Defense in Depth Security in the Enterprise

Similar documents
Cybersecurity Auditing in an Unsecure World

External Supplier Control Obligations. Cyber Security

Meeting PCI DSS 3.2 Compliance with RiskSense Solutions

Incident Response. Tony Drewitt Head of Consultancy IT Governance Ltd

Infosec Europe 2009 Business Strategy Theatre. Giving Executives the Security Management Information that they Really Need

How to Optimize Cyber Defenses through Risk-Based Governance. Steven Minsky CEO of LogicManager & Author of the RIMS Risk Maturity Model

Cybersecurity: Considerations for Internal Audit. Gina Gondron Senior Manager Frazier & Deeter Geek Week August 10, 2016

University of Pittsburgh Security Assessment Questionnaire (v1.7)

locuz.com SOC Services

Combating Cyber Risk in the Supply Chain

Department of Management Services REQUEST FOR INFORMATION

ISACA GEEK WEEK SECURITY MANAGEMENT TO ENTERPRISE RISK MANAGEMENT USING THE ISO FRAMEWORK AUGUST 19, 2015

Securing Your Secured Data

EBOOK 4 TIPS FOR STRENGTHENING THE SECURITY OF YOUR VPN ACCESS

The Realities of Data Security and Compliance: Compliance Security

Altius IT Policy Collection Compliance and Standards Matrix

2018 IT Priorities: Cybersecurity, Cloud Outsourcing & Risk Management. Follow Along

NIST Cybersecurity Framework Protect / Maintenance and Protective Technology

The GenCyber Program. By Chris Ralph

Delivering Integrated Cyber Defense for the Cloud Generation Darren Thomson

Today s Security Threats: Emerging Issues Keeping CFOs Up at Night Understanding & Protecting Against Information Security Breaches

Cybersecurity in Higher Ed

Altius IT Policy Collection Compliance and Standards Matrix

What It Takes to be a CISO in 2017

Insider Threat Detection Including review of 2017 SolarWinds Federal Cybersecurity Survey

Security Survey Executive Summary October 2008

New! Checklist for HIPAA & HITECH Compliance Pabrai

Defense in Depth. Constructing Your Walls for Your Enterprise. Mike D Arezzo Director of Security April 21, 2016

Cybersecurity Panel: Cutting through Cybersecurity Hype with Practical Tips to Protect your Bank

SAP Cybersecurity Solution Brief. Objectives Solution Benefits Quick Facts

Internet Scanner 7.0 Service Pack 2 Frequently Asked Questions

Managing IT Risk: What Now and What to Look For. Presented By Tina Bode IT Assurance Services

PROFESSIONAL SERVICES (Solution Brief)

align security instill confidence

Defensible and Beyond

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

Cyber Resilience. Think18. Felicity March IBM Corporation

Cyber Fraud What can you do about it?

Continuous protection to reduce risk and maintain production availability

ENDNOTE SECURITY OVERVIEW INCLUDING ENDNOTE DESKTOP AND ONLINE

DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE

BUILDING CYBERSECURITY CAPABILITY, MATURITY, RESILIENCE

CYBERSECURITY RISK LOWERING CHECKLIST

Securing Your Most Sensitive Data

Service Provider View of Cyber Security. July 2017

SOLUTION BRIEF Virtual CISO

Compliance Is Security. Presented by: Jeff Hall Optiv Security

Case Study: Security Implementation for a Pharmaceutical Company

Hacker Academy UK. Black Suits, White Hats!

Cybersecurity Survey Results

CCISO Blueprint v1. EC-Council

NEXT GENERATION SECURITY OPERATIONS CENTER

Defensible Security DefSec 101

Surprisingly Successful: What Really Works in Cyber Defense. John Pescatore, SANS

Mike Spear, Ops Leader Greg Maciel, Cyber Director INDUSTRIAL CYBER SECURITY PROGRAMS

RSA Advanced Security Operations Richard Nichols, Director EMEA. Copyright 2015 EMC Corporation. All rights reserved. 1

Data Protection in Practice

PCI DSS Addressing Cyber-Security Threats. ETCAA June Gabriel Leperlier

A Comedy of Errors: Assessing and Managing the Human Element of Cyber Risk

DATA SHEET RSA NETWITNESS PLATFORM PROFESSIONAL SERVICES ACCELERATE TIME-TO-VALUE & MAXIMIZE ROI

Vulnerability Management Policy

SANS Top 20 CIS. Critical Security Control Solution Brief Version 6. SANS Top 20 CIS. EventTracker 8815 Centre Park Drive, Columbia MD 21045

The Need For A New IT Security Architecture: Global Study On The Risk Of Outdated Technologies

Nebraska CERT Conference

Information Security Risk Strategies. By

Application Whitelisting and Active Analysis Nick Levay, Chief Security Officer, Bit9

Security

CompTIA Cybersecurity Analyst+

Choosing the Right Cybersecurity Assessment Tool Michelle Misko, TraceSecurity Product Specialist

BOLSTERING DETECTION ABILITIES KENT KNUDSEN JUNE 23, 2016

Mapping BeyondTrust Solutions to

Position Title: IT Security Specialist

Cybersecurity A Regulatory Perspective Sara Nielsen IT Manager Federal Reserve Bank of Kansas City

About NitroSecurity. Application Data Monitor. Log Mgmt Database Monitor SIEM IDS / IPS. NitroEDB

security FRAUD PREVENTION Business Checklist Safeguard your money, your credit and your good name.

NERC CIP VERSION 6 BACKGROUND COMPLIANCE HIGHLIGHTS

Cyber Security and Data Protection: Huge Penalties, Nowhere to Hide

Balancing Compliance and Operational Security Demands. Nov 2015 Steve Winterfeld

Service. Sentry Cyber Security Gain protection against sophisticated and persistent security threats through our layered cyber defense solution

to Enhance Your Cyber Security Needs

Security Awareness Training Courses

Cyber Criminal Methods & Prevention Techniques. By

Data Security and Privacy : Compliance to Stewardship. Jignesh Patel Solution Consultant,Oracle

The SANS Institute Top 20 Critical Security Controls. Compliance Guide

Teradata and Protegrity High-Value Protection for High-Value Data

CloudSOC and Security.cloud for Microsoft Office 365

Reinvent Your 2013 Security Management Strategy

The Devil is in the Details: The Secrets to Complying with PCI Requirements. Michelle Kaiser Bray Faegre Baker Daniels

Evolution of Cyber Security. Nasser Kettani Chief Technology Officer Microsoft, Middle East and Africa

Building a Complete Program around Data Loss Prevention

Must Have Items for Your Cybersecurity or IT Budget in 2018

Changing face of endpoint security

White Paper. Why IDS Can t Adequately Protect Your IoT Devices

Education Network Security

NEW DATA REGULATIONS: IS YOUR BUSINESS COMPLIANT?

AT&T Endpoint Security

The Credential Phishing Handbook. Why It Still Works and 4 Steps to Prevent It

K12 Cybersecurity Roadmap

Cyber Hygiene: A Baseline Set of Practices

Challenges 3. HAWK Introduction 4. Key Benefits 6. About Gavin Technologies 7. Our Security Practice 8. Security Services Approach 9

Transcription:

Defense in Depth Security in the Enterprise Mike Mulville SAIC Cyber Chief Technology Officer MulvilleM@saic.com

Agenda The enterprise challenge - threat; vectors; and risk Traditional data protection measures Expanded threat protection The road forward Conclusions / discussion 2

The challenging security question Critical Data 3 Loss Social Engineering Computer stolen with data on 800,000 doctors Payment Systems hacked, 100M accounts Missing: Records of 76M veterans Security breach exposes nearly 600,000 customers Computer hacked at University - data of 236,000 women in mammogram study taken Hack attack breaches 160,000 files Major University Former Federal Reserve Bank of New York IT worker charged with theft Virginia loses data on 100,000 students on unencrypted Flash Drive

Threats and vectors Threat vectors Impacts Internal threats have the largest impact and risk, followed closely by partners Perimeter threat vectors still important and still a challenge in the enterprise Insider attack vectors have larger impact to organizations Statistical data from: Verizon 2008 Data Breach Investigations Report 4

Traditional approach Perimeter defenses (Firewall and Intrusion detection systems) Limited internal or partner security measures Best practices and policies spotty or missing Unknown risk posture Limited or no monitoring of perimeter devices Little understanding of total context of events Uneducated workforce on security awareness Even with these defenses sensitive data continues to escape the enterprise 5

Perimeter defenses Limit protection points common gateways Protection applied at aggregation points 6

Remaining exposed and impacted targets 7 Multi-access vectors impacting targets Seeking high value critical and sensitive data Larger exploit surface

Expanded threat protection beyond the perimeter Security policies (ISO 27001/7799; COBIT, FIPS ) Data availability Data encryption data at rest, in motion, in use Incident response and remediation processes Disruption User awareness training Best practices (ITIL, business continuity, event mgmt, incident response) Data protection Configuration and asset control Specific device/system threats (e.g. energy 8 SCADA; health; education) Security control COBIT is a registered trademark of the Information Systems Audit and Control Association in the U.S. and/or other countries. ISO is a registered trademark of the International Organization for Standardization in the U.S. and/or other countries. ITIL is a registered trademark, and a registered community trademark of the Office of Government Commerce, and is registered in the U.S. Patent and Trademark Office.

The road forward A layered defense is the best approach Humans Applications Data Operating systems Networks Physical inspections Use defense in depth security Identify your potential issues before they happen Understand your systems before an incident Work with appropriate agencies, associations, and policy groups Address protecting the data Data lifecycle Management 9

Mitigating the risks Data Encryption of data in motion Encryption of data at rest Monitoring data stores (database IDS) Data loss protection Access / identity management Hosts Endpoint security (NIDS, AV) Patching Data loss protection Security platform monitoring Asset & change management Network / Perimeter Web application & vulnerability scanning Firewalls, IDS/IPS, WebApp firewalls Data inspection Data loss protection 24x7 security monitoring (SOC) Content filtering VPN s Polices Implement a security policy Assess and rank security measures implemented against a security policy Establish a security risk baseline Identify gaps, weaknesses Assign and track remediation steps Self audit controls and track metrics 10

Mitigating the risks Staff User awareness training Annual security policy training Background checks Incident management Applications Application code review Configuration management Access control Physical Surveillance Entry logs & review Access list reviews Access approvals Physical security controls Reporting Metrics Audit tracking of controls Reduction of incidents Reporting of incidents Tracking against the risk management plan 11

Questions? Michael Mulville SAIC Cyber CTO MulvilleM@saic.com 703-676-8381 12

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback