Information Technology Enhancing Productivity and Securing Against Cyber Attacks

Similar documents
Data Communication. Chapter # 5: Networking Threats. By: William Stalling

CTS2134 Introduction to Networking. Module 08: Network Security

CompTIA Security+ Malware. Threats and Vulnerabilities Vulnerability Management

Technology Risk Management in Banking Industry. Rocky Cheng General Manager, Information Technology, Bank of China (Hong Kong) Limited

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

Chapter 4. Network Security. Part I

Threat Control and Containment in Intelligent Networks. Philippe Roggeband - Product Manager, Security, Emerging Markets

The Common Controls Framework BY ADOBE

Florida Government Finance Officers Association. Staying Secure when Transforming to a Digital Government

Data Security and Privacy : Compliance to Stewardship. Jignesh Patel Solution Consultant,Oracle

Ethical Hacking and Prevention

Personal Cybersecurity

Chapter 10: Security. 2. What are the two types of general threats to computer security? Give examples of each.

NEW DATA REGULATIONS: IS YOUR BUSINESS COMPLIANT?

CompTIA E2C Security+ (2008 Edition) Exam Exam.

1) Are employees required to sign an Acceptable Use Policy (AUP)?

Guide to Network Security First Edition. Chapter One Introduction to Information Security

2017 Annual Meeting of Members and Board of Directors Meeting

CompTIA Security+(2008 Edition) Exam

Modern IP Communication bears risks

A (sample) computerized system for publishing the daily currency exchange rates

5. Execute the attack and obtain unauthorized access to the system.

Methods for Reducing Cybersecurity Vulnerabilities of Power Substations Using Multi-Vendor Smart Devices in a Smart Grid Environment

Accounting Information Systems

MIS5206-Section Protecting Information Assets-Exam 1

COMPUTER NETWORK SECURITY

Security Policy (EN) v1.3

e-commerce Study Guide Test 2. Security Chapter 10

TOP TEN DNS ATTACKS PROTECTING YOUR ORGANIZATION AGAINST TODAY S FAST-GROWING THREATS

DONE FOR YOU SAMPLE INTERNET ACCEPTABLE USE POLICY

Ethical Hacking and Countermeasures: Web Applications, Second Edition. Chapter 3 Web Application Vulnerabilities

Objectives of the Security Policy Project for the University of Cyprus

CoreMax Consulting s Cyber Security Roadmap

Information System Security. Nguyen Ho Minh Duc, M.Sc

What are PCI DSS? PCI DSS = Payment Card Industry Data Security Standards

DHG presenter. August 17, Addressing the Evolving Cybersecurity Landscape. DHG Birmingham CPE Seminar 1

CHAPTER 8 SECURING INFORMATION SYSTEMS

Information Technology General Control Review

Acceptable Use Policy

Securing Information Systems

The emerging battle between Cyber Defense and Cybercrime: How Technology is changing to keep Company and HR data safe

AURA ACADEMY Training With Expertised Faculty Call Us On For Free Demo

Security analysis and assessment of threats in European signalling systems?

A Review Paper on Network Security Attacks and Defences

Cyber Criminal Methods & Prevention Techniques. By

Acceptable Use Policy

FRONT RUNNER DIPLOMA PROGRAM Version 8.0 INFORMATION SECURITY Detailed Course Curriculum Course Duration: 6 months

Easy-to-Use PCI Kit to Enable PCI Compliance Audits

Protecting Against Online Fraud. F5 EMEA Webinar August 2014

Cyberspace : Privacy and Security Issues

What can we lose not implementing proper security in our IT environment? Aleksandar Pavlovic Security Account Manager Cisco

Illinois Cyber Navigator Program

CISNTWK-440. Chapter 4 Network Vulnerabilities and Attacks

ISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002

OA Cyber Security Plan FY 2018 (Abridged)

Acceptable Use Policy

CyberP3i Course Module Series

Wayward Wi-Fi. How Rogue Hotspots Can Hijack Your Data and Put Your Mobile Devices at Risk

DHS Cybersecurity. Election Infrastructure as Critical Infrastructure. June 2017

THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION

Tackling Cybersecurity with Data Analytics. Identifying and combatting cyber fraud

Getting over Ransomware - Plan your Strategy for more Advanced Threats

TARGET2-SECURITIES INFORMATION SECURITY REQUIREMENTS

QuickBooks Online Security White Paper July 2017

White Paper. Why IDS Can t Adequately Protect Your IoT Devices

Computer Network Vulnerabilities

ACS / Computer Security And Privacy. Fall 2018 Mid-Term Review

Cyber security tips and self-assessment for business

Management Frameworks

ANATOMY OF AN ATTACK!

SECURING YOUR HOME NETWORK

Security Audit What Why

Managing IT Risk: What Now and What to Look For. Presented By Tina Bode IT Assurance Services

Are You Avoiding These Top 10 File Transfer Risks?

COPYRIGHTED MATERIAL. Contents. Part I: The Basics in Depth 1. Chapter 1: Windows Attacks 3. Chapter 2: Conventional and Unconventional Defenses 51

Who Goes There? Access Control in Water/Wastewater Siemens AG All Rights Reserved. siemens.com/ruggedcom

Verizon Software Defined Perimeter (SDP).

Service Provider View of Cyber Security. July 2017

Chapter 10: Security and Ethical Challenges of E-Business

Acceptable Use Policy

10 FOCUS AREAS FOR BREACH PREVENTION

How Breaches Really Happen

Enhancing the Cybersecurity of Federal Information and Assets through CSIP

K12 Cybersecurity Roadmap

Enhancing infrastructure cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services

Jacksonville State University Acceptable Use Policy 1. Overview 2. Purpose 3. Scope

The SANS Institute Top 20 Critical Security Controls. Compliance Guide

Information Technology Security Plan Policies, Controls, and Procedures Identify Governance ID.GV

Exam : JK Title : CompTIA E2C Security+ (2008 Edition) Exam. Version : Demo

Security by Default: Enabling Transformation Through Cyber Resilience

External Supplier Control Obligations. Cyber Security

NEN The Education Network

Insider Threat Program: Protecting the Crown Jewels. Monday, March 2, 2:15 pm - 3:15 pm

Web Cash Fraud Prevention Best Practices

Cybersecurity for Health Care Providers

Kaspersky Security Network

CISSP CEH PKI SECURITY + CEHv9: Certified Ethical Hacker. Upcoming Dates. Course Description. Course Outline

Cybersecurity Panel: Cutting through Cybersecurity Hype with Practical Tips to Protect your Bank

Exposing The Misuse of The Foundation of Online Security

Computer Forensics: Investigating Network Intrusions and Cyber Crime, 2nd Edition. Chapter 3 Investigating Web Attacks

Transcription:

Information Technology Enhancing Productivity and Securing Against Cyber Attacks

AGENDA Brief Overview of PortMiami Enhancing Productivity Using Technology Technology Being Using at the Port Cyber Attacks Securing Systems Questions

PortMiami is Miami-Dade County s second most important economic engine, contributing $41.4 billion annually to the local economy and supporting more than 324,352 jobs in South Florida. Recognized as the Global Gateway. Miami s unique geographic position makes the Port easily accessible to Caribbean and Latin American markets, as well as those of Asia and Europe by way of the Panama Canel.

Enhancing Productivity Using Technology

Business Productivity Using technology to maximize your business productivity creates the platform to realize true business success. Increased business productivity can be traced to the automation of processes allowing for: faster communication of strategy increased time spent on strategic priority greater project completion rates.

Improving Efficiency Technology can help you improve the way your staff carry out tasks. This can either speed up existing processes or allow new, more flexible ways of carrying out the job. In order to work out the best technology for your needs, you should assess your current systems against your requirements.

Improving Efficiency Think about how you can: Capture relevant information in the most simple,timeefficient way. Manage your documents to ensure that information is dealat with ina logical workflow. Avoid duplication. Address technological obstacles. The best solution for your business will depend greatly on your industry. Research what your competitors or other companies in your industry are using and consider consumer technologies that are widely available.

Cyber Attacks

What are Cyber Attacks? Deliberate exploitation of computer systems, technology-dependent enterprises and networks. Cyberattacks use malicious code to alter computer code, logic or data, resulting in disruptive consequences that can compromise data and lead to cybercrimes, such as information and identity theft.

Web Threats Any threat that uses the Internet to perform some sort of malicious activity.

Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks In a DoS attack, a single attacker directs an attack against a single target, sending packets directly to the target. In a Distributed DoS (DDoS) attack, multiple PCs attack a victim simultaneously. A series of computers scan target computers to find weaknesses and then compromise the most vulnerable systems. In a DDoS attack: The attacker identifies one of the computers as the master (also known as zombie master or bot herder). The master uses zombies/bots (compromised machines) to attack. The master directs the zombies to attack the same target. The attacker is able to effectively hide his identity by being two hops away from the victim. A Distributed Reflective Denial of Service (DRDoS) uses an amplification network to increase the severity of the attack. Packets are sent to the amplification network addressed as coming from the target. The amplification network responds back to the target system.

Spoofing Used to hide the true source of packets or redirect traffic to another location Use modified source and/or destination addresses in packets. Can include site spoofing that tricks users into revealing information. IP spoofing changes the IP address information within a packet MAC spoofing is when an attacking device spoofs the MAC address of a valid host currently in the MAC address table of the switch ARP spoofing (also known as ARP poisoning) uses spoofed ARP messages to associate a different MAC address with an IP address

Wireless Networks A rogue access point is any unauthorized access point added to a network. Rogue access points can allow the unauthorized capture of credentials and other sensitive information as well as conduct phishing and man-in-the-middle attacks With wardriving, an attacker scans an area looking for available wireless networks. Packet sniffing (also known as eavesdropping, snorting, or snarfing) is the interception and possible decoding of wireless transmissions Interference is a signal that corrupts or destroys the wireless signal sent by access points and other wireless devices Although NFC transmission distances are very short, it is still susceptible to several types of malicious attacks,

Passwords Using tools to check for unencrypted or weakly encrypted passwords sent through the network. Guessing passwords by trying: Default passwords for new systems, Blank passwords, Use password as the password, Rows of letters on the keyboard (e.g., qwerty), User's name or login name, Name of significant other, Birthdate, Using social engineering to get a user to reveal the password. For example, the attacker can pretend to be an administrator that needs the user's password. Using brute force attacks. Using tools to crack passwords: Programs, such as SnadBoy's Revelation, which reveal a hidden password in clear text. Keylogging software which can capture a user's screens, clipboard data and visited Web sites in addition to logging keystrokes.

Sophistication of Attacks Difficult to distinguish an attack from legitimate traffic. Behavior, making the same attack appear differently each time Proliferation of attack Software Variety of attack tools available Scale & velocity of attacks Attacks grow to millions of computers in a matter of minutes or days

Securing Against Cyberattack

NIST National Institute of Standards & Technology Created through collaboration between industry and government, the Cybersecurity Framework consists of standards, guidelines, and practices to promote the protection of critical infrastructure. The prioritized, flexible, repeatable, and cost-effective approach of the Framework helps owners and operators of critical infrastructure to manage cybersecurity-related risk.

Protection Against Web Threats Web site/url content filtering Web threat filtering Gateway E-mail Spam blockers Virus blockers Anti-phishing software

Prevent Malware Attacks Use the latest version and patch level for the Web browser. Install the latest patches for the operating system. Install antivirus, anti-spyware, anti-rootkit, and personal firewall software. Keep definition files up-to-date. Use a pop-up blocker to prevent adware. Use software to control cookies on the system. Do regular scheduled scans to look for malware. Choose anti-malware software from a reputable company. Don't be fooled by scareware into purchasing a product that may not work.

Security Zones An intranet is a private network (LAN) that employs Internet information services for internal use only The Internet is a public network that includes all publicly available Web servers, FTP servers, and other services. An extranet is a privately-controlled network, distinct from, but located between the Internet and a private LAN A demilitarized zone (DMZ) is a network that contains publicly accessible resources.

Demilitarized Zone (DMZ) Be aware of the following DMZ facts: If the firewall managing traffic into the DMZ fails, only the servers in the DMZ are subject to compromise. The LAN is protected by default. Packet filters on the firewall allow traffic directed to the public resources inside the DMZ. Packet filters also prevent unauthorized traffic from reaching the private network. When designing the firewall packet filters, a common practice is to close all ports, opening only those ports necessary for accessing the public resources inside the DMZ. Typically, firewalls allow traffic originating in the secured internal network into the DMZ and through to the Internet. Traffic that originates in the DMZ (low security area) or the Internet (no security area) should not be allowed access to the intranet (high security area).

Firewalls A device or software running on a device that inspects network traffic and allows or blocks traffic based on a set of rules A network-based firewall inspects traffic as it flows between networks. For example, you can install a network-based firewall on the edge of your private network that connects to the Internet to protect against attacks from Internet hosts. Network-based firewalls are typically dedicated hardware devices. A host-based firewall inspects traffic received by a host. Use a host-based firewall to protect against attacks when there is no network-based firewall, such as when you connect to the Internet from a public location.

Additional Network Security Solutions A proxy server is a type of firewall that stands as an intermediary between clients requesting resources from other servers An Internet content filter is software used to monitor and restrict content delivered across the Web to an end user Network Access Control (NAC) controls access to the network by not allowing computers to access network resources unless they meet certain predefined security requirements All-in-one security appliances combine many security functions into a single device An application-aware device has the ability to analyze and manage network traffic based on the application-layer protocol that created it

Penetration Testing The attempt by an organization to circumvent security controls to identify vulnerabilities in their information systems Verifying that a threat exists Bypassing security controls Actively testing security controls Exploiting vulnerabilities

Security Management The overall security vision for an organization and the ongoing implementation and maintenance of security. Its goal is the preservation of the confidentiality, integrity, and availability of all critical and valuable assets Assess the risk Create a policy Implement the policy Train the organization on the policy Audit the plan to make sure it is working

A Security Policy Defines the overall security outlook for an organization. To be effective, the security policy must be Planned. Good security is the result of good planning. Maintained. A good security plan must be constantly evaluated and modified as needs change. Used. The most common failure of a security policy is the lack of user awareness. The most effective way of improving security is through user awareness.

Risk Management The process of identifying vulnerabilities and threats and deciding what countermeasures to take to reduce risks to an acceptable level The main objective is to reduce the risk for an organization to a level that is deemed acceptable by senior management

Manageable Network Plan Process created by the National Security Agency (NSA) to assist in making a network manageable, more defensible, and more secure The plan identifies a series of milestones for creating a manageable network plan, offers suggestions, gives crucial security tips, and provides references

Employee Management Implementation of processes to ensure that employees play a major role in protecting company assets Three important principles that should be part of every employee management decision are: The principle of least privilege specifies that an employee is granted the minimum privileges required to perform duties of the position. The principle of separation of duties specifies that for any task in which vulnerabilities exist, steps within the tasks are assigned to different positions with different management. The principle of two-man control specifies that certain tasks should be dualcustody in nature to prevent a security breach.

Employment Agreements Documents that explicitly identify the terms and conditions of employment Non-disclosure agreement (NDA) Non-compete agreement Ownership of materials agreement Data handling and classification policy Clean desk policy Acceptable use agreement Password security policy Employee monitoring agreement Exit interview cooperation agreement

Questions & Open Discussion

Michelle R. Thames

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback