Cybersecurity in Government

Similar documents
Protect Your Organization from Cyber Attacks

Are we breached? Deloitte's Cyber Threat Hunting

Enhancing the Cybersecurity of Federal Information and Assets through CSIP

Technology Risk Management in Banking Industry. Rocky Cheng General Manager, Information Technology, Bank of China (Hong Kong) Limited

Security by Default: Enabling Transformation Through Cyber Resilience

ENISA & Cybersecurity. Dr. Udo Helmbrecht Executive Director, European Network & Information Security Agency (ENISA) 25 October 2010

TOP 10 IT SECURITY ACTIONS TO PROTECT INTERNET-CONNECTED NETWORKS AND INFORMATION

Introducing Cyber Observer

CYBER RESILIENCE & INCIDENT RESPONSE

ISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002

Understanding the Changing Cybersecurity Problem

THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION

SOLUTION BRIEF esentire Risk Advisory and Managed Prevention (RAMP)

Incident Response. Tony Drewitt Head of Consultancy IT Governance Ltd

Building a Resilient Security Posture for Effective Breach Prevention

DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE

External Supplier Control Obligations. Cyber Security

DHS Cybersecurity: Services for State and Local Officials. February 2017

Boston Chapter AGA 2018 Regional Professional Development Conference Cyber Security MAY 2018

EFFECTIVELY TARGETING ADVANCED THREATS. Terry Sangha Sales Engineer at Trustwave

Managed Endpoint Defense

Rethinking Information Security Risk Management CRM002

Security Awareness Training Courses

DHS Cybersecurity. Election Infrastructure as Critical Infrastructure. June 2017

The Cyber Threat. Bob Gourley, Partner, Cognitio June 22, How we think. 1

Transforming Security from Defense in Depth to Comprehensive Security Assurance

DELIVERING SIMPLIFIED CYBER SECURITY JOURNEYS

Cybersecurity, safety and resilience - Airline perspective

Cybersecurity and Hospitals: A Board Perspective

DHS Election Task Force Updates. Geoff Hale, Elections Task Force

locuz.com SOC Services

The University of Queensland

CTI Capability Maturity Model Marco Lourenco

GDPR Update and ENISA guidelines

DATA SHEET RSA NETWITNESS PLATFORM PROFESSIONAL SERVICES ACCELERATE TIME-TO-VALUE & MAXIMIZE ROI

Gujarat Forensic Sciences University

Reinvent Your 2013 Security Management Strategy

GDPR: Get Prepared! A Checklist for Implementing a Security and Event Management Tool. Contact. Ashley House, Ashley Road London N17 9LZ

NOTHING IS WHAT IT SIEMs: COVER PAGE. Simpler Way to Effective Threat Management TEMPLATE. Dan Pitman Principal Security Architect

Protecting productivity with Industrial Security Services

Data Security and Privacy : Compliance to Stewardship. Jignesh Patel Solution Consultant,Oracle

Choosing the Right Cybersecurity Assessment Tool Michelle Misko, TraceSecurity Product Specialist

Monthly Cyber Threat Briefing

Defending Our Digital Density.

Presented by Ingrid Fredeen and Pamela Passman. Copyright 2017NAVEXGlobal,Inc. AllRightsReserved. Page 0

Advanced Endpoint Protection

Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

POSTMARKET MANAGEMENT OF CYBERSECURITY IN MEDICAL DEVICES FINAL GUIDANCE MARCH 29, TH ANNUAL MEDICAL DEVICE QUALITY CONGRESS

European Union Agency for Network and Information Security

The GenCyber Program. By Chris Ralph

CYBERSECURITY MATURITY ASSESSMENT

IoT & SCADA Cyber Security Services

2018 WTA Spring Meeting Are You Ready for a Breach? Troy Hawes, Senior Manager

NEW DATA REGULATIONS: IS YOUR BUSINESS COMPLIANT?

FDA & Medical Device Cybersecurity

eguide: Designing a Continuous Response Architecture 5 Steps to Reduce the Complexity of PCI Security Assessments

Featured Articles II Security Research and Development Research and Development of Advanced Security Technology

Innovation policy for Industry 4.0

COMESA CYBER SECURITY PROGRAM KHARTOUM, SUDAN

Information Security Controls Policy

White Paper. Why IDS Can t Adequately Protect Your IoT Devices

HOSTED SECURITY SERVICES

CYBER SECURITY AIR TRANSPORT IT SUMMIT

ANATOMY OF AN ATTACK!

Critical Infrastructure Protection (CIP) as example of a multi-stakeholder approach.

whitepaper How to Measure, Report On, and Actually Reduce Vulnerability Risk

RSA INCIDENT RESPONSE SERVICES

Six Weeks to Security Operations The AMP Story. Mike Byrne Cyber Security AMP

Securing Your Digital Transformation

Medical Device Cybersecurity: FDA Perspective

Cyber Security and Data Protection: Huge Penalties, Nowhere to Hide

2016 Nationwide Cyber Security Review: Summary Report. Nationwide Cyber Security Review: Summary Report

Sage Data Security Services Directory

Itu regional workshop

PONEMON INSTITUTE RESEARCH REPORT 2018 STUDY ON GLOBAL MEGATRENDS IN CYBERSECURITY

Cybersecurity in the Age of Government Regulation

Software & Supply Chain Assurance: Enabling Enterprise Resilience through Security Automation, Software Assurance and Supply Chain Risk Management

Ransomware A case study of the impact, recovery and remediation events

Cybersecurity Auditing in an Unsecure World

Greg Garcia President, Garcia Cyber Partners Former Assistant Secretary for Cyber Security and Communications, U.S. Department of Homeland Security

C T I A CERTIFIED THREAT INTELLIGENCE ANALYST. EC-Council PROGRAM BROCHURE. Certified Threat Intelligence Analyst 1. Certified

SAP Cybersecurity Solution Brief. Objectives Solution Benefits Quick Facts

Securing Dynamic Data Centers. Muhammad Wajahat Rajab, Pre-Sales Consultant Trend Micro, Pakistan &

Emerging Issues: Cybersecurity. Directors College 2015

RiskSense Attack Surface Validation for IoT Systems

Critical Hygiene for Preventing Major Breaches

T-SURE VIGILANCE CYBER SECURITY OPERATIONS CENTRE

David Fletcher Co-Principal Investigator Western Management & Consulting LLC Albuquerque, NM

How to Underpin Security Transformation With Complete Visibility of Your Attack Surface

Water Information Sharing and Analysis Center

Cyber Security For Utilities Risks, Trends & Standards. IEEE Toronto March 22, Doug Westlund Senior VP, AESI Inc.

BHConsulting. Your trusted cybersecurity partner

Cyber Risk Program Maturity Assessment UNDERSTAND AND MANAGE YOUR ORGANIZATION S CYBER RISK.

Business continuity management and cyber resiliency

A Methodology to Build Lasting, Intelligent Cybersecurity Programs

cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services

The trouble with referees is that they know the rules, but they do not know the game.

SIEMLESS THREAT DETECTION FOR AWS

Symantec Advanced Threat Protection: Endpoint

Transcription:

Cybersecurity in Government Executive Development Course: Digital Government Ng Lup Houh, Principal Cybersecurity Specialist Cybersecurity Group 03 April 2018

Agenda Cyber Threats & Vulnerabilities Cyber Security & Risk Mitigation Proactive & Holistic Cybersecurity: GovTech s Approach Disrupting the Kill Chain: Internet Surfing Separation (ISS) Conclusion Copyright of GovTech Not to be reproduced unless with explicit consent by GovTech.

Cyber Threats & Vulnerabilities

4 Copyright of GovTech Not to be reproduced unless with explicit consent by GovTech.

Anatomy of an Attack 5 Copyright of GovTech Not to be reproduced unless with explicit consent by GovTech. Source: NEC

Cyber Kill Chain Source: Lockheed Martin 6 Copyright of GovTech Not to be reproduced unless with explicit consent by GovTech.

7 Increased Attack Surface Weak Defences

8 Copyright of GovTech Not to be reproduced unless with explicit consent by GovTech.

9

Recent Trend Hardware Vulnerabilities Applications Operating System (OS) Kernel Mainboard (Hardware) CPU TPM AMT ME 10

Addressing Vulnerabilities can be Costly Vulnerability Infineon TPM vulnerability to ROCA Affected Component Initial Exploit OS Patch? TPM Local Yes - workaround Manual Intel ME / AMT CPU Chipset Local No Manual Meltdown & Spectre Micro-processor Local & Remote Yes - workaround Full remediation Some Manual 11

Meltdown & Spectre Vulnerabilities : Basic security function of microprocessor is to restrict access to memory areas e.g. normal programs cannot read system memory. To enhance performance, modern microprocessors use system memory to: run instructions concurrently ( Out-of-order Execution ) guess and perform next set of instructions beforehand ( Speculative Execution ) : Security checks are not done. This allows malicious programs to read sensitive data from restricted memory areas such as system memory (Meltdown) and through other programs (Spectre) : Attacker can compromise and access sensitive data such as user and password information. For Spectre, attacker can remotely exploit the computer through user s browser using web-based attack to access sensitive data. 12

Rapid rise in exploit attempts 13 Copyright of GovTech FOR INTERNAL USE ONLY

Scale / Sophistication Continued Growth of Cyber attacks High Threat Actors Present day Cyber attack is a natural consequence of being connected to the global cyberspace. We have a asymmetric problem at hand, where the defender require significantly more resources compared to an attacker. Cyber Defenders Examples of attacks increasing in scale and sophistication: DDoS Attacks Low Threats begin to overwhelm you Phishing Attacks Ransomware Past Future 14

Cyber Security & Risk Mitigation

High level of Maturity Track technology change & continual improvement

Adaptive Security, Continuous Assessment Continuous Adaptive Risk & Trust Assessment (CARTA) Gartner 2017

Mapping Tech to Assets & Capabilities

Proactive & Holistic Cybersecurity: GovTech s Approach

3 main functions As a sector lead for the Government, GovTech has 3 main functions: 1. Governance - to develop ICT security policies, standards and implement oversight initiatives to assess ICT security-related implementations across government agencies 2. Consulting - to provide technical subject matter expert support for key ICT projects and to key decision-making fora such as egov Council and Committee of Permanent Secretaries 3. Cyber Security Operations - to perform operational cyber security functions that include cyber intelligence, network monitoring, intrusion detection, threat hunting, incident response and security analytics 21 Copyright of GovTech Not to be reproduced unless with explicit consent by GovTech.

Cyber Security Framework Prepare 5 enablers cutting across Learn Prevent 5 phases Respond Detect Technology

Stakeholders IT Professionals Needs to ensure that security concerns are addressed. To ensure that applications are secure by design. Security Specialists To promote a security by design mindset in app development. To test and ensure that applications are well secured and compliant to security policies. End Users Needs to be adequately trained and made aware of the threats in cyberspace. To report on potential security breaches or suspicious events.

Security by Design 5. Testing Penetration Test. Security Acceptance Test. Vulnerability Assessment. 4. Deployment 4 5 Requirements Gathering 1 Security 2 1. Requirements Gathering Risk based security policies, Mandatory security requirements. 2. Design To adopt industry best practices and established standards for security controls. e.g. NIST 800, ISO 27002, CIS Critical Controls. Separation of Staging and Production environments. Automated Security Testing within Continuous Integration. 3 3. Construction Static Application Security Testing. Implement secure coding practices.

Coping with the trend Quantity The tipping point where the cyber attacks start to overwhelm you. Re-Architect Reduce Exposure Technology Train Retain Time

Email Signature User Awareness JAGA - Our cybersecurity ambassador A3 Size Posters

The Balance Security Optimising the cost-benefit tradeoff while ensuring ease of use Cost Usability Copyright of GovTech 27 Not to be reproduced unless with explicit consent by GovTech.

Disrupting the Kill Chain: Internet Surfing Separation (ISS)

Top 3 attack vectors Internet Surfing Unsecured Deployment Internet Emails ISS Audit Email Filtering Penetration Test End point security

Overview of ISS Email & Intranet Internet Surfing Other Internet Services Agency notebook containing classified documents Internet enabled notebook containing non-classified documents

Disrupting the Kill Chain ISS was the single most effective measure is to separate Internet surfing (main exfiltration channel) from the Government ICT infrastructure.

Change Management Management-led approach Communications Early Planning and Pilot Testing Lead by example Champion the change Active engagement and support Reinforce that cyber threats are real Address user needs and concerns Communicate device allocation policies Re-assure users on the availability of alternative solutions Supported by Phased approach Getting ready early the infrastructure, applications and devices (size correctly) Pilot testing to minimise disruption IT Professionals & Project Managers Corporate Communications Security Specialists Engage agency key stakeholders. Oversee and track implementation progress. Facilitate agencies with implementation. Dispel any miscommunication or myths. Communicate new policies and behavioral expectations. Communicate the availability of allocated solutions. Advise on current threat landscape. Ensure that security solutions are designed and implemented correctly.

End User Experience End users MUST be clear on what is classified information and what is not. Internet enabled devices MUST be clearly labelled. End users MUST be well trained on cyber hygiene practices.

Conclusion

Holistic Security 1. Today s threats are growing in scale and sophistication. Prepare 2. We need to think about security holistically. e.g. across 5 phases. Learn Prevent 3. This includes the cooperation of IT Professionals, Security Specialists and End Users to address them. Respond Detect Technology 35

Cybersecurity is an Enabler 36 Copyright of Copyright GovTech of GovTech Not to be Not reproduced to be reproduced unless with unless explicit with explicit consent consent by GovTech. by GovTech.

Thank you

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback