Cyber Liability Preventive Services & Tools Specific & Pre-Emptive Considerations BEFORE the Inevitable Cyber Event.

Similar documents
DHG presenter. August 17, Addressing the Evolving Cybersecurity Landscape. DHG Birmingham CPE Seminar 1

Cybersecurity Today Avoid Becoming a News Headline

INCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Elevation of Privilege

Cybersecurity The Evolving Landscape

INCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Unauthorized Access

INCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Data Theft

ISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002

How Breaches Really Happen

Hacking and Cyber Espionage

Meeting PCI DSS 3.2 Compliance with RiskSense Solutions

10 FOCUS AREAS FOR BREACH PREVENTION

Technology Risk Management in Banking Industry. Rocky Cheng General Manager, Information Technology, Bank of China (Hong Kong) Limited

Sword vs. Shield: Using Forensics Pre-Breach in a GDPR World. September 20, 2017

Choosing the Right Security Assessment

Take Risks in Life, Not with Your Security

THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION

INCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Malware Outbreak

Assessing Your Incident Response Capabilities Do You Have What it Takes?

EFFECTIVELY TARGETING ADVANCED THREATS. Terry Sangha Sales Engineer at Trustwave

FFIEC Cyber Security Assessment Tool. Overview and Key Considerations

Cyber Risks in the Boardroom Conference

Think Like an Attacker

A GUIDE TO CYBERSECURITY METRICS YOUR VENDORS (AND YOU) SHOULD BE WATCHING

Think Like an Attacker

Cybersecurity Threat Modeling ISACA Atlanta Chapter Geek Week Conference

Tackling Cybersecurity with Data Analytics. Identifying and combatting cyber fraud

An ICS Whitepaper Choosing the Right Security Assessment

Cybersecurity Auditing in an Unsecure World

Achieving Cyber-Readiness through Information Sharing Analysis Organizations (ISAOs)

What It Takes to be a CISO in 2017

Today s Security Threats: Emerging Issues Keeping CFOs Up at Night Understanding & Protecting Against Information Security Breaches

Monthly Cyber Threat Briefing

CyberSecurity. Penetration Testing. Penetration Testing. Contact one of our specialists for more information CYBERSECURITY SERVICE DATASHEET

Department of Management Services REQUEST FOR INFORMATION

How Cyber-Criminals Steal and Profit from your Data

Cybersecurity Vulnerabilities and Process Frameworks for Oil and Gas

Combating Cyber Risk in the Supply Chain

CYBERSECURITY PENETRATION TESTING - INTRODUCTION

2017 Annual Meeting of Members and Board of Directors Meeting

Sage Data Security Services Directory

Presented by Ingrid Fredeen and Pamela Passman. Copyright 2017NAVEXGlobal,Inc. AllRightsReserved. Page 0

SOLUTION BRIEF esentire Risk Advisory and Managed Prevention (RAMP)

Cyber Security For Business

Cybersecurity What Companies are Doing & How to Evaluate. Miguel Romero - NAIC David Gunkel & Dan Ford Rook Security

CYBERSECURITY RISK LOWERING CHECKLIST

Managed Endpoint Defense

Leveraging Best Practices to Determine your Cyber Insurance Needs. Sector Conference, Toronto November 2017

INCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Virus Outbreak

Cyber Security in M&A. Joshua Stone, CIA, CFE, CISA

Cyber security tips and self-assessment for business

DFARS Compliance. SLAIT Consulting SECURITY SERVICES. Mike D Arezzo Director of Security Services. SLAITCONSULTING.com

CYBER SECURITY AND MITIGATING RISKS

INCIDENT RESPONDER'S FIELD GUIDE INCIDENT RESPONDER'S INCIDENT RESPONSE PLAN FIELD GUIDE LESSONS FROM A FORTUNE 100 INCIDENT RESPONSE LEADER

O N L I N E I N C I D E N T R E S P O N S E C O M M U N I T Y

Transforming Security from Defense in Depth to Comprehensive Security Assurance

NCSF Foundation Certification

CISO as Change Agent: Getting to Yes

ICBA Summary of FFIEC Cybersecurity Assessment Tool (May 2017 Update)

Gujarat Forensic Sciences University

Security Gaps from the Field

Emerging Issues: Cybersecurity. Directors College 2015

National Cyber Security Operations Center (N-CSOC) Stakeholders' Conference

May 14, :30PM to 2:30PM CST. In Plain English: Cybersecurity and IT Exam Expectations

External Supplier Control Obligations. Cyber Security

UPDATE: HEALTHCARE CYBERSECURITY & INCIDENT RESPONSE Lindsay M. Johnson, Esq. Partner, Freund, Freeze & Arnold, LPA

Balancing Compliance and Operational Security Demands. Nov 2015 Steve Winterfeld

WHITE PAPER. Achieve PCI Compliance and Protect Against Data Breaches with LightCyber

Business continuity management and cyber resiliency

CYBER SECURITY TAILORED FOR BUSINESS SUCCESS

Cyber Security. Building and assuring defence in depth

Security Testing. - a requirement for a secure business. ISACA DAY in SOFIA. Gabriel Mihai Tanase, Director, Cyber Services KPMG in CEE

Getting over Ransomware - Plan your Strategy for more Advanced Threats

Discover threats quickly, remediate immediately, and mitigate the impact of malware and breaches

Changing face of endpoint security

You ve Been Hacked Now What? Incident Response Tabletop Exercise

Vulnerability Assessments and Penetration Testing

Effectively Meeting the Cyber Security Challenge: Strategies, Tips and Tactics

Security Incident Management in Microsoft Dynamics 365

Cyber Security For Utilities Risks, Trends & Standards. IEEE Toronto March 22, Doug Westlund Senior VP, AESI Inc.

Cybersecurity Risk Mitigation: Protect Your Member Data. Introduction

Ten Ways to Prepare for Incident Response

Moving from Prevention to Detection March 2017

IMEC Cybersecurity for Manufacturers Penetration Testing and Top 10

NEW YORK CYBERSECURITY REGULATION COMPLIANCE GUIDE

Building Resilience in a Digital Enterprise

THE CRITICAL COMMUNICATIONS COMPANY CYBER SECURITY AS A SERVICE

Introducing Cyber Observer

NOTICE TO ALL PROSPECTIVE RESPONDENTS RFP 18-ITSS/CY. Addendum No. 1 issued September 7, RFI responses are in red bold print

Changing the Game: An HPR Approach to Cyber CRM007

BOLSTERING DETECTION ABILITIES KENT KNUDSEN JUNE 23, 2016

Cybersecurity Panel: Cutting through Cybersecurity Hype with Practical Tips to Protect your Bank

Cybersecurity Survey Results

Cyber Security Audit & Roadmap Business Process and

NIST Special Publication

Insider Threat Detection Including review of 2017 SolarWinds Federal Cybersecurity Survey

The Cyber War on Small Business

Delivering Integrated Cyber Defense for the Cloud Generation Darren Thomson

Protect Your Endpoint, Keep Your Business Safe. White Paper. Exosphere, Inc. getexosphere.com

Incident Response Table Tops

Cybersecurity and Nonprofit

Transcription:

1 Cyber Liability Preventive Services & Tools Specific & Pre-Emptive Considerations BEFORE the Inevitable Cyber Event January 18, 2018

2 Today s Panel: Adam Cottini, Moderator Managing Director, Cyber Liability Practice, Arthur J. Gallagher Winston Krone Global Managing Director, KIVU Forensic Consulting Kim Holmes Vice President, Health Care, Cyber Liability & Emerging Risks, TDC Specialty Underwriters, the Doctors Company Group Sean Hoar Partner & Chair, Data Privacy & Cybersecurity Practice, Lewis Brisbois

Issue Awareness

4 Issue Awareness: Employee Awareness: Privacy & Security Training Vendor Contract Review & Indemnification

Technology Products & Services

Putting Technology to work BEFORE a Cyber Event Occurs: 6 Network Assessment Penetration Testing Endpoint Security New Generation Antivirus

7 Network Assessment (aka Vulnerability Assessment) As technology changes, hackers constantly develop new attack methods plus the occasional steroid injection from The ShadowBrokers. Vulnerability Assessment = identifying and quantifying the weaknesses in a system, e.g.: Technical (e.g. open ports in a firewall or unpatched software) Organizational (e.g. poorly assigned access controls or failure to draft or implement security policies). Using scanning tools and tailored questionnaires/ sampling: identify weaknesses within a system; grade those vulnerabilities (from severe to mild) to prioritize remediation; and create baselines to compare with future assessments

8 Vulnerability Assessments pros & cons The Good 1. Easy to run frequently automated 2. Spots when things fall apart 3. Chance for high level review (including configuration, access controls) The Bad 1. Requires baseline if you ve been operating insecurely, but lucky so far, then your baseline is poor your assessment thinks everything s good 2. Doesn t measure external risk factors and changes to technology

9 Penetration Testing Pen testing - a controlled attack (internal or external) on the network to find and exploit any existing vulnerability. When Kivu performs a pen test, we employ ethical hacker protocols : Typically at normal user level, in an attempt to gain admin privileges Also use social engineering and phishing Employ the tricks we ve learnt responding to the latest attacks. Objective of the pen test is to report back on: how we successfully infiltrated the vulnerabilities that allowed access how to remediate these problems (CRUCIAL)

10 Penetration Testing Pros & Cons The Good 1. Does not depend on baseline or pre-existing misconceptions by the client 2. Can be tailored to the specific industry/ sector 3. We (almost) always get in it s a good wakeup call The Bad 1. Expense 2. We (almost) always get in leading to disbelief, shock, denial 3. Requires predefined parameters and experienced operators to avoid BI

11 Endpoint Security Endpoint Detection and Response (EDR) Typically EDR tools use agents to collect multiple data sources from endpoints, and stored evidence in central database. Looking for malware (or vulnerabilities) on an endpoint device Feeding data to a SIEM (analysis tool/ dashboard)

12 Endpoint Security The Good 1. Catches attacks, especially where employees accessing Internet via workstations 2. Depending on level/time of analysis, can catch anomalous activity The Bad 1. Cascade of expense SIEM, analysis, constant review 2. Vulnerable to zero day attacks, technical changes 3. Misses threats not aimed at endpoints (e.g. credential compromise)

13 Endpoint Security Alternatives to Traditional EDR tools: 1. Agent-less scanning Tailored to catch/search specific areas Does not require baseline to identify suspicious artifacts Does not need continued maintenance System agnostic 2. Move to dummy stations/ virtualization/ third party services

14 New Generation Antivirus Signature v. Behavioral Analysis Catches the low hanging fruit Consistently fails to stop attacks including ransomware Move to tools that identify suspicious behavior (reconnaissance, exfiltration) and then work backwards to find the source. Monitoring v. Configuration

Identity & Credit Monitoring

Why Consider Identity/Credit Monitoring BEFORE a Cyber Event Occurs? 16 In the wake of the recent Equifax breach, let s consider What specific services and support are available from your preferred identity/credit monitoring service provider to affected individuals for helping them address identity theft issues in the wake of a data breach? Not all identity/credit monitoring services are created equal Consider identity/credit monitoring services - BEFORE YOU HAVE TO

Incident Response Planning

18 Wrapping it all Up with Incident Response Planning Review current digital threats to inform planning process Conduct foundational assessment of information security framework Review applicable critical security controls Identify type, location and security of sensitive data Identify key internal stakeholders for organizational response HR, Communications/Marketing, Financial, Risk/Compliance, IT, Legal, etc. Identify external resources to assist with response Outside counsel, forensics, consumer remediation, public relations, etc.

19 Wrapping it all Up with Incident Response Planning Create plan, mapped to NIST SP 800-61 Plan to test the plan Implement plan to enable applicable security controls Implement, as appropriate, continuous monitoring for vulnerabilities, and process for periodic testing of vulnerabilities Implement employee privacy and network security awareness training Implement vendor contract review process Implement proactive identity theft & credit monitoring

Questions? Adam Cottini, adam.cottini@ajg.com Kim Holmes, Kimberly.holmes@tdcspecialty.com Winston Krone, wkrone@kivuconsulting.com Sean Hoar, Sean.Hoar@lewisbrisbois.com

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback