Real world Zero day Threat Detection and Response
Size: px
Start display at page:

Download "Real world Zero day Threat Detection and Response"

Transcription

1 Real world Zero day Threat Detection and Response ILTA Webinar MAY MARK SANGSTER esentire VP Industry Security Strategies ILTA LegalSEC Council Member NLJ 2016 Legal Cybersecurity Trailblazer mobile: The Leader in Pure play Managed Detection and Response Copyright 2017 esentire, Inc. All rights reserved. Do not distribute without prior written permission.

2 MANAGED DETECTION AND RESPONSE customers $ % customer retention T assets protected employees 60 % growth We hunt down and stop dangerous new threats before they become business disrupting.

3 We Advise and Collaborate with Law Enforcement, Regulatory Agencies, Governing Bodies and Standards Orgs

4 of the 5 mostcyber attacked industries/# e LAW FIRMS ARE A TOP CYBER TARGET

5 THE COST OF CYBERCRIME REPUTATIONAL DAMAGE FINANCIAL LOSSES REGULATORY OBLIGATIONS

6 NO PRACTICE IS INOCUOS PANAMA 11.5M DOCUMENTS WikiLeaks (2010) 1.7GB 2.6 TERABYTES PAPERS

7 ASSETS HAVE ECONOMIC VALUE

8 ALL ROADS LEAD TO ROME: LAW FIRMS POLICY ISSUERS REGULATORS CYBERSECURITY VENDORS INVESTORS INVESTMENTS/CLIENTS

9 MEANS MOTIVE OPPORTUNITY ACCESS EASY LUCRATIVE IMPUNITY EASY ACCESS TO CYBER WEAPONRY MINIMAL CYBER SKILLS REQUIRED MOTIVATION IS HIGH NO NEGATIVE REPERCUSSIONS

10 THREAT TRENDS IN LAW FIRMS 80K FINANCE LAW FIRMS TECHNOLOGY 70K 60K 50K 40K 30K 20K 10K JAN FEB MAR APR MAY JUN JUL AUG SEP OCT NOV DEC

11 LAW FIRMS ARE CONFRONTED BY THE FASTEST THREAT GROWTH 380 % ATTACK INCREASE 100 % MALWARE INCREASE $ 4.0 % AVG BREACH COST

12 RANSOMWARE IS A BILLION DOLLAR INDUSTRY 40 seconds a company falls victim 70 % of companies pay the ransom 40 % spam contains ransomware 60 % infections stem from spam s $ 150 K in ransom payments $ 10 K lost billable hours per attorney

13 INDUSTRY RANSOMWARE CAMPAIGN DECEMBER subject line: The Office of The State Attorney Complaint which alluded to vague legal action against the firm PDF ATTACHMENT Claimed to contain details of the legal action Actually contained Ransomware THIS WAS EASILY DETECTABLE Legal action cannot be served by ! Sent from Outlook.com domain not GOV EASILY PREVENTABLE Security Awareness Training filtering Attachment blocking esentire MDR

14 TARGETED RANSOMWARE ATTACK 7:43AM 7:44AM 7:54AM 8:30AM AMP BLOCKS 1 st 87.exe DOWNLOADED FROM NEW IP TESLACRYPT BEACONS TO CNC SERVER SOC ALERTS ON INFECTION AND BLOCKS TRAFFIC INFECTED HOST ISOLATED/MITIGATED

15 TARGETED RANSOMWARE ATTACK DAY 01 DAY 08 DAY 12 $500K SITE 01 TESLACRYPT SITE 02 TESLACRYPT SITE 03 TESLACRYPT TOTAL BILLING LOSSES 15 Attorneys / Assistants 25 Attorneys / Assistants 20 Attorneys / Assistants 5.5 Hours to Detect 2.0 Days to Recover 4.0 Days to Recover 700GB Encrypted 1.5 Days to Recover

16 RANSOMWARE: WHY YOU SHOULD BACK UP FILES ENCRYPTED SCREENCAP Bitcoin Account 0.25 Bitcoin 20 YEARS 0.50 Bitcoin OF LITIGATION RECORDS IT FIRM WIPES SYSTEM INCLUDNG SCREEN CAP DELETE ALL FILES HOURS HOURS HOURS HOURS HOURS

17 TARGETED RANSOMWARE ATTACK $25,000 $700,000 LAW SUIT RANSOMWARE Negotiated to release files but not all keys worked Paid more bitcoins for additional tools LOST BILLABLE HOURS Recovery lasted months the firm s 10 lawyers were left unproductive and inefficient Based on year year billing comparisons SENTINEL INSURANCE CO. Breach of contract and bad faith After denying claim lost income Coverage included business income (limited to 12 months of losses) Claim limited to $20K for computer fraud

18 COMBATING RANSOMWARE DIRECTORS Payment Policy INFO SEC Backups & Testing INFO SEC Application Controls EMPLOYEES Training & Alerting EXECUTIVE Client Notification Disruption Plan INFO SEC Application Whitelisting INFO SEC Ad Blocking

19 BUSINESS DISRPUPTION TARGETED ATTACKS $400,000 FAKE INVOICES COMPROMISE $3.1 BILLION LOST RANSOMWARE $500,000 LOSSES RANSOMWARE $5.5 LARGEST HIPAA FINE $ TARGETED ATTACKS $10M PII FINE TRILLION MERCENARY HACKERS $30 MILLION IN SEC FINES PHISHING CAMPAIGN $1.9 MILLION STOLEN IN 24 HOURS NATION STATE/HACTIVISM GEODATA THEFT/SCADA DISRUPTION

20 PEN TESTING CLOUD ACCESS USER ANALYTICS SIEM BIOMETRICS NGFW SPAM FILTERS VPN UTM IDS FIREWALL THREAT ANALYTICS MACHINE LEARNING SPEND $1 TRILLION ACCESS CONTROL ADAPTIVE USER BEHAVIOR APPLICATION TESTING VIRTUALIZATION SOFTWARE DEFINED SECURITY ACCESS MANAGEMENT MDM ENDPOINT WEB APPLICATION BIG DATA SANDBOX IPS MULTIFACTOR AUTHENTICATION DLP TAR PITS ENCRYPTION HONEYPOTS INCIDENT RESPONSE

21 ALONE CANNOT PREVENT CYBER ATTACKS

22 MOVE QUICKER THAN SIGNATURES AND THREAT INTELLIGENCE CAN RESPOND

23 SENSITIVITY COST LIKELIHOOD DIFFICULTY

24 CRIMINALS DON T FOLLOW RULES

25 YOU CAN T SIMPLY CHECK A BOX

26 Cybersecurity Legal Task Force THE ABA CYBERSECURITY HANDBOOK A R E S O U R C E F O R A T T O R N E Y S, L A W F I R M S, A N D B U S I N E S S P R O F E S S I O N A L S JILL D. RHODES AND VINCENT I. POLLEY 1 CYBERSECURITY 2 RISK 3 PROTECTION 4 DETECTION 5 USER 6 RISKS GOVERNANCE Governance Asset Inventory Regulatory Requirements Insurance ASSESSMENT Risk Profile Vulnerability Assessments SW/App Assessments OF NETWORK AND DATA Security Assets Policies & Procedures Encryption Mobile OF UNAUTHORIZED ACTIVITY &RESPONSE Unauthorized Activity Incident Response Threat Intelligence TRAINING Documented Training Testing Friendly Attacks ASSOCIATED WITH VENDORS AND THIRD PARTIES Risk Assessment Contracts Access Controls Incident Response SOC II

27 The CISO is the LEAST important person to the board, until they are the MOST important person to the BOARD.

28 CYBERSECURITY GOVERANCE ABA CYBERSECURITY HANDBOOK 01 GOVERANCE POLICY 04 CYBER INSURANCE ASSET INVENTORY CISO/CSO/CPO REGULATORY REQUIREMENTS REPORTING

29 CYBERSECURITY RISK ABA CYBERSECURITY HANDBOOK 01 RISK PROFILE 04 VULNERABILITY ASSESSMENT APPLICATION ASSESSMENT 03 06

30 PROTECTION OF NETWORK & DATA ABA CYBERSECURITY HANDBOOK 01 SECURITY FRAMEWORK 04 ENCRYPTION NETWORK ASSETS REMOTE BANKING POLICIES & PROCEDURES MOBILE DEVICES

31 DETECTION OF UNAUTHORIZED ACTIVITY ABA CYBERSECURITY HANDBOOK 01 DETETCTION 04 EVENT RESPONSE INCIDENT RESPONSE REMEDIATION THREAT INTELLIGENCE LEARN & ADAPT

32 KNOWN ATTACKS KNOWN THREATS KNOWN SIGNATURES THREAT INTELLIGENCE SYSTEMIC VULNERABILITYES

33 KNOWN ATTACKS KNOWN THREATS KNOWN SIGNATURES THREAT INTELLIGENCE SYSTEMIC VULNERABILITYES TARGETED ATTACKS ANOMALOUS SIGNAL DETECTION BEHAVIOURAL ANALYTICS EXPLOITS ZERO DAY ATTACKS UNKNOWN ATTACKS

34 DETECTING UNKNOWN THREATS SIGNAL INGESTION SIGNAL ENRICHMENT CORRELATE & INVESTIGATION SOC RESPONSE

35 LOGGING IS NOT DETECTION NOR CONTAINMENT INTERNET DETECTION INVESTIGATION RESPONSE NETWOR K KNOWN MALWARE NGFW!! SECURITY EVENT GENERATED BLOCKED SERVERS WORKSTATIONS PROXY SIEM SECURITY OPERATIONS ENDPOINTS DOMAIN CONTROLLER SECURITY EVENT LOGGED CLOUD SERVICES

36 LOGGING IS NOT DETECTION NOR CONTAINMENT INTERNET DETECTION INVESTIGATION RESPONSE NETWOR K POSSIBLE ATTACK NGFW? SECURITY EVENT GENERATED SERVERS WORKSTATIONS PROXY SIEM SECURITY OPERATIONS ENDPOINTS DOMAIN CONTROLLER CLOUD SERVICES

37 LOGGING IS NOT DETECTION NOR CONTAINMENT INTERNET DETECTION INVESTIGATION RESPONSE NETWOR K NGFW UNKNOWN THREAT NO SECURITY EVENT DETECTED SERVERS WORKSTATIONS PROXY SIEM ENDPOINTS SECURITY OPERATIONS DOMAIN CONTROLLER NO SECURITY EVENT LOGGED CLOUD SERVICES

38 DETECTING & CONTAINING UNKNOWN THREATS INTERNET UNKNOWN THREAT DETECTION NGFW BEHAVIORAL ANALYTICS ANOMALY ANALYTICS INVESTIGATION ENHANCED DETECTION RESPONSE BLOCKED NETWOR K SERVERS WORKSTATIONS PROXY SIEM DOMAIN CONTROLLER THREAT INTELLIGENCE SIGNAL ENRICHMENT LOCAL CONTEXT LEARN EAST/WEST TRAFFIC SECURITY OPERATIONS ENDPOINTS CLOUD SERVICES

39 RAW EVENTS 750,000,000 ALERTS 200,000 INVESTIGATED 14,000,000 MALWARE 40% ESCALATION 5, SOC DATA

40 USER TRAINING ABA CYBERSECURITY HANDBOOK 01 AWARENESS TRAINING 04 BOARD TRAINING TESTING ATTACK CAMPAIGNS FRIENDLY ATTACKS ALERTING/REPORTING

41 RISKS ASSOCIATED WITH VENDORS & 3PS ABA CYBERSECURITY HANDBOOK 01 RISK ASSESSMENTS 04 REMOTE ACCESS CONTRACTUAL ELEMENTS INCIDENT RESPONSE ACCESS CONTROLS SOC II CERTIFICATION

42 CYBERSECURITY WORKBOOKS (based on ABA Cybersecurity Handbook) Cybersecurity Legal Task Force THE ABA CYBERSECURIT Y HANDBOOK A R E S O U R C E F O R A T T O R N E Y S, L A W F I R M S, A N D B U S I N E S S P R O F E S S I O N A L S

43 RANSOMWARE DEFENSE MATRIX CYBERSECURITY RESPONSE RECOMMENDATIONS ebook to pay or not to pay/ HUMAN RISK MITIGATION GENERAL SECURITY SERVICE PROVIDERS NETWORK SECURITY LOCAL SERVERS ENDPOINT PROTECTION

44 2017 ILTA ROADSHOW Book a meeting: lindsay.snider@esentire.com Phoenix (AZ) APR 25 Denver (CO) APR 26 Cincinnati (OH) MAY 09 St. Louis (MI) MAY 11 Miami (FL) JUL 12 Orlando (FL) JUL 13 Toronto (CAN) SEP 07 Los Angeles (CA) SEP 12 Las Vegas (NV) SEP 13 San Francisco (CA) SEP 19 Seattle (WA) SEP 20 Vancouver (CAN) SEP 21 Charlotte (NC) OCT 10 Atlanta (GA) OCT 11 Nashville (TN) OCT 12 Houston (TX) OCT 17 Dallas (TX) OCT 18 New Orleans (LA] OCT 19 Chicago [IL] OCT 24 Boston (MA) NOV 14 New York (NY) NOV 15 Philadelphia (PA) NOV 16 Washington (DC) NOV 17

45

Similar documents

2018 Data Security Incident Response Report Building Cyber Resilience: Compromise Response Intelligence in Action

2018 Data Security Incident Response Report Building Cyber Resilience: Compromise Response Intelligence in Action 2018 Data Security Incident Response Report Building Cyber Resilience: Compromise Response Intelligence in Action April 11, 2018 Contact Information Casie D. Collignon Partner Denver 303.764.4037 ccollignon@bakerlaw.com

More information

SANS Vendor Events. SANS offers a variety of events which bring you in touch with the highly qualified SANS community.

SANS Vendor Events. SANS offers a variety of events which bring you in touch with the highly qualified SANS community. SANS Vendor Events SANS offers a variety of events which bring you in touch with the highly qualified SANS community. SANS National Events over 1200 profession IT Security attendees and over 45 SANS classes

More information

2017 Data Security Incident Response Report. Be Compromise Ready: Go Back to the Basics

2017 Data Security Incident Response Report. Be Compromise Ready: Go Back to the Basics 2017 Data Security Incident Response Report Be Compromise Ready: Go Back to the Basics May 9, 2017 Contact Information Theodore J. Kobus, III Leader, Privacy and Data Protection Practice New York 212.271.1504

More information

Service Provider View of Cyber Security. July 2017

Service Provider View of Cyber Security. July 2017 Service Provider View of Cyber Security July 2017 Quick Stats Caribbean and LatAm: 3 rd largest population of Internet Users You Are Here Visualization from the Opte Project of the various routes through

More information

Delivering Integrated Cyber Defense for the Cloud Generation Darren Thomson

Delivering Integrated Cyber Defense for the Cloud Generation Darren Thomson Delivering Integrated Cyber Defense for the Generation Darren Thomson Vice President & CTO, EMEA Region Symantec In 2009 there were 2,361,414 new piece of malware created. In 2015 that number was 430,555,582

More information

Cyber Insurance: What is your bank doing to manage risk? presented by

Cyber Insurance: What is your bank doing to manage risk? presented by Cyber Insurance: What is your bank doing to manage risk? David Kitchen presented by Lisa Micciche Today s Agenda Claims Statistics Common Types of Cyber Attacks Typical Costs Incurred to Respond to an

More information

You ve Been Hacked Now What? Incident Response Tabletop Exercise

You ve Been Hacked Now What? Incident Response Tabletop Exercise You ve Been Hacked Now What? Incident Response Tabletop Exercise Date or subtitle Jeff Olejnik, Director Cybersecurity Services 1 Agenda Incident Response Planning Mock Tabletop Exercise Exercise Tips

More information

Cybersecurity Auditing in an Unsecure World

Cybersecurity Auditing in an Unsecure World About This Course Cybersecurity Auditing in an Unsecure World Course Description $5.4 million that s the average cost of a data breach to a U.S.-based company. It s no surprise, then, that cybersecurity

More information

NYDFS Cybersecurity Regulations: What do they mean? What is their impact?

NYDFS Cybersecurity Regulations: What do they mean? What is their impact? June 13, 2017 NYDFS Cybersecurity Regulations: What do they mean? What is their impact? Gus Coldebella Principal, Boston Caroline Simons Principal, Boston Agenda 1) Overview of the new regulations 2) Assessing

More information

The Evolution of : Continuous Advanced Threat Protection

The Evolution of : Continuous Advanced Threat Protection The Evolution of : Continuous Advanced Threat Protection Craig Bird Senior Solutions Engineer Security is a combination of protection, detection and response You need Prevention to defend against low-focus

More information

SEC Key Considerations for Public Companies for Mitigating and Disclosing Cybersecurity Risks

SEC Key Considerations for Public Companies for Mitigating and Disclosing Cybersecurity Risks SEC Key Considerations for Public Companies for Mitigating and Disclosing Cybersecurity Risks By Richard A. Blunk (Thermopylae Ventures, LLC) and Apprameya Iyengar (Morrison Cohen LLP) The SEC has continued

More information

Endpoint Protection : Last line of defense?

Endpoint Protection : Last line of defense? Endpoint Protection : Last line of defense? First TC Noumea, New Caledonia 10 Sept 2018 Independent Information Security Advisor OVERVIEW UNDERSTANDING ENDPOINT SECURITY AND THE BIG PICTURE Rapid development

More information

Ransomware A case study of the impact, recovery and remediation events

Ransomware A case study of the impact, recovery and remediation events Ransomware A case study of the impact, recovery and remediation events Palindrome Technologies 100 Village Court Suite 102 Hazlet, NJ 07730 www.palindrometech.com Peter Thermos President & CTO Tel: (732)

More information

DeMystifying Data Breaches and Information Security Compliance

DeMystifying Data Breaches and Information Security Compliance May 22-25, 2016 Los Angeles Convention Center Los Angeles, California DeMystifying Data Breaches and Information Security Compliance Presented by James Harrison OM32 5/25/2016 3:00 PM - 4:15 PM The handouts

More information

Legal Aspects of Cybersecurity

Legal Aspects of Cybersecurity Legal Aspects of Cybersecurity John W. Mashni Taylor A. Gast (517) 371-8257 (517) 371-8238 jmashni@fosterswift.com tgast@fosterswift.com Alexander A. Ayar (248) 538-6326 AAyar@FosterSwift.com Risks Data

More information

Welcome to the CyberSecure My Business Webinar Series We will begin promptly at 2pm EDT All speakers will be muted until that time

Welcome to the CyberSecure My Business Webinar Series We will begin promptly at 2pm EDT All speakers will be muted until that time TM Plan. Protect. Respond. Welcome to the CyberSecure My Business Webinar Series We will begin promptly at 2pm EDT All speakers will be muted until that time Registration is open for the April webinar:

More information

ISE Cyber Security UCITS Index (HUR)

ISE Cyber Security UCITS Index (HUR) ISE Cyber Security UCITS Index (HUR) Why Cybersecurity is important Data breaches have become almost commonplace in the last few years Cybersecurity focuses on protecting computers, networks, programs,

More information

Cybersecurity The Evolving Landscape

Cybersecurity The Evolving Landscape Cybersecurity The Evolving Landscape 1 Presenter Zach Shelton, CISA Principal DHG IT Advisory Zach.Shelton@DHG.com Raleigh, NC 14+ years of experience in IT Consulting 11+ years of experience with DHG

More information

Understanding Cyber Insurance & Regulatory Drivers for Business Continuity

Understanding Cyber Insurance & Regulatory Drivers for Business Continuity Understanding Cyber Insurance & Regulatory Drivers for Business Continuity Lily Yeoh, CISSP, CBCP lily@cb1security.com https://www.cb1security.com Agenda BC/DR Business Drivers Recent Regulatory & Cyber

More information

Welcome StorageCraft Partners and Guests! Your webinar will begin shortly...

Welcome StorageCraft Partners and Guests! Your webinar will begin shortly... Welcome StorageCraft Partners and Guests! Your webinar will begin shortly... The Most Comprehensive & Reliable Backup and Disaster Recovery Solution Available! Agenda 1 Introductions 2 What s New at StorageCraft?

More information

Technology Risk Management in Banking Industry. Rocky Cheng General Manager, Information Technology, Bank of China (Hong Kong) Limited

Technology Risk Management in Banking Industry. Rocky Cheng General Manager, Information Technology, Bank of China (Hong Kong) Limited Technology Risk Management in Banking Industry Rocky Cheng General Manager, Information Technology, Bank of China (Hong Kong) Limited Change in Threat Landscape 2 Problem & Threats faced by Banking Industry

More information

New York Department of Financial Services Cybersecurity Regulation Compliance and Certification Deadlines

New York Department of Financial Services Cybersecurity Regulation Compliance and Certification Deadlines New York Department of Financial Services Cybersecurity Regulation Compliance and Certification Deadlines New York Department of Financial Services ( DFS ) Regulation 23 NYCRR 500 requires that entities

More information

UPDATE: HEALTHCARE CYBERSECURITY & INCIDENT RESPONSE Lindsay M. Johnson, Esq. Partner, Freund, Freeze & Arnold, LPA

UPDATE: HEALTHCARE CYBERSECURITY & INCIDENT RESPONSE Lindsay M. Johnson, Esq. Partner, Freund, Freeze & Arnold, LPA UPDATE: HEALTHCARE CYBERSECURITY & INCIDENT RESPONSE Lindsay M. Johnson, Esq. Partner, Freund, Freeze & Arnold, LPA ljohnson@ffalaw.com INTRODUCTION Cyber attacks increasing Liability/actions resulting

More information

CYBER SECURITY RISK ASSESSMENT: WHAT EVERY PENSION GOVERNMENTAL ENTITY NEEDS TO KNOW

CYBER SECURITY RISK ASSESSMENT: WHAT EVERY PENSION GOVERNMENTAL ENTITY NEEDS TO KNOW CYBER SECURITY RISK ASSESSMENT: WHAT EVERY PENSION GOVERNMENTAL ENTITY NEEDS TO KNOW May 2018 Ed Plawecki General Counsel & Director of Government Relations UHY LLP Jamie See Manager UHY LLP Iowa Public

More information

Mark Your Calendars: NY Cybersecurity Regulations to Go into Effect

Mark Your Calendars: NY Cybersecurity Regulations to Go into Effect Mark Your Calendars: NY Cybersecurity Regulations to Go into Effect CLIENT ALERT January 25, 2017 Angelo A. Stio III stioa@pepperlaw.com Sharon R. Klein kleins@pepperlaw.com Christopher P. Soper soperc@pepperlaw.com

More information

COUNTERING CYBER CHAOS WITH HIPAA COMPLIANCE. Presented by Paul R. Hales, J.D. May 8, 2017

COUNTERING CYBER CHAOS WITH HIPAA COMPLIANCE. Presented by Paul R. Hales, J.D. May 8, 2017 COUNTERING CYBER CHAOS WITH HIPAA COMPLIANCE Presented by Paul R. Hales, J.D. May 8, 2017 1 HIPAA Rules Combat Cyber Crime HIPAA Rules A Blueprint to Combat Cyber Crime 2 HIPAA Rules Combat Cyber Crime

More information

Cybersecurity and Nonprofit

Cybersecurity and Nonprofit Cybersecurity and Nonprofit 2 2 Agenda Cybersecurity and Non Profits Scenario #1 Scenario #2 What Makes a Difference Cyber Insurance and How it Helps Question and Answer 3 3 Cybersecurity and Nonprofit

More information

Legal Considerations and Case Studies

Legal Considerations and Case Studies Cybersecurity for Small & Mid-Size Businesses Phil Schenkenberg, J.D., CIPP/US Cyrus Malek, J.D., Certification in Cybersecurity and Privacy Law Legal Considerations and Case Studies Copyright, Briggs

More information

From Managed Security Services to the next evolution of CyberSoc Services

From Managed Security Services to the next evolution of CyberSoc Services From Managed Security Services to the next evolution of CyberSoc Services Gianluca Busco Arré Country Manager pandasecurity.com MSSP / MDR Where the Industry is going leaders and laggers MSSP industry

More information

112 th Annual Conference May 6-9, 2018 St. Louis, Missouri

112 th Annual Conference May 6-9, 2018 St. Louis, Missouri 8:30 10:30 May 6, 2018 Room 240 Complex 112 th Annual Conference May 6-9, 2018 St. Louis, Missouri Moderator/Speakers: Kevin Wachtel Finance Director/Treasurer, Villa Park, IL Alex Brown Senior Manager,

More information

Hacking and Cyber Espionage

Hacking and Cyber Espionage Hacking and Cyber Espionage September 19, 2013 Prophylactic and Post-Breach Concerns for In-House Counsel Raymond O. Aghaian, McKenna Long & Aldridge LLP Elizabeth (Beth) Ferrell, McKenna Long & Aldridge

More information

Managing IT Risk: What Now and What to Look For. Presented By Tina Bode IT Assurance Services

Managing IT Risk: What Now and What to Look For. Presented By Tina Bode IT Assurance Services Managing IT Risk: What Now and What to Look For Presented By Tina Bode IT Assurance Services Agenda 1 2 WHAT TOP TEN IT SECURITY RISKS YOU CAN DO 3 QUESTIONS 2 IT S ALL CONNECTED Introduction All of our

More information

A MULTILAYERED SECURITY APPROACH TO KEEPING HEALTHCARE DATA SECURE

A MULTILAYERED SECURITY APPROACH TO KEEPING HEALTHCARE DATA SECURE SESSION ID: SPO2-W12 A MULTILAYERED SECURITY APPROACH TO KEEPING HEALTHCARE DATA SECURE Frank Bunton VP, CISO MedImpact Healthcare Systems, Security @frankbunton Larry Biggs Security Engineer III - Threat

More information

Establishing a Credible Cybersecurity Program. September 2016

Establishing a Credible Cybersecurity Program. September 2016 Establishing a Credible Cybersecurity Program September 2016 Ali Pabrai, MSEE, CISSP (ISSAP, ISSMP) Member FBI InfraGard AFTERNOON PLENARY SESSION AGENDA Cyber Risk = Disruptive Business Risk Breaches:

More information

Top Ten IT Security Risks CHRISTOPHER S. ELLINGWOOD SENIOR MANAGER, IT ASSURANCE SERVICES

Top Ten IT Security Risks CHRISTOPHER S. ELLINGWOOD SENIOR MANAGER, IT ASSURANCE SERVICES Top Ten IT Security Risks - 2017 CHRISTOPHER S. ELLINGWOOD SENIOR MANAGER, IT ASSURANCE SERVICES INTRODUCTION IT S ALL CONNECTED IN 2017. All of our Top 10 risks impact both us as consumers and as professionals

More information

U.S. State of Cybercrime

U.S. State of Cybercrime EXCLUSIVE RESEARCH FROM EXECUTIVE SUMMARY 2017 U.S. State of Cybercrime IDG Communications, Inc. 2017 U.S. State of Cybercrime TODAY S CYBERCRIMES ARE BECOMING MORE TARGETED AND BUILT FOR MAXIMUM IMPACT,

More information

NEW YORK CYBERSECURITY REGULATION COMPLIANCE GUIDE

NEW YORK CYBERSECURITY REGULATION COMPLIANCE GUIDE COMPLIANCE ADVISOR NEW YORK CYBERSECURITY REGULATION COMPLIANCE GUIDE A PUBLICATION BY THE EXCESS LINE ASSOCIATION OF NEW YORK One Exchange Plaza 55 Broadway 29th Floor New York, New York 10006-3728 Telephone:

More information

Assessing Your Incident Response Capabilities Do You Have What it Takes?

Assessing Your Incident Response Capabilities Do You Have What it Takes? Assessing Your Incident Response Capabilities Do You Have What it Takes? March 31, 2017 Presenters Tim L. Bryan, CPA/CFF/CITP, CISA, EnCE Director, Advisory Services Forensic Technology & Investigation

More information

CYBERBIT P r o t e c t i n g a n e w D i m e n s i o n

CYBERBIT P r o t e c t i n g a n e w D i m e n s i o n CYBERBIT P r o t e c t i n g a n e w D i m e n s i o n CYBETBIT in a Nutshell A leader in the development and integration of Cyber Security Solutions A main provider of Cyber Security solutions for the

More information

Best Practices in Healthcare Risk Management. Balancing Frameworks/Compliance and Practical Security

Best Practices in Healthcare Risk Management. Balancing Frameworks/Compliance and Practical Security Best Practices in Healthcare Risk Management Balancing Frameworks/Compliance and Practical Security Our industry is full of jargon terms that make it difficult to understand what we are buying To accelerate

More information

Incident Response Table Tops

Incident Response Table Tops Incident Response Table Tops Agenda Introductions SecureState overview Need for improved incident response capability https://pollev.com/securestate Overview of the exercise: Sample incident response table

More information

What to do if your business is the victim of a data or security breach?

What to do if your business is the victim of a data or security breach? What to do if your business is the victim of a data or security breach? Introduction The following information is intended to help you decide how to start preparing for and some of the steps you will want

More information

to protect the well-being of citizens. Fairfax is also home to some Fortune 500 and large

to protect the well-being of citizens. Fairfax is also home to some Fortune 500 and large Executive Summary As a County Government servicing about 1.5 million citizens, we have the utmost responsibility to protect the well-being of citizens. Fairfax is also home to some Fortune 500 and large

More information

MITIGATE CYBER ATTACK RISK

MITIGATE CYBER ATTACK RISK SOLUTION BRIEF MITIGATE CYBER ATTACK RISK CONNECTING SECURITY, RISK MANAGEMENT & BUSINESS TEAMS TO MINIMIZE THE WIDESPREAD IMPACT OF A CYBER ATTACK DIGITAL TRANSFORMATION CREATES NEW RISKS As organizations

More information

Cyber Attack: Is Your Business at Risk?

Cyber Attack: Is Your Business at Risk? 15 July 2017 Cyber Attack: Is Your Business at Risk? Stanley Wong Regional Head of Financial Lines, Asia Pacific Agenda Some common misconceptions by SMEs around cyber protection Cyber Claims and Industry

More information

RANSOMWARE PROTECTION. A Best Practices Approach to Securing Your Enterprise

RANSOMWARE PROTECTION. A Best Practices Approach to Securing Your Enterprise RANSOMWARE PROTECTION A Best Practices Approach to Securing Your Enterprise TABLE OF CONTENTS Introduction...3 What is Ransomware?...4 Employee Education...5 Vulnerability Patch Management...6 System Backups...7

More information

The Cyber War on Small Business

The Cyber War on Small Business The Cyber War on Small Business Dillon Behr Executive Lines Broker Risk Placement Services, Inc. Meet Our Speaker Dillon Behr Executive Lines Broker Risk Placement Services, Inc. Previously worked as Cyber

More information

EFFECTIVELY TARGETING ADVANCED THREATS. Terry Sangha Sales Engineer at Trustwave

EFFECTIVELY TARGETING ADVANCED THREATS. Terry Sangha Sales Engineer at Trustwave EFFECTIVELY TARGETING ADVANCED THREATS Terry Sangha Sales Engineer at Trustwave THE CHALLENGE PROTECTING YOUR ENVIRONMENT IS NOT GETTING EASIER ENDPOINT POINT OF SALE MOBILE VULNERABILITY MANAGEMENT CYBER

More information

Art of Performing Risk Assessments

Art of Performing Risk Assessments Clinical Practice Compliance Conference Art of Performing Risk Assessments October 2016 Ali Pabrai, MSEE, CISSP (ISSAP, ISSMP) Member FBI InfraGard AGENDA Cyber Risk = Disruptive Business Risk Breaches:

More information

Data Breach Preparation and Response. April 21, 2017

Data Breach Preparation and Response. April 21, 2017 Data Breach Preparation and Response April 21, 2017 King & Spalding Data, Privacy & Security King & Spalding s 60 plus lawyer Data, Privacy & Security ( DPS ) Practice is best known for: Experienced crisis

More information

Managed Endpoint Defense

Managed Endpoint Defense DATA SHEET Managed Endpoint Defense Powered by CB Defense Next-gen endpoint threat detection and response DEPLOY AND HARDEN. Rapidly deploy and optimize endpoint prevention with dedicated security experts

More information

How will cyber risk management affect tomorrow's business?

How will cyber risk management affect tomorrow's business? How will cyber risk management affect tomorrow's business? The "integrated" path towards continuous improvement of information security Cyber Risk as a Balance Sheet Risk exposing Board and C-Levels 2018

More information

Cybersecurity is a Team Sport

Cybersecurity is a Team Sport Cybersecurity is a Team Sport Cyber Security Summit at Loyola Marymount University - October 22 2016 Dr. Robert Pittman, CISM Chief Information Security Officer National Cyber Security Awareness Month

More information

The Impact of Cybersecurity, Data Privacy and Social Media

The Impact of Cybersecurity, Data Privacy and Social Media Doing Business in a Connected World The Impact of Cybersecurity, Data Privacy and Social Media Security Incident tprevention and Response: Customizing i a Formula for Results Joseph hm. Ah Asher Marcus

More information

Cyber Security and Data Protection: Huge Penalties, Nowhere to Hide

Cyber Security and Data Protection: Huge Penalties, Nowhere to Hide Q3 2016 Security Matters Forum Cyber Security and Data Protection: Huge Penalties, Nowhere to Hide Alan Calder Founder & Executive Chair IT Governance Ltd July 2016 www.itgovernance.co.uk Introduction

More information

MANAGED DETECTION AND RESPONSE

MANAGED DETECTION AND RESPONSE MANAGED DETECTION AND RESPONSE Cybersecurity Starts Here No matter the size, every organization is a target for cybercriminals. But smaller organizations that lack the cybersecurity muscle of the largest

More information

Cybersecurity What Companies are Doing & How to Evaluate. Miguel Romero - NAIC David Gunkel & Dan Ford Rook Security

Cybersecurity What Companies are Doing & How to Evaluate. Miguel Romero - NAIC David Gunkel & Dan Ford Rook Security Cybersecurity What Companies are Doing & How to Evaluate Miguel Romero - NAIC David Gunkel & Dan Ford Rook Security Learning Objectives At the end of this presentation, you will be able to: Explain the

More information

Cybersecurity Roadmap: Global Healthcare Security Architecture

Cybersecurity Roadmap: Global Healthcare Security Architecture SESSION ID: TECH-W02F Cybersecurity Roadmap: Global Healthcare Security Architecture Nick H. Yoo Chief Security Architect Disclosure No affiliation to any vendor products No vendor endorsements Products

More information

Evolution Of Cyber Threats & Defense Approaches

Evolution Of Cyber Threats & Defense Approaches Evolution Of Cyber Threats & Defense Approaches Antony Abraham IT Architect, Information Security, State Farm Kevin McIntyre Tech Lead, Information Security, State Farm Agenda About State Farm Evolution

More information

DATA BREACH NUTS AND BOLTS

DATA BREACH NUTS AND BOLTS DATA BREACH NUTS AND BOLTS Your Company Has Been Hacked Now What? January 20, 2016 Universal City, California Sponsored by Hogan Lovells Moderator: Stephanie Yonekura, Hogan Lovells #IHCC16 Panelists:

More information

HOSTED SECURITY SERVICES

HOSTED SECURITY SERVICES HOSTED SECURITY SERVICES A PROVEN STRATEGY FOR PROTECTING CRITICAL IT INFRASTRUCTURE AND DEVICES Being always-on, always-connected might be good for business, but it creates an ideal climate for cybercriminal

More information

New York DFS Cybersecurity Regulation:

New York DFS Cybersecurity Regulation: New York DFS Cybersecurity Regulation: Countdown to the August 28 Compliance Deadline Presented by: Craig Hoffman, Melinda McLellan & Jonathan Forman Moderated by: Carol Van Cleef July 27, 2017 Craig A.

More information

THE CRITICAL COMMUNICATIONS COMPANY CYBER SECURITY AS A SERVICE

THE CRITICAL COMMUNICATIONS COMPANY CYBER SECURITY AS A SERVICE THE CRITICAL COMMUNICATIONS COMPANY CYBER SECURITY AS A SERVICE International Maritime Organization Regulations IMO has given shipowners and managers until 2021 to incorporate cyber risk management into

More information

Think Oslo 2018 Where Technology Meets Humanity. Oslo. Felicity March Cyber Resilience - Europe

Think Oslo 2018 Where Technology Meets Humanity. Oslo. Felicity March Cyber Resilience - Europe Think Oslo 2018 Where Technology Meets Humanity Oslo Felicity March Cyber Resilience - Europe Cyber Resilience Cyber Resilience is the ability of an organisation to maintain its core purpose and integrity

More information

Sophos Central for partners and customers: overview and new features. Jonathan Shaw Senior Product Manager, Sophos Central

Sophos Central for partners and customers: overview and new features. Jonathan Shaw Senior Product Manager, Sophos Central Sophos Central for partners and customers: overview and new features Jonathan Shaw Senior Product Manager, Sophos Central What is Sophos Central? Partner Dashboard Admin Self Service Allows Partners to

More information

Cyber Security. February 13, 2018 (webinar) February 15, 2018 (in-person)

Cyber Security. February 13, 2018 (webinar) February 15, 2018 (in-person) Cyber Security Presenters: - Brian Everest, Chief Technology Officer, Starport Managed Services - Susan Pawelek, Accountant, Compliance and Registrant Regulation February 13, 2018 (webinar) February 15,

More information

CloudSOC and Security.cloud for Microsoft Office 365

CloudSOC and Security.cloud for Microsoft Office 365 Solution Brief CloudSOC and Email Security.cloud for Microsoft Office 365 DID YOU KNOW? Email is the #1 delivery mechanism for malware. 1 Over 40% of compliance related data in Office 365 is overexposed

More information

Cybowall Solution Overview

Cybowall Solution Overview Cybowall Solution Overview 1 EVOLVING SECURITY CHALLENGES 2 EXAMPLES OF CYBER BREACHES INCLUDING CARD DATA 2013: Adobe Systems Hackers raided an Adobe back-up server on which they found and published a

More information

CYBER SECURITY AND MITIGATING RISKS

CYBER SECURITY AND MITIGATING RISKS CYBER SECURITY AND MITIGATING RISKS 01 WHO Tom Stewart Associate Director Technology Consulting Chicago Technical Security Leader Protiviti Slides PRESENTATION AGENDA 3 START HACKING DEFINITION BRIEF HISTORY

More information

Security Breaches: How to Prepare and Respond

Security Breaches: How to Prepare and Respond Security Breaches: How to Prepare and Respond BIOS SARAH A. SARGENT Sarah is a CIPP/US- and CIPP/E-certified attorney at Godfrey & Kahn S.C. in Milwaukee, Wisconsin. She specializes in cybersecurity and

More information

Maintaining Trust: Visa Inc. Payment Security Strategy

Maintaining Trust: Visa Inc. Payment Security Strategy Maintaining Trust: Visa Inc Payment Security Strategy Ellen Richey 2010 Payments Conference Chicago Federal Reserve Global Electronic Payments Protecting the payment system is a shared responsibility among

More information

Background FAST FACTS

Background FAST FACTS Background Terra Verde was founded in 2008 by cybersecurity, risk and compliance executives. The founders believed that the market needed a company that was focused on using security, risk and compliance

More information

CipherCloud CASB+ Connector for ServiceNow

CipherCloud CASB+ Connector for ServiceNow ServiceNow CASB+ Connector CipherCloud CASB+ Connector for ServiceNow The CipherCloud CASB+ Connector for ServiceNow enables the full suite of CipherCloud CASB+ capabilities, in addition to field-level

More information

INCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Malware Outbreak

INCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Malware Outbreak Automate Response Congratulations on selecting IncidentResponse.com to retrieve your custom incident response playbook guide. This guide has been created especially for you for use in within your security

More information

Cybersecurity Considerations for GDPR

Cybersecurity Considerations for GDPR Cybersecurity Considerations for GDPR What is the GDPR? The General Data Protection Regulation (GDPR) is a brand new legislation containing updated requirements for how personal data of European Union

More information

Cybersecurity. Overview. Define Cyber Security Importance of Cyber Security 2017 Cyber Trends Top 10 Cyber Security Controls

Cybersecurity. Overview. Define Cyber Security Importance of Cyber Security 2017 Cyber Trends Top 10 Cyber Security Controls Cybersecurity Hospitality Finance and Technology Professionals June 27, 2017 Presented by: Harvey Johnson, CPA Partner Overview Define Cyber Security Importance of Cyber Security 2017 Cyber Trends 1 About

More information

How to Respond to a HIPAA Breach. Tuesday, Oct. 25, 2016

How to Respond to a HIPAA Breach. Tuesday, Oct. 25, 2016 How to Respond to a HIPAA Breach Tuesday, Oct. 25, 2016 This Webinar is Brought to You By. About HealthInsight and Mountain-Pacific Quality Health HealthInsight and Mountain-Pacific Quality Health are

More information

ISO STANDARD IMPLEMENTATION AND TECHNOLOGY CONSOLIDATION

ISO STANDARD IMPLEMENTATION AND TECHNOLOGY CONSOLIDATION ISO STANDARD IMPLEMENTATION AND TECHNOLOGY CONSOLIDATION Cathy Bates Senior Consultant, Vantage Technology Consulting Group January 30, 2018 Campus Orientation Initiative and Project Orientation Project

More information

Current procedures, challenges and opportunities for collection and analysis of Criminal Justice statistics CERT-GH

Current procedures, challenges and opportunities for collection and analysis of Criminal Justice statistics CERT-GH Current procedures, challenges and opportunities for collection and analysis of Criminal Justice statistics CERT-GH International Workshop on Criminal Justice Statistics on Cybercrime and Electronic Evidence

More information

RSA NetWitness Suite Respond in Minutes, Not Months

RSA NetWitness Suite Respond in Minutes, Not Months RSA NetWitness Suite Respond in Minutes, Not Months Overview One can hardly pick up a newspaper or turn on the news without hearing about the latest security breaches. The Verizon 2015 Data Breach Investigations

More information

INCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Virus Outbreak

INCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Virus Outbreak Automate Response Congratulations on selecting IncidentResponse.com to retrieve your custom incident response playbook guide. This guide has been created especially for you for use in within your security

More information

Defensible and Beyond

Defensible and Beyond TELUS Defensible and Beyond Mike Vamvakaris Director and Head of Cyber Security Consulting November 2017 Digital transformation brings many benefits Communication and Collaboration Autonomous and Artificial

More information

with Advanced Protection

with Advanced Protection with Advanced Email Protection OVERVIEW Today s sophisticated threats are changing. They re multiplying. They re morphing into new variants. And they re targeting people, not just technology. As organizations

More information

Tackling Cybersecurity with Data Analytics. Identifying and combatting cyber fraud

Tackling Cybersecurity with Data Analytics. Identifying and combatting cyber fraud Tackling Cybersecurity with Data Analytics Identifying and combatting cyber fraud San Antonio IIA iheartaudit Conference February 24, 2017 What We ll Cover + Current threat landscape + Common security

More information

IT Security Mandatory Solutions. Andris Soroka 2nd of July, RIGA

IT Security Mandatory Solutions. Andris Soroka 2nd of July, RIGA IT Security Mandatory Solutions Andris Soroka 2nd of July, 2014 @LPS, RIGA Data Security Solutions business card Specialization IT Security IT Security services (consulting, audit, pen-testing, market

More information

Symantec & Blue Coat Technical Update Webinar 29. Juni 2017

Symantec & Blue Coat Technical Update Webinar 29. Juni 2017 Avantec Blue Coat/Symantec Webinar Jean Marc Edder Senior Systems Engineer The Global Leader in Cyber Network + + Cloud Global market leader in Endpoint, Email, Data Loss Prevention and Website, User Authentication

More information

Technology Roadmap for Managed IT and Security. Michael Kirby II, Scott Yoshimura 04/12/2017

Technology Roadmap for Managed IT and Security. Michael Kirby II, Scott Yoshimura 04/12/2017 Technology Roadmap for Managed IT and Security Michael Kirby II, Scott Yoshimura 04/12/2017 Agenda Managed IT Roadmap Operational Risk and Compliance Cybersecurity Managed Security Services 2 Managed IT

More information

THE ACCENTURE CYBER DEFENSE SOLUTION

THE ACCENTURE CYBER DEFENSE SOLUTION THE ACCENTURE CYBER DEFENSE SOLUTION A MANAGED SERVICE FOR CYBER DEFENSE FROM ACCENTURE AND SPLUNK. YOUR CURRENT APPROACHES TO CYBER DEFENSE COULD BE PUTTING YOU AT RISK Cyber-attacks are increasingly

More information

What can we lose not implementing proper security in our IT environment? Aleksandar Pavlovic Security Account Manager Cisco

What can we lose not implementing proper security in our IT environment? Aleksandar Pavlovic Security Account Manager Cisco What can we lose not implementing proper security in our IT environment? Aleksandar Pavlovic Security Account Manager Cisco Increasing Digital Traffic Creates a Greater Attack Surface Global IP Traffic

More information

The Internet of Everything is changing Everything

The Internet of Everything is changing Everything The Internet of Everything is changing Everything Intelligent Threat Defense for the Enterprise Mobility Nikos Mourtzinos, CCIE #9763 Global Security Sales Organization Changing Business Models Any Device

More information

BOLSTERING DETECTION ABILITIES KENT KNUDSEN JUNE 23, 2016

BOLSTERING DETECTION ABILITIES KENT KNUDSEN JUNE 23, 2016 BOLSTERING DETECTION ABILITIES KENT KNUDSEN JUNE 23, 2016 Overview Current Threats Where we fail Cyber Security Lifecycle Key Areas to Continuously Monitor Security Metrics Where to prioritize Security

More information

Securing the SMB Cloud Generation

Securing the SMB Cloud Generation Securing the SMB Cloud Generation Intelligent Protection Against the New Generation of Threats Colin Brackman, National Distribution Manager, Consumer Sales, Symantec Christopher Covert Principal Product

More information

Symantec Ransomware Protection

Symantec Ransomware Protection Symantec Ransomware Protection Protection Against Ransomware Defense in depth across all control points is required to stop ransomware @ Email Symantec Email Security.cloud, Symantec Messaging Gateway

More information

10 Cybersecurity Questions for Bank CEOs and the Board of Directors

10 Cybersecurity Questions for Bank CEOs and the Board of Directors 4 th Annual UBA Bank Executive Winter Conference February, 2015 10 Cybersecurity Questions for Bank CEOs and the Board of Directors Dr. Kevin Streff Founder, Secure Banking Solutions 1 Board of Directors

More information

Security Terminology Related to a SOC

Security Terminology Related to a SOC Security Terminology Related to a SOC Cybersecurity literacy is crucial for practicing proper security hygiene. As business leaders develop fluency in the language of information security (infosec), they

More information

Cyber Risks in the Boardroom Conference

Cyber Risks in the Boardroom Conference Cyber Risks in the Boardroom Conference Managing Business, Legal and Reputational Risks Perspectives for Directors and Executive Officers Preparing Your Company to Identify, Mitigate and Respond to Risks

More information

Personal Cybersecurity

Personal Cybersecurity Personal Cybersecurity The Basic Principles Jeremiah School, CEO How big is the issue? 9 8 7 6 5 4 3 2 1 Estimated global damages in 2018 0 2016 2018 2020 2022 2024 2026 2028 2030 Internet Users Billions

More information

THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION

THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION BREACH & ATTACK SIMULATION THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION Cymulate s cyber simulation platform allows you to test your security assumptions, identify possible security gaps and receive

More information

New York Cybersecurity. New York Cybersecurity. Requirements for Financial Services Companies (23NYCRR 500) Solution Brief

New York Cybersecurity. New York Cybersecurity. Requirements for Financial Services Companies (23NYCRR 500) Solution Brief Publication Date: March 10, 2017 Requirements for Financial Services Companies (23NYCRR 500) Solution Brief EventTracker 8815 Centre Park Drive, Columbia MD 21045 About EventTracker EventTracker s advanced

More information

Technology Roadmap for Managed IT and Security. Michael Kirby II, Scott Yoshimura 05/24/2017

Technology Roadmap for Managed IT and Security. Michael Kirby II, Scott Yoshimura 05/24/2017 Technology Roadmap for Managed IT and Security Michael Kirby II, Scott Yoshimura 05/24/2017 Agenda Managed IT Roadmap Operational Risk and Compliance Cybersecurity Managed Security Services 2 Managed IT

More information
2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback