Cyber Attacks & Breaches It s not if, it s When

Transcription

1 ` Cyber Attacks & Breaches It s not if, it s When IMRI Team Aliso Viejo, CA

2 Trusted Leader with Solution Oriented Results Since 1992 Data Center/Cloud Computing/Consolidation/Operations 15 facilities, 4 million users, 2800 applications 22 Savings & Loans operations with merger of $2 billion in assets Manages over $300 million in High Performance Computing operations Managed and delivered multi-million dollars of enterprise technology services for utility companies Cyber Security Supports the largest information network in world with over 1500 networks and 7 million devices Engaged with U.S Army Network Enterprise Technology Command, Missile Defense Agency, U.S Army Corps of Engineers, DISA F.E.M.A network security and perimeter defense and 3 rd party verification and validation U.S Unified Combatant Commands and Army Regional Cyber Centers worldwide Telecommunications Trusted advisors to the FirstNet leadership team providing wireless public safety expertise and professional services support for United States first high speed wireless broadband nationwide network for first responders solely to police, firefighters, emergency medical service professionals and other public safety officials

3 Why is Federal Government Focused on Cyber? It is in the United States best interest to Focus on Cybersecurity State-sponsored hacking is pervasive and difficult to detect and prevent Many attacks target intellectual property from the private sector Stopping state-sponsored IP theft is a top U.S. national security priority Large-scale data breaches can have a negative impact on the economy as a whole 3 million known cyber attacks on DoD networks per month or 100,000 attacks per day DoD s cyber focus causes 99.9% of attempted attacks fail 100 per day are successful DHS US-CERT provides up-to-date information on current cyber security activity, new vulnerabilities and tips on security issues facing the general public Helps organizations and companies shore up their defenses and catch potential vulnerabilities before they are exploited by hackers

4 Challenges in Manufacturing: Indiscriminate internetworking (IOT) Connected networks that operate at different levels of trust Industry believes that Firewalls are enough Bugs in software allowing for easy entry for malicious activity Only 80% of the network is known, 20% is unknown

5 Cyber Attacks in Manufacturing Software bugs Failed firewalls Lack of vendor management

6 What You Should Know About DoD Security and Compliance DoD relies upon contractors to carry out a wide range of missions and shares sensitive data with them. Inadequate safeguards threaten America s national security and put service members lives at risk. DFARS resulted from increased cyber espionage where adversaries stole sensitive government information often from a contractor or subcontractor. Requires all DoD contractors to comply with NIST security controls Minimum cybersecurity standards cover 14 areas as described in NIST Full compliance required by December 31, 2017 DoD contractors must adhere to two basic cybersecurity requirements: 1. Provide adequate security to safeguard covered defense information from unauthorized access and disclosure 2. Rapidly report cyber incidents and cooperate with DoD to respond New DFARS cybersecurity regulations are demanding, especially for small businesses, but solutions exist.

7 Typical Ecosystem Vulnerability Points Unused telephone line war dialing Use of removable media Infected Bluetooth enabled devices Wi-Fi enabled computer that has Ethernet connection to SCADA system Insufficiently secure Wi-Fi Corporate LAN /WAN Corporate web server servers internet gateways

8 Securing the Ecosystem IMRI s Approach

9 What Can You Do Now? Detect, Protect, and Prevent Understanding what you are Protecting Identify critical assets Understand the strengths & weaknesses of current cyber security arrangements Develop a cyber security roadmap

10 ` THANK YOU! Please visit us Call (949) IMRI Team Aliso Viejo, CA