Best Practices in Healthcare Risk Management. Balancing Frameworks/Compliance and Practical Security

Similar documents
TOP 10 IT SECURITY ACTIONS TO PROTECT INTERNET-CONNECTED NETWORKS AND INFORMATION

SOLUTION BRIEF RSA NETWITNESS SUITE 3X THE IMPACT WITH YOUR EXISTING SECURITY TEAM

The Evolution of : Continuous Advanced Threat Protection

Cybersecurity Roadmap: Global Healthcare Security Architecture

Dell EMC Isolated Recovery

EU GENERAL DATA PROTECTION: TIME TO ACT. Laurent Vanderschrick Channel Manager Belgium & Luxembourg Stefaan Van Hoornick Technical Manager BeNeLux

Cybersecurity Auditing in an Unsecure World

Assessing Your Incident Response Capabilities Do You Have What it Takes?

Technology Risk Management in Banking Industry. Rocky Cheng General Manager, Information Technology, Bank of China (Hong Kong) Limited

2018 WTA Spring Meeting Are You Ready for a Breach? Troy Hawes, Senior Manager

BUILDING AND MAINTAINING SOC

Digital Forensics Readiness PREPARE BEFORE AN INCIDENT HAPPENS

RSA NetWitness Suite Respond in Minutes, Not Months

Evolution Of Cyber Threats & Defense Approaches

Security+ SY0-501 Study Guide Table of Contents

RSA INCIDENT RESPONSE SERVICES

THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION

Incident Response Lessons From the Front Lines. Session 276, March 8, 2018 Nolan Garrett, CISO, Children s Hospital Los Angeles

White Paper. Why IDS Can t Adequately Protect Your IoT Devices

Delivering Integrated Cyber Defense for the Cloud Generation Darren Thomson

MAKING THE CLOUD A SECURE EXTENSION OF YOUR DATACENTER

Strategy is Key: How to Successfully Defend and Protect. Session # CS1, February 19, 2017 Karl West, CISO, Intermountain Healthcare

RSA INCIDENT RESPONSE SERVICES

External Supplier Control Obligations. Cyber Security

What matters in Cyber Security

Gujarat Forensic Sciences University

FFIEC Cyber Security Assessment Tool. Overview and Key Considerations

How Boards use the NIST Cybersecurity Framework as a Roadmap to oversee cybersecurity

Managed Endpoint Defense

Kaspersky Cloud Security for Hybrid Cloud. Diego Magni Presales Manager Kaspersky Lab Italia

Cybersecurity for Health Care Providers

Heavy Vehicle Cyber Security Bulletin

CYBERSECURITY MATURITY ASSESSMENT

How NSFOCUS Protected the G20 Summit. Guy Rosefelt on the Strategy, Staff and Tools Needed to Ensure Cybersecurity

EMERGING THREATS & STRATEGIES FOR DEFENSE. Paul Fletcher Cyber Security

Cyber Defense Operations Center

CISO as Change Agent: Getting to Yes

Managed Enterprise Phishing Protection. Comprehensive protection delivered 24/7 by anti-phishing experts

2016 State of Cybersecurity in Small & Medium-Sized Businesses (SMB)

TRUSTED IT: REDEFINE SOCIAL, MOBILE & CLOUD INFRASTRUCTURE. Ralf Kaltenbach, Regional Director RSA Germany

FFIEC Cybersecurity Assessment Tool

Moshe Elias, Product Marketing, Allot. Network Intelligence to See, Control & Secure IT

Security Terminology Related to a SOC

Cisco Cloud Security. How to Protect Business to Support Digital Transformation

Zero Trust in Healthcare Centrify Corporations. All Rights Reserved.

The Internet of Everything is changing Everything

Securing Dynamic Data Centers. Muhammad Wajahat Rajab, Pre-Sales Consultant Trend Micro, Pakistan &

What can we lose not implementing proper security in our IT environment? Aleksandar Pavlovic Security Account Manager Cisco

INCIDENT RESPONDER'S FIELD GUIDE INCIDENT RESPONDER'S INCIDENT RESPONSE PLAN FIELD GUIDE LESSONS FROM A FORTUNE 100 INCIDENT RESPONSE LEADER

AKAMAI CLOUD SECURITY SOLUTIONS

Endpoint Protection : Last line of defense?

SOLUTION BRIEF esentire Risk Advisory and Managed Prevention (RAMP)

Designing and Building a Cybersecurity Program

Why you should adopt the NIST Cybersecurity Framework

Surprisingly Successful: What Really Works in Cyber Defense. John Pescatore, SANS

85% 89% 10/5/2018. Do You Have A Firewall Around Your Cloud? Conquering The Big Threats & Challenges

ForeScout Extended Module for Splunk

SHARE Session Protecting Critical Data on a z/os Mainframe: A New Attitude

RSA. The security division of EMC. Visibilidad total en el entorno de seguridad. Javier Galvan Systems Engineer Mexico & NOLA

Tackling Cybersecurity with Data Analytics. Identifying and combatting cyber fraud

Agile Security Solutions

CloudSOC and Security.cloud for Microsoft Office 365

Privilege Security & Next-Generation Technology. Morey J. Haber Chief Technology Officer

Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS

SOLUTION BRIEF RSA NETWITNESS NETWORK VISIBILITY-DRIVEN THREAT DEFENSE

Cyber Security. February 13, 2018 (webinar) February 15, 2018 (in-person)

Critical Hygiene for Preventing Major Breaches

TAN Jenny Partner PwC Singapore

THE RSA SUITE NETWITNESS REINVENT YOUR SIEM. Presented by: Walter Abeson

NIST Framework for Improving Critical Infrastructure Cybersecurity Technical Control Automation

Ransomware A case study of the impact, recovery and remediation events

Transforming Security from Defense in Depth to Comprehensive Security Assurance

SentryWire Next generation packet capture and network security.

SentryWire Next generation packet capture and network security.

Ransomware A case study of the impact, recovery and remediation events

Cybersecurity Today Avoid Becoming a News Headline

FTA 2017 SEATTLE. Cybersecurity and the State Tax Threat Environment. Copyright FireEye, Inc. All rights reserved.

IT Security: Managing a New Reality

Deception: Deceiving the Attackers Step by Step

Copyright 2011 Trend Micro Inc.

DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE

Cyber Information Sharing

Mitigating Cybersecurity Risk with Hyper-Segmentation

Cyber Resilience. Think18. Felicity March IBM Corporation

NEN The Education Network

A Measurement Companion to the CIS Critical Security Controls (Version 6) October

CYBERSECURITY FOR STARTUPS AND SMALL BUSINESSES OVERVIEW OF CYBERSECURITY FRAMEWORKS

Cyber Security. Our part of the journey

Introduction to Threat Deception for Modern Cyber Warfare

Future Challenges and Changes in Industrial Cybersecurity. Sid Snitkin VP Cybersecurity Services ARC Advisory Group

Automated Threat Management - in Real Time. Vectra Networks

Getting over Ransomware - Plan your Strategy for more Advanced Threats

Securing global enterprise with innovation

A New Security Model for the IoE World. Henry Ong SE Manager - ASEAN Cisco Global Security Sales Organization

Security Aspects Control Rationale Best Practices Self-Assessment (Click all that applicable) 1. Security Policy and Security Management

Panelists. Moderator: Dr. John H. Saunders, MITRE Corporation

Cybersecurity. You have been breached; What Happens Next THE CHALLENGE FOR THE FINANCIAL SERVICES INDUSTRY

CYBER SOLUTIONS & THREAT INTELLIGENCE

the SWIFT Customer Security

Cybersecurity Survey Results

Transcription:

Best Practices in Healthcare Risk Management Balancing Frameworks/Compliance and Practical Security

Our industry is full of jargon terms that make it difficult to understand what we are buying To accelerate the maturity of our practice, we need a common language www.siriuscom.com 9/7/2017 2

NIST CSF Categories www.siriuscom.com 9/7/2017 3

Our common language can be bounded by five asset classes and the NIST Cybersecurity Framework Asset Classes Operational Functions DEVICES Workstations, servers, VoIP phones, tablets, IoT, storage, network devices, infrastructure, etc. IDENTIFY Inventorying assets, measuring attack surface, baselining normal, risk profiling APPS The software, interactions, and application flows on the devices PROTECT Preventing or limiting impact, containing, hardening, managing access NETWORKS The connections and traffic flowing among devices and applications DETECT Discovering events, triggering on anomalies, hunting for intrusions DATA 10011101010101010010 01001101010110101001 11010101101011010100 10110101010101101010 The information residing on, traveling through, or processed by the resources above RESPOND Acting on events, eradicating intrusion footholds, assessing damage, coordinating, reconstructing events forensically USERS The people using the resources listed above RECOVER Returning to normal operations, restoring services, documenting lessons learned www.siriuscom.com 9/7/2017 4

Cyber Defense Matrix Devices Applications Identify Protect Detect Respond Recover Networks Users Degree of Dependency Technology Process People www.siriuscom.com 9/7/2017 5

Left and Right of Boom Devices Identify Protect Detect Respond Recover Applications Pre-Compromise Networks Post-Compromise Users Degree of Dependency Technology People www.siriuscom.com 9/7/2017 6

Enterprise Security Market Segments Devices Identify Protect Detect Respond Recover MDM IAM AV, HIPS Endpoint Visibility and Control / Endpoint Threat Detection & Response Applications Configuration and Systems Management App Sec (SAST, DAST, IAST, RASP), WAFs Honeypot Tools Networks Netflow Network Security (FW, IPS) IDS DDoS Mitigation Full PCAP Labeling Encryption, DLP Dark Web, Brian Krebs, FBI DRM Backup Users Phishing Awareness Insider Threat / Behavioral Analytics Phishing Simulations Degree of Dependency Technology People www.siriuscom.com 9/7/2017 7

Can add dimensions based on asset context 01001101010110101001 10110101010101101010 Threat Actors Vendors Customers Employees Enterprise Assets Devices - user workstations, servers, phones, tablets, IoT, peripherals, storage, network devices, web cameras, infrastructure devices, etc. Applications - The software, interactions, and application flows on the devices Network - The connections and traffic flowing among devices and applications - The information residing on, traveling through, or processed by the resources listed above Users The people using the resources listed above Operational Functions Identify inventorying assets, measuring attack surface, baselining normal, risk profiling Protect preventing or limiting impact, containing, hardening, managing access Detect discovering events, triggering on anomalies, hunting for intrusions Respond acting on events, eradicating intrusion footholds, assessing damage, coordinating response, reconstructing events forensically Recover returning to normal operations, restoring services, documenting lessons learned www.siriuscom.com 9/7/2017 8

Market Dimensions Other Asset Contexts Threat Actor Assets Threat Deception Malware Sandboxes Vendor Risk Assessments Cloud Access Security Brokers Vendor Assets Customer Assets Threat Device Fingerprinting Endpoint Fraud Detection Web Fraud Detection Employee Assets Device Fingerprinting BYOD MDM BYOD MAM 9 www.siriuscom.com 9/7/2017 9

Security Technologies Mapped by Asset Class DEVICES Workstations, servers, VoIP phones, tablets, IoT, storage, network devices, infrastructure, etc. APPS The software, interactions, and application flows on the devices NETWORKS The connections and traffic flowing among devices and applications DATA The information residing on, traveling through, or processed by the resources above USERS The people using the resources listed above 10011101010101010010 01001101010110101001 11010101101011010100 10110101010101101010 Disclaimer: Vendors shown are representative only. No usage or endorsement should be construed because they are shown here. www.siriuscom.com 9/7/2017 10

Security Technologies Mapped by NIST Function IDENTIFY PROTECT Inventorying assets, measuring attack surface, baselining normal, risk profiling Preventing or limiting impact, containing, hardening, managing access Discovering events, DETECT triggering on anomalies, hunting for intrusions Acting on events, eradicating intrusion RESPOND footholds, assessing damage, coordinating, reconstructing events forensically Returning to normal RECOVER operations, restoring services, documenting lessons learned MSSPs / IR Disclaimer: Vendors shown are representative only. No usage or endorsement should be construed because they are shown here. www.siriuscom.com 9/7/2017 11

Security Technologies by Asset Classes & NIST Function Identify Protect Detect Respond Recover Devices Applications Networks Users Disclaimer: Vendors shown are representative only. No usage or endorsement should be construed because they are shown here. Degree of Dependency Technology Process People www.siriuscom.com 9/7/2017 12

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback