Having the SOC feed the organization with FOOD and not FUD
|
|
- Charles Boone
- 5 years ago
- Views:
Transcription
1 Having the SOC feed the organization with FOOD and not FUD My-Ngoc Nguyen (Pronounced Me-nop Wynn) CEO - Secured IT Solutions Making IT Happen, Making IT Secure Secured IT Solutions All Rights Reserved.
2 Who am I? CEO and Principal Consultant of Secured IT Solutions A Cyber Security and IT support and service provider for public and private sector organizations Some clients include the following: Switch; Long Beach, CA; Burbank, CA; U.S. Dept. of Energy; NNSA; U.S. Dept. of Defense; Clark County Water Reclamation District; Federal Communication Commission Certified SANS Instructor Experience 20 years in IT 15 years in Cyber Security Masters of Science in Management Information Systems Top industry certifications: GLSC, GSEC, CISSP, GCIH, GPEN, GISF QSA (lapse) Secured IT Solutions All Rights Reserved.
3 Agenda/Objective Communicating with the message needed for executives and board of directors and organization leaders. Having the SOC feed the organization with FOOD and not FUD- Designing and operating a SOC to provide information and support: Instilling trust and confidence with Executives and Board Strategy to address cyber security risks Enable and show continuous growth strength, maturity, and effectiveness of cyber security within the organization Enable an enterprise shared responsibility to address cyber security risks Enable five key principles for board of directors to provide Cyber-Risk Oversight per the National Association of Corporate Directors (NACD)
4 Communicating Goal: Remove emotions when communicating to CEOs, Boards, and other organization leaders Focus on protecting the business first Brand Revenue generating operations/mission support operations Focus on what matters
5 What matters most to organizations Operational and mission interruptions Financial Reporting and efficiencies Incident or risk that would be material to investors and stakeholders Legal liabilities and Law Suits Every security breach will result in legal action. For Private sectors: EBITDA Earnings Before Interest, Taxes, Deprecation, and Amortization Measures a company s operating performance Impact to stock prices
6 Communicating (cont.) What does a security program and security operations mean to the business What are the solutions and strategies to the problem and concerns Is the solutions and operations to secure the organization enough to self-insure Ensure that the solution(s) isn t worse than the problem Are things operating efficiently and effectively Is the fund provided effectively in use? If not, why and how to improve it.
7 What gets communicated: Fear, Uncertainty, and Doubt (FUD)
8 Fear, Uncertainty, and Doubt Emotions eventually wears thin. Board of Directors comments given to SANS (John Pescatore and Allen Paller) The CISO is great at talking about blood in the streets but very weak on strategy to avoid disasters. We know bad things will happen the CEO and CFO and VPs inform us of business problems frequently. We want to have confidence that basic competence and strategies are in place to reduce bottom line impact. NACD reports that only 15% of boards are very satisfied with the information they are getting. Understand the strategic information they are looking for See how operational statistics like percent systems patched, etc. help them understand and how it s matters to them or does it? Secured IT Solutions All Rights Reserved.
9 Secured IT Solutions All Rights Reserved.
10
11
12 Ex. Hype vs. Reality Headliners: July 20, 2018 New York Times Big Red Flag Automakers Trade Secrets Exposed in Data Leak July 21, 2018 Tech Crunch Data breach exposes trade secrets of carmakers GM, Ford, Tesla, Toyota. Reality Security researcher disclosed abilities to access and expose 156 GB of data from an engineering service firm within the supply chain for these companies. What does this mean if something like this happens to us? What is the material implication to those car makers?
13 Feeding to the FUD more
14 Organizations with Massive Yahoo (2016 / 2013) Initially thought 1 Billion 3 Billion Oct 2017 Yahoo (2016 / 2014) 500 Million ebay (2014) 145 Million Equifax (2017) Million Heartland Payment Systems (2009) 130 Million Target (2013) 110 Million Tk-TJ Max (2007) Data Breaches 94 Million JP Morgan Chase (2014) 83 Million Anthem (2015) 80 Million Sony Play Station (2011) 77 Million Home Depot (2014) 56 Million Ashley Madison (2015) 32 Million Office of Personnel Management (2015) 21.5 Million Source: USA Today and Business Insider Secured IT Solutions All Rights Reserved.
15 July 2015 Hacked by the Impact Team 32 million Ashley Madison users The 9.7 gigabytes of information released by the hackers included credit card information, names, billing details and home addresses less than a month before that episode, Ashley Madison executives seemed very keen on completing a series of internal security assessments, audits and security awareness training exercises for employees. Secured IT Solutions All Rights Reserved.
16 9.7 GB of Personal information contained 32 million clients released, lead to many reported cases of: Divorces, Resignations, Firings, and Suicides. Secured IT Solutions All Rights Reserved.
17 Password Ashley Madison 100 popular passwords Times used , ,452 password 39,448 default 34, ,620 qwerty 20, ,172 abc123 10,869 p***y 10, , ashley 8,793 Secured IT Solutions All Rights Reserved.
18 Password Times used football 7,872 baseball 7,710 f**kyou , ,572 ashleymadison 6,213 password1 5,959 madison 5,219 a**hole 5,052 superman 5,023 mustang 4,865 harley 4, ,729 Secured IT Solutions All Rights Reserved.
19 Password Times used ,612 hello 4,425 monkey 4, ,240 hockey 4,191 letmein 4, ,077 soccer 3,936 cheater 3,908 kazuga 3,871 hunter 3,869 shadow 3,831 michael 3, , ,704 Secured IT Solutions All Rights Reserved.
20 Password Times used iloveyou 3,671 qwertyuiop 3,599 secret 3,522 buster 3,402 horny 3,389 jordan 3,368 hosts 3,295 zxcvbnm 3,280 asdfghjkl 3,174 affair 3,156 dragon 3, ,123 liverpool 3,087 bigd**k 3,058 sunshine 3,058 yankees 2,995 Secured IT Solutions All Rights Reserved.
21 Password Times used asdfg 2,981 freedom 2,963 batman 2,935 whatever 2,882 charlie 2,860 f**koff 2,794 money 2,686 pepper 2,656 jessica 2,648 asdfasdf 2,617 1qaz2wsx 2, ,606 andrew 2,549 qazwsx 2,526 dallas 2, , ,498 Secured IT Solutions All Rights Reserved.
22 Password Times used abcd1234 2,489 anthony 2,487 steelers 2,470 asdfgh 2,468 jennifer 2,442 killer 2,407 cowboys 2,403 master 2,395 jordan23 2,390 robert 2,372 maggie 2,357 looking 2,333 thomas 2,331 george 2,330 matthew 2, ,294 amanda 2,273 Secured IT Solutions All Rights Reserved.
23 Password Times used summer 2,263 qwert 2,263 princess 2,258 ranger 2,252 william 2,245 corvette 2,237 jackson 2,227 tigger 2,224 computer 2,212 Secured IT Solutions All Rights Reserved.
24 Yahoo ½ Billion 2014 (reported September, 2016) 500 million user accounts compromised state-sponsored actor Peacefully sold account info for 200 million users 2 months prior to acknowledgement of this breach Secured IT Solutions All Rights Reserved.
25 Organizations with Massive Yahoo (2016 / 2013) Initially thought 1 Billion 3 Billion Oct 2017 Yahoo (2016 / 2014) 500 Million ebay (2014) 145 Million Equifax (2017) Million Heartland Payment Systems (2009) 130 Million Target (2013) 110 Million Tk-TJ Max (2007) Data Breaches 94 Million JP Morgan Chase (2014) 83 Million Anthem (2015) 80 Million Sony Play Station (2011) 77 Million Home Depot (2014) 56 Million Ashley Madison (2015) 32 Million Office of Personnel Management (2015) 21.5 Million Source: USA Today and Business Insider Secured IT Solutions All Rights Reserved.
26 Yahoo 3 Billion 2013 (reported December 2016) 1 billion user accounts compromised October 2017 reported 3 Billion Likely state-sponsored actor because: Information not posted online for sale, indicating a targeted attack focusing on specific users or resources Method of compromise involved forging cookies allowing access to a users account without access to the password. Secured IT Solutions All Rights Reserved.
27 Yahoo Account information may have included: names, addresses, telephone numbers, dates of birth, hashed passwords and, in some cases, encrypted or unencrypted security questions and answers Financial data like bank account numbers and credit card data are NOT believed to be included Secured IT Solutions All Rights Reserved.
28 Equifax Reported Sept 2017 Breached discovered in July 2017 Unrelated breach in March 2017 Compromised personal information of 143 million US citizens and approximately 693,665 UK citizens (initial thought 400k) Exploited through a Apache Struts flaw with patch released in March 2017 Equifax ack that they were aware of this vulnerability at that time Insecure practices/criticism: Directed customers to wrong site used to phish visitors to that site set up a website to help people determine whether they had been affected. company's official Twitter account responded to customer inquiries by apparently directing them to a fake phishing site called Secured IT Solutions All Rights Reserved.
29 Equifax nsecure practices/criticism cont: CISO was music major Equifax can safely add Argentina if not also other Latin American nations where it does business to the list as well. Online portal designed to let Equifax employees in Argentina manage credit report disputes from consumers in that country was wide open, protected by perhaps the most easy-to-guess password combination ever: admin/admin. Researchers found they could view the names of more than 100 Equifax employees in Argentina, as well as their employee ID and address. The list of users page also featured a clickable button that anyone authenticated with the admin/admin username and password could use to add, modify or delete user accounts on the system. A search on Equifax Veraz at Linkedin indicates the unit currently has approximately 111 employees in Argentina. Secured IT Solutions All Rights Reserved.
30 Another Ex. Hype vs. Reality So what Reality Yahoo may cost their shareholders $250-$350 million in Verizon deal Ashley Madison U.S. judge approves $11.2 M settlement for hacked Ashley Madison users around July 2017 Still growing they got 55 million users as reported in an article in March 2018 Equifax Law suits and stock dipped but is climbing and never dropped lower than prices from 2015 at $105 per share
31 Tempering the Reporting The company breaches: Yahoo Ashley Madison Equifax FUD creates emotional business decisions that should be done by data and information instead FOOD
32 FOOD Separate the hype from the reality when briefing the board, CEO, and executives Factual Objective- Optimize- Data in order to Frame- Organize- Orchestrate- Deliver Frame conversations arounds the business benefits and costs coming from a SOC Organize with the right people, processes, and tools/technologies Orchestrate what is organized from the tools and people Deliver metrics and measurable results
33 Food from SOC SOC needs to be design and operated to provide FOOD to enable the 5 Principles for Cyber-Risk Oversight NACD 5 principles are: Principle 1: Approach cyber security as an enterprise-wide risk management issue, not just an IT issue Principle 2: Understand the legal implications of cyber risks Principle 3: Boards should have adequate access to cyber security expertise; cyber-risk management should be given adequate time on board agendas Principle 4: Directors should set expectations that management will establish an enterprise cyber-risk management framework Principle 5: Boards need to discuss details of cyber risk management and risk treatment
34 SOC Data FOOD for the 5 NACD Principles Does the SOC provide Factual Objective- Optimize- Data in order to Frame- Organize- Orchestrate- Deliver Framing conversations arounds the business benefits and costs coming from a SOC Organize with the right people, processes, and tools/technologies Orchestrate what is organized from the tools and people Deliver metrics and measurable results
35 NACD Principle 1: Cyber security is approached as an enterprise-wide risk management issue, not just an IT issue People, process, and technology Account for these aspect throughout the enterprise Since cyber-risks permeate all business processes, SOCs need to collect, manage and communicate data and information on all business processes and their elements that poses cyber security risks: Processes needing technological changes or deployment of disruptive technologies Can affect the time to detect and contain a data breach.
36 Enterprise Data People and Processes: Awareness & Training Policies, Procedures and Governing Documents Software Restriction Policies Categorize Data Business Impact Analysis Business Continuity Plan Incident Response Technology and Services: Application/System Inventory Network and system activities Access Controls Configuration Spam Filters, Detection Anti-virus & Malware Macro Scripts, App Whitelisting Network
37 Factual Objective- Optimize- Data Gathering all the facts and data Identify all possible data Assets and Identities ERP and GRC data Change controls Network data and metadata - Netflows - PCAPS - Network devices logs and rules Threat intel Authentication Access and access activities Server (Windows / Linux) Endpoints (client and mobile) IDS / IPS VPN Application Vulnerability
38 Factual Objective- Optimize- Data Gathering all the facts and data Identify all sources: External and Internal External feeds: Threat Intelligence and Incident analysis» ISAC, Law Enforcement, Agencies, Commercial services, Opensource, Community, Vulnerabilities Vendors Internal feeds: data and IT inventory, business impact analysis, analysis from past IR, past forensics, network and system activities, threat hunt / uncover / link events, ticket system, configuration library data base
39 Factual Objective- Optimize- Data Collect and Manage Automatically collect, aggregate and de-duplicate data feeds as well as normalize the data Centralize and create the single source of truth Ensure retention and integrity is addressed Be able to collect from any data source Automation / integration Categorize Correlate Improve operational efficiency using workflows Extract knowledge and intelligence to gain new insight with correlated data
40 NACD Principle 2: Understand the legal implications of cyber risks Compliance Reporting of incidents Time to detect and response is crucial Regulations (FISMA, PCI DSS, GDPR) Audits and assessments results Law suits: Due Care Difference between benchmarking with a balance prudent man rule
41 Compliance Understanding What does the regulation require? Has the entity established a cyber security Program that complies with the criteria set forth in the regulation? Has the entity conducted an appropriate Risk Assessment on which its cyber security policy is based? Was the assessment sufficiently comprehensive, and how often will additional assessments be conducted? In addition to retaining a CISO, has the entity utilized qualified cybersecurity personnel to manage the entity's cyber security risks?
42 NACD Principle 3: Reports and access to cyber security expertise - adequate time on board agendas Presenting to the board: Build trust and confidence Message needs to be around strategy and maturity of the program Corporate culture drive form, format and frequency of presentation
43 What Should the BoD Expect/Require to Hear from CISOs? Guidelines from the NACD: Situational Awareness Strategy and Operations Incident Response Industry Benchmarking Minimum quantitative metrics: Time to detect incident Time to restore operations Time to respond
44 Strategy Maintains clear visibility into assets and awareness of vulnerabilities; Obtaining and Utilizing up-to-date threat information. Establish measures, metrics, and monitoring frequencies to provide: known organizational security status; detect changes to information system infrastructure and environments of operation; and status of security control effectiveness in a manner that supports continued operation. Maturity plans (e.g. CMMI): Mature = Effective and efficient at dealing with risk (Threat, Vulnerability, Impact)
45 Benchmark Ponemon report: The faster the data breach can be identified and contained, the lower the costs. Report from 2017 study, organizations were able to reduce the days to identify the data breach from an average of approximately 201 in 2016 to 191 days and the average days to contain the data breach from 70 to 66 days. Attribute these improvements to investments in such enabling security technologies as security analytics, SIEM, enterprise wide encryption and threat intelligence sharing platforms.
46 NACD Principle 4: Expectations on establishment of an enterprise cyber-risk management framework NIST Cyber Security Framework Capability Maturity Model Integration SOC- Continuous monitoring and maturing
47 Approach Three-pronged monitoring program consisting of preventive controls, detective controls, and sustaining controls. monitor and prevent inappropriate or unauthorized changes to the security baseline from ever occurring monitor and detect changes to the security baseline when or shortly after they occur. active reporting of security risks and activities to sustain and mature the security baseline while ensuring improvement of both ongoing detective and preventive monitoring activities.
48 Leveraging CMMI for Continuous Monitoring/Ongoing Security Assessment CMMI 1 - Initial CMMI 2 - Repeat CMMI 3- Defined CMMI 4 - Managed CMMI 5 Optimized
49 CMMI Maturity Indicator Level (MIL) MIL defines a dual progression of maturity: an approach progression completeness, thoroughness, or level of development of an activity in a domain an institutionalization progression extent to which a practice or activity is ingrained in an organization s operations. The more deeply ingrained an activity, the more likely the organization will continue to perform the practice over time, under times of stress, and in a consistent, repeatable manner. MIL apply independently to each domain (10 domains for cyber security)
50 CMMI Maturity Indicator Level (MIL) MIL0: Not Performed Practices are incomplete or not done MIL1: Initiate Initial aspect of the practice is performed but most likely at ad hoc MIL2: Repeated Practices are planned and performed fully Adequate resources are provided for the practices MIL3: Defined Practices are defined and documented into standards or procedures to be used to guide practice implementation and maintenance. MIL4: Managed Practices are guided by policy (or other directives), periodically reviewed for conformance to policy Responsibility and authority for practices are clearly assigned to personnel with adequate skills and knowledge MIL5: Optimize Practices are shared. Information and resources are leveraged across multiple aspects and domains
51 NACD Principle 5: Boards need to discuss details of cyber risk management and risk treatment Threats, Vulnerabilities, and Impact Cyber insurance
52 Risks identified Examples from a sample of Financial Reports Technological changes; Risks associated with counterfeit and piracy of digital and print materials; Risks associated with data privacy, Information security and intellectual property; Disruptions to our information technology systems, infrastructure and data due to computer malware, viruses, hacking and phishing attacks, resulting in harm to our business and results of operations; Disruption of or interference with third party web service providers and our own proprietary technology
53 Factors that impacts Deployment of disruptive technologies can affect the time to detect and contain a data breach. Complexity (cloud-based applications and data as well as the use of mobile devices (including BYOD and mobile apps)) Can impact the ability to respond to data breaches. Can increase the complexity of dealing with IT security risks and data breaches.
54 Cyber Insurance Ponemon report the folllowing Purchase of cyber and data breach insurance can help manage the financial consequences of the incident year s study, insurance protection and business continuity management reduced the cost of data breach following the discovery of the incident. In contrast, the rush to notify victims without understanding the scope of the breach, compliance failures and the engagement of consultants all increase post data breach costs. Expenditures to resolve lawsuits also increase post data breach costs
55 Summary Ensure your SOC provide Factual Objective Optimize Data to your organization in order to Frame conversations arounds the business benefits and costs coming from a SOC Organize the right people, processes, and tools/technologies Orchestrate what is organized from the tools and people Deliver metrics and measurable results
56 Sources SANS Merriam-Webster Harvard Business Review Barnes & Noble Education Reports Third Quarter 2018 Financial Results Forbes Ponemon Gartner National Association of Corporate Directors
57 Questions??? My-Ngoc Nguyen Phone: (702) Web: SecuredITSolutions.com Location: 6795 Edmond Street Las Vegas, NV Secured IT Solutions All Rights Reserved.
Fail fast, often Fail Forward Innovation Model for Cyber Security Risk
Fail fast, often Fail Forward Innovation Model for Cyber Security Risk My-Ngoc Nguyen (Pronounced Me-nop Wynn) CEO - Secured IT Solutions www.secitsol.com Making IT Happen, Making IT Secure Who am I? CEO
More informationNew York Department of Financial Services Cybersecurity Regulation Compliance and Certification Deadlines
New York Department of Financial Services Cybersecurity Regulation Compliance and Certification Deadlines New York Department of Financial Services ( DFS ) Regulation 23 NYCRR 500 requires that entities
More informationWhat It Takes to be a CISO in 2017
What It Takes to be a CISO in 2017 Doug Copley Deputy CISO Sr. Security & Privacy Strategist February 2017 IMAGINE You re the CISO In Bangladesh Of a bank On a Friday when you re closed You realize 6 huge
More informationCyber Risks in the Boardroom Conference
Cyber Risks in the Boardroom Conference Managing Business, Legal and Reputational Risks Perspectives for Directors and Executive Officers Preparing Your Company to Identify, Mitigate and Respond to Risks
More informationTIPS FOR FORGING A BETTER WORKING RELATIONSHIP BETWEEN COUNSEL AND IT TO IMPROVE CYBER-RESPONSE
TIPS FOR FORGING A BETTER WORKING RELATIONSHIP BETWEEN COUNSEL AND IT TO IMPROVE CYBER-RESPONSE Association of Corporate Counsel NYC Chapter 11/1 NYC BDO USA, LLP, a Delaware limited liability partnership,
More informationCombating Cyber Risk in the Supply Chain
SESSION ID: CIN-W10 Combating Cyber Risk in the Supply Chain Ashok Sankar Senior Director Cyber Strategy Raytheon Websense @ashoksankar Introduction The velocity of data breaches is accelerating at an
More informationAll 3 Billion Yahoo Accounts Were Affected by 2013 Attack NY Times 10/3/17
2 All 3 Billion Yahoo Accounts Were Affected by 2013 Attack NY Times 10/3/17 4 John Chambers, former CEO and Chairman of the Board of Cisco Systems, Inc. 5 / 6 2017 State of Cybersecurity in Small and
More informationDefensible and Beyond
TELUS Defensible and Beyond Mike Vamvakaris Director and Head of Cyber Security Consulting November 2017 Digital transformation brings many benefits Communication and Collaboration Autonomous and Artificial
More informationBUILDING CYBERSECURITY CAPABILITY, MATURITY, RESILIENCE
BUILDING CYBERSECURITY CAPABILITY, MATURITY, RESILIENCE 1 WHAT IS YOUR SITUATION? Excel spreadsheets Manually intensive Too many competing priorities Lack of effective reporting Too many consultants Not
More informationCybersecurity in Higher Ed
Cybersecurity in Higher Ed 1 Overview Universities are a treasure trove of information. With cyber threats constantly changing, there is a need to be vigilant in protecting information related to students,
More informationCybersecurity. You have been breached; What Happens Next THE CHALLENGE FOR THE FINANCIAL SERVICES INDUSTRY
Cybersecurity THE CHALLENGE FOR THE FINANCIAL SERVICES INDUSTRY Gary Meshell World Wide Leader Financial Services Industry IBM Security March 21 2019 You have been breached; What Happens Next 2 IBM Security
More informationHow will cyber risk management affect tomorrow's business?
How will cyber risk management affect tomorrow's business? The "integrated" path towards continuous improvement of information security Cyber Risk as a Balance Sheet Risk exposing Board and C-Levels 2018
More informationFTA 2017 SEATTLE. Cybersecurity and the State Tax Threat Environment. Copyright FireEye, Inc. All rights reserved.
FTA 2017 SEATTLE Cybersecurity and the State Tax Threat Environment 1 Agenda Cybersecurity Trends By the Numbers Attack Trends Defensive Trends State and Local Intelligence What Can You Do? 2 2016: Who
More informationProtecting your next investment: The importance of cybersecurity due diligence
Protecting your next investment: The importance of cybersecurity due diligence Oct. 11, 2018 Baker Tilly Virchow Krause, LLP. All rights reserved. Baker Tilly refers to Baker Tilly Virchow Krause, LLP,
More informationGDPR: The Day After. Pierre-Luc REFALO
GDPR: The Day After Pierre-Luc REFALO The speaker: Pierre-Luc REFALO Global Head of Strategic Cybersecurity Consulting 25+ years in Information & Cyber Security consultancy CISO for SFR & Vivendi Universal
More informationRethinking Information Security Risk Management CRM002
Rethinking Information Security Risk Management CRM002 Speakers: Tanya Scott, Senior Manager, Information Risk Management, Lending Club Learning Objectives At the end of this session, you will: Design
More informationCybersecurity and Hospitals: A Board Perspective
Cybersecurity and Hospitals: A Board Perspective Cybersecurity is an important issue for both the public and private sector. At a time when so many of our activities depend on information systems and technology,
More informationTechnology Risk Management in Banking Industry. Rocky Cheng General Manager, Information Technology, Bank of China (Hong Kong) Limited
Technology Risk Management in Banking Industry Rocky Cheng General Manager, Information Technology, Bank of China (Hong Kong) Limited Change in Threat Landscape 2 Problem & Threats faced by Banking Industry
More informationAutomating the Top 20 CIS Critical Security Controls
20 Automating the Top 20 CIS Critical Security Controls SUMMARY It s not easy being today s CISO or CIO. With the advent of cloud computing, Shadow IT, and mobility, the risk surface area for enterprises
More informationMulti-Factor Authentication (MFA)
10.10.18 1 Multi-Factor Authentication (MFA) What is it? Why should I use it? CYBERSECURITY Tech Fair 2018 10.10.18 2 Recent Password Hacks PlayStation Network (2011) 77 Million accounts hacked Adobe (2013)
More informationTHE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION
BREACH & ATTACK SIMULATION THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION Cymulate s cyber simulation platform allows you to test your security assumptions, identify possible security gaps and receive
More informationTeradata and Protegrity High-Value Protection for High-Value Data
Teradata and Protegrity High-Value Protection for High-Value Data 12.16 EB7178 DATA SECURITY Table of Contents 2 Data Centric Security: Providing High-Value Protection for High-Value Data 3 Visibility:
More informationTackling Cybersecurity with Data Analytics. Identifying and combatting cyber fraud
Tackling Cybersecurity with Data Analytics Identifying and combatting cyber fraud San Antonio IIA iheartaudit Conference February 24, 2017 What We ll Cover + Current threat landscape + Common security
More informationCyber-Threats and Countermeasures in Financial Sector
Michael Mavroforakis, PhD Group CISO & CDO SEV: Workshop on Digital Enablers (Cloud & Cybersecurity) 27th March 2018 Agenda: CYBERSECURITY Potential Targets Attack Examples Insider vs Outsider Threats
More informationBackground FAST FACTS
Background Terra Verde was founded in 2008 by cybersecurity, risk and compliance executives. The founders believed that the market needed a company that was focused on using security, risk and compliance
More informationNYDFS Cybersecurity Regulations
SPEAKERS NYDFS Cybersecurity Regulations Lisa J. Sotto Hunton & Williams LLP (212) 309-1223 lsotto@hunton.com www.huntonprivacyblog.com March 9, 2017 The Privacy Team at Hunton & Williams Over 30 privacy
More informationInformation Security Is a Business
Information Security Is a Business Continuity Issue: Are You Ready? Dr. Nader Mehravari Cyber Risk and Resilience Management Team CERT Division Software Engineering Institute Carnegie Mellon University
More informationFFIEC Cyber Security Assessment Tool. Overview and Key Considerations
FFIEC Cyber Security Assessment Tool Overview and Key Considerations Overview of FFIEC Cybersecurity Assessment Tool Agenda Overview of assessment tool Review inherent risk profile categories Review domain
More informationCYBER SECURITY AND MITIGATING RISKS
CYBER SECURITY AND MITIGATING RISKS 01 WHO Tom Stewart Associate Director Technology Consulting Chicago Technical Security Leader Protiviti Slides PRESENTATION AGENDA 3 START HACKING DEFINITION BRIEF HISTORY
More informationRSA NetWitness Suite Respond in Minutes, Not Months
RSA NetWitness Suite Respond in Minutes, Not Months Overview One can hardly pick up a newspaper or turn on the news without hearing about the latest security breaches. The Verizon 2015 Data Breach Investigations
More informationCyber Risks, Coverage, and the Board of Directors.
Cyber Risks, Coverage, and the Board of Directors PCI Northeastern General Counsel Seminar September 19-20, 2016 Vincent J. Vitkowsky Seiger Gfeller Laurie LLP vvitkowsky@sgllawgroup.com CYBER RISKS and
More informationPONEMON INSTITUTE RESEARCH REPORT 2018 STUDY ON GLOBAL MEGATRENDS IN CYBERSECURITY
PONEMON INSTITUTE RESEARCH REPORT 2018 STUDY ON GLOBAL MEGATRENDS IN CYBERSECURITY Benchmark research sponsored by Raytheon. Independently conducted by Ponemon Institute LLC. February 2018 2018 Study on
More informationSOC for cybersecurity
April 2018 SOC for cybersecurity a backgrounder Acknowledgments Special thanks to Francette Bueno, Senior Manager, Advisory Services, Ernst & Young LLP and Chris K. Halterman, Executive Director, Advisory
More informationWHITE PAPER. Operationalizing Threat Intelligence Data: The Problems of Relevance and Scale
WHITE PAPER Operationalizing Threat Intelligence Data: The Problems of Relevance and Scale Operationalizing Threat Intelligence Data: The Problems of Relevance and Scale One key number that is generally
More informationDeMystifying Data Breaches and Information Security Compliance
May 22-25, 2016 Los Angeles Convention Center Los Angeles, California DeMystifying Data Breaches and Information Security Compliance Presented by James Harrison OM32 5/25/2016 3:00 PM - 4:15 PM The handouts
More informationCyber Security Updates and Trends Affecting the Real Estate Industry
Cyber Security Updates and Trends Affecting the Real Estate Industry What, Why, and How? Agenda Cyber Security Today Changes to Security Standards and Trends Protecting Yourself and Your Organization Takeways
More informationCybersecurity The Evolving Landscape
Cybersecurity The Evolving Landscape 1 Presenter Zach Shelton, CISA Principal DHG IT Advisory Zach.Shelton@DHG.com Raleigh, NC 14+ years of experience in IT Consulting 11+ years of experience with DHG
More informationNYDFS Cybersecurity Regulations: What do they mean? What is their impact?
June 13, 2017 NYDFS Cybersecurity Regulations: What do they mean? What is their impact? Gus Coldebella Principal, Boston Caroline Simons Principal, Boston Agenda 1) Overview of the new regulations 2) Assessing
More informationThreat Intelligence to enhance Cyber Resiliency KEVIN ALBANO GLOBAL THREAT INTELLIGENCE LEAD IBM X-FORCE INCIDENT RESPONSE AND INTELLIGENCE SERVICES
Threat Intelligence to enhance Cyber Resiliency KEVIN ALBANO GLOBAL THREAT INTELLIGENCE LEAD IBM X-FORCE INCIDENT RESPONSE AND INTELLIGENCE SERVICES Agenda Welcome Threat Intelligence EcoSystem Cyber Resiliency
More informationBUSINESS LECTURE TWO. Dr Henry Pearson. Cyber Security and Privacy - Threats and Opportunities.
BUSINESS LECTURE TWO Dr Henry Pearson Cyber Security and Privacy - Threats and Opportunities. Introduction Henry started his talk by confessing that he was definitely not a marketer, as he had been occupied
More informationBuilding a Business Case for Cyber Threat Intelligence. 5Reasons Your. Organization Needs a Risk-Based 5Approach to Cybersecurity
Building a Business Case for Cyber Threat Intelligence 5Reasons Your Organization Needs a Risk-Based 5Approach to Cybersecurity 5 Reasons for a Risk-Based Approach to Cybersecurity The Bad Guys are Winning
More informationCybersecurity: Pre-Breach Preparedness and Post-Breach Duties
Cybersecurity: Pre-Breach Preparedness and Post-Breach Duties Thursday, October 5, 2017 Presented by: Gerrit Nel, Senior Manager, Cyber Security, KPMG Sunny Handa, Partner, Montreal Cathy Beagan Flood,
More informationHealthcare HIPAA and Cybersecurity Update
Baker Tilly refers to Baker Tilly Virchow Krause, LLP, an independently owned and managed member of Baker Tilly International. Healthcare HIPAA and Cybersecurity Update Agenda > Introductions > Cybersecurity
More informationBest Practices in Securing a Multicloud World
Best Practices in Securing a Multicloud World Actions to take now to protect data, applications, and workloads We live in a multicloud world. A world where a multitude of offerings from Cloud Service Providers
More informationAgenda. Security essentials. Year in review. College/university challenges. Recommendations. Agenda RSM US LLP. All Rights Reserved.
Agenda Agenda Security essentials Year in review College/university challenges Recommendations 2 About me Matt Franko Director, Risk Advisory Services matthew.franko@rsmus.com (216) 927-8224 11+ years
More informationTHE CYBERSECURITY LITERACY CONFIDENCE GAP
CONFIDENCE: SECURED WHITE PAPER THE CYBERSECURITY LITERACY CONFIDENCE GAP ADVANCED THREAT PROTECTION, SECURITY AND COMPLIANCE Despite the fact that most organizations are more aware of cybersecurity risks
More informationCybersecurity Auditing in an Unsecure World
About This Course Cybersecurity Auditing in an Unsecure World Course Description $5.4 million that s the average cost of a data breach to a U.S.-based company. It s no surprise, then, that cybersecurity
More informationEnhancing the Cybersecurity of Federal Information and Assets through CSIP
TECH BRIEF How BeyondTrust Helps Government Agencies Address Privileged Access Management to Improve Security Contents Introduction... 2 Achieving CSIP Objectives... 2 Steps to improve protection... 3
More informationID Theft and Data Breach Mitigation
ID Theft and Data Breach Mitigation Jeremy Gilbert, GCFE, GASF, EnCE, CPA 1 Agenda Consumer ID theft issues Data breach trends Laws and regulations Assessing and mitigating your risk 2 Consumer Identity
More informationIntegrating Cyber Security with Business Continuity Management to Build the Resilient Enterprise
February 11 14, 2018 Gaylord Opryland Resort and Convention Center, Nashville #DRI2018 Integrating Cyber Security with Business Continuity Management to Build the Resilient Enterprise Tejas Katwala CEO
More informationBusiness continuity management and cyber resiliency
Baker Tilly refers to Baker Tilly Virchow Krause, LLP, an independently owned and managed member of Baker Tilly International. Business continuity management and cyber resiliency Introductions Eric Wunderlich,
More informationDHG presenter. August 17, Addressing the Evolving Cybersecurity Landscape. DHG Birmingham CPE Seminar 1
Addressing the Evolving Cybersecurity Tom Tollerton, CISSP, CISA, PCI QSA Manager Cybersecurity Advisory Services DHG presenter Tom Tollerton, Manager DHG IT Advisory 704.367.7061 tom.tollerton@dhgllp.com
More informationJoe Stocker, CISSP, MCITP, VTSP Patriot Consulting
Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting Microsoft Cloud Evangelist at Patriot Consulting Principal Systems Architect with 17 Years of experience Technical certifications: MCSE, MCITP Office
More informationNEW YORK CYBERSECURITY REGULATION COMPLIANCE GUIDE
COMPLIANCE ADVISOR NEW YORK CYBERSECURITY REGULATION COMPLIANCE GUIDE A PUBLICATION BY THE EXCESS LINE ASSOCIATION OF NEW YORK One Exchange Plaza 55 Broadway 29th Floor New York, New York 10006-3728 Telephone:
More informationThe SANS Institute Top 20 Critical Security Controls. Compliance Guide
The SANS Institute Top 20 Critical Security Controls Compliance Guide February 2014 The Need for a Risk-Based Approach A common factor across many recent security breaches is that the targeted enterprise
More informationManaging Cybersecurity Risk
Managing Cybersecurity Risk Maureen Brundage Andy Roth August 9, 2016 Managing Cybersecurity Risk Cybersecurity: The Current Legal and Regulatory Environment Cybersecurity Governance: Considerations for
More informationInfoSec Risks from the Front Lines
InfoSec Risks from the Front Lines Adam Brand, Protiviti Orange County IIA Seminar Who I Am Adam Brand IT Security Services Some Incident Response Experience Lead Breach Detection Audits @adamrbrand Who
More informationCLICK TO EDIT MASTER TITLE STYLE Fraud Overview and Mitigation Strategies
Fraud Overview and Mitigation Strategies SUNTRUST TEAM: DOUG HICKMAN SENIOR VICE PRESIDENT FOUNDATIONS AND ENDOWMENTS SPECIALTY PRACTICE JAMES BERNAL ASSISTANT VICE PRESIDENT FOUNDATIONS AND ENDOWMENTS
More informationPROTECTING BRANDS IN CYBERSPACE
Speaker Profile Abhishek Agarwal, CIPP/US: Security & Privacy Leader at Kraft Foods Manage compliance programs to safeguard consumer, customers and employee information. Responsible for protecting brand
More informationCybersecurity Risk Mitigation: Protect Your Member Data. Introduction
Cybersecurity Risk Mitigation: Protect Your Member Data Presented by Matt Mitchell, CISSP Knowledge Consulting Group Introduction Matt Mitchell- Director Risk Assurance 17 years information security experience
More informationAngela McKay Director, Government Security Policy and Strategy Microsoft
Angela McKay Director, Government Security Policy and Strategy Microsoft Demographic Trends: Internet Users in 2005.ru.ca.is.uk.nl.be.no.de.pl.ua.us.fr.es.ch.it.eg.il.sa.jo.tr.qa.ae.kz.cn.tw.kr.jp.mx.co.br.pk.th.ph.ng.in.sg.my.ar.id.au
More informationJeff Wilbur VP Marketing Iconix
2016 Data Protection & Breach Readiness Guide February 3, 2016 Craig Spiezle Executive Director & President Online Trust Alliance Jeff Wilbur VP Marketing Iconix 1 Who is OTA? Mission to enhance online
More informationCISO as Change Agent: Getting to Yes
SESSION ID: CXO-W02F CISO as Change Agent: Getting to Yes Frank Kim Chief Information Security Officer SANS Institute @fykim Outline Catch the Culture Shape the Strategy Build the Business Case 2 #1 Catch
More informationCybersecurity Today Avoid Becoming a News Headline
Cybersecurity Today 2017 Avoid Becoming a News Headline Topics Making News Notable Incidents Current State of Affairs Common Points of Failure Three Quick Wins How to Prepare for and Respond to Cybersecurity
More informationSecurity and Privacy Governance Program Guidelines
Security and Privacy Governance Program Guidelines Effective Security and Privacy Programs start with attention to Governance. Governance refers to the roles and responsibilities that are established by
More information10 Cybersecurity Questions for Bank CEOs and the Board of Directors
4 th Annual UBA Bank Executive Winter Conference February, 2015 10 Cybersecurity Questions for Bank CEOs and the Board of Directors Dr. Kevin Streff Founder, Secure Banking Solutions 1 Board of Directors
More informationTHE POWER OF TECH-SAVVY BOARDS:
THE POWER OF TECH-SAVVY BOARDS: LEADERSHIP S ROLE IN CULTIVATING CYBERSECURITY TALENT SHANNON DONAHUE DIRECTOR, INFORMATION SECURITY PRACTICES 1 IT S A RISK-BASED WORLD: THE 10 MOST CRITICAL UNCERTAINTIES
More informationBuilding a Resilient Security Posture for Effective Breach Prevention
SESSION ID: GPS-F03B Building a Resilient Security Posture for Effective Breach Prevention Avinash Prasad Head Managed Security Services, Tata Communications Agenda for discussion 1. Security Posture 2.
More informationCyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS
Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS Continual disclosed and reported
More informationGovernance Ideas Exchange
www.pwc.com.au Anatomy of a Hack Governance Ideas Exchange Robert Di Pietro October 2018 Cyber Security Anatomy of a Hack Cyber Security Introduction Who are the bad guys? Profiling the victim Insights
More informationAdaptive & Unified Approach to Risk Management and Compliance via CCF
SESSION ID: SOP-W08 Adaptive & Unified Approach to Risk Management and Compliance via CCF Vishal Kalro Manager, Risk Advisory & Assurance Services (RAAS) Adobe @awish11 Disclaimer All the views presented
More informationIT Security Mandatory Solutions. Andris Soroka 2nd of July, RIGA
IT Security Mandatory Solutions Andris Soroka 2nd of July, 2014 @LPS, RIGA Data Security Solutions business card Specialization IT Security IT Security services (consulting, audit, pen-testing, market
More informationMachine Learning and Advanced Analytics to Address Today s Security Challenges
Machine Learning and Advanced Analytics to Address Today s Security Challenges Depending on your outlook, this is either an exciting time or a terrible time to be part of an enterprise cybersecurity team.
More informationIBM Global Technology Services Provide around-the-clock expertise and protect against Internet threats.
IBM Global Technology Services Provide around-the-clock expertise and protect against Internet threats. Enhancing cost to serve and pricing maturity Keeping up with quickly evolving ` Internet threats
More information2017 Annual Meeting of Members and Board of Directors Meeting
2017 Annual Meeting of Members and Board of Directors Meeting Dan Domagala; "Cybersecurity: An 8-Point Checklist for Protecting Your Assets" Join this interactive discussion about cybersecurity trends,
More informationTEL2813/IS2820 Security Management
TEL2813/IS2820 Security Management Security Management Models And Practices Lecture 6 Jan 27, 2005 Introduction To create or maintain a secure environment 1. Design working security plan 2. Implement management
More informationIncident Response Lessons From the Front Lines. Session 276, March 8, 2018 Nolan Garrett, CISO, Children s Hospital Los Angeles
Incident Response Lessons From the Front Lines Session 276, March 8, 2018 Nolan Garrett, CISO, Children s Hospital Los Angeles 1 Conflict of Interest Nolan Garrett Has no real or apparent conflicts of
More informationYou ve Been Hacked Now What? Incident Response Tabletop Exercise
You ve Been Hacked Now What? Incident Response Tabletop Exercise Date or subtitle Jeff Olejnik, Director Cybersecurity Services 1 Agenda Incident Response Planning Mock Tabletop Exercise Exercise Tips
More informationDefensible Security DefSec 101
Defensible Security DefSec 101 Security Day November 2017 Information Security Branch Paul Falohun Senior Security Analyst Dan Lathigee Senior Project Manager Content 1 Introduction 2 DefSec for PSO 3
More informationCybersecurity What Companies are Doing & How to Evaluate. Miguel Romero - NAIC David Gunkel & Dan Ford Rook Security
Cybersecurity What Companies are Doing & How to Evaluate Miguel Romero - NAIC David Gunkel & Dan Ford Rook Security Learning Objectives At the end of this presentation, you will be able to: Explain the
More informationIs Your Payment Card Data Secure Enough?
January 2018 Is Your Payment Card Data Secure Enough? 2018 KUBRA Is Your Payment Card Data Secure Enough? Payment Security Matters In 2007, TJX Companies (which includes TJ Maxx, HomeSense, and Marshalls)
More informationNORTH AMERICAN SECURITIES ADMINISTRATORS ASSOCIATION Cybersecurity Checklist for Investment Advisers
Identify Protect Detect Respond Recover Identify: Risk Assessments & Management 1. Risk assessments are conducted frequently (e.g. annually, quarterly). 2. Cybersecurity is included in the risk assessment.
More informationIncident Response Table Tops
Incident Response Table Tops Agenda Introductions SecureState overview Need for improved incident response capability https://pollev.com/securestate Overview of the exercise: Sample incident response table
More informationNIS, GDPR and Cyber Security: Convergence of Cyber Security and Compliance Risk
NIS, GDPR and Cyber Security: Convergence of Cyber Security and Compliance Risk IT Matters Forum July 2017 Alan Calder Founder & Executive Chairman IT Governance Ltd Introduction Alan Calder Founder IT
More informationUnderstanding Cyber Insurance & Regulatory Drivers for Business Continuity
Understanding Cyber Insurance & Regulatory Drivers for Business Continuity Lily Yeoh, CISSP, CBCP lily@cb1security.com https://www.cb1security.com Agenda BC/DR Business Drivers Recent Regulatory & Cyber
More informationGDPR: An Opportunity to Transform Your Security Operations
GDPR: An Opportunity to Transform Your Security Operations McAfee SIEM solutions improve breach detection and response Is your security operations GDPR ready? General Data Protection Regulation (GDPR)
More informationSage Data Security Services Directory
Sage Data Security Services Directory PROTECTING INFORMATION ASSETS ENSURING REGULATORY COMPLIANCE FIGHTING CYBERCRIME Discover the Sage Difference Protecting your business from cyber attacks is a full-time
More informationCyber Security Program
Cyber Security Program Cyber Security Program Goals and Objectives Goals Provide comprehensive Security Education and Awareness to the University community Build trust with the University community by
More informationWill your application be secure enough when Robots produce code for you?
SESSION ID: ASD-W02 Will your application be secure enough when Robots produce code for you? Hasan Yasar Technical Manager, Faculty Member SEI CMU @securelifecycle With the speed of DevOps It is me! I
More informationCyber Security in M&A. Joshua Stone, CIA, CFE, CISA
Cyber Security in M&A Joshua Stone, CIA, CFE, CISA Agenda About Whitley Penn, LLP The Threat Landscape Changed Cybersecurity Due Diligence Privacy Practices Cybersecurity Practices Costs of a Data Breach
More informationKey Findings from the Global State of Information Security Survey 2017 Indonesian Insights
www.pwc.com/id Key Findings from the State of Information Security Survey 2017 n Insights Key Findings from the State of Information Security Survey 2017 n Insights By now, the numbers have become numbing.
More informationCROWDSTRIKE FALCON FOR THE PUBLIC SECTOR
C R O W D S T R I K E P U B L I C S E C T O R S O L U T I O N S CROWDSTRIKE FALCON FOR THE PUBLIC SECTOR SECURE YOUR ENTERPRISE WITH A THAT PROVIDES UNRIVALED PROTECTION, SECURITY EXPERTISE, AND OPTIMAL
More informationManaging Privacy Risk & Compliance in Financial Services. Brett Hamilton Advisory Solutions Consultant ServiceNow
Managing Privacy Risk & Compliance in Financial Services Brett Hamilton Advisory Solutions Consultant ServiceNow 1 Speaker Introduction INSERT PHOTO Name: Brett Hamilton Title: Advisory Solutions Consultant
More informationSOLUTION BRIEF HELPING BREACH RESPONSE FOR GDPR WITH RSA SECURITY ADDRESSING THE TICKING CLOCK OF GDPR COMPLIANCE
HELPING BREACH RESPONSE FOR GDPR WITH RSA SECURITY ADDRESSING THE TICKING CLOCK OF GDPR COMPLIANCE PREPARATION FOR GDPR IS ESSENTIAL The EU GDPR imposes interrelated obligations for organizations handling
More informationIT SECURITY OFFICER. Department: Information Technology. Pay Range: Professional 18
Pierce County Classification Description IT SECURITY OFFICER Department: Information Technology Job Class #: 634900 Pay Range: Professional 18 FLSA: Exempt Represented: No Classification descriptions are
More informationRisk: Security s New Compliance. Torsten George VP Worldwide Marketing and Products, Agiliance Professional Strategies - S23
Risk: Security s New Compliance Torsten George VP Worldwide Marketing and Products, Agiliance Professional Strategies - S23 Agenda Market Dynamics Organizational Challenges Risk: Security s New Compliance
More informationThe Impact of Cybersecurity, Data Privacy and Social Media
Doing Business in a Connected World The Impact of Cybersecurity, Data Privacy and Social Media Security Incident tprevention and Response: Customizing i a Formula for Results Joseph hm. Ah Asher Marcus
More informationBalancing Compliance and Operational Security Demands. Nov 2015 Steve Winterfeld
Balancing Compliance and Operational Security Demands Nov 2015 Steve Winterfeld What is more important? Compliance with laws / regulations Following industry best practices Developing a operational practice
More informationCyber Insurance: What is your bank doing to manage risk? presented by
Cyber Insurance: What is your bank doing to manage risk? David Kitchen presented by Lisa Micciche Today s Agenda Claims Statistics Common Types of Cyber Attacks Typical Costs Incurred to Respond to an
More informationCybersecurity Conference Presentation North Bay Business Journal. September 27, 2016
Cybersecurity Conference Presentation North Bay Business Journal September 27, 2016 1 PRESENTER Francis Tam, CPA, CISM, CISA, CITP, CRISC, PCI QSA Partner Information Security and Infrastructure Practice
More information