Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Getting Down To Business:
Implementing Effective & Sustainable
Cybersecurity Postures
Your speakers today
@FengminGong
Co-Founder & Chief Strategy Officer
Shel Sharma
Product Marketing Director
Agenda
o Obama Executive Order
o Cybersecurity Framework 1.0
o Time To GSD
o Overcome 5 Top Road Blocks
o Q&A
CyphortLabsT...
We monitor threats & help
customers
______
24X7 monitoring for
malware events
________
Assist customers with
their forensi...
o Obama’s Executive Order 13636, February 12, 2013
o Call to action “Improving Critical Infrastructure Cybersecurity”
o Cr...
You Can Be The Weakest Link To Cybersecurity!
o With the connected world, everything is critical to
threat penetration, fr...
NIST Cybersecurity Framework 1.0
o NIST spear-headed joint government-
private effort
o Framework meant for voluntary foll...
From Board Visibility 2 GSD!
Business risks
CEO/CISO accountability
“5 headcounts, take care
of it for me!”
What are our c...
Clarity: Be Thoughtful, Be Logical
Risk Mgmt Cycle Government Businesses Tool Vendors Netizens
Identify objectives Foster good
behaviors
Priority & Objective...
Top 5 Potential Road Blocks
1. Understand business specific risks
2. Plan for complete threat mitigation cycle
3. Anticipa...
Understand Your Business Risks
o Different threats, different priorities
o OPM – personnel records
o Health care – patient...
Plan For Full Mitigation Cycle
o Watch for attacks at all stages of kill chain
o Monitor all access paths to your protecte...
Focus On Dealing With Consequences
o “Consequence Focus” forces clarity on objectives
o Stopping an BO exploit against the...
Your Plan, Your Choice
o What’s missing from your tools?
o Timely, relevant and specific detection
o Prioritized ready-to-...
Prepare For The Worst
o Don’t plan for “Armageddon” or “Singularity”
o Plan for the worst you can handle
o Privileged user...
Any Questions?
Thank You!
Previous MMW slides on
http://cyphort.com/labs/
malwares-wanted/
Cybersecurity 5 road_blocks
Upcoming SlideShare
Loading in …5
×

Cybersecurity 5 road_blocks

755 views

Published on

NIST Cybersecurity Framework is a good starting point for many enterprises to harden their security posture against advanced threats. In this webinar, we will share the major take-aways from the framework. More importantly, we will explain the 5 critical factors in implementing cybersecurity defense, and how to handle them with best practice.

Published in: Technology
  • Be the first to comment

Cybersecurity 5 road_blocks

  1. 1. Getting Down To Business: Implementing Effective & Sustainable Cybersecurity Postures
  2. 2. Your speakers today @FengminGong Co-Founder & Chief Strategy Officer Shel Sharma Product Marketing Director
  3. 3. Agenda o Obama Executive Order o Cybersecurity Framework 1.0 o Time To GSD o Overcome 5 Top Road Blocks o Q&A CyphortLabsT-shirt
  4. 4. We monitor threats & help customers ______ 24X7 monitoring for malware events ________ Assist customers with their forensics and Incident Response We enhance malware detection accuracy ________ False positives/negatives ________ Deep-dive research & technology prototyping We work with security ecosystem ________ Best practice for cyber defense ________ Actionable threat intelligence
  5. 5. o Obama’s Executive Order 13636, February 12, 2013 o Call to action “Improving Critical Infrastructure Cybersecurity” o Critical Infrastructure: “systems and assets, whether physical or virtual, so vital to the United States that the incapacity or destruction of such systems and assets would have a debilitating impact on security, national economic security, national public health or safety, or any combination of those matters.”
  6. 6. You Can Be The Weakest Link To Cybersecurity! o With the connected world, everything is critical to threat penetration, from retail stores, to government, to IoT devices! o RSA Secure Token breach via HR employee o Target breach via HVAC contractor access o OPM breach via contractors (USIS & KeyPoint) o Jeep Cherokee via (Sprint cellular + Harman Kardon Uconnect 8.4N/RA4 radio)
  7. 7. NIST Cybersecurity Framework 1.0 o NIST spear-headed joint government- private effort o Framework meant for voluntary following o Advocate best approach to managing cybersecurity risks in the face of advanced threats and evolving IT & ICS infrastructure
  8. 8. From Board Visibility 2 GSD! Business risks CEO/CISO accountability “5 headcounts, take care of it for me!” What are our crown jewels, where? What’s the most urgent? Who/where are our threat sources? What tools are most effective for our needs? “We need to implement a solution to manage the risks for today and ongoing, with grace!” Process, tools, operations
  9. 9. Clarity: Be Thoughtful, Be Logical
  10. 10. Risk Mgmt Cycle Government Businesses Tool Vendors Netizens Identify objectives Foster good behaviors Priority & Objective Business asset & IT integration Privacy & Security awareness Protect assets Encourage best practices Proactive Posture Kill chain & impact delineation Practice security Detect incidents Promote sound approaches Visibility: attack surface & threat vector Deployment flexibility & scale Follow policy Respond to incidents Compel business responsibility Time to containment & resolution Workflow automation, API Follow policy Recover from breaches Compel stronger consumer protection Time to restoration Context aware & forensics Follow policy Defensive Stake Holders And Roles
  11. 11. Top 5 Potential Road Blocks 1. Understand business specific risks 2. Plan for complete threat mitigation cycle 3. Anticipate to deal with consequences 4. Ask for ready-to-take mitigation options 5. Prepare for the worst-case recovery
  12. 12. Understand Your Business Risks o Different threats, different priorities o OPM – personnel records o Health care – patient records o Financial – client records, transaction system o Design house – blueprint, schematics o Internet service provider – customer account info o Where others failed o Compliance as the ends instead of means
  13. 13. Plan For Full Mitigation Cycle o Watch for attacks at all stages of kill chain o Monitor all access paths to your protected assets o Spectacular failures o RSA attack combined flash 0day+spear-phishing o Mr. Snowden went directly for exfiltration o OPM attack opted USIS & KeyPoint as stepping stones o Ashley Madison hack likely with insider involvement Exploit Download Install Exfiltrate
  14. 14. Focus On Dealing With Consequences o “Consequence Focus” forces clarity on objectives o Stopping an BO exploit against the file server is neither sufficient nor necessary for stopping code theft on the server o Need multi-prone: protect, detect, respond, and recover o Murphy’s law also holds for “prevention” o Others’ failure, your gain o “Deploy and forget” IPS defense does not work o Think what you can protect, detect, respond, and recover!
  15. 15. Your Plan, Your Choice o What’s missing from your tools? o Timely, relevant and specific detection o Prioritized ready-to-take actions o Ecosystem friendly tools o Some example failures o Firewalls will block IP/port/Apps, if you tell them “what exactly” o IPS/SWG will block a communication/URL, if you tell them so o AV will quarantine or even clean up an endpoint, if it were able to spot most of malware
  16. 16. Prepare For The Worst o Don’t plan for “Armageddon” or “Singularity” o Plan for the worst you can handle o Privileged user gets infected by RAT malware o Unauthorized access to your source repository o Cryptolocker infection on file share server o Some well-known lessons o No worst consideration o No robust backup/restore practice for server or endpoints o No compartmentization or isolation control o No least-privilege practice
  17. 17. Any Questions?
  18. 18. Thank You! Previous MMW slides on http://cyphort.com/labs/ malwares-wanted/

×