have 71 policies and will save you at least 400
More informationThe Customer Relationship:
View the Replay on YouTube The Customer Relationship: Behind the Scenes with Managed Privacy Services September 10 th 2015 Executive Series Webinar Today s Speakers Ann Marie Harvey Privacy Manager Baptist
More informationCLICK TO EDIT MASTER TITLE STYLE Fraud Overview and Mitigation Strategies
Fraud Overview and Mitigation Strategies SUNTRUST TEAM: DOUG HICKMAN SENIOR VICE PRESIDENT FOUNDATIONS AND ENDOWMENTS SPECIALTY PRACTICE JAMES BERNAL ASSISTANT VICE PRESIDENT FOUNDATIONS AND ENDOWMENTS
More informationORA HIPAA Security. All Affiliate Research Policy Subject: HIPAA Security File Under: For Researchers
All Affiliate Research Policy Subject: HIPAA File Under: For Researchers ORA HIPAA Issuing Department: Office of Research Administration Original Policy Date Page 1 of 5 Approved by: May 9,2005 Revision
More informationRev.1 Solution Brief
FISMA-NIST SP 800-171 Rev.1 Solution Brief New York FISMA Cybersecurity NIST SP 800-171 EventTracker 8815 Centre Park Drive, Columbia MD 21045 About EventTracker EventTracker delivers business critical
More informationISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002
ISO 27002 COMPLIANCE GUIDE How Rapid7 Can Help You Achieve Compliance with ISO 27002 A CONTENTS Introduction 2 Detailed Controls Mapping 3 About Rapid7 8 rapid7.com ISO 27002 Compliance Guide 1 INTRODUCTION
More informationPrivileged Account Security: A Balanced Approach to Securing Unix Environments
Privileged Account Security: A Balanced Approach to Securing Unix Environments Table of Contents Introduction 3 Every User is a Privileged User 3 Privileged Account Security: A Balanced Approach 3 Privileged
More informationFairWarning Mapping to PCI DSS 3.0, Requirement 10
FairWarning Mapping to PCI DSS 3.0, Requirement 10 Requirement 10: Track and monitor all access to network resources and cardholder data Logging mechanisms and the ability to track user activities are
More informationBPS Suite and the OCEG Capability Model. Mapping the OCEG Capability Model to the BPS Suite s product capability.
BPS Suite and the OCEG Capability Model Mapping the OCEG Capability Model to the BPS Suite s product capability. BPS Contents Introduction... 2 GRC activities... 2 BPS and the Capability Model for GRC...
More informationHow technology changed fraud investigations. Jean-François Legault Senior Manager Analytic & Forensic Technology June 13, 2011
How technology changed fraud investigations Jean-François Legault Senior Manager Analytic & Forensic Technology June 13, 2011 The Changing Cyberfraud Landscape Underground Economy Malware Authors Organized
More informationEXHIBIT A. - HIPAA Security Assessment Template -
Department/Unit: Date: Person(s) Conducting Assessment: Title: 1. Administrative Safeguards: The HIPAA Security Rule defines administrative safeguards as, administrative actions, and policies and procedures,
More informationQuestion 1: What steps can organizations take to prevent incidents of cybercrime? Answer 1:
Cybercrime Question 1: What steps can organizations take to prevent incidents of cybercrime? Answer 1: Organizations can prevent cybercrime from occurring through the proper use of personnel, resources,
More informationINTELLIGENCE DRIVEN GRC FOR SECURITY
INTELLIGENCE DRIVEN GRC FOR SECURITY OVERVIEW Organizations today strive to keep their business and technology infrastructure organized, controllable, and understandable, not only to have the ability to
More informationThe CERT Top 10 List for Winning the Battle Against Insider Threats
The CERT Top 10 List for Winning the Battle Against Insider Threats Dawn Cappelli CERT Insider Threat Center Software Engineering Institute Carnegie Mellon University Session ID: STAR-203 Session Classification:
More informationCybersecurity. Securely enabling transformation and change
Cybersecurity Securely enabling transformation and change Contents... Cybersecurity overview Business drivers Cybersecurity strategy and roadmap Cybersecurity in practice CGI s cybersecurity offering Why
More informationCompliance Brief: The National Institute of Standards and Technology (NIST) , for Federal Organizations
VARONIS COMPLIANCE BRIEF NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY (NIST) 800-53 FOR FEDERAL INFORMATION SYSTEMS CONTENTS OVERVIEW 3 MAPPING NIST 800-53 CONTROLS TO VARONIS SOLUTIONS 4 2 OVERVIEW
More informationHIPAA Requirements. and Netwrix Auditor Mapping. Toll-free:
HIPAA Requirements and Netwrix Auditor Mapping www.netwrix.com Toll-free: 888-638-9749 About HIPAA The Health Insurance Portability and Accountability Act (HIPAA) is a set of standards created by Congress
More informationTexas Reliability Entity, Inc. Strategic Plan for 2017 TEXAS RE STRATEGIC PLAN FOR 2017 PAGE 1 OF 13
Texas Reliability Entity, Inc. Strategic Plan for 2017 TEXAS RE STRATEGIC PLAN FOR 2017 PAGE 1 OF 13 I. Vision A highly reliable and secure bulk power system in the Electric Reliability Council of Texas
More informationBuilding a Resilient Security Posture for Effective Breach Prevention
SESSION ID: GPS-F03B Building a Resilient Security Posture for Effective Breach Prevention Avinash Prasad Head Managed Security Services, Tata Communications Agenda for discussion 1. Security Posture 2.
More informationInterCall Virtual Environments and Webcasting
InterCall Virtual Environments and Webcasting Security, High Availability and Scalability Overview 1. Security 1.1. Policy and Procedures The InterCall VE ( Virtual Environments ) and Webcast Event IT
More informationINCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Elevation of Privilege
Automate Response Congratulations on selecting IncidentResponse.com to retrieve your custom incident response playbook guide. This guide has been created especially for you for use in within your security
More informationPROTECT AND AUDIT SENSITIVE DATA
PROTECT AND AUDIT SENSITIVE DATA Teleran Data and Compliance KEY FEATURES Monitors user, application, query and data usage activity Enforces data access policies in real-time Alerts staff in real-time
More informationRed Flags/Identity Theft Prevention Policy: Purpose
Red Flags/Identity Theft Prevention Policy: 200.3 Purpose Employees and students depend on Morehouse College ( Morehouse ) to properly protect their personal non-public information, which is gathered and
More informationThe Insider Threat Center: Thwarting the Evil Insider
The Insider Threat Center: Thwarting the Evil Insider The CERT Top 10 List for Winning the Battle Against Insider Threats Randy Trzeciak 14 June 2012 2007-2012 Carnegie Mellon University Notices 2011 Carnegie
More informationLegal, Ethical, and Professional Issues in Information Security
Legal, Ethical, and Professional Issues in Information Security Downloaded from http://www.utc.edu/center-information-securityassurance/course-listing/cpsc3600.php Minor Changes from Dr. Enis KARAARSLAN
More informationZero Trust with Okta: A Modern Approach to Secure Access from Anywhere. How Okta enables a Zero Trust solution for our customers
Zero Trust with Okta: A Modern Approach to Secure Access from Anywhere How Okta enables a Zero Trust solution for our customers Okta Inc. 301 Brannan Street, Suite 300 San Francisco, CA 94107 info@okta.com
More informationSeven Requirements for Successfully Implementing Information Security Policies and Standards
Seven Requirements for Successfully Implementing and Standards A guide for executives Stan Stahl, Ph.D., President, Citadel Information Group Kimberly A. Pease, CISSP, Vice President, Citadel Information
More informationSOC-2 Requirement Solution Brief. EventTracker 8815 Centre Park Drive, Columbia MD SOC-2
Requirement Solution Brief 8815 Centre Park Drive, Columbia MD 21045 About delivers business critical software and services that transform high-volume cryptic log data into actionable, prioritized intelligence
More informationTo Audit Your IAM Program
Top Five Reasons To Audit Your IAM Program Best-in-class organizations are auditing their IAM programs - are you? focal-point.com Introduction Stolen credentials are the bread and butter of today s hacker.
More informationPCI DSS Compliance for Healthcare
PCI DSS Compliance for Healthcare Best practices for securing payment card data In just five years, criminal attacks on healthcare organizations are up by a stunning 125%. 1 Why are these data breaches
More informationthe SWIFT Customer Security
TECH BRIEF Mapping BeyondTrust Solutions to the SWIFT Customer Security Controls Framework Privileged Access Management and Vulnerability Management Table of ContentsTable of Contents... 2 Purpose of This
More informationCyber-Threats and Countermeasures in Financial Sector
Michael Mavroforakis, PhD Group CISO & CDO SEV: Workshop on Digital Enablers (Cloud & Cybersecurity) 27th March 2018 Agenda: CYBERSECURITY Potential Targets Attack Examples Insider vs Outsider Threats
More informationHow to Catch a Thief. Trends & Technologies in the Fight Against Fraud. Rohan Langley SAS
How to Catch a Thief Trends & Technologies in the Fight Against Fraud Rohan Langley SAS Global Drivers & Challenges: The Changing Fraud Landscape Fixing Fraud: A Fraud Solution A Real World Example: Online
More informationHave breaches declined since the massive Heartland Payments leak in 2008? What proportion of breaches are the result of hacking?
The financial sector struggles with data leakage in part because many such organizations rely on dinosaurs - security solutions that struggle to protect data outside the corporate network. These orgs also
More informationEmployee Security Awareness Training
Employee Security Awareness Training September 2016 Purpose Employees have access to sensitive data through the work they perform for York. Examples of sensitive data include social security numbers, medical
More informationReinvent Your 2013 Security Management Strategy
Reinvent Your 2013 Security Management Strategy Laurent Boutet 18 septembre 2013 Phone:+33 6 25 34 12 01 Email:laurent.boutet@skyboxsecurity.com www.skyboxsecurity.com What are Your Key Objectives for
More informationCybersecurity: Considerations for Internal Audit. Gina Gondron Senior Manager Frazier & Deeter Geek Week August 10, 2016
Cybersecurity: Considerations for Internal Audit Gina Gondron Senior Manager Frazier & Deeter Geek Week August 10, 2016 Agenda Key Risks Incorporating Internal Audit Resources Questions 2 San Francisco
More informationDiscover threats quickly, remediate immediately, and mitigate the impact of malware and breaches
Discover threats quickly, remediate immediately, and mitigate the impact of malware and breaches Introduction No matter how hard you work to educate your employees about the constant and evolving threats
More informationA company built on security
Security How we handle security at Flywheel Flywheel was founded in 2012 on a mission to create an exceptional platform to help creatives do their best work. As the leading WordPress hosting provider for
More informationJuniper Vendor Security Requirements
Juniper Vendor Security Requirements INTRODUCTION This document describes measures and processes that the Vendor shall, at a minimum, implement and maintain in order to protect Juniper Data against risks
More informationISO/IEC Solution Brief ISO/IEC EventTracker 8815 Centre Park Drive, Columbia MD 21045
Solution Brief 8815 Centre Park Drive, Columbia MD 21045 About delivers business critical software and services that transform high-volume cryptic log data into actionable, prioritized intelligence that
More informationSTEVE GOODING JUNE 15, 2018
ARMOR: THE STATE OF THE INDUSTRY STEVE GOODING JUNE 15, 2018 Agenda 1. Welcome 2. Introduction to Armor 3. Honeypot Report 4. Black Market Report 2 ARMOR IN THE CYBERSECURITY SPACE 3 About Armor DATA CENTERS:
More informationScans everything Finds everything Blocks... Everything.
Invest in the company with Trident CMP, a service that... Scans everything Finds everything Blocks... Everything. Deployment case studies of Trident CMP, the breakthrough cyber security service. For information
More informationWhat are PCI DSS? PCI DSS = Payment Card Industry Data Security Standards
PCI DSS What are PCI DSS? PCI DSS = Payment Card Industry Data Security Standards Definition: A multifaceted security standard that includes requirements for security management, policies, procedures,
More informationAgenda. Security essentials. Year in review. College/university challenges. Recommendations. Agenda RSM US LLP. All Rights Reserved.
Agenda Agenda Security essentials Year in review College/university challenges Recommendations 2 About me Matt Franko Director, Risk Advisory Services matthew.franko@rsmus.com (216) 927-8224 11+ years
More informationSANS Top 20 CIS. Critical Security Control Solution Brief Version 6. SANS Top 20 CIS. EventTracker 8815 Centre Park Drive, Columbia MD 21045
Critical Security Control Solution Brief Version 6 8815 Centre Park Drive, Columbia MD 21045 About delivers business critical software and services that transform high-volume cryptic log data into actionable,
More informationAND FINANCIAL CYBER FRAUD INSTITUTIONS FROM. Solution Brief PROTECTING BANKING
PROTECTING BANKING AND FINANCIAL INSTITUTIONS FROM CYBER FRAUD Enabling the financial industry to become proactively secure and compliant Overview In order to keep up with the changing digital payment
More informationIBM Cloud Security for the Cloud. Amr Ismail Security Solutions Sales Leader Middle East & Pakistan
IBM Cloud Security for the Cloud Amr Ismail Security Solutions Sales Leader Middle East & Pakistan Today s Drivers for Cloud Adoption ELASTIC LOWER COST SOLVES SKILLS SHORTAGE RAPID INNOVATION GREATER
More informationSOX/COBIT Framework. and Netwrix Auditor Mapping. Toll-free:
SOX/COBIT Framework and Netwrix Auditor Mapping www.netwrix.com Toll-free: 888-638-9749 About SOX All public companies in the U.S. are subject to Sarbanes Oxley (SOX) compliance without exceptions. SOX
More informationCyber Risk Program Maturity Assessment UNDERSTAND AND MANAGE YOUR ORGANIZATION S CYBER RISK.
Cyber Risk Program Maturity Assessment UNDERSTAND AND MANAGE YOUR ORGANIZATION S CYBER RISK. In today s escalating cyber risk environment, you need to make sure you re focused on the right priorities by
More informationIdentity Theft Prevention Program. Effective beginning August 1, 2009
Identity Theft Prevention Program Effective beginning August 1, 2009 I. PROGRAM ADOPTION Christian Brothers University developed this Identity Theft Prevention Program pursuant to the Federal Trade Commission's
More informationDemonstrating Compliance in the Financial Services Industry with Veriato
Demonstrating Compliance in the Financial Services Industry with Veriato Demonstrating Compliance in the Financial Services Industry With Veriato The biggest challenge in ensuring data security is people.
More informationMicrosoft Security Management
Microsoft Security Management MICROSOFT SECURITY MANAGEMENT SECURITY MANAGEMENT CHALLENGES Some large financial services organizations have as many as 40 or more different security vendors inside their
More informationRisk Advisory Academy Training Brochure
Academy Brochure 2 Academy Brochure Cyber Security Our Cyber Security trainings are focused on building your internal capacity to leverage IT related technologies more confidently and manage risk and uncertainty
More informationsecurity FRAUD PREVENTION Business Checklist Safeguard your money, your credit and your good name.
security FRAUD PREVENTION Business Checklist Safeguard your money, your credit and your good name. Security for Your Business Mitigating risk is a daily reality for business owners, but you don t have
More informationA (sample) computerized system for publishing the daily currency exchange rates
A (sample) computerized system for publishing the daily currency exchange rates The Treasury Department has constructed a computerized system that publishes the daily exchange rates of the local currency
More informationGujarat Forensic Sciences University
Gujarat Forensic Sciences University Knowledge Wisdom Fulfilment Cyber Security Consulting Services Secure Software Engineering Infrastructure Security Digital Forensics SDLC Assurance Review & Threat
More information10 Cybersecurity Questions for Bank CEOs and the Board of Directors
4 th Annual UBA Bank Executive Winter Conference February, 2015 10 Cybersecurity Questions for Bank CEOs and the Board of Directors Dr. Kevin Streff Founder, Secure Banking Solutions 1 Board of Directors
More informationENDNOTE SECURITY OVERVIEW INCLUDING ENDNOTE DESKTOP AND ONLINE
ENDNOTE SECURITY OVERVIEW INCLUDING ENDNOTE DESKTOP AND ONLINE INTRODUCTION In line with commercial industry standards, the data center used by EndNote employs a dedicated security team to protect our
More informationForensic analysis with leading technology: the intelligent connection Fraud Investigation & Dispute Services
Forensic Technology & Discovery Services Forensic analysis with leading technology: the intelligent connection Fraud Investigation & Dispute Services Forensic Technology & Discovery Services EY s Forensic
More informationPrivacy Implications Guide. for. the CIS Critical Security Controls (Version 6)
Privacy Implications Guide for the CIS Critical Security Controls (Version 6) Privacy Implications Guide for the CIS Critical Security Controls (Version 6) Acknowledgements: The Center for Internet Security
More informationHIPAA Compliance Assessment Module
Quick Start Guide HIPAA Compliance Assessment Module Instructions to Perform a HIPAA Compliance Assessment Performing a HIPAA Compliance Assessment 2 HIPAA Compliance Assessment Overview 2 What You Will
More informationFulcrumWay Leading Provider of Enterprise Risk Assessment Mitigation and Remediation Solutions
Public Sector Best Practices that Protect the Citizens against Financial Losses, Waste and Fraud Using Advanced Controls FulcrumWay Leading Provider of Enterprise Risk Assessment Mitigation and Remediation
More informationCyber Security. The Question of the Day. Sylint Group, Inc. How did we come up with the company name Sylint and what does it mean?
Cyber Security One of the Most Critical Risk Mitigation Efforts to Bridge the Gap Between Compliance and Ethics Charly Shugg, Brigadier General, USAF, Retired Partner Chief Operating Officer Sylint Group,
More informationTHE POWER OF TECH-SAVVY BOARDS:
THE POWER OF TECH-SAVVY BOARDS: LEADERSHIP S ROLE IN CULTIVATING CYBERSECURITY TALENT SHANNON DONAHUE DIRECTOR, INFORMATION SECURITY PRACTICES 1 IT S A RISK-BASED WORLD: THE 10 MOST CRITICAL UNCERTAINTIES
More informationbuilding a security culture to counter emerging cybersecurity threats
Academic Medical Center Security and Privacy Conference June 2017 building a security culture to counter emerging cybersecurity threats Chuck Kesler, MBA, CISSP, CISM Chief Information Security Officer
More informationHandbook Webinar
800-171 Handbook Webinar Pat Toth Cybersecurity Program Manager National Institute of Standards and Technology (NIST) Manufacturing Extension Partnership (MEP) NIST MEP 800-171 Assessment Handbook Step-by-step
More informationwhitepaper How to Measure, Report On, and Actually Reduce Vulnerability Risk
whitepaper How to Measure, Report On, and Actually Reduce Vulnerability Risk Assure the board your company won t be the next data breach Introduction A solid vulnerability management program is critical
More information