What I learned about Firewalls:
|
|
- Darcy Tucker
- 5 years ago
- Views:
Transcription
1 What I learned about Firewalls: A Decade of ICS Firewall Management Standards Certification Education & Training Publishing Conferences & Exhibits Michael H. Firstenberg, GICSP, GCIH, CISSP Director of Industrial Security Waterfall Security Solutions 2016 ISA Water / Wastewater and Automatic Controls Symposium August 2-4, 2016 Orlando, Florida, USA
2 Michael H. Firstenberg Mike Firstenberg is the Director of Industrial Security for Waterfall Security. Mike brings almost two decades of experience in Industrial Control System Security, researching, designing, and implementing strategic security solutions. Mike has an established background working with government institutions, regulatory authorities, and industrial utilities. The former chair of the American Water SCADA Council, Mike studied Computer Science, Chemical Engineering, and Mathematics at the University of Pennsylvania. Mike participates actively in ISA SP99 WG1, and served on the committees that drafted the AWWA Cybersecurity Guidance and the Roadmap to Cybersecurity in the Water Sector. 2
3 Presentation Outline Challenges of Firewalls Technical issues of Firewalls The need for Compensating Controls Additional Costs Water Plant Case Study Lessons Learned 3
4 No One Wants a Firewall Finance and Accounting don t want to pay for it HR does not want to limit access IT does not want to support it Operations does not want any potential effect to reliability Leadership does not want roadblocks to productivity There will be organizational challenges to implementing a firewall. 4
5 Industrial Network Connectivity: Drivers and Risks Predictive maintenance: crew scheduling, HR integration, spare parts inventories and ordering Just-in-time manufacturing, real-time inventories, batch records, LIMS integration, production planning, SAP/ERP integration Centralized support: more effective use of skilled personnel, critical mass of current experts next decade s experts But industrial network connects to business network, which connects to Internet & other networks These connections let attackers target critical network with remote, online attacks 5
6 Technical Shortcomings Well short of secure initially The deny any any rule Order of your firewall ruleset Multiple administration services Multiple passwords A Tufin Technologies survey found that 86% of hackers believe that they can break through any firewall. 6
7 Technical Shortcomings Part 2 Software and hardware issues (e.g. code updates, loose power cables) can affect ops and business. May not be able to operate in harsher conditions of plants and need to be replaced more often Dependencies on corporate network, where SLA (Service Level Agreeements) are not as high New vulnerabilities are introduced with new software Firewalls have external dependencies which affect their capabilities. 7
8 Technical Shortcomings Part 3 All TCP connections through the firewall are bi-directional Outbound access = Inbound Command & Control? 8
9 Technical Shortcomings Part 3 All TCP connections through the firewall are bi-directional Outbound access = Inbound C&C 9
10 The Firewall is never stand-alone The firewall always requires compensating security measures In most cases, a network redesign will be necessary Need more switches Routers may be required Authentication systems bolster both the administration of the firewall and the user access through the firewall Log management infrastructure SIEM (Security Information/Event Mgmt) Firewalls require compensating controls in order to maintain appropriate security postures. 10
11 The Firewall is never stand-alone - Part 2 The firewall always requires compensating security measures Network Intrusion Detection Host-based IDS and Anti-Virus to protect the soft, chewy interior Application White-listing and other emerging technologies may be compensating measures Compensating Security Measures will require additional funding and potentially additional staff. 11
12 Expansion will be required Footprint growth (e.g. acquisitions) New facilities New strategies (e.g. not just fw between corp and ICS, also between HMI and PLC) With each new firewall comes new connections that may let attackers target critical network with remote, online attacks 12
13 Complete the Security Program Include assets in all CMMS Rigorous testing is required Be prepared for 24x7 No security technology is a silver bullet. Be prepared to implement stringent support and review processes. 13
14 Costs beyond implementation Not just the firewalls and their supporting infrastructure Refresh schedule (may include technology re-evaluation) Integration among departments (legal, HR, Engineering, Ops, IT, Audit) More staff (24x7) Possibly different staff Training and development Security Lifecycle Planning will help to minimize unexpected expenses associated with firewall deployment. Photo: Red Tiger Security 14
15 Required Attacker Skill Level Threat Spectrum: Skill vs Automation Hacktivists Anonymous Nation-State (Automated with insider support) Stuxnet Shamoon Nation-State Chinese APT (Manual) Gauss DuQu Flame Night Dragon Insiders Maroochy IT Errors and Omissions Organized Conflicker Crime Zeuss Degree of Automation 15
16 Evolution The Modern Threat Attack Type UGW Fwall 1) Phishing / drive-by-download victim pulls your attack through firewall 4 2 2) Social engineering steal a password / keystroke logger / shoulder surf 4 1 3) Compromise domain controller create ICS host or firewall account 4 2 4) Attack exposed servers SQL injection / DOS / buffer-overflows 4 2 5) Attack exposed clients compromised web svrs/ file svrs / buf-overflows 4 2 6) Session hijacking MIM / steal HTTP cookies / command injection 4 2 7) Piggy-back on VPN split tunneling / malware propagation 4 2 8) Firewall vulnerabilities bugs / zero-days / default passwd/ design vulns 4 2 9) Errors and omissions bad fwall rules/configs / IT reaches through fwalls ) Forge an IP address firewall rules are IP-based ) Bypass network perimeter cabling/ rogue wireless / dial-up ) Physical access to firewall local admin / no passwd / modify hardware ) Sneakernet removable media / untrusted laptops 1 1 Total Score: Attack Success Rate: Impossible Extremely Difficult Difficult Straight- Forward UGW Unidirectional Gateway Fwall - Firewall 16
17 Low Tech Targeted Attacks Breach Firewalls Spear phishing pulls attack through firewall Low-volume Remote Administration Tools (RATs) evade anti-virus Steal/create passwords: keystroke logger, pass-the-hash, compromise domain With passwords: explore networks, firewalls, systems at leisure IT teams have admitted they are unable to block targeted attacks at the corporate perimeter. Low-tech targeted attacks easily breach plant firewalls 17
18 Unidirectional Security Gateways Laser in TX, photocell in RX, fibre-optic cable you can send data out, but nothing can get back in to protected network TX uses 2-way protocols to gather data from protected network RX uses 2-way protocols to publish data to external network Absolute protection against online attacks from external networks Industrial Network Corporate Network Transmit Server Receive Server TX appliance RX appliance 18
19 Detroit Water Original Network Third-party-managed HA (High Availability) firewall pair for control network $10,000/month cost Control network originates connections, but traffic is bi-directional Many data sources/destinations spaghetti code data flows Firewall configuration is opaque no reviews, no alerts Internal audit flagged firewall security as unacceptable 19
20 Detroit Water Stronger Than Firewalls Deployed OSIsoft PI Server and replica: aggregate all information to be shared with business network All data is available in standard format Adding business applications or data visibility requirements is straightforward Unidirectional Gateway solution provides absolute protection from online attacks from external networks 20
21 Lessons Learned Need cross-trained staffing Flexibility is a must Communications must be open and honest Strategy cannot be unilateral Leadership buy-in is a must Regular configuration review Documentation, Documentation, Documentation It isn t just about what you do, it often depends on how you do it. 21
22 Potential Solutions Match defensive technologies to offensive capabilities Establish cross-functional teams BEFORE implementation Pick Security leadership from Engineering teams Understand that costs are not simple firewall purchases. Prepare everyone. Inventory security weakness and work to close them, using a phased approach if necessary Build in feature after feature Avoid culture shock Use all affected groups change management practices Document everything know where you are vulnerable 22
ICALEPCS 2013 San Francisco
UNIDIRECTIONAL SECURITY GATEWAYS Unidirectional Security Gateways Stronger Than Firewalls ICALEPCS 2013 San Francisco Andrew Ginter VP Industrial Security Waterfall Security Solutions Proprietary Information
More information13 Ways Through A Firewall What you don t know will hurt you
13 Ways Through A Firewall What you don t know will hurt you Andrew Ginter VP Industrial Security Waterfall Security Solutions CIPS ICE: The Tech Day 2013 (Calgary) Proprietary Information -- Copyright
More informationAn Overview of ISA-99 & Cyber Security for the Water or Wastewater Specialist
An Overview of ISA-99 & Cyber Security for the Water or Wastewater Specialist Standards Certification Education & Training Publishing Conferences & Exhibits Speakers: Bryan L. Singer, CISM, CISSP, CAP
More informationMike Spear, Ops Leader Greg Maciel, Cyber Director INDUSTRIAL CYBER SECURITY PROGRAMS
Mike Spear, Ops Leader Greg Maciel, Cyber Director INDUSTRIAL CYBER SECURITY PROGRAMS Can You Answer These Questions? 1 What s my company s exposure to the latest industrial cyber threat? Are my plants
More informationCentralized Control System Architecture
Centralized Control System Architecture Standards Certification Education & Training Publishing Conferences & Exhibits Speakers: Hassan Ajami, PE CAP Anil Gosine 2016 ISA Water / Wastewater and Automatic
More informationPresenter Jakob Drescher. Industry. Measures used to protect assets against computer threats. Covers both intentional and unintentional attacks.
Presenter Jakob Drescher Industry Cyber Security 1 Cyber Security? Measures used to protect assets against computer threats. Covers both intentional and unintentional attacks. Malware or network traffic
More informationTechnology Risk Management in Banking Industry. Rocky Cheng General Manager, Information Technology, Bank of China (Hong Kong) Limited
Technology Risk Management in Banking Industry Rocky Cheng General Manager, Information Technology, Bank of China (Hong Kong) Limited Change in Threat Landscape 2 Problem & Threats faced by Banking Industry
More informationPass4suresVCE. Pass4sures exam vce dumps for guaranteed success with high scores
Pass4suresVCE http://www.pass4suresvce.com Pass4sures exam vce dumps for guaranteed success with high scores Exam : CS0-001 Title : CompTIA Cybersecurity Analyst (CySA+) Exam Vendor : CompTIA Version :
More information10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS
10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS WHITE PAPER INTRODUCTION BANKS ARE A COMMON TARGET FOR CYBER CRIMINALS AND OVER THE LAST YEAR, FIREEYE HAS BEEN HELPING CUSTOMERS RESPOND
More informationNERC-CIP CAN-0024: Securing Critical Cyber Assets with Data Diodes
NERC-CIP CAN-0024: Securing Critical Cyber Assets with Data Diodes Andrew Ginter Director of Industrial Security Waterfall Security Solutions Proprietary Information -- Copyright 2012 2011 by Waterfall
More informationPractical SCADA Cyber Security Lifecycle Steps
Practical SCADA Cyber Security Lifecycle Steps Standards Certification Jim McGlone CMO, Kenexis Education & Training Publishing Conferences & Exhibits Bio Jim McGlone, CMO, Kenexis GICSP ISA Safety & Security
More informationSecuring Industrial Control Systems
L OCKHEED MARTIN Whitepaper Securing Industrial Control Systems The Basics Abstract Critical infrastructure industries such as electrical power, oil and gas, chemical, and transportation face a daunting
More informationSecurity Issues and Best Practices for Water Facilities
Security Issues and Best Practices for Water Facilities Standards Certification Jeff Hayes Business Development Manager Beijer Electronics Education & Training Publishing Conferences & Exhibits 2013 ISA
More informationNERC Issues CAN-0024: Guidance for Unidirectional, Routable Communications
NERC Issues CAN-0024: Guidance for Unidirectional, Routable Communications Andrew Ginter Director of Industrial Security Waterfall Security Solutions Mark Simon Senior Consultant Encari Joel Langill The
More informationNo compromises for secure SCADA Communications even over 3rd Party Networks
No compromises for secure SCADA Communications even over 3rd Party Networks The Gamble of Using ISP Private Networks How to Stack the Odds in Your Favor Standards Certification Education & Training Publishing
More informationTop 10 ICS Cybersecurity Problems Observed in Critical Infrastructure
SESSION ID: SBX1-R07 Top 10 ICS Cybersecurity Problems Observed in Critical Infrastructure Bryan Hatton Cyber Security Researcher Idaho National Laboratory In support of DHS ICS-CERT @phaktor 16 Critical
More informationThe SANS Institute Top 20 Critical Security Controls. Compliance Guide
The SANS Institute Top 20 Critical Security Controls Compliance Guide February 2014 The Need for a Risk-Based Approach A common factor across many recent security breaches is that the targeted enterprise
More informationK12 Cybersecurity Roadmap
K12 Cybersecurity Roadmap Introduction Jason Brown, CISSP Chief Information Security Officer Merit Network, Inc jbrown@merit.edu @jasonbrown17 https://linkedin.com/in/jasonbrown17 2 Agenda 3 Why Use the
More informationSobering statistics. The frequency and sophistication of cybersecurity attacks are getting worse.
Sobering statistics The frequency and sophistication of cybersecurity attacks are getting worse. 146 >63% $500B $3.8M The median # of days that attackers reside within a victim s network before detection
More informationHow Breaches Really Happen
How Breaches Really Happen www.10dsecurity.com About Dedicated Information Security Firm Clients Nationwide, primarily in financial industry Services Penetration Testing Social Engineering Vulnerability
More informationAltius IT Policy Collection
Altius IT Policy Collection Complete set of cyber and network security policies Over 100 Policies, Plans, and Forms Fully customizable - fully customizable IT security policies in Microsoft Word No software
More informationProvide you with a quick introduction to web application security Increase you awareness and knowledge of security in general Show you that any
OWASP Top 10 Provide you with a quick introduction to web application security Increase you awareness and knowledge of security in general Show you that any tester can (and should) do security testing
More informationCertified Ethical Hacker
Certified Ethical Hacker Certified Ethical Hacker Course Objective Describe how perimeter defenses function by ethically scanning and attacking networks Conduct information systems security audits by understanding
More informationHacker Academy UK. Black Suits, White Hats!
Hacker Academy UK Black Suits, White Hats! Cyber Security Training and Services Do your devices Protect you against Cyber-attacks? Chinese hackers have allegedly stolen 50 terabytes of data on F-35 aircraft,
More informationTrends in Cybersecurity in the Water Industry A Strategic Approach to Mitigate Control System Risk
Trends in Cybersecurity in the Water Industry A Strategic Approach to Mitigate Control System Risk Standards Certification Education & Training Publishing Conferences & Exhibits Steve Liebrecht W/WW Industry
More informationCyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS
Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS Continual disclosed and reported
More informationICS Security. Trends, Issues, and New Standards. Speaker: David Mattes CTO, Asguard Networks
ICS Security Trends, Issues, and New Standards Standards Certification Education & Training Publishing Conferences & Exhibits Speaker: David Mattes CTO, Asguard Networks 2013 ISA Water / Wastewater and
More informationPROTECTION FOR WORKSTATIONS, SERVERS, AND TERMINAL DEVICES ENDPOINT SECURITY NETWORK SECURITY I ENDPOINT SECURITY I DATA SECURITY
PROTECTION FOR WORKSTATIONS, SERVERS, AND TERMINAL DEVICES ENDPOINT SECURITY NETWORK SECURITY I ENDPOINT SECURITY I DATA SECURITY OUR MISSION Make the digital world a sustainable and trustworthy environment
More informationGladiator Incident Alert
Gladiator Incident Alert Allen Eaves Sabastian Fazzino FINANCIAL PERFORMANCE RETAIL DELIVERY IMAGING PAYMENT SOLUTIONS INFORMATION SECURITY & RISK MANAGEMENT ONLINE & MOBILE 1 2016 Jack Henry & Associates,
More informationCyber Security Brian Bostwick OSIsoft Market Principal for Cyber Security
Cyber Security Presented by Brian Bostwick OSIsoft Market Principal for Cyber Security Cyber Security Trauma in the News Saudi Aramco Restores Network After Shamoon Malware Attack Hacktivist-launched virus
More informationIC32E - Pre-Instructional Survey
Name: Date: 1. What is the primary function of a firewall? a. Block all internet traffic b. Detect network intrusions c. Filter network traffic d. Authenticate users 2. A system that monitors traffic into
More informationCISSP CEH PKI SECURITY + CEHv9: Certified Ethical Hacker. Upcoming Dates. Course Description. Course Outline
CISSP CEH PKI SECURITY + CEHv9: Certified Ethical Hacker Learn to find security vulnerabilities before the bad guys do! The Certified Ethical Hacker (CEH) class immerses students in an interactive environment
More informationIndustry Best Practices for Securing Critical Infrastructure
Industry Best Practices for Securing Critical Infrastructure Cyber Security and Critical Infrastructure AGENDA - Difference between IT and OT - Real World Examples of Cyber Attacks Across the IT/OT Boundary
More informationINCIDENT RESPONDER'S FIELD GUIDE INCIDENT RESPONDER'S INCIDENT RESPONSE PLAN FIELD GUIDE LESSONS FROM A FORTUNE 100 INCIDENT RESPONSE LEADER
INCIDENT RESPONDER'S FIELD GUIDE INCIDENT RESPONDER'S INCIDENT RESPONSE PLAN FIELD GUIDE LESSONS FROM A FORTUNE 100 INCIDENT RESPONSE LEADER 1 INCIDENT RESPONDER'S FIELD GUIDE TABLE OF CONTENTS 03 Introduction
More informationDesigning and Building a Cybersecurity Program
Designing and Building a Cybersecurity Program Based on the NIST Cybersecurity Framework (CSF) Larry Wilson lwilson@umassp.edu ISACA Breakfast Meeting January, 2016 Designing & Building a Cybersecurity
More informationWhite Paper. The North American Electric Reliability Corporation Standards for Critical Infrastructure Protection
White Paper The North American Electric Reliability Corporation Standards for Critical Infrastructure Protection February, 2017 Introduction The North American Electric Reliability Corporation (NERC) maintains
More informationYou will discuss topics related to ethical hacking, information risks, and security techniques which hackers will seek to circumvent.
IDPS Effectiveness and Primary Takeaways You will discuss topics related to ethical hacking, information risks, and security techniques which hackers will seek to circumvent. IDPS Effectiveness and Primary
More informationCyberArk Privileged Threat Analytics
CyberArk Privileged Threat Analytics Table of Contents The New Security Battleground: Inside Your Network 3 Privileged account security 3 Collect the right data 4 Detect critical threats 5 Alert on critical
More informationFocus on Water Treatment
this issue Water Treatment Security Industry News Consultants Corner Invensys CISP News Focus on Water Treatment Dept. of Homeland Security (DHS) 2003 Presidential Directive 7 (HSPD7) Water is a Critical
More informationSurprisingly Successful: What Really Works in Cyber Defense. John Pescatore, SANS
Surprisingly Successful: What Really Works in Cyber Defense John Pescatore, SANS 1 Largest Breach Ever 2 The Business Impact Equation All CEOs know stuff happens in business and in security The goal is
More informationEducation Network Security
Education Network Security RECOMMENDATIONS CHECKLIST Learn INSTITUTE Education Network Security Recommendations Checklist This checklist is designed to assist in a quick review of your K-12 district or
More informationDefensible and Beyond
TELUS Defensible and Beyond Mike Vamvakaris Director and Head of Cyber Security Consulting November 2017 Digital transformation brings many benefits Communication and Collaboration Autonomous and Artificial
More informationCyber security - why and how
Cyber security - why and how Frankfurt, 14 June 2018 ACHEMA Cyber Attack Continuum Prevent, Detect and Respond Pierre Paterni Rockwell Automation, Connected Services EMEA Business Development Manager PUBLIC
More informationEthical Hacking and Prevention
Ethical Hacking and Prevention This course is mapped to the popular Ethical Hacking and Prevention Certification Exam from US-Council. This course is meant for those professionals who are looking for comprehensive
More informationSpecialized Security Services, Inc. REDUCE RISK WITH CONFIDENCE. s3security.com
Specialized Security Services, Inc. REDUCE RISK WITH CONFIDENCE s3security.com Security Professional Services S3 offers security services through its Security Professional Services (SPS) group, the security-consulting
More informationFTA 2017 SEATTLE. Cybersecurity and the State Tax Threat Environment. Copyright FireEye, Inc. All rights reserved.
FTA 2017 SEATTLE Cybersecurity and the State Tax Threat Environment 1 Agenda Cybersecurity Trends By the Numbers Attack Trends Defensive Trends State and Local Intelligence What Can You Do? 2 2016: Who
More informationISE North America Leadership Summit and Awards
ISE North America Leadership Summit and Awards November 6-7, 2013 Presentation Title: Presenter: Presenter Title: Company Name: Embracing Cyber Security for Top-to-Bottom Results Larry Wilson Chief Information
More informationDepartment of Management Services REQUEST FOR INFORMATION
RESPONSE TO Department of Management Services REQUEST FOR INFORMATION Cyber-Security Assessment, Remediation, and Identity Protection, Monitoring, and Restoration Services September 3, 2015 250 South President
More information10 FOCUS AREAS FOR BREACH PREVENTION
10 FOCUS AREAS FOR BREACH PREVENTION Keith Turpin Chief Information Security Officer Universal Weather and Aviation Why It Matters Loss of Personally Identifiable Information (PII) Loss of Intellectual
More informationCybersecurity: Trust, Visibility, Resilience. Tom Albert Senior Advisor, Cybersecurity NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY 1
Cybersecurity: Trust, Visibility, Resilience Tom Albert Senior Advisor, Cybersecurity NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY 1 No single company can solve the complex challenge presented by the
More informationData Diode Cybersecurity Implementation Protects SCADA Network and Facilitates Transfer of Operations Information to Business Users
Data Diode Cybersecurity Implementation Protects SCADA Network and Facilitates Transfer of Operations Information to Business Users Standards Certification Education & Training Publishing Conferences &
More informationIE156: ICS410: ICS/SCADA Security Essentials
IE156: ICS410: ICS/SCADA Security Essentials IE156 Rev.001 CMCT COURSE OUTLINE Page 1 of 6 Training Description: In this five-day intensive training, participants will develop and reinforce a common language
More informationSecurity. Risk Management. Compliance.
Richard Nichols Netwitness Operations Director, RSA Security. Risk Management. Compliance. 1 Old World: Static Security Static Attacks Generic, Code-Based Static Infrastructure Physical, IT Controlled
More informationThe Water Sector Approach to Cybersecurity
The Water Sector Approach to Cybersecurity Standards Certification Education & Training Publishing Conferences & Exhibits Kevin M. Morley, PhD American Water Works Association 2016 ISA Water / Wastewater
More informationA MULTILAYERED SECURITY APPROACH TO KEEPING HEALTHCARE DATA SECURE
SESSION ID: SPO2-W12 A MULTILAYERED SECURITY APPROACH TO KEEPING HEALTHCARE DATA SECURE Frank Bunton VP, CISO MedImpact Healthcare Systems, Security @frankbunton Larry Biggs Security Engineer III - Threat
More informationIBM Global Technology Services Provide around-the-clock expertise and protect against Internet threats.
IBM Global Technology Services Provide around-the-clock expertise and protect against Internet threats. Enhancing cost to serve and pricing maturity Keeping up with quickly evolving ` Internet threats
More informationCybersecurity Risk Mitigation: Protect Your Member Data. Introduction
Cybersecurity Risk Mitigation: Protect Your Member Data Presented by Matt Mitchell, CISSP Knowledge Consulting Group Introduction Matt Mitchell- Director Risk Assurance 17 years information security experience
More informationCCISO Blueprint v1. EC-Council
CCISO Blueprint v1 EC-Council Categories Topics Covered Weightage 1. Governance (Policy, Legal, & Compliance) & Risk Management 1.1 Define, implement, manage and maintain an information security governance
More informationBuilding a Resilient Security Posture for Effective Breach Prevention
SESSION ID: GPS-F03B Building a Resilient Security Posture for Effective Breach Prevention Avinash Prasad Head Managed Security Services, Tata Communications Agenda for discussion 1. Security Posture 2.
More informationEC-Council C EH. Certified Ethical Hacker. Program Brochure
EC-Council TM H Program Brochure Course Description The (CEH) program is the core of the most desired information security training system any information security professional will ever want to be in.
More informationWhat It Takes to be a CISO in 2017
What It Takes to be a CISO in 2017 Doug Copley Deputy CISO Sr. Security & Privacy Strategist February 2017 IMAGINE You re the CISO In Bangladesh Of a bank On a Friday when you re closed You realize 6 huge
More informationE-guide CISSP Prep: 4 Steps to Achieve Your Certification
CISSP Prep: 4 Steps to Achieve Your Certification Practice for the exam and keep your skills sharp : Thank you for downloading our CISSP certification guide. Aside from this handy PDF, you can also access
More informationQuestion No: 1 After running a packet analyzer on the network, a security analyst has noticed the following output:
Volume: 75 Questions Question No: 1 After running a packet analyzer on the network, a security analyst has noticed the following output: Which of the following is occurring? A. A ping sweep B. A port scan
More informationSecuring Access to Network Devices
Securing Access to Network s Data Track Technology October, 2003 A corporate information security strategy will not be effective unless IT administrative services are protected through processes that safeguard
More informationCyberSecurity Matters: The Human Factor
CyberSecurity Matters: The Human Factor Seth Robinson Sr. Director Technology Analysis @sethdrobinson James Stanger Sr. Director Product Management @stangernet www.netcomlearning.com Copyright (c) 2015
More informationEndpoint Protection : Last line of defense?
Endpoint Protection : Last line of defense? First TC Noumea, New Caledonia 10 Sept 2018 Independent Information Security Advisor OVERVIEW UNDERSTANDING ENDPOINT SECURITY AND THE BIG PICTURE Rapid development
More information2014 CliftonLarsonAllen LLP Cyber Crime and Payment Fraud Trends Key Threats to All Businesses CliftonLarsonAllen LLP. CLAconnect.
Cyber Crime and Payment Fraud Trends Key Threats to All Businesses CLAconnect.com What do the following have in common? Catholic church parish Hospice Collection agency Main Street newspaper stand Electrical
More informationALTITUDE DOESN T MAKE YOU SAFE. Satcom Direct s Comprehensive Cyber Security Portfolio for Business Aviation
ALTITUDE DOESN T MAKE YOU SAFE Satcom Direct s Comprehensive Cyber Security Portfolio for Business Aviation CYBER SECURITY IS THE GREATEST THREAT TO EVERY COMPANY IN THE WORLD. IBM CEO GINNI ROMETTY SD
More informationCyber Crime and Online Payment Fraud Trends
Cyber Crime and Online Payment Fraud Trends Speaker: Mark Eich, CliftonLarsonAllen Copyright This presentation is protected by U.S. and International copyright laws. Reproduction, distribution, display
More informationHOLY ANGEL UNIVERSITY COLLEGE OF INFORMATION AND COMMUNICATIONS TECHNOLOGY CYBER SECURITY COURSE SYLLABUS
HOLY ANGEL UNIVERSITY LLEGE OF INFORMATION AND MMUNICATIONS TECHNOLOGY CYBER SECURITY URSE SYLLABUS Course Code : 6CSEC Prerequisite : 6MPRO2L Course Credit : 3 Units (2 hours LEC,3 hours LAB) Year Level:
More informationHOLISTIC NETWORK PROTECTION: INNOVATIONS IN SOFTWARE DEFINED NETWORKS
HOLISTIC NETWORK PROTECTION: INNOVATIONS IN SOFTWARE DEFINED NETWORKS Danielle M. Zeedick, Ed.D., CISM, CBCP Juniper Networks August 2016 Today s Objectives Goal Objectives To understand how holistic network
More informationCybersecurity Auditing in an Unsecure World
About This Course Cybersecurity Auditing in an Unsecure World Course Description $5.4 million that s the average cost of a data breach to a U.S.-based company. It s no surprise, then, that cybersecurity
More informationDefense in Depth Security in the Enterprise
Defense in Depth Security in the Enterprise Mike Mulville SAIC Cyber Chief Technology Officer MulvilleM@saic.com Agenda The enterprise challenge - threat; vectors; and risk Traditional data protection
More informationFunctional. Safety and. Cyber Security. Pete Brown Safety & Security Officer PI-UK
Functional Safety and Cyber Security Pete Brown Safety & Security Officer PI-UK Setting the Scene 2 Functional Safety requires Security Consider just Cyber Security for FS Therefore Industrial Control
More informationJoe Stocker, CISSP, MCITP, VTSP Patriot Consulting
Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting Microsoft Cloud Evangelist at Patriot Consulting Principal Systems Architect with 17 Years of experience Technical certifications: MCSE, MCITP Office
More informationYou knew the job was dangerous when you took it! Defending against CS malware
You knew the job was dangerous when you took it! Defending against CS malware Presented By: Doug Cavit Microsoft Where PI geeks meet 9/23/2010 NERC HILF 6/10 Adequately addressing vulnerabilities will
More informationLocking down a Hitachi ID Suite server
Locking down a Hitachi ID Suite server 2016 Hitachi ID Systems, Inc. All rights reserved. Organizations deploying Hitachi ID Identity and Access Management Suite need to understand how to secure its runtime
More informationCyber security tips and self-assessment for business
Cyber security tips and self-assessment for business Last year one in five New Zealand SMEs experienced a cyber-attack, so it s essential to be prepared. Our friends at Deloitte have put together this
More informationInformation Security Controls Policy
Information Security Controls Policy Classification: Policy Version Number: 1-00 Status: Published Approved by (Board): University Leadership Team Approval Date: 30 January 2018 Effective from: 30 January
More informationLESSONS LEARNED IN SMART GRID CYBER SECURITY
LESSONS LEARNED IN SMART GRID CYBER SECURITY Lynda McGhie CISSP, CISM, CGEIT Quanta Technology Executive Advisor Smart Grid Cyber Security and Critical Infrastructure Protection lmcghie@quanta-technology.com
More informationHow can I use ISA/IEC (Formally ISA 99) to minimize risk? Standards Certification Education & Training Publishing Conferences & Exhibits
How can I use ISA/IEC- 62443 (Formally ISA 99) to minimize risk? Standards Certification Education & Training Publishing Conferences & Exhibits What is ISA 62443? A series of ISA standards that addresses
More informationSecurity
Security +617 3222 2555 info@citec.com.au Security With enhanced intruder technologies, increasingly sophisticated attacks and advancing threats, your data has never been more susceptible to breaches from
More informationENDPOINT SECURITY STORMSHIELD PROTECTION FOR WORKSTATIONS. Protection for workstations, servers, and terminal devices
ENDPOINT SECURITY STORMSHIELD PROTECTION FOR WORKSTATIONS Protection for workstations, servers, and terminal devices Our Mission Make the digital world a sustainable and trustworthy environment while ensuring
More informationAn Aflac Case Study: Moving a Security Program from Defense to Offense
SESSION ID: TTA-F02 An Aflac Case Study: Moving a Security Program from Defense to Offense Tim Callahan SVP & Global Chief Security Officer Aflac Threat Landscape Security risks are growing at a faster
More informationIndustrial Cyber Security. ICS SHIELD Top-down security for multi-vendor OT assets
Industrial Cyber Security ICS SHIELD Top-down security for multi-vendor OT assets OT SECURITY NEED Industrial organizations are increasingly integrating their OT and IT infrastructures. The huge benefits
More informationBecoming the Adversary
SESSION ID: CIN-R06 Becoming the Adversary Tyrone Erasmus Managing Security Consultant MWR InfoSecurity @metall0id /usr/bin/whoami Most public research == Android Something different today 2 Overview Introduction
More informationCYBERBIT P r o t e c t i n g a n e w D i m e n s i o n
CYBERBIT P r o t e c t i n g a n e w D i m e n s i o n CYBETBIT in a Nutshell A leader in the development and integration of Cyber Security Solutions A main provider of Cyber Security solutions for the
More informationNEN The Education Network
NEN The Education Network School e-security Checklist This checklist sets out 20 e-security controls that, if implemented effectively, will help to ensure that school networks are kept secure and protected
More informationCYBERSECURITY RISK LOWERING CHECKLIST
CYBERSECURITY RISK LOWERING CHECKLIST The risks from cybersecurity attacks, whether external or internal, continue to grow. Leaders must make thoughtful and informed decisions as to the level of risk they
More information6 MILLION AVERAGE PAY. CYBER Security. How many cyber security professionals will be added in 2019? for popular indursty positions are
PROGRAM Objective Cyber Security is the most sought after domain, and NASSCOM projects a requirment of over 1 million trained professionals by 2025. Tevel training program is an industry & employability
More informationSafdar Akhtar, Cyber Director Sema Tutucu, Ops Leader 27 September CYBER SECURITY PROGRAM: Policies to Controls
Safdar Akhtar, Cyber Director Sema Tutucu, Ops Leader 27 September 2017 CYBER SECURITY PROGRAM: Policies to Controls Can You Answer These Questions? 1 What s my company s exposure to the latest industrial
More informationPREPARE & PREVENT. The SD Comprehensive Cybersecurity Portfolio for Business Aviation
PREPARE & PREVENT The SD Comprehensive Cybersecurity Portfolio for Business Aviation SD CYBERSECURITY SERVICES At SD, security isn t a slogan, it is our culture. Just because you are in a business jet
More informationSecurity and Compliance Powered by the Cloud. Ben Friedman / Strategic Accounts Director /
Security and Compliance Powered by the Cloud Ben Friedman / Strategic Accounts Director / bf@alertlogic.com Founded: 2002 Headquarters: Ownership: Houston, TX Privately Held Customers: 1,200 + Employees:
More informationTroubleshooting and Cyber Protection Josh Wheeler
May 4, 2016 Troubleshooting and Cyber Protection Josh Wheeler Network Security Network Security Risks Video Network Security Risks Article Network Security Risks Data stealing or disruption of network
More informationSINGLE COURSE. NH9000 Certified Ethical Hacker 104 Total Hours. COURSE TITLE: Certified Ethical Hacker
NH9000 Certified Ethical Hacker 104 Total Hours COURSE TITLE: Certified Ethical Hacker COURSE OVERVIEW: This class will immerse the student into an interactive environment where they will be shown how
More informationEnhancing infrastructure cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services
Enhancing infrastructure cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services European Union Agency for Network and Information Security Securing Europe s Information society 2
More informationSecuring IEDs against Cyber Threats in Critical Substation Automation and Industrial Control Systems
Securing IEDs against Cyber Threats in Critical Substation Automation and Industrial Control Systems Eroshan Weerathunga, Anca Cioraca, Mark Adamiak GE Grid Solutions MIPSYCON 2017 Introduction Threat
More informationRadware Attack Mitigation Solution (AMS) Protect Online Businesses and Data Centers Against Emerging Application & Network Threats - Whitepaper
Radware Attack Mitigation Solution (AMS) Protect Online Businesses and Data Centers Against Emerging Application & Network Threats - Whitepaper Table of Contents Abstract...3 Understanding Online Business
More informationEnterprise Cybersecurity Best Practices Part Number MAN Revision 006
Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 April 2013 Hologic and the Hologic Logo are trademarks or registered trademarks of Hologic, Inc. Microsoft, Active Directory,
More information90% of data breaches are caused by software vulnerabilities.
90% of data breaches are caused by software vulnerabilities. Get the skills you need to build secure software applications Secure Software Development (SSD) www.ce.ucf.edu/ssd Offered in partnership with
More information