DHG presenter. August 17, Addressing the Evolving Cybersecurity Landscape. DHG Birmingham CPE Seminar 1

Similar documents
Cybersecurity The Evolving Landscape

Assessing Your Incident Response Capabilities Do You Have What it Takes?

Cybersecurity Threat Modeling ISACA Atlanta Chapter Geek Week Conference

Cybersecurity What Companies are Doing & How to Evaluate. Miguel Romero - NAIC David Gunkel & Dan Ford Rook Security

Agenda. Security essentials. Year in review. College/university challenges. Recommendations. Agenda RSM US LLP. All Rights Reserved.

Cybersecurity Today Avoid Becoming a News Headline

Cybersecurity Auditing in an Unsecure World

Cyber Insurance: What is your bank doing to manage risk? presented by

Today s Security Threats: Emerging Issues Keeping CFOs Up at Night Understanding & Protecting Against Information Security Breaches

Cybersecurity A Regulatory Perspective Sara Nielsen IT Manager Federal Reserve Bank of Kansas City

2017 Annual Meeting of Members and Board of Directors Meeting

CYBER SECURITY WORKSHOP NOVEMBER 2, Anurag Sharma [CISA, CISSP, CRISC] Principal Cyber & Information Security Services

Personal Cybersecurity

Background FAST FACTS

Tackling Cybersecurity with Data Analytics. Identifying and combatting cyber fraud

2018 WTA Spring Meeting Are You Ready for a Breach? Troy Hawes, Senior Manager

INCIDENT RESPONDER'S FIELD GUIDE INCIDENT RESPONDER'S INCIDENT RESPONSE PLAN FIELD GUIDE LESSONS FROM A FORTUNE 100 INCIDENT RESPONSE LEADER

Effective Strategies for Managing Cybersecurity Risks

Cybersecurity Conference Presentation North Bay Business Journal. September 27, 2016

Business continuity management and cyber resiliency

Protecting your next investment: The importance of cybersecurity due diligence

10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS

Choosing the Right Cybersecurity Assessment Tool Michelle Misko, TraceSecurity Product Specialist

What It Takes to be a CISO in 2017

Cybersecurity and Nonprofit

Security Breaches: How to Prepare and Respond

Understanding the Changing Cybersecurity Problem

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

Cyber Security in M&A. Joshua Stone, CIA, CFE, CISA

ISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002

Florida Government Finance Officers Association. Staying Secure when Transforming to a Digital Government

112 th Annual Conference May 6-9, 2018 St. Louis, Missouri

HIPAA 2017 Compliancy Group, LLC

Cybersecurity Risk Mitigation: Protect Your Member Data. Introduction

CCISO Blueprint v1. EC-Council

Balancing Compliance and Operational Security Demands. Nov 2015 Steve Winterfeld

CISO as Change Agent: Getting to Yes

Ransomware A case study of the impact, recovery and remediation events

2018 Data Security Incident Response Report Building Cyber Resilience: Compromise Response Intelligence in Action

Cyber Liability Preventive Services & Tools Specific & Pre-Emptive Considerations BEFORE the Inevitable Cyber Event.

SECURITY & PRIVACY DOCUMENTATION

University of Pittsburgh Security Assessment Questionnaire (v1.7)

Getting over Ransomware - Plan your Strategy for more Advanced Threats

10 FOCUS AREAS FOR BREACH PREVENTION

Cybersecurity for Service Providers

You ve Been Hacked Now What? Incident Response Tabletop Exercise

Cybersecurity Protecting your crown jewels

Baker Tilly refers to Baker Tilly Virchow Krause, LLP, an independently owned and managed member of Baker Tilly International.

FFIEC Cyber Security Assessment Tool. Overview and Key Considerations

Enhancing the Cybersecurity of Federal Information and Assets through CSIP

SOLUTION BRIEF esentire Risk Advisory and Managed Prevention (RAMP)

ANATOMY OF AN ATTACK!

Ransomware A case study of the impact, recovery and remediation events

The Cyber War on Small Business

DFARS Compliance. SLAIT Consulting SECURITY SERVICES. Mike D Arezzo Director of Security Services. SLAITCONSULTING.com

Addressing the elephant in the operating room: a look at medical device security programs

Site Data Protection (SDP) Program Update

INCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Data Theft

ICBA Summary of FFIEC Cybersecurity Assessment Tool (May 2017 Update)

Combating Cyber Risk in the Supply Chain

Must Have Items for Your Cybersecurity or IT Budget in 2018

The Common Controls Framework BY ADOBE

Incident Response Table Tops

Healthcare HIPAA and Cybersecurity Update

SOC 2 examinations and SOC for Cybersecurity examinations: Understanding the key distinctions

Cyber Security Updates and Trends Affecting the Real Estate Industry

TRUE SECURITY-AS-A-SERVICE

Presented by Ingrid Fredeen and Pamela Passman. Copyright 2017NAVEXGlobal,Inc. AllRightsReserved. Page 0

Sage Data Security Services Directory

10 Cybersecurity Questions for Bank CEOs and the Board of Directors

June 2 nd, 2016 Security Awareness

2018 IT Priorities: Cybersecurity, Cloud Outsourcing & Risk Management. Follow Along

Managing Cybersecurity Risk

FTA 2017 SEATTLE. Cybersecurity and the State Tax Threat Environment. Copyright FireEye, Inc. All rights reserved.

ACM Retreat - Today s Topics:

How do you track devices that have been approved for use? Are you automatically alerted if an unapproved device connects to the network?

Gujarat Forensic Sciences University

Take Risks in Life, Not with Your Security

Technology Risk Management in Banking Industry. Rocky Cheng General Manager, Information Technology, Bank of China (Hong Kong) Limited

InfoSec Risks from the Front Lines

Cybersecurity. Overview. Define Cyber Security Importance of Cyber Security 2017 Cyber Trends Top 10 Cyber Security Controls

2018 GLOBAL CHANNEL PARTNER SURVEY THYCOTIC CHANNEL PARTNER SURVEY REPORT

Background FAST FACTS

HOSTED SECURITY SERVICES

TOP 10 IT SECURITY ACTIONS TO PROTECT INTERNET-CONNECTED NETWORKS AND INFORMATION

Jeff Wilbur VP Marketing Iconix

Cyber Security. Our part of the journey

K12 Cybersecurity Roadmap

Protect Your Endpoint, Keep Your Business Safe. White Paper. Exosphere, Inc. getexosphere.com

IoT & SCADA Cyber Security Services

MANAGING CYBER RISK: THE HUMAN ELEMENTS OF CYBERSECURITY

UPDATE: HEALTHCARE CYBERSECURITY & INCIDENT RESPONSE Lindsay M. Johnson, Esq. Partner, Freund, Freeze & Arnold, LPA

SOC-2 Requirement Solution Brief. EventTracker 8815 Centre Park Drive, Columbia MD SOC-2

Achieving Cyber-Readiness through Information Sharing Analysis Organizations (ISAOs)

CYBER RESILIENCE & INCIDENT RESPONSE

Exploring Emerging Cyber Attest Requirements

Cyber Security. The Question of the Day. Sylint Group, Inc. How did we come up with the company name Sylint and what does it mean?

What can we lose not implementing proper security in our IT environment? Aleksandar Pavlovic Security Account Manager Cisco

PCI DSS Addressing Cyber-Security Threats. ETCAA June Gabriel Leperlier

to Enhance Your Cyber Security Needs

Transcription:

Addressing the Evolving Cybersecurity Tom Tollerton, CISSP, CISA, PCI QSA Manager Cybersecurity Advisory Services DHG presenter Tom Tollerton, Manager DHG IT Advisory 704.367.7061 tom.tollerton@dhgllp.com Leader in Cybersecurity Advisory Services 12+ years cybersecurity experience Credentials: CISSP, CISA, PCI QSA Focus: Cybersecurity and privacy audits, PCI compliance audits, SOC 1 & 2 examinations, cyber forensics investigations DHG Birmingham CPE Seminar 1

agenda Cybersecurity Threat Environment Case Studies Takeaways Cybersecurity Threat Environment DHG Birmingham CPE Seminar 2

costs of a breach Forensic Investigation Regulatory or Industry Fines/Penalties Brand Damage What s on the Line? Vulnerability Remediation (Capital Cost) Fraudulent Transactions Civil Litigation trends in cybersecurity In over half of successful breaches, attackers can compromise an organization within minutes 60% of attacks target small and medium-sized organizations Average time to discover a breach: > 200 days Average cost of a data breach: $4 million 1 1 IBM 2016 Cost of Data Breach Study - United States DHG Birmingham CPE Seminar 3

top vulnerabilities The initial exploit is typically simple and easy to avoid. Poor user awareness Weak and default passwords Missing security patches and/or anti-malware Poorly configured devices Poor monitoring/alerting evolving modes of attack Compromising weak vendors Anti-forensic tools and techniques Extortion vs. Exfiltration IoT and botnets Social engineering Phishing Social media DHG Birmingham CPE Seminar 4

commoditization of malware Malware Markets Cost Effective Guaranteed Results commoditization of malware Malware-as-a-Service - All-inclusive packages Rent infrastructure! DHG Birmingham CPE Seminar 5

Case Studies case study 1 man in the middle attack Weak passwords and lack of encryption lead to capture of sensitive information over the wire Example of poor configuration DHG Birmingham CPE Seminar 6

case study 2 social engineering Sophisticated email phishing attack deceives authorized finance manager into wiring over $50,000 Example of lack of threat awareness by critical personnel Virtually impossible to recover lost funds case study 2 social engineering (data theft) Source: krebsonsecurity.com Phishing attempts to steal employee W-2s during tax filing season Sophisticated tactics make the attacks appear innocuous DHG Birmingham CPE Seminar 7

case study 3 - ransomware ransomware - continued #1 CYBER THREAT TO BUSINESSES IN 2017 Simple business model Extortion vs. exfiltration Easy to acquire and deploy Multiple variants difficult to trace and block Becoming more sophisticated DHG Birmingham CPE Seminar 8

ransomware - continued ransomware outbreak scenario Scenario: Internal user clicks phishing link; authorizes installation of CryptoLocker Ransom =.5 BTC ($817.48) $817.48 * 20 = $16,349.60 $817.48 * 100 = $81,748 DHG Birmingham CPE Seminar 9

malware how is it getting in? Phishing Emails: malware how is it getting in? Infected websites: DHG Birmingham CPE Seminar 10

malware how is it getting in? Social Media: Takeaways DHG Birmingham CPE Seminar 11

to-do s easy wins 1. Block Malware Keep Windows patches up-to-date Ensure consistent antimalware is installed on all systems/kept up-todate 2. Use Strong Passwords Change periodically Use eight characters with complexity Don t reuse passwords Use a password manager to-do s easy wins 4. Consistent System Configurations Remove administrative privileges White-list authorized applications 5. Encrypt sensitive data Especially laptops and removable media 6. Back Up Sensitive Data Know what your valuable data is and where it is Offline backups DHG Birmingham CPE Seminar 12

NIST Cybersecurity Framework NIST Cybersecurity Framework Identify - Organizational Understanding of Cyber Risk & Business Context - Identification: - Data types & location - Threats - Vulnerabilities - Strategic Focus & Prioritization DHG Birmingham CPE Seminar 13

NIST Cybersecurity Framework Protect - Develop & Implement Appropriate Safeguards - Limit & Contain Impact of Cyber Events - Physical, Technical, Administrative Security Controls NIST Cybersecurity Framework Detect - Monitoring & Event Logging Functions - Automated Systems Common - Requires Customization to Limit False Positives DHG Birmingham CPE Seminar 14

NIST Cybersecurity Framework Respond - Strong Response Capabilities Contain Impact - Clearly Defined Roles & Responsibilities - Establishes Appropriate Communications Channels NIST Cybersecurity Framework Recover - Plans and Activities to Restore Business Services - Determines an Organization s Resilience DHG Birmingham CPE Seminar 15

AICPA Cybersecurity Update aicpa soc suite of services Purpose Use of Report Report Detail SOC 1 SOC 2 SOC 3 SOC for CRMF Report on controls relevant to financial reporting Report on Controls related to Trusted Service Principles (TSP) Report on Controls related to compliance and operations Report on Controls related to enterprise cyber risk management Restricted Restricted General Users Restricted Testing Detail Included Testing Detail Included Guidance SSAE 18 AT 101, Trust Service Principles Testing Detail Not Included AT 101, Trust Service Principles Testing Detail Not Included SSAE 18, Description criteria DHG Birmingham CPE Seminar 16

SOC report for cybersecurity risk management What is it? New guidance for examination and reporting of an organization s cybersecurity risk management program Why is this needed? AICPA is responding to requests for an independent, industry agnostic assessments of how cybersecurity risk is handled by an organization Who is this for? Boards of directors Investors Key stakeholders SOC report for cybersecurity risk management Clarifications How does it differ from other SOC reports? Does it replace other frameworks? Integration of other compliance requirements? Structure Description Assertion Opinion Description Criteria 9 control categories addressing key risk areas DHG Birmingham CPE Seminar 17

DHG Cybersecurity Capabilities DHG cybersecurity services Cybersecurity Risk Assessments Payment Card Industry (PCI) Assessments SOC 1 and 2 Examinations Penetration Testing and Vulnerability Scanning Security Policy Development Assistance Social Engineering Assessments Digital Forensics & Incident Response DHG Birmingham CPE Seminar 18

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback