Waukesha County Technical College and Marquette University

Similar documents
the SWIFT Customer Security

Enhancing the Cybersecurity of Federal Information and Assets through CSIP

Privileged Account Security: A Balanced Approach to Securing Unix Environments

Teradata and Protegrity High-Value Protection for High-Value Data

Comprehensive Database Security

Best Practices in Securing a Multicloud World

1 Copyright 2011, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 7

Data Security and Privacy : Compliance to Stewardship. Jignesh Patel Solution Consultant,Oracle

7 Steps to Complete Privileged Account Management. September 5, 2017 Fabricio Simao Country Manager

Spotlight Report. Information Security. Presented by. Group Partner

Cyber Risk Program Maturity Assessment UNDERSTAND AND MANAGE YOUR ORGANIZATION S CYBER RISK.

Delivering Integrated Cyber Defense for the Cloud Generation Darren Thomson

CloudSOC and Security.cloud for Microsoft Office 365

Mapping BeyondTrust Solutions to

SECURE DATA EXCHANGE

Privilege Security & Next-Generation Technology. Morey J. Haber Chief Technology Officer

Securing Privileged Access and the SWIFT Customer Security Controls Framework (CSCF)

2018 Edition. Security and Compliance for Office 365

Getting over Ransomware - Plan your Strategy for more Advanced Threats

Cyber Risks in the Boardroom Conference

IT SECURITY FOR NONPROFITS

Technology Risk Management in Banking Industry. Rocky Cheng General Manager, Information Technology, Bank of China (Hong Kong) Limited

Altitude Software. Data Protection Heading 2018

Security Readiness Assessment

Boston Chapter AGA 2018 Regional Professional Development Conference Cyber Security MAY 2018

EBOOK 4 TIPS FOR STRENGTHENING THE SECURITY OF YOUR VPN ACCESS

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS

Cybersecurity The Evolving Landscape

Bringing cyber to the Board of Directors & C-level and keeping it there. Dirk Lybaert, Proximus September 9 th 2016

2018 GLOBAL CHANNEL PARTNER SURVEY THYCOTIC CHANNEL PARTNER SURVEY REPORT

The SANS Institute Top 20 Critical Security Controls. Compliance Guide

Cybersecurity for the SMB. CrowdStrike s Murphy on Steps to Improve Defenses on a Smaller Scale

Cyber Security Updates and Trends Affecting the Real Estate Industry

INTRODUCTION. We would like to thank HelpSystems for supporting this unique research. We hope you will enjoy the report.

Evolution of Cyber Security. Nasser Kettani Chief Technology Officer Microsoft, Middle East and Africa

AND FINANCIAL CYBER FRAUD INSTITUTIONS FROM. Solution Brief PROTECTING BANKING

with Advanced Protection

mhealth SECURITY: STATS AND SOLUTIONS

Google Identity Services for work

Cyber Security and Data Protection: Huge Penalties, Nowhere to Hide

Transforming Security Part 2: From the Device to the Data Center

WHITE PAPER. Operationalizing Threat Intelligence Data: The Problems of Relevance and Scale

DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE

Mapping Your Requirements to the NIST Cybersecurity Framework. Industry Perspective

Passwords Are Dead. Long Live Multi-Factor Authentication. Chris Webber, Security Strategist

Cybersecurity and Hospitals: A Board Perspective

6 Vulnerabilities of the Retail Payment Ecosystem

Business continuity management and cyber resiliency

Protect Your Endpoint, Keep Your Business Safe. White Paper. Exosphere, Inc. getexosphere.com

2017 Annual Meeting of Members and Board of Directors Meeting

locuz.com SOC Services

SOC-2 Requirement Solution Brief. EventTracker 8815 Centre Park Drive, Columbia MD SOC-2

CipherCloud CASB+ Connector for ServiceNow

HIPAA Regulatory Compliance

FTA 2017 SEATTLE. Cybersecurity and the State Tax Threat Environment. Copyright FireEye, Inc. All rights reserved.

Subject: University Information Technology Resource Security Policy: OUTDATED

ISACA West Florida Chapter - Cybersecurity Event

DHG presenter. August 17, Addressing the Evolving Cybersecurity Landscape. DHG Birmingham CPE Seminar 1

Next Generation Privilege Identity Management

SECURING DEVICES IN THE INTERNET OF THINGS

2016 Tri-State CF Partnership Webinar Series. Cyber Crime Trends a State of the Union April 7, 2016

AKAMAI CLOUD SECURITY SOLUTIONS

CyberArk Privileged Threat Analytics

Secure Access & SWIFT Customer Security Controls Framework

FOR FINANCIAL SERVICES ORGANIZATIONS

ALIENVAULT USM FOR AWS SOLUTION GUIDE

SO YOU THINK YOU ARE PROTECTED? THINK AGAIN! NEXT GENERATION ENDPOINT SECURITY

Gujarat Forensic Sciences University

SECURING DEVICES IN THE INTERNET OF THINGS

Ransomware A case study of the impact, recovery and remediation events

WHITE PAPER AUTHENTICATION YOUR WAY SECURING ACCESS IN A CHANGING WORLD

Secret Server HP ArcSight Integration Guide

Service. Sentry Cyber Security Gain protection against sophisticated and persistent security threats through our layered cyber defense solution

Security by Default: Enabling Transformation Through Cyber Resilience

FairWarning Mapping to PCI DSS 3.0, Requirement 10

Cybowall Solution Overview

The Honest Advantage

Security and Compliance for Office 365

Cybersecurity Risk Mitigation: Protect Your Member Data. Introduction

Cybersecurity Conference Presentation North Bay Business Journal. September 27, 2016

Combating Cyber Risk in the Supply Chain

The Cyber War on Small Business

SOLUTIONS BRIEFS. ADMINISTRATION (Solutions Brief) KEY SERVICES:

SailPoint IdentityIQ Integration with the BeyondInsight Platform. Providing Complete Visibility and Auditing of Identities

CA Security Management

Hacker Academy Ltd COURSES CATALOGUE. Hacker Academy Ltd. LONDON UK

Security Solutions. Overview. Business Needs

SIEM Solutions from McAfee

Welcome! Copyright 2017 MAC. All Rights Reserved.

5 Trends That Will Impact Your IT Planning in Layered Security. Executive Brief

Imperva Incapsula Website Security

WHITEPAPER HEALTHCARE S KEY TO DEFEATING CYBERATTACKS

ForeScout ControlFabric TM Architecture

Keys to a more secure data environment

Securing Digital Transformation

NEW DATA REGULATIONS: IS YOUR BUSINESS COMPLIANT?

You ve Been Hacked Now What? Incident Response Tabletop Exercise

MOBILE SECURITY 2017 SPOTLIGHT REPORT. Information Security PRESENTED BY. Group Partner

Business White Paper. Healthcare IT In The Cloud: Predicting Threats, Protecting Patient Data

Transcription:

Waukesha County Technical College and Marquette University Cyber Security Summit 10.28.16

Do you know who s on your Network? Your organization is counting on you to protect them, do you know who is logged on to your network and what they are doing?

Password Access Management for The Enterprise Presented by: Jim Dziak President/CEO Matthew Dziak Vice President of Sales & Marketing

About us AxCel Technology is a leading security company specializing in Compliance Security, Password Protection, Email Continuity, and Risk Management. We've partnered with leading companies to provide a full package of solutions tailored to your company s security needs. Paired with stellar customer service, AxCel help s clients get the protection they need so they can focus on their business.

Threats are Changing

The Threat Landscape Perimeter security Firewall, AV, IDS, IPS, email gateways Threat detection SIEM, Big data analytics Indicators of Compromise (IOC) IOC; pieces of forensic data, such as system log entries or files, that identify potentially malicious activity on a system or network Account and user provisioning Role based access, layering, insider threat

What is being targeted? Advanced Persistent Threat (APT) intruders prefer to leverage privileged accounts where possible, such as Domain Administrators, service accounts with Domain privileges, local Administrator accounts, and privileged user accounts. 100% of breaches involved stolen credentials Mandiant, Mtrends and APT1 report

What is a privileged account and what threats do they pose? Privileged Accounts: Accounts used by IT and other elevated staff; often have unfettered access to critical data and systems i.e. Domain Admin, root, super user. Exist everywhere in nearly every connected device, server, hypervisor, OS, DB, or application; on-premises & cloud. One of the most vulnerable aspects of an organization s IT infrastructure. Threats: MALWARE RANSOMWARE SENSITIVE DATA LOSS INSIDER ATTACKS & DATA LEAKS DATA POISONING SERVICE DISRUPTION FINANCIAL FRAUD

Data Breaches Continue

Target Incident $10 Million January 10, 2014 Target says up to 70 million customers were hit by the December 2013 data breach - 40 million more than the company originally estimated. March 19, 2015 Target to pay out $10 million to victims.

Sony Incident $4.5 Million November 24, 2014 Confidential data released; included personal information on employees and their families, e-mails, executive salaries, copies of thenunreleased Sony films, and other information. October 20, 2015 Sony Cyber Attack Settlement Includes ID Theft Protection, $4.5 Million Reimbursement Funds.

Ashley Madison - could cost dating sites more than $1 billion as lawsuits mount The Washington Times - Tuesday, August 25, 2015 August 19, 2015 Account details of 37 million users of Ashley Madison are published to the WEB. The data dump includes customers credit cards and ALM internal documents. CEO Noel Biderman says the company s security teams suspect that an individual who touched ALM s IT systems is responsible for the hack.

DNC Cost undetermined at this time August 13, 2016 Another Democratic Party Group was Hacked, hackers admit the hack was Even Easier Than DNC Breach.

Lost Data Records 2015

Lost Data Records by Industry

CryptoWall, CTB-Locker, TeslaCrypt, MSIL/Samas, Locky The damage inflicted by these types of malware prompted the U.S. Federal Bureau of Investigation (FBI) to [ask] business and software security experts for emergency assistance in its investigation. Ransomware has evolved from single-system infections to enterprise compromises. Quotes: Secure Works - May, 2016

Did you Know? Ransomware is on track to be a $1 billion crime in 2016! 25+ variants of ransomware families have been identified. 4,000+ ransomware attacks happened daily since January 1, 2016. Phishing is the most popular ransomware attack vector. Carbon Black, September, 2016

Businesses Pay to Avoid Disruptions! Ransomware has become a common and integral attack method that most organizations are fighting a losing battle against. Businesses are routinely choosing to pay hefty ransoms rather than lose access to their intellectual property, patient records, credit card information and other valuable business data. Simply put, they pay ransoms in order to avoid significant disruptions in every-day operations. Carbon Black, September, 2016

World Data Breaches http://bit.ly/19xscqo

Prevention is key! Avoid plaintext passwords embedded in scripts or configuration files. Virtually impossible to decrypt without paying. If Infected restore from backups, change all passwords. No guarantee the hackers will cooperate!

Don t be a Business Statistic 60% of small companies that suffer a cyber attack are out of business within six months. Denver post, 2016 Partial List of Wisconsin Companies in the news: Cate Machine and Welding Froedtert Health Medical College of Wisconsin Milwaukee Bucks Washington County Ozaukee County Mercury Marine

Threat: Insider Critical to securing against internal breaches is access management. 58% of large organizations suffered staff-related security breaches in 2014, compared to just 24% detecting outsiders penetrating their networks. 71% are very concerned with external threats, but only 46% indicated a strong concern for internal threats. In cases where staff will be dealing with sensitive information, monitoring user activity is a must. Information-age.com, Insider Hacks vs. outsider threats: spending budget in the wrong place

Internal Threat

Internal Threat Run Audit Report on Password Usage Automate Password Changes Coordinate with HR

Password Exposure 2016 Thycotic and Cybersecurity VENTURES survey 60% of businesses still rely on manual methods to manage privileged accounts. Only 10% have implemented an automated security vendor solution. 20% of organizations have never changed their default passwords on privileged accounts. 70% do not require approval for creating new privileged accounts. 50% do not audit privileged account activity. 40% use the same security for privileged accounts as standard accounts.

Password Exposure Solutions 2016 Thycotic and Cybersecurity VENTURES 550 company survey Step 1: Educate Key Stakeholders Educate key stakeholders in your organization about the urgency and value of privileged account and access management security. Step 2: Discover Privileged Accounts Discover where your privileged accounts are located across your entire enterprise environment. You can t protect what you don t know exists. A good Privileged Account Management (PAM) solution will provide free tools you can use to discover where your privileged accounts are located for both Windows and Unix environments.

Password Exposure Solutions 2016 Thycotic and Cybersecurity VENTURES survey Step 3: Automate the Management and Security Automate the management and security of privileged account passwords. It s shocking that 6 out of 10 organizations, according to the 2016 survey, still use manual methods such as spreadsheets and lists to keep track of privileged account passwords. There are affordable PAM solutions available for any size organization to help organizations automate.

Password Exposure Solutions 2016 Thycotic and Cybersecurity VENTURES survey Step 4: Adopt and Implement Security Policies Adopt and implement security policies to help ensure an appropriate privilege strategy for account access. Too many accounts have been granted broad and deep privileges, and if only one of these accounts is compromised, it can quickly be used by an attacker to exploit your entire IT infrastructure. Explore employing software tools to limit privileged access without impacting user productivity.

Password Exposure Solutions 2016 Thycotic and Cybersecurity VENTURES survey Step 5: Provide Greater Visibility & Senior Management Buy-In Provide greater visibility with PAM for your CISO- Chief Information Security Officer while helping to assure you can demonstrate compliance with audits and policies affecting privileged account credentials. Implement a PAM Compliance solution approved by C-Suite ( CEO/CFO/CIO) for strict adherence to insure account security policies as well as automate and enforce those policies to improve security and satisfy auditors. AVOID SHELF WARE!

Common Practices Highlighting the need for Privileged Account Management 1. Failure to update passwords. 2. Passwords stored on spreadsheets or sticky notes. 3. Default passwords.

PAM Enforces Password Best Practice PAM solutions automatically follow best practices, eliminating tedious and complicated manual processes. Session Launching & Recording Session Monitoring Passwords can automatically change after session use Check Out

According to Industry Experts More effective solutions are needed to protect against a breach, as once access is granted, much of the network is likely to be exposed Gemalto Inc. Data Security Confidence Index, May 2016

Automate and Implement a PAM Solution Privileged Access Management provides appropriate access to privileged accounts, bolsters security, achieves compliance, decreases risk, streamlines administration, extends governance and more. Some key features Include: Privilege safe - Automate, control and secure the entire process of granting privileged credentials. Session management - Improve security and achieve compliance by limiting privileged access for administrators, remote vendors and highrisk users to a specific duration.

Automate and Implement a PAM Solution Active Directory bridge - Extend the unified authentication and authorization of Microsoft Active Directory (AD) to Unix, Linux, Mac and other systems. Privileged account governance - Extend the governance advantages of unified policy, automated and businessdriven attestation, enterprise provisioning, and access request and fulfillment to privileged accounts and administrator access. Centralized administration - Simplify administration with centralized reporting, access rights and activities, as well as keystroke logging of activities performed.

PAM Implementation

PAM Architecture

Why Privileged Account Management is Important? PAM security offers mission-critical solutions to protect privileged credentials from unauthorized access and misuse. It helps assure that if and when perimeter defenses are breached, privileged account controls will act to limit access to sensitive information and curtail an attacker s ability to circulate unhindered throughout the IT environment. Protects against internal and external threats. Meets compliance mandates and industry best practices. Automate scalable security processes so you are more efficient.

Why Implement PAM? Limits the number of privileged accounts. Auditing and Accountability met with significantly less effort. Does not allow users to bypass security protocols! Unique, random passwords are automatic. Ensures all passwords are rotated. Only gives users access to accounts that are needed to perform their job!

The Importance of PAM 80% of organizations consider PAM as a high security priority. 60% of organizations face compliance requirements involving PAM security. 60% of organizations MANUALLY manage privilege accounts. Only 10% of organizations have implemented a commercial solution to automate PAM. Cyber attacks are increasing while IT resources seem to be static. Automation; PAM allows you to become more proactive at preventing identity/data and fiscal loss.

6 OUT OF 10 ORGANIZATIONS MANUALLY MANAGE PRIVILEGE ACCOUNTS 60% of cyber breaches are due to human error, this creates a significant barrier to properly managing privileged account password security. Mistakes and inconsistencies can easily occur in managing hundreds or even thousands of privileged account passwords. Manually manage privileged account credentials today using passphrases or other similar methods to make the passwords longer and more complex. 40.9% Manually manage privileged account credentials and treat these accounts no differently than other user accounts in their environment. 25.5% THE 2016 STATE OF PRIVILEGED ACCOUNT MANAGEMENT REPORT. Thycotic and Cybersecurity Ventures

PAM Allows Automated Remote Password Changing! Active Directory Local Windows accounts UNIX/Linux/Mac MS SQL Server Oracle Sybase MySQL ODBC VMware ESX/ESXi Cisco/Fortinet/Palo Alto/Sourcefire etc. Switches/Routers/Wireless AP SAP F5 Blue Coat Dell DRAC HP ilo SSH/Telnet LDAP Salesforce Google Amazon Office365 PowerShell

Pam Enables Easy Discovery Local Windows accounts. Windows services. Windows scheduled tasks. IIS application pools. Unix/Linux accounts. VMware ESX/ESXi accounts.

Privileged Account Management Should Automatically discover rogue accounts and secure them. Actively audit and monitor privileged user access. Rotate passwords on privileged accounts constantly. Enforce strong password policies for end users. Nearly 70% of organizations have not implemented a solution or are using a homegrown solution. Homegrown solutions are typically manual operations that can be difficult to keep updated and/or used to demonstrate compliance with regulatory requirements.

Start Your Privileged Access Management Discussion Today! Do you have a password problem? What about privileged account passwords? Aware of risks associated with bad password management? What tool are you using to manage passwords? Does the tool audit usage of passwords? Does the tool limit access to passwords? Are passwords shared among internal teams? How often do you change passwords? Manually? What is your process when an admin leaves? How do you know what they had access to? How do you manage service account passwords? What is your policy for accounts on networked devices? Are default manufacture passwords in use? Do you use third party contractors? If so, how do you manage the credentials they are exposed to?

Do you know who s on your Network? Your organization is counting on you to protect them, do you know who is logged on to your network and what they are doing?

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback