Boston Chapter AGA 2018 Regional Professional Development Conference Cyber Security MAY 2018

Similar documents
Enhancing the Cybersecurity of Federal Information and Assets through CSIP

THE POWER OF TECH-SAVVY BOARDS:

Technology Risk Management in Banking Industry. Rocky Cheng General Manager, Information Technology, Bank of China (Hong Kong) Limited

Designing and Building a Cybersecurity Program

National Cyber Security Operations Center (N-CSOC) Stakeholders' Conference

May 14, :30PM to 2:30PM CST. In Plain English: Cybersecurity and IT Exam Expectations

Securing Your Digital Transformation

Today s cyber threat landscape is evolving at a rate that is extremely aggressive,

PONEMON INSTITUTE RESEARCH REPORT 2018 STUDY ON GLOBAL MEGATRENDS IN CYBERSECURITY

FOR FINANCIAL SERVICES ORGANIZATIONS

Service. Sentry Cyber Security Gain protection against sophisticated and persistent security threats through our layered cyber defense solution

Canada Highlights. Cybersecurity: Do you know which protective measures will make your company cyber resilient?

align security instill confidence

Cybersecurity Risk Oversight: the NIST Framework and EU approaches

National Policy and Guiding Principles

CISO as Change Agent: Getting to Yes

CYBER SECURITY AIR TRANSPORT IT SUMMIT

Panelists. Moderator: Dr. John H. Saunders, MITRE Corporation

Cybersecurity Today Avoid Becoming a News Headline

MITIGATE CYBER ATTACK RISK

SOLUTION BRIEF HELPING BREACH RESPONSE FOR GDPR WITH RSA SECURITY ADDRESSING THE TICKING CLOCK OF GDPR COMPLIANCE

Tackling Cybersecurity with Data Analytics. Identifying and combatting cyber fraud

Six Weeks to Security Operations The AMP Story. Mike Byrne Cyber Security AMP

CYBER SOLUTIONS & THREAT INTELLIGENCE

Cyber Risks in the Boardroom Conference

RSA RISK FRAMEWORKS MAKING DIGITAL RISK MANAGEABLE

Cyber Risk Program Maturity Assessment UNDERSTAND AND MANAGE YOUR ORGANIZATION S CYBER RISK.

Achieving Cyber-Readiness through Information Sharing Analysis Organizations (ISAOs)

Protecting your data. EY s approach to data privacy and information security

SOLUTION BRIEF RSA ARCHER IT & SECURITY RISK MANAGEMENT

IT SECURITY OFFICER. Department: Information Technology. Pay Range: Professional 18

How to Develop Key Performance Indicators for Security

ICBA Summary of FFIEC Cybersecurity Assessment Tool (May 2017 Update)

DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE

SANS Top 20 CIS. Critical Security Control Solution Brief Version 6. SANS Top 20 CIS. EventTracker 8815 Centre Park Drive, Columbia MD 21045

10 Cybersecurity Questions for Bank CEOs and the Board of Directors

Presented by Ingrid Fredeen and Pamela Passman. Copyright 2017NAVEXGlobal,Inc. AllRightsReserved. Page 0

European Union Agency for Network and Information Security

THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION

CONTEMPORARY CYBER ATTACK TRENDS AND CHALLENGES DR SHASHWAT RAIZADA

Security in India: Enabling a New Connected Era

Are we breached? Deloitte's Cyber Threat Hunting

Innovation policy for Industry 4.0

May the (IBM) X-Force Be With You

External Supplier Control Obligations. Cyber Security

Securing the Internet of Things (IoT) at the U.S. Department of Veterans Affairs

Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS

EFFECTIVELY TARGETING ADVANCED THREATS. Terry Sangha Sales Engineer at Trustwave

K12 Cybersecurity Roadmap

Control Systems Cyber Security Awareness

Medical Device Cybersecurity: FDA Perspective

Ensuring System Protection throughout the Operational Lifecycle

What It Takes to be a CISO in 2017

DHS Cybersecurity: Services for State and Local Officials. February 2017

Stephanie Zierten Associate Counsel Federal Reserve Bank of Boston

December 10, Statement of the Securities Industry and Financial Markets Association. Senate Committee on Banking, Housing, and Urban Development

CYBERSECURITY FOR STARTUPS AND SMALL BUSINESSES OVERVIEW OF CYBERSECURITY FRAMEWORKS

Education Network Security

Rocky Mountain Cyberspace Symposium 2018 DoD Cyber Resiliency

Gujarat Forensic Sciences University

Security by Default: Enabling Transformation Through Cyber Resilience

Mapping Your Requirements to the NIST Cybersecurity Framework. Industry Perspective

SOLUTION BRIEF esentire Risk Advisory and Managed Prevention (RAMP)

A company built on security

SECURITY SERVICES SECURITY

Sneak Peak at CIS Critical Security Controls V 7 Release Date: March Presented by Kelli Tarala Principal Consultant Enclave Security

New Guidance on Privacy Controls for the Federal Government

Data Security and Privacy : Compliance to Stewardship. Jignesh Patel Solution Consultant,Oracle

The public sector s cybersecurity imperative

NEN The Education Network

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

Security and Privacy Governance Program Guidelines

SIEM: Five Requirements that Solve the Bigger Business Issues

Staffing Services UnderDefense your source of experienced professionals to solve security staffing challenges today

INCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Elevation of Privilege

Continuous protection to reduce risk and maintain production availability

Incident Response Services to Help You Prepare for and Quickly Respond to Security Incidents

A New Cyber Defense Management Regulation. Ophir Zilbiger, CRISC, CISSP SECOZ CEO

NEW DATA REGULATIONS: IS YOUR BUSINESS COMPLIANT?

Cybersecurity in Government

How to Underpin Security Transformation With Complete Visibility of Your Attack Surface

Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure

U.S. Customs and Border Protection Cybersecurity Strategy

INFORMATION ASSURANCE DIRECTORATE

HOSTED SECURITY SERVICES

STUDENT LEARNING OUTCOMES Beacom College of Computer and Cyber Sciences

Turning Risk into Advantage

LBI Public Information. Please consider the impact to the environment before printing this.

Cyber Protections: First Step, Risk Assessment

OUTCOME DOCUMENT OF THE INTERNATIONAL CONFERENCE ON CYBERLAW, CYBERCRIME & CYBERSECURITY

ForeScout Extended Module for Splunk

Incident Response Services

Why you should adopt the NIST Cybersecurity Framework

FFIEC Cyber Security Assessment Tool. Overview and Key Considerations

Privileged Account Security: A Balanced Approach to Securing Unix Environments

AT&T Endpoint Security

IBM Security Systems. IBM X-Force 2012 & CISO Survey. Cyber Security Threat Landscape IBM Corporation IBM Corporation

FAA Cybersecurity Test Facility (CyTF) By: Enterprise Information Security Team ANG-B31 Patrick Hyle, William J Hughes Technical Center

Digital Wind Cyber Security from GE Renewable Energy

Cyber Security Incident Response Fighting Fire with Fire

Transcription:

Boston Chapter AGA 2018 Regional Professional Development Conference Cyber Security BRANDEIS UNIVERSITY PROFESSOR ERICH SCHUMANN MAY 2018 1

Chinese military strategist Sun Tzu: Benchmark If you know your enemies and know yourself, you will not be imperiled to hundred battles if you do not know your enemies, but know yourself, you will win one battle for every battle you lose if you don not know your enemies nor yourself, you will be imperiled in every single battle Cybersecurity Is Top of Mind for Government Leaders 2

A Call to Action Increased responsibilities by managers, executives and senior management to understand and invest in cybersecurity and defend,against attacks Attackers work 24/7 to find the undefended Cybersecurity team must develop and employ diagnostically relevant tools and methods Risks in a digital economy are multi-faced and fast changing It s not a question if we will be attacked it s a question when we will be attacked According to Kaspersky lab there are 300,000 new malicious files daily Cybersecurity culture starts at the top 3

Cybersecurity Strategy Understand what you can and can not accomplish (know yourself) understand the threat landscape and analyze objectively where we stand among competitors (know your enemy) Understand statutory frameworks 4

Homeland Security Analysis 1. Cyberspace is particularly difficult to secure due to a number of factors: the ability of malicious actors to operate from anywhere in the world, the linkages between cyberspace and physical systems, and the difficulty of reducing vulnerabilities and consequences in complex cyber networks. 2. Of growing concern is the cyber threat to critical infrastructure, which is increasingly subject to sophisticated cyber intrusions that pose new risks. 3. In light of the risk and potential consequences of cyber events, strengthening the security and resilience of cyberspace has become an important homeland security mission. 5

1. Risk Identification: a) Assess Evolving Cyber risks 2. Vulnerability reduction a) Protect Federal Government Information systems b) Protect critical infrastructure 3. Threat reduction a) Prevent and disrupt criminal use of cyberspace 4. Consequence reduction a) Respond effectively to cyber incidents Homeland Security Analysis 5. Enable cybersecurity outcomes a) Strengthen the security and reliability of the cyber ecosystem b) Improve management of DHS Cybersecurity activities 6

Find it = Delete it or Protect it 7

Fifteen Most Critical Controls Security Information and Event Management (SIEM) 1. Inventory of authorized and unauthorized devices 2. Inventory of authorized and unauthorized software 3. Secure configurations for hardware and software on laptops, workstations and servers 4. Secure configurations for network devices, such as firewalls, routers and switches 5. Boundary defense 6. Maintenance, monitoring, and analysis of audit logs 7. Application software security 8. Controlled use of administrative privileges 8

Fifteen Most Critical Controls Security Information and Event Management (SIEM) 9. Controlled access on need to know base 10. Continuous vulnerability assessment and remediation 11. Account monitoring and control 12. Malware defenses 13. Limitation and controls of network ports, protocols and services 14. Wireless device controls 15. Data loss prevention 9

Key Questions Engagement in Cybersecurity Do we include cybersecurity as a core organizational risk requiring appropriate updates in our meetings? Do we have someone in the team or advising who is the focal point for this topic? Are we satisfied that the our strategies for reducing the risk of security incidents to an acceptable level are proportionate and targeted? Do key executives receive key metrics or reporting that present the current state of the security program in an objective manner? Is there a policy on securing executive packets and other sensitive material communicated to executives? If not, is there potential exposure from sharing confidential information through personal and professional email accounts and free file-sharing services that are not covered by the organizations cybersecurity infrastructure? 10

Key Questions for Executives Identifying the most important Outcomes With respect to those outcomes occurring: Do we know whether and how they are being managed? Does our security strategy differentiate them from general cybersecurity? Do we assess our threat landscape and tolerance for these matters periodically? Are we proactive in identifying and responding to new cyber threats? 11

Key Questions for Executives Do we have an Incident Response Plan Have key stakeholders supported the development of the plan appropriate to the organizations' scale, culture, applicable regulatory obligations and business objectives? Have we thought about the impact specific cyber events can have and whether management s response plan is oriented properly and supported sufficiently? Is the plan complemented by procedures providing instructions regarding actions to take in response to specific types of incidents? Do all the stakeholders for a planned response know their respective roles and responsibilities? Is it clear for which events the board should play a key role in overseeing the response efforts? Are effective incident response processes in place to reduce the occurrence, proliferation and impact of a security breach? Are we proactively and periodically evaluating and testing the plan to determine its effectiveness? For example, does management have regular simulations to determine whether the detective capabilities in place will identify the latest attack techniques? In the event of past significant breaches, have we made the required public disclosures and communicated the appropriate notifications to regulators and law enforcement in accordance with applicable laws and regulations? 12

Summary 6 Ways To Make Smart Cities Future-Proof Cybersecurity Cities 1. Prepare for the worst develop a protection strategy and emergency plans, and get outside experts to help; 2. Practice training and testing and more training and testing and simulations; 3. Automate implement a continuous adaptive protection, automate the process of detection and response, apply algorithms liberally, including AI and machine learning--based solutions; 4. Upgrade keep up with attackers new methods and tools, improve the state of hardware and software including leveraging the cloud and big data analytics and invest in elevating the skill level of the people responsible for cybersecurity defense; 5. Share raise public awareness, disclose your experiences, and exchange information with other local governments; 6. Separate and disinfect insert a virtual layer between the internal network and the internet, allowing only for sending commands and showing display windows, and make downloadable files harmless by deleting areas where programs may exist or transform them into safe data, regardless if they are malicious or not 13

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback