Cyber Criminal Methods & Prevention Techniques. By

Similar documents
Information Security Risk Strategies. By

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

Security Policies and Procedures Principles and Practices

Keys to a more secure data environment

Objectives of the Security Policy Project for the University of Cyprus

The Common Controls Framework BY ADOBE

Criminal Justice Information Security (CJIS) Guide for ShareBase in the Hyland Cloud

Education Network Security

Cyber Security Program

K12 Cybersecurity Roadmap

Cyber Security Audit & Roadmap Business Process and

SECURITY & PRIVACY DOCUMENTATION

IS Today: Managing in a Digital World 9/17/12

ENDNOTE SECURITY OVERVIEW INCLUDING ENDNOTE DESKTOP AND ONLINE

Security+ SY0-501 Study Guide Table of Contents

CCISO Blueprint v1. EC-Council

Certified Information Security Manager (CISM) Course Overview

Information Security Management System

align security instill confidence

Checklist: Credit Union Information Security and Privacy Policies

Kenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data

10 FOCUS AREAS FOR BREACH PREVENTION

CYBER SECURITY AND MITIGATING RISKS

mhealth SECURITY: STATS AND SOLUTIONS

Security Audit What Why

Managing IT Risk: What Now and What to Look For. Presented By Tina Bode IT Assurance Services

Massimo Nardone, TKK, S Security of Communication Protocols

Information Technology General Control Review

Altius IT Policy Collection

Data Security and Privacy : Compliance to Stewardship. Jignesh Patel Solution Consultant,Oracle

Digital Wind Cyber Security from GE Renewable Energy

NORTH AMERICAN SECURITIES ADMINISTRATORS ASSOCIATION Cybersecurity Checklist for Investment Advisers

CoreMax Consulting s Cyber Security Roadmap

Securing Information Systems

QuickBooks Online Security White Paper July 2017

Business continuity management and cyber resiliency

Payment Card Industry (PCI) Data Security Standard

Mark Littlejohn June 23, 2016 DON T GO IT ALONE. Achieving Cyber Security using Managed Services

Oracle Data Cloud ( ODC ) Inbound Security Policies

University of Pittsburgh Security Assessment Questionnaire (v1.7)

May 14, :30PM to 2:30PM CST. In Plain English: Cybersecurity and IT Exam Expectations

What It Takes to be a CISO in 2017

How To Establish A Compliance Program. Richard E. Mackey, Jr. SystemExperts Corporation

Introduction. Controlling Information Systems. Threats to Computerised Information System. Why System are Vulnerable?

Security Issues and Best Practices for Water Facilities

Exam : Title : Security Solutions for Systems Engineers(SSSE) Version : Demo

Securing Information Systems

CHAPTER 8 SECURING INFORMATION SYSTEMS

Information Technology Branch Organization of Cyber Security Technical Standard

Securing Information Systems

90% 191 Security Best Practices. Blades. 52 Regulatory Requirements. Compliance Report PCI DSS 2.0. related to this regulation

Cyber fraud and its impact on the NHS: How organisations can manage the risk

HITRUST CSF Assurance Program HITRUST, Frisco, TX. All Rights Reserved.

A Security Model for Space Based Communication. Thom Stone Computer Sciences Corporation

Recommendations for Implementing an Information Security Framework for Life Science Organizations

BUILDING CYBERSECURITY CAPABILITY, MATURITY, RESILIENCE

Information Security Awareness

The Honest Advantage

Changing face of endpoint security

ANATOMY OF AN ATTACK!

An ICS Whitepaper Choosing the Right Security Assessment

Protecting your data. EY s approach to data privacy and information security

Security Solutions. Overview. Business Needs

Designing and Building a Cybersecurity Program

ISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002

Nebraska CERT Conference

itexamdump 최고이자최신인 IT 인증시험덤프 일년무료업데이트서비스제공

INTELLIGENCE DRIVEN GRC FOR SECURITY

IBM Global Technology Services Provide around-the-clock expertise and protect against Internet threats.

Seqrite Endpoint Security

Choosing the Right Security Assessment

A (sample) computerized system for publishing the daily currency exchange rates

Risky Business. How Secure is Your Dealership s Information? By Robert Gibbs

Defense-in-Depth Against Malicious Software. Speaker name Title Group Microsoft Corporation

Payment Card Compliance and Challenges

CSIRT in general CSIRT Service Categories Reactive Services Proactive services Security Quality Management Services CSIRT. Brmlab, hackerspace Prague

Specialized Security Services, Inc. REDUCE RISK WITH CONFIDENCE. s3security.com

Protect Your Organization from Cyber Attacks

Controlled Document Page 1 of 6. Effective Date: 6/19/13. Approved by: CAB/F. Approved on: 6/19/13. Version Supersedes:

Chapter 4. Network Security. Part I

Altius IT Policy Collection Compliance and Standards Matrix

TEL2813/IS2820 Security Management

Juniper Vendor Security Requirements

CA Security Management

تاثیرفناوری اطالعات برسازمان ومدیریت جلسه هشتم و نهم

FFIEC Cyber Security Assessment Tool. Overview and Key Considerations

NEN The Education Network

Security Principles for Stratos. Part no. 667/UE/31701/004

AUTHORITY FOR ELECTRICITY REGULATION

Total Security Management PCI DSS Compliance Guide

Future-ready security for small and mid-size enterprises

Service. Sentry Cyber Security Gain protection against sophisticated and persistent security threats through our layered cyber defense solution

Best Practices in ICS Security for System Operators

Personal Cybersecurity

Altius IT Policy Collection Compliance and Standards Matrix

Cyber Security For Business

EXCERPT. NIST Special Publication R1. Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations

SYMANTEC: SECURITY ADVISORY SERVICES. Symantec Security Advisory Services The World Leader in Information Security

Cybersecurity Threat Modeling ISACA Atlanta Chapter Geek Week Conference

Canada Life Cyber Security Statement 2018

Transcription:

Cyber Criminal Methods & Prevention Techniques By Larry.Boettger@Berbee.com

Meeting Agenda Trends Attacker Motives and Methods Areas of Concern Typical Assessment Findings ISO-17799 & NIST Typical Remediation Costs

FBI / CSI Statistics Every Year Dollars are Lost due to Cyber Criminal Activity Greatest Loss = Proprietary Information Second Greatest Loss = Denial of Service

Elements to Protect Confidentiality Security Availability Integrity Availability

Everything is a Target Security Management Polices, Procedures & Awareness Policy Assessments Operational Framework Consulting Training & Consulting Application Vulnerability Assessments Code Reviews Application Hardening Centralized Tool Integration Centralized Monitoring Private Public Server Internal Network Vulnerability Assessments Intrusion Detection Wireless Design Consulting Intrusion Prevention Authentication & Authorization Perimeter Vulnerability Assessments Firewalls & Proxies Intrusion Detection VPN Remote Access Data Authentication Management Identity Management Data Privacy Vulnerability Assessments Intrusion Prevention Patch Management Anti-Virus & Anti-SPAM Mobile Client Security Server Hardening Authentication & Authorization

Cyber Criminals Motives Financial Rewards Politics Show Off Personal Gratification They know they can

Intruder Methods Web Site Research User Groups Email Staff Call Modems Read Trash Impersonated Someone You Trust Scan Your Systems War Drive Your Wireless

Intruder Methods Cont. Use Known and Unknown Exploits Viruses, Trojans & Worms Phishing Attack Partner Networks to Gain Access to Yours Sniff Your Traffic Brute Force Passwords Spam You Denial of Service

Most Common Items to Protect Intellectual Property Customer s s And Staff s s Privacy Confidential Data System Availability Reputation Regulatory Challenges

Assessment Benefits Roadmap Establishes Baseline Strengthens Security Provides Due Diligence Efficient Formal Audits Finds the Weak Areas

How To Identify and Prioritize Risk Holistic Approach Comprehensive reviews (infrastructure, server, application, etc.) Based on Organizational Security Policy, and taking full life cycle into account Consider people and processes, as well as technology Sensible, accessible documentation Helpful to executive decision-makers: explanation of risk in business terms Helpful to managers: project plans, prioritization of tasks Helpful to technical staff: clear standards, specific recommendations Threat Modeling Identifying assets Identifying threats Making qualitative (or quantitative) assessments of risk

Top Ten Security Risks 1. Policies & Procedures 2. Security Awareness 3. Access and Authorization 4. Patch Management 5. Mis-Configured Systems & Applications 6. Encryption & Digital Signatures 7. Incident Handling Processes 8. Disaster Recovery & Business Continuity 9. Physical Safeguards 10.Intentional Bypassing of Security Controls 1. 2. 3. 4. 5. 6. 7. 8. 9. 10.

Security Policies Communicate Your Organizations Commitment to Security Provide a Baseline and Roadmap for Security Controls Demonstrate Due Diligence All Pertinent Security Control Information Communicated Realistic Manageable Enforceable

Security Awareness A well trained user will assist your security efforts Time needs to be invested in user training A well trained user usually requires less help desk support

Access & Authorization Weak Passwords Sharing Accounts Not Enforced Easy to Exploit Prevention Strong Security Policies Utilize OS Complex Password Configuration Implement Technical Authorization, Authentication and Accounting Mechanisms (AAA) Implement Two-Factor Authentication

Patch Management Hard to Manage Less Window of Opportunity Exploits are coming too fast Can Break System Require Resources Prevention Strong Patch Management Mechanisms Automate Add Intrusion Prevention Mechanisms

Mis-Configured Systems Assure only needed or updated Services Strengthen SNMP Strings Secure Wireless Networks Remove Default Settings Filter Outgoing Access at Firewall

Encryption / Digital Signatures Protects Against: Forging Impersonation/ Spoofing Eavesdropping Intercepting Denial of Receipt or Send (Non-Repudiation)

Incident Handling Process Intrusion Prevention/Detection Anti-virus Mechanisms Logging/Auditing Strong Policies and Documentation

Disaster Recovery & Business Continuity Formal Plan Prioritized Systems Standard Backup Process Tested Backups Redundant Systems

Physical Safeguards Visitor Badges Building & Data Center Access/Monitoring Fire Prevention/Suppression & Detection UPS Testing and Load

Intentional By-Passing of Security Controls Installing Modems Wireless Networks Gotomypc or other remote access items Unauthorized Software Games, Screensavers, etc Prevention Strong Security Policies Centralized and Managed Intrusion Prevention Mechanisms Implement Network Admission Control

Importance of NIST & ISO-17799 National Institute of Standards & Technology Referenced Throughout Most Regulations Policies and Procedures Are Critical to NIST Best Practices ISO-17799 is Industry Recognized Standard for Security ISO-17799 Covers 10 Areas of Security Each ISO-17799 Area Has Individual Security Items If You Follow NIST and ISO-17799 You Would Have a Strong Security Posture and Should Pass Almost Every Audit Combine NIST 800-26 Levels and ISO-17799

ISO-17799 Covered Areas Security Policies Organizational Security Asset Classification & Control Personnel Security Physical and Environmental Security Communications & Operations Management Access Control System Development & Maintenance Business Continuity Management Compliance

NIST Legend Level 1 control objective documented in a security policy Level 2 security controls documented as procedures Level 3 procedures have been implemented Level 4 procedures and security controls are tested and reviewed Level 5 procedures and security controls are fully integrated into a comprehensive program.

ISO-17799 Graph Sample 6 Actual Practice Peer Comparison NIST Level Business Continuity 5 4 3 2 1 0 Business Continuity Management Process Business Continuity & Impact Analysis Writing & Implementing Continuity Plan Business Continuity Planning Framework Testing Maintaining & Reassessing BC Plan

Remediation Costs It is important to budget for remediation A security assessment without remediation efforts is a waste of time and money Remediation usually involves resource time and product cost It is important to budget for one time and reoccurring costs

Remediation First Steps Prioritize Risks and Remediation Steps Align Business and IT Strategies Establish Resources Internal, External, Products Establish Internal SLAs between IT and Business Units

Internet Links & Question/Answers www.gocsi.com www.sans.org www.nist.gov www.nessus.org www.insecure.org/tools.html www.berbee.com www.cisco.com www.microsoft.com www.rsa.com Thank You

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback