2. ISSA LOS ANGELES
Join Our Community
Issala.org
Twitter: @issala
LinkedIn: ISSA Los Angeles Chapter Networking
Facebook: Information Systems Security
Association (ISSA) Los Angeles Chapter
Have drinks with us
3. ISSA LOS ANGELES
Come to our monthly meetings
• Next meeting is June 17 at Taix French
Restaurant in Echo Park at 11:30am
We have dinner meetings: July 15 and Sept 16
Holiday Party with OWASP December 16th
Join our CISO Forum
Join us at sporting events
4. WHAT DID WE LEARN TODAY?
Breaches are Occurring Everywhere in Every Industry
Phishing Attacks are Multiplying and are Now the
Preferred Method of Infiltration
How to Build Secure Application Development
Environments
Breaches Are Not Discovered for 6-9 Months
• Often Discovered by External Source
Some Potential Attacks of the Future
5. RECENT BREACHES
Anthem: 78.8 million records
Target: 42 million people’s credit or debit information stolen;
banks file class-action lawsuit against Target
Home Depot: estimated 56 million credit and debit card
numbers
JPMorgan: 76 million households and 7 million small
businesses
Carbanak: $1 billion stolen from more than 100 banks in 30
countries
AdultFriendFinder.com 3.9 million users' personal details and
sexual preferences
6. DATA BREACH COSTS
Average Cost of a Data Breach in US Averages
$6.5 million, highest in the world
One estimate of the cost to Home Depot is $10
billion by 2020
Cost in Health Care Organizations Could be as
much as $363 Per Record
7. THE TIMES THEY ARE A CHANGIN’
Every Business is Now a Target
Every Medical Device Could be a Target
Every Car Could be a Target
Every Refrigerator Could be a Target
Every Drone Could be an Attacker
8. AWARENESS OF SECURITY SEEMS TO BE
EVERYWHERE!
Boardrooms Now Have Security on their Agendas
80% of the Time
Breaches are a Weekly News Item on Mainstream
Media
Cousins Call Us for Advice or to Ask What We Think
of the Latest Attack
Congress is Talking About Security
9. WHAT THE $%#%^%&*?
Old Vulnerabilities Are Still Everywhere
• SQL Injection (in the OWASP Top 10 in 2007 and still there!)
• 44%of known breaches in 2014 came from vulnerabilities
that were between two and four years old1
Patching is Still Problematic
Change Management is not Happening
Configuration Management is Not Happening
Our Mission Critical Information is Not Encrypted
1 HP 2015 Cyber Risk Report
10. OUR WORKFORCE HAS GONE
PHISHING!
Click That Link!
Open That Attachment!
Open That Email From the Unknown Sender
Respond to that “Too Good to be True” Email
Scam!
Forward that Funny Attachment to Everyone!
We Love Port 80!!
11. WHAT’S A GOOD SECURITY LEADER TO
DO?!
Go on Tour
Security Awareness Training for Everyone
• Address Your Companies Vulnerability Trends
• Gamify Your Training
• Provide Incentives and Prizes
• Please, No Death by PowerPoint
Speak at Division Meetings
Speak at General Staff Meetings
12. MEET WITH KEY PLAYERS
Lunch with all Executives
Meet Regularly
• With CTO or Head of System Admins
• Division Heads
• Legal
• Risk Compliance
Learn to Talk “Businessese”
13. CREATE AND ENFORCE POLICIES,
STANDARDS, AND PROCEDURES
Ensure Standard Image is Created
• Is Regularly Updated
• Is Regularly Tested
• Deployed Everywhere-Especially on Admin
Systems
No one Should Be Regularly Logged in with Admin
Privileges
Have a Plan and Procedures for Securing Portable
Devices and BYOD
14. BAKE SECURITY INTO THE SDLC
Embrace and Befriend the Head of Application
Development
Utilize Static/Dynamic Web App Vulnerability
Scanners
Have All Staff in AppDev Take Secure Coding
Training
All Project Proposals Must be Reviewed by InfoSec
Work with the PMO
15. SECURE YOUR PHYSICAL
ENVIRONMENT
Does Your Facilities Head Purchase Physical Security
Solutions Without InfoSec Involvement or
Knowledge?
Are Your Physical Security Access Cards Waaay too
Easy to Hack? Most Are!
Do You Know Who Has Access to Your Data Center?
Are You Sure?
Can People Leave Your Buildings Carrying Anything
They Want?
16. MONITOR SYSTEMS REGULARLY
Are You Able to Detect Anomalies on Your
Networks?
Do You Know if You Have Been Compromised?
Probably Not!
Would You be able to Detect Strange Outbound
Traffic to, Let’s Say, China or North Korea?
Monitor Unusual Changes in User Behavior
Do You Know if 50 Users All Had Their Accounts
Locked After Unsuccessful Login Attempts?
17. CREATE AND REVIEW REPORTS
Create Remediation Plans After Reviewing Network
Vulnerability Scans
Compare Reports From Various Tools: Patch
Management, Vulnerability Scanning, Anti-Malware
Follow-up on Remediation Efforts
Rescan and Review Reports
Look for Patterns in Incidents in Your HelpDesk
Database
18. ENFORCE ACCESS MANAGEMENT
STANDARDS
Work With HR to Establish Provisioning/
Deprovisioning Procedures
Enforce Process to Approve and Grant Access to
Systems
Enforce Deprovisioning Procedures
Periodically Audit Systems Access
Two Factors Required for all Admin Access to Mission
Critical Systems
19. NETWORK AND COLLABORATE
Attend Networking Events
Make New Contacts
Share War Stories and Solutions
Join ISSA, OWASP, ISACA, CSA, HTCIA, etc.
Form New Groups
Look for Meetups
Leave Here Today With at Least 5 New Contacts;
Follow-up with them
21. HELP PREPARE THE NEXT GENERATION
OF SECURITY LEADERS
Hire Students
Train and Mentor Your Staff
Speak at Schools
Support Cyber Competitions
Help Schools With their Curriculum
Teach Security at Schools
22. MOST IMPORTANTLY!!
DRINK AND EAT WITH US…NOW!!!!
Food and Drink Next Door in the Vendor Expo
Last Chance to Meet with Vendors
Last Chance to Enter to Win Raffle Prizes
Book Signing
Raffle Drawing in 15 Minutes
23. THANK YOU!
To All Our Speakers
To All Our Volunteers
To My Fellow Board Members
To All of You For Joining Us
To All Our Vendor Partners
To Our Fellow Organizations
24. THANK YOU!
Stay Safe
Stay Hungry for Knowledge
Believe in Yourself
Live Long and Prosper!
See You All At Summit 8!