Connect Securely in an Unsecure World. Jon Clay Director: Global Threat

Similar documents
Artificial Intelligence Drives the next Generation of Internet Security

Cyber Security Guidelines for Public Wi-Fi Networks

Measuring and Evaluating Cyber Risk in ICS Components, Products and Systems

Meeting PCI DSS 3.2 Compliance with RiskSense Solutions

Potential Mitigation Strategies for the Common Vulnerabilities of Control Systems Identified by the NERC Control Systems Security Working Group

CYBERSECURITY IN THE INDUSTRIAL INTERNET OF THINGS

Education Network Security

Welcome. Password Management & Public Wi-Fi Security. Hosted by: Content by:

Frequently Asked Questions WPA2 Vulnerability (KRACK)

TOP 10 IT SECURITY ACTIONS TO PROTECT INTERNET-CONNECTED NETWORKS AND INFORMATION

European Union Agency for Network and Information Security

CSI: VIDEO SURVEILLANCE CONVERTING THE JUGGERNAUT

LBI Public Information. Please consider the impact to the environment before printing this.

Presenter Jakob Drescher. Industry. Measures used to protect assets against computer threats. Covers both intentional and unintentional attacks.

Cyber security for digital substations. IEC Europe Conference 2017

Cyber security tips and self-assessment for business

A MULTILAYERED SECURITY APPROACH TO KEEPING HEALTHCARE DATA SECURE

Sheila Warren, VP of Alliances and General Counsel. Independent Sector Preparing to Be Hacked October 2015

Cybersecurity The Evolving Landscape

Grandstream Networks, Inc. Client Isolation Configuration Guide

EMERGING THREATS & STRATEGIES FOR DEFENSE. Paul Fletcher Cyber Security

Personal Cybersecurity

Welcome. ScrogginsGrear clients. to Cybersecurity Education Series. Password Management & Public Wi-Fi Security

Trinity Multi Academy Trust

Chapter 10: Security. 2. What are the two types of general threats to computer security? Give examples of each.

5 Tips to Fortify your Wireless Network

Cyber Security. February 13, 2018 (webinar) February 15, 2018 (in-person)

Best Practices Guide to Electronic Banking

SECURITY ON PUBLIC WI-FI New Zealand. A guide to help you stay safe online while using public Wi-Fi

Security+ SY0-501 Study Guide Table of Contents

Submitted on behalf of the DOE National SCADA Test Bed. Jeff Dagle, PE Pacific Northwest National Laboratory (509)

ISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002

Cybersecurity in Data Centers. Murat Cudi Erentürk ISACA CISA, ISO Lead Auditor Gandalf Consulting and Software Ltd.

Take Risks in Life, Not with Your Security

CYBERSECURITY RISK LOWERING CHECKLIST

Cyber Essentials Questionnaire Guidance

Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting

DHG presenter. August 17, Addressing the Evolving Cybersecurity Landscape. DHG Birmingham CPE Seminar 1

Industrial Security - Protecting productivity. Industrial Security in Pharmaanlagen

ANATOMY OF AN ATTACK!

The Internet of Everything is changing Everything

Simplify PCI Compliance

Monthly Cyber Threat Briefing

IT Security Mandatory Solutions. Andris Soroka 2nd of July, RIGA

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

Digital Health Cyber Security Centre

Achieving Cyber-Readiness through Information Sharing Analysis Organizations (ISAOs)

White Paper. Why IDS Can t Adequately Protect Your IoT Devices

Your wireless network

Summary of Cyber Security Issues in the Electric Power Sector

Blackjacking. Daniel Hoffman. Security Threats to BlackBerry Devices, PDAs, and Cell Phones in the Enterprise. Wiley Publishing, Inc.

WHITE PAPER. Secure communication. - Security functions of i-pro system s

Welcome to the Jungle: (If we act like prey, they ll act like predators)

Cybersecurity Risk Mitigation: Protect Your Member Data. Introduction

Cybersecurity Auditing in an Unsecure World

Defense-in-Depth Against Malicious Software. Speaker name Title Group Microsoft Corporation

Future Challenges and Changes in Industrial Cybersecurity. Sid Snitkin VP Cybersecurity Services ARC Advisory Group

hidden vulnerabilities

90% 191 Security Best Practices. Blades. 52 Regulatory Requirements. Compliance Report PCI DSS 2.0. related to this regulation

Hacking Demonstration. Dr John McCarthy Ph.D. BSc (Hons) MBCS

IBM Security Systems. IBM X-Force 2012 & CISO Survey. Cyber Security Threat Landscape IBM Corporation IBM Corporation

Lookout's cybersecurity predictions

ECDL / ICDL IT Security. Syllabus Version 2.0

Verizon Software Defined Perimeter (SDP).

Vulnerability Disclosure

Insider Threat Detection Including review of 2017 SolarWinds Federal Cybersecurity Survey

Segment Your Network for Stronger Security

EC-Council Certified Network Defender (CND) Duration: 5 Days Method: Instructor-Led

The following chart provides the breakdown of exam as to the weight of each section of the exam.

Introduction to Information Security Dr. Rick Jerz

HIPAA Security and Privacy Policies & Procedures

Maximum Security with Minimum Impact : Going Beyond Next Gen

SECURE USE OF IT Syllabus Version 2.0

Welcome to the CyberSecure My Business Webinar Series We will begin promptly at 2pm EDT All speakers will be muted until that time

Big Trends in IT and how they shape Security. Gerhard Eschelbeck, CTO

CISCO NETWORKS BORDERLESS Cisco Systems, Inc. All rights reserved. 1

Panelists. Moderator: Dr. John H. Saunders, MITRE Corporation

LESSONS LEARNED IN SMART GRID CYBER SECURITY

Cyber Resilience: Developing a Shared Culture. Sponsor Guide

to protect the well-being of citizens. Fairfax is also home to some Fortune 500 and large

Building an Effective Threat Intelligence Capability. Haider Pasha, CISSP, C EH Director, Security Strategy Emerging Markets Office of the CTO

Delivering Integrated Cyber Defense for the Cloud Generation Darren Thomson

PRACTICING SAFE COMPUTING AT HOME

The Key Principles of Cyber Security for Connected and Automated Vehicles. Government

Wednesday, May 16, 2018

Controlled Document Page 1 of 6. Effective Date: 6/19/13. Approved by: CAB/F. Approved on: 6/19/13. Version Supersedes:

Thanks for attending this session on April 6 th, 2016 If you have any question, please contact Jim at

Cyber Risk and Networked Medical Devices

Threat modeling of SCADA cyber attacks

align security instill confidence

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

Key Findings from the Global State of Information Security Survey 2017 Indonesian Insights

PROTECTING MANUFACTURING and UTILITIES Industrial Control Systems

SECURING YOUR HOME NETWORK

CYBERSECURITY. Recent OCR Actions & Cyber Awareness Newsletters. Claire C. Rosston

Understanding Cyber Insurance & Regulatory Drivers for Business Continuity

Aerohive and IntelliGO End-to-End Security for devices on your network

KASPERSKY ENDPOINT SECURITY FOR BUSINESS

Office 365 Buyers Guide: Best Practices for Securing Office 365

Mobility, Security Concerns, and Avoidance

Transcription:

Connect Securely in an Unsecure World Jon Clay Director: Global Threat Communications @jonlclay www.cloudsec.com

More devices More data More risks

Global Risks Landscape 2018 Source: http://www3.weforum.org/docs/wef_grr18_report.pdf

Threat Landscape in Review In the second quarter of 2018 the Trend Micro Smart Protection Network security infrastructure blocked over 11 billion threats a 1.6 billion increase from last quarter.

Number of email threats blocked Email threats made up 84% of the overall threats blocked in Q2.

Malware detections 1H 18

Home Router Data

202 SCADA HMI vulnerabilities this midyear, versus 144 for the entire previous year.

Connect Securely www.cloudsec.com

Security Vendor Support Industry Consumers Business Government Healthcare Law Enforcement Responsible disclosure Alerts, blogs, news, reports, guidance Threat Intelligence Sharing Free tools Public/Private Partnerships Threat Research Cyber Threats Vulnerabilities & Exploits Targeted Attacks AI & Machine Learning IoT OT / IIoT Cybercriminal Undergrounds Future Threat Landscape Insights to improve technology and products

Data The Foundation of AI / Machine Learning Malware and benign samples Behavior logs Statistics of File, IP, Domain Histogram, Prevalence, Distribution, etc. Honey pot emails Hosted Email Service Web URL Web page contents Exploit kits Device info & identification CVE database NetFlow logs Process behavior logs Correlated Data + In-depth Knowledge

Vulnerability Lifecycle Pre-disclosure Virtual Patch Post-disclosure Patch Vulnerability Discovered Vulnerability Privately Disclosed Vulnerability Publicly Disclosed Vulnerability Introduced Patch Available Patch Installed Patch Installed Patch Installed

Best Practices User Security Passwords Email Safety Online Safety Outside of the office Use a different password for EVERY account Use a password manager Trend Micro Password Manager LastPass 1Password Use long and complex passwords No Post-it notes under your keyboard Don t tell anyone your password(s)

Best Practices User Security Passwords Email Safety Online Safety Outside of the office Phishing awareness training Trend Micro Phish Insight Cofense KnowBe4 Use encryption

Best Practices User Security Passwords Email Safety Online Safety Outside of the office Use Two Factor Authentication Trust but verify links Minimize use of cloud file-sharing Dropbox Box Google Drive Don t overshare online

Best Practices User Security Passwords Email Safety Online Safety Outside of the office Be cautious with public Wi-Fi Keep private work conversations private Restrict remote access Close RDP ports Enforce VPN use Only necessary users

Best Practices Device Security Computers/Servers Mobile Devices Wi-fi Routers Other Devices (Printers, Copiers, Switches, Routers) Centrally managed, business grade security software Isolate payment systems Restrict access to servers Use two-factor authentication Update software/firmware regularly

Best Practices Device Security Computers/Servers Mobile Devices Wi-fi Routers Other Devices (Printers, Copiers, Switches, Routers) Enforce passwords/passcodes Install security software Use two-factor authentication Update software/firmware regularly

Best Practices Device Security Computers/Servers Mobile Devices Wi-fi Routers Other Devices (Printers, Copiers, Switches, Routers) Change default username/password Disable remote management Restrict access to specific MAC addresses Use a separate SSID for Guests Enable encryption (WPA2) Use two-factor authentication Update software/firmware regularly

Best Practices Device Security Computers/Servers Mobile Devices Wi-fi Routers Other Devices (Printers, Copiers, Switches, Routers) Change default username/password Disable remote management Restrict access to specific MAC addresses Use two-factor authentication Update software/firmware regularly

THANK YOU Jon Clay Director: Global Threat Communications @jonlclay www.cloudsec.com

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback