By using Cyber Threat Intelligence, organizations can understand what specific threats they face and use these insights to drive the most effective defense.
Cyber Threat Intelligence: Knowing What Specific Threats Your Business Should Address
1. Speaker Firms and Organization:
VT iDirect, Inc.
Andy Tomaszewski
Chief Information Officer (CIO) / Chief
Information Security Officer (CISO)
Thank you for logging into today’s event. Please note we are in standby mode. All Microphones will be muted until the event
starts. We will be back with speaker instructions @ 9:55am. Any Questions? Please email: info@theknowledegroup.org
Group Registration Policy
Please note ALL participants must be registered or they will not be able to access the event.
If you have more than one person from your company attending, you must fill out the group registration form.
We reserve the right to disconnect any unauthorized users from this event and to deny violators admission to future events.
To obtain a group registration please send a note to info@theknowledgegroup.org or call 646.202.9344.
Presented By:
March 15, 2016
1
Partner Firms:
Federal Trade Commission
Shameka L. Walker
Attorney, Division of Privacy and Identity
Protection
SurfWatch Labs
Tim Layton
Chief Intelligence Officer
Federal Trade Commission
2. March 15, 2016
2
Please note the FAQ.HELP TAB located to the right of the main presentation. On this page you will find answers to the top questions asked by
attendees during webcast such as how to fix audio issues, where to download the slides and what to do if you miss a secret word. To access this
tab, click the FAQ.HELP Tab to the right of the main presentation when you’re done click the tab of the main presentation to get back.
For those viewing the webcast on a mobile device, please note:
o These instructions are for Apple and Android devices only. If you are using a Windows tablet, please follow the instructions for viewing
the webcast on a PC.
o The FAQ.HELP TAB will not be visible on mobile devices.
o You will receive the frequently asked questions & other pertinent info through the apps chat window function on your device.
o On Apple devices you must tap the screen anywhere to see the task bar which will show up as a blue bar across the top of the screen.
Click the chat icon then click the chat with all to access the FAQ’s.
o Feel free to submit questions by using the “questions” function built-in to the app on your device.
o You may use your device’s “pinch to zoom function” to enlarge the slide images on your screen.
o Headphones are highly recommended. In the event of audio difficulties, a dial-in number is available and will be provided via the app’s
chat function on your device.
3. March 15, 2016
3
Follow us on Twitter, that’s @Know_Group to receive updates for this event as well as other news and pertinent info.
If you experience any technical difficulties during today’s WebEx session, please contact our Technical Support @ 866-779-3239. We will post the
dial information in the chat window to the right shortly and it’s available in the FAQ.Help Tab on the right.
You may ask a question at anytime throughout the presentation today via the chat window on the lower right hand side of your screen. Questions
will be aggregated and addressed during the Q&A segment.
Please note, this call is being recorded for playback purposes.
If anyone was unable to log in to the online webcast and needs to download a copy of the PowerPoint presentation for today’s event, please send
an email to: info@theknowledgegroup.org. If you’re already logged in to the online Webcast, we will post a link to download the files shortly and it’s
available in the FAQ.Help Tab
4. March 15, 2016
4
If you are listening on a laptop, you may need to use headphones as some laptops speakers are not sufficiently amplified enough to hear the
presentations. If you do not have headphones and cannot hear the webcast send an email to info@theknowledgegroup.org and we will send you
the dial in phone number.
About an hour or so after the event, you'll be sent a survey via email asking you for your feedback on your experience with this event today - it's
designed to take less than two minutes to complete, and it helps us to understand how to wisely invest your time in future events. Your feedback is
greatly appreciated. If you are applying for continuing education credit, completions of the surveys are mandatory as per your state boards and
bars. 6 secret words (3 for each credit hour) will be given throughout the presentation. We will ask you to fill these words into the survey as proof
of your attendance. Please stay tuned for the secret word. If you miss a secret word please refer to the FAQ.Help tab to the right.
Speakers, I will be giving out the secret words at randomly selected times. I may have to break into your presentation briefly to read the secret
word. Pardon the interruption.
5. March 15, 2016
5
Welcome to the Knowledge Group Unlimited Subscription Programs. We have Two Options Available for You:
FREE UNLIMITED: This program is free of charge with no further costs or obligations. It includes:
Unlimited access to over 15,000 pages of course material from all Knowledge Group Webcasts.
Subscribers to this program can download any slides, white papers, or supplemental material covered during all live webcasts.
50% discount for purchase of all Live webcasts and downloaded recordings.
PAID UNLIMITED: Our most comprehensive and cost-effective plan, for a one-time fee:
Access to all LIVE Webcasts (Normally $199 to $349 for each event without a subscription). Including: Bring-a-Friend – Invite a
client or associate outside your firm to attend for FREE. Sign up for as many webcasts as you wish.
Access to all of Recorded/Archived Events & Course Material includes 1,500+ hours of audio material (Normally $299 for each
event without a subscription).
Free Certificate of Attendance Processing (Normally $49 Per Course without a subscription).
Access to over 15,000 pages of course material from Knowledge Group Webcasts.
Ability to invite a guest of your choice to attend any live webcast Free of charge (Exclusive benefit only available for PAID
UNLIMITED subscribers).
6 Month Subscription is $499 with No Additional Fees Other options are available.
Special Offer: Sign up today and add 2 of your colleagues to your plan for free Check the “Triple Play” box on the sign-up
sheet contained in the link below.
https://gkc.memberclicks.net/index.php?option=com_mc&view=mc&mcid=form_157964
6. March 15, 2016
6
Knowledge Group UNLIMITED PAID Subscription Programs Pricing:
Individual Subscription Fees: (2 Options)
Semi-Annual: $499 one-time fee for a 6 month subscription with unlimited access to all webcasts, recordings, and materials.
Annual: $799 one-time fee for a 12 month unlimited subscription with unlimited access to all webcasts, recordings, and materials.
Group plans are available. See the registration form for details.
Best ways to sign up:
1. Fill out the sign up form attached to the post conference survey email.
2. Sign up online by clicking the link contained in the post conference survey email.
3. Click the link below or the one we just posted in the chat window to the right.
https://gkc.memberclicks.net/index.php?option=com_mc&view=mc&mcid=form_157964
Questions: Send an email to: info@theknowledgegroup.org with “Unlimited” in the subject.
7. Partner Firms:
March 15, 2016
7
SurfWatch Labs helps organizations and service providers quickly establish
a strategic cyber threat intelligence operation that drives more effective use
of their tactical defenses.
Founded in 2013 by former US Government intelligence analysts, SurfWatch
Labs solutions provide a 360-degree view of cyber threats in the context of
your business, along with practical and personalized support to create
immediate insights and meaningful action. Combining useful analytics,
applications and human expertise, SurfWatch solutions can be your off-the-
shelf, cyber threat intelligence team or delivered as a comprehensive
product suite that easily integrates with your existing cybersecurity
operations.
Federal Trade Commission
The Federal Trade Commission is an independent law enforcement agency
working to prevent fraudulent, deceptive and unfair practices in the
marketplace. In addition to law enforcement, the agency fulfills its mission
through policy work and advocacy statements to other law enforcement
bodies. The policy work includes public workshops, Congressional
testimony, consumer education, and business guidance. Privacy and data
security are consumer protection priorities. The FTC has an almost 20-year
law enforcement history of bringing cases alleging deceptive and unfair
practices related to data security.
8. Partner Firm:
March 15, 2016
8
VT iDirect is a global leader in IP-based satellite communications, providing technology that enables our service provider and
satellite operator partners to optimize their networks, differentiate their services and profitably expand their business. For
more than 20 years, the VT iDirect organization has applied remarkable ingenuity to meet both the economic and technology
challenges across the satellite industry. And today, our partners utilize iDirect technology to extend private networks to
remote offices; provide mobile connectivity across land, sea and air; deliver high-speed broadband access in emerging
nations; expand cellular networks to remote and rural areas; and support government and military communications.
The vast majority of people will have used or accessed iDirect’s satellite-based IP communications technology without even
realizing it. For instance:
Last time you took a transcontinental flight you most likely experienced iDirect as an increasing number of commercial airlines
now offer passengers Wi-Fi connectivity on flights using iDirect technology; this is just one area in which iDirect’s solutions
are utilized on a global scale.
Been on a cruise recently and wondered how the ship had Internet connectivity even in the middle of the ocean? Over 50% of
all maritime vessels are using iDirect’s solutions across a range of applications; from allowing operators real-time access to
equipment telematics, to providing high-quality Internet connectivity to passengers and crew wherever they are in the world.
Satellite technology is one of the most rapidly developing sectors in the world today. With over 4 billion people expected to be
connected by 2020 people and businesses are demanding connectivity and data whenever and wherever they are, very often
beyond the confines of physical connections. The ”Internet of Things” is rapidly becoming more commonplace, and the
majority of devices simply cannot be connected to a physical data connection. With these new demand Satellite is emerging
as a critical part of the global IP network delivering reliable, high quality connectivity across the globe.
9. Brief Speaker Bios:
Tim Layton
Tim Layton is a cybersecurity professional with over 25 years of experience, having worked as a trusted advisor to some of world's
leading public and private organizations. Mr. Layton is widely regarded for his strategic and innovative approach to developing
enterprise cybersecurity and risk management strategies, programs, and processes to combat the ever-changing cyber threat
landscape and associated risks facing organizations.
March 15, 2016
9
Andy Tomaszewski
Andy Tomaszewski is the CIO/ CISO at iDirect, where he is responsible for developing and managing iDirect’s strategic IT and
computing plans, business applications, end user support, and security services.
Previously, Mr. Tomaszewski held the position of vice president, Envisioning Services at CoreBTS, a technology solutions company.
An industry-recognized expert in Security and Risk Assessment, he began his career in programming and architecture working at
firms including Integrated Information Systems and Novell.
► For more information about the speakers, you can visit: https://theknowledgegroup.org/event-homepage/?event_id=1709
Shameka L. Walker
Shameka Walker is an attorney at the Federal Trade Commission in the Bureau of Consumer Protection, Division of Privacy and
Identity Protection. Since joining the FTC in 2010, Ms. Walker has been involved in investigating and litigating consumer protection
cases involving data security, privacy, identity protection, work-at-home scams and telemarketing fraud. Prior to joining the FTC, Ms.
Walker was a litigation associate at Fulbright & Jaworski, L.L.P., in Washington, D.C. She began her career serving as a law clerk to
the Honorable Eric T. Washington of the District of Columbia Court of Appeals. Ms. Walker received her J.D. from Cornell University
and B.A. from the University of Miami.
10. Commercial and government organizations face an increasing amount of cyber threats targeting sensitive
information. Even as organizations have added more security layers and staff, data breaches are still occuring at
a tremendous rate because cybercriminals, hacktivists and nation states shift their tactics to evade traditional
cybersecurity defenses. Without an intelligence-driven approach to cybersecurity, vast sums of money can be
spent in a futile attempt to protect assets, data, and information.
By using Cyber Threat Intelligence (CTI), organizations can understand what specific threats they face and use
these insights to drive the most effective defense. CTI provides critical insights into an organization’s greatest
areas of risk and includes the identification of relevant potential threats, adversarial tactics, techniques and
procedures; monitoring, collecting, and sharing of information and data relevant to the threats faced by a
corporation; and collaborating with government, security, and other relevant organizations.
Most corporations and organizations do not know how or have the resources available to produce and consume
proper 'intelligence' to effectively and efficiently identify, prioritize and mitigate critical risks. In this two-hour LIVE
Webcast, a panel of distinguished professionals and thought leaders assembled by The Knowledge Group will
provide the audience with an in-depth overview of Cyber Threat Intelligence and will help them understand how it
works, why it is beneficial, and explain how to use it to mitigate cyber risks.
March 15, 2016
10
11. Key issues that will be covered in this course are:
• Why the Traditional Cyber Security Approach is No Longer Adequate
• Cyber Threat Intelligence – An Overview
• Understanding the Difference Between Strategic, Operational and Tactical CTI
• The Risk Impact of Dark Web Markets and the Intel That Can be Gathered
• How to Measure Cyber Risks Like Other Critical Business Risks
• Gaining Visibility of Cyber Risks in the Supply Chain
• Information Sharing and Cooperation – Leveraging ISACs and How to Create Your Own ISAC
• Best Practices for Integrating Cyber Threat Intelligence with Security Operations
• Regulatory Issues and Litigation Risks
March 15, 2016
11
12. Featured Speakers:
March 15, 2016
12
SEGMENT 2:
Shameka L. Walker
Attorney, Division of Privacy and Identity
Protection
Federal Trade Commission
SEGMENT 3:
Andy Tomaszewski
Chief Information Officer (CIO) / Chief
Information Security Officer (CISO)
VT iDirect, Inc.
SEGMENT 1:
Tim Layton
Chief Intelligence Officer
SurfWatch Labs
13. Introduction
Tim Layton is a cybersecurity professional with over 25 years of experience, having worked as a trusted advisor to some of
world's leading public and private organizations. Mr. Layton is widely regarded for his strategic and innovative approach to
developing enterprise cybersecurity and risk management strategies, programs, and processes to combat the ever-
changing cyber threat landscape and associated risks facing organizations.
Before joining SurfWatch Labs as the Chief Intelligence Officer, Mr. Layton held senior leadership roles with Cisco, EMC,
and Wells Fargo. At Cisco, he was a Principal for Cisco’s Global Enterprise Cybersecurity Theatre. Mr. Layton was a
Principal for EMC’s Security & Risk Management practice and before that served as Vice President for Wells Fargo where
he specialized in enterprise cyber risk across all business units and third-party risk management.
Mr. Layton received an MBA and BA from Lindenwood University in St. Louis, and has earned a wide variety of security-
related certifications over the years to include CISSP, SANS GSEC, GCIH, GCFW, GREM, ECNE, CCNA, SCO ACE,
MCSE.
March 15, 2016
13
SEGMENT 1:
Tim Layton
Chief Intelligence Officer
SurfWatch Labs
14. Cyber Threat Intelligence Overview
• Cyber Threat Intelligence (CTI) is about reducing
uncertainty
• CTI is an emerging business tool that has many
definitions and uses
• Intelligence infers a proactive approach vs. the
traditional reactionary defense approach
• CTI provides insights into the motivations, tactics,
intent, and capabilities of threat sources
March 15, 2016
14
SEGMENT 1:
Tim Layton
Chief Intelligence Officer
SurfWatch Labs
15. Types of Threat Intelligence
March 15, 2016
15
SEGMENT 1:
Tim Layton
Chief Intelligence Officer
SurfWatch Labs
• Strategic intelligence aids the business in
making informed decisions
• Operational intelligence helps stakeholders
make proactive adjustments to defenses
• Tactical intelligence is a reactionary approach
based on technical indicators
16. Dark Web Black Markets
• Black Markets on the Dark Web are an
emerging opportunity for business leaders
• We know exactly what is valued and being
targeted by threat actors
• Basic analytics can be used to gain
proactive insights
• Data and information in the markets can
validate or inform of a breach incident
• Used in business via M&A, Legal, and other
areas
March 15, 2016
16
SEGMENT 1:
Tim Layton
Chief Intelligence Officer
SurfWatch Labs
17. Measuring Cyber Risks
March 15, 2016
17
SEGMENT 1:
Tim Layton
Chief Intelligence Officer
SurfWatch Labs
• Cyber risks now have the attention of the Board
of Directors and senior executives
• There are many other, more mature risk
disciplines to model from
• Cyber insurance is a volatile and emerging risk
mitigation strategy
• Critical to understand the potential impact to
operations, brand, and long-term resilience
18. Digital Supply Chain
• In the new global economy, organizations are
relying more on partners and suppliers
• The history of data breaches and third party
suppliers is clear
• Partners/Suppliers are often the “weakest link”
• Needing 360 visibility of operations is a reality
March 15, 2016
18
SEGMENT 1:
Tim Layton
Chief Intelligence Officer
SurfWatch Labs
19. Integrating CTI with Operations
March 15, 2016
19
SEGMENT 1:
Tim Layton
Chief Intelligence Officer
SurfWatch Labs
• CTI connects the dots and provides a platform
for operations
• CTI must be a cross-functional team effort
• In our hyper-connected digital economy, cyber
threats are outpacing our ability to “protect and
defend” – a new model is required
• CTI only has value if it can be operationalized
in a timely manner
20. Panel Discussion:
March 15, 2016
20
SEGMENT 2:
Shameka L. Walker
Attorney, Division of Privacy and Identity
Protection
Federal Trade Commission
SEGMENT 3:
Andy Tomaszewski
Chief Information Officer (CIO) / Chief
Information Security Officer (CISO)
VT iDirect, Inc.
SEGMENT 1:
Tim Layton
Chief Intelligence Officer
SurfWatch Labs
21. Introduction
Shameka Walker is an attorney at the Federal Trade Commission in the Bureau of Consumer Protection, Division of Privacy
and Identity Protection. Since joining the FTC in 2010, Ms. Walker has been involved in investigating and litigating
consumer protection cases involving data security, privacy, identity protection, work-at-home scams and telemarketing
fraud. Prior to joining the FTC, Ms. Walker was a litigation associate at Fulbright & Jaworski, L.L.P., in Washington,
D.C. She began her career serving as a law clerk to the Honorable Eric T. Washington of the District of Columbia Court of
Appeals. Ms. Walker received her J.D. from Cornell University and B.A. from the University of Miami.
March 15, 2016
21
SEGMENT 2:
Shameka L. Walker
Attorney, Division of Privacy and Identity
Protection
Federal Trade Commission
22. DISCLAIMER
The views expressed are those of the speaker and not necessarily those of the FTC.
March 15, 2016
22
SEGMENT 2:
Shameka L. Walker
Attorney, Division of Privacy and Identity
Protection
Federal Trade Commission
23. Laws to Keep in Mind
Section 5 of the FTC Act - broadly prohibits “unfair or deceptive acts or practices in or affecting
commerce;
COPPA – protects kids’ data;
GLB – protects financial data; and
FCRA – protects data used for certain purposes (e.g., credit, hiring).
March 15, 2016
23
SEGMENT 2:
Shameka L. Walker
Attorney, Division of Privacy and Identity
Protection
Federal Trade Commission
24. Some Common Privacy Failures
Rolling out a new service or feature that increases sharing without adequate notice and consent
Misrepresenting with whom data is being shared
Misrepresentations about tracking and opting out of tracking
Presenting false choices
March 15, 2016
24
SEGMENT 2:
Shameka L. Walker
Attorney, Division of Privacy and Identity
Protection
Federal Trade Commission
25. Information Security -- Four Points that Guide the FTC’s Enforcement
Information security is an ongoing process.
A company’s security procedures must be reasonable and appropriate in light of the circumstances.
A breach does not necessarily show that a company failed to have reasonable security measures –
there is no such thing as perfect security.
Practices may be unreasonable and subject to FTC enforcement even without a known security
breach.
March 15, 2016
25
SEGMENT 2:
Shameka L. Walker
Attorney, Division of Privacy and Identity
Protection
Federal Trade Commission
26. Protecting Personal Information: A Guide for Business
5 key principles:
1. Take stock. Know what personal information you have in your files and on your computers.
2. Scale down. Keep only what you need for your business.
3. Lock it. Protect the information that you keep.
4. Pitch it. Properly dispose of what you no longer need.
5. Plan ahead. Create a plan to respond to security incidents.
March 15, 2016
26
SEGMENT 2:
Shameka L. Walker
Attorney, Division of Privacy and Identity
Protection
Federal Trade Commission
27. Protecting Personal Information – Tips on General Network Security (1 of 3)
Identify computers or servers where sensitive personal information is stored.
Identify all connections to these computers (e.g., Internet, electronic cash registers, computers at your
branch offices, computers used by service providers to support your network, digital copiers, and
wireless devices like smartphones, tablets, or inventory scanners).
Assess the vulnerability of each connection to commonly known or reasonably foreseeable attacks.
March 15, 2016
27
SEGMENT 2:
Shameka L. Walker
Attorney, Division of Privacy and Identity
Protection
Federal Trade Commission
28. Protecting Personal Information – Tips on General Network Security (2 of 3)
Don’t store sensitive consumer data on a computer with an Internet connection unless it’s essential for
your business.
Encrypt sensitive data that you send to third parties over public networks (like the Internet), and
consider encrypting sensitive data stored on your network or on portable storage devices. Consider
encrypting emails within your business that contain personally identifying information.
Regularly run up-to-date anti-virus and anti-spyware programs on your network.
March 15, 2016
28
SEGMENT 2:
Shameka L. Walker
Attorney, Division of Privacy and Identity
Protection
Federal Trade Commission
29. Protecting Personal Information – Tips on General Network Security (3 of 3)
Check expert websites (e.g., www.sans.org) and software vendor websites regularly, and implement
policies for installing vendor-approved patches.
Consider restricting employees’ ability to download unauthorized software.
Scan computers on your network to identify and profile the operating system and open network
services. Disable services that you don’t need.
When you receive or transmit credit card or other sensitive financial data, use Secure Sockets Layer
(SSL) or another secure connection to protect it in transit.
March 15, 2016
29
SEGMENT 2:
Shameka L. Walker
Attorney, Division of Privacy and Identity
Protection
Federal Trade Commission
30. Prioritizing Computer System Risks
Check expert consensus lists that identify and offer defenses for the commonly exploited
vulnerabilities that pose the greatest risk of harm to your information systems.
– The 20 Most Critical Internet Security Vulnerabilities (www.sans.org/top20) Describes
vulnerabilities in Windows and UNIX. Has links to scanning tools and services at
www.sans.org/top20/tools.pdf.
– The 10 Most Critical Web Application Security Vulnerabilities (www.owasp.org) Describes
common vulnerabilities for web apps and databases and the most effective ways to address
them. These vulnerabilities are as important as network issues.
For more FTC tips, see Security Check: Reducing Risks to Your Computer Systems,
http://business.ftc.gov/documents/bus58-security-check-reducing-risks-your-computer-systems.
March 15, 2016
30
SEGMENT 2:
Shameka L. Walker
Attorney, Division of Privacy and Identity
Protection
Federal Trade Commission
31. Contractors and Service Providers
Before you outsource a business function (payroll, web hosting, data processing, etc.) investigate the
company’s data security practices and compare their standards to yours. If possible, visit their
facilities.
Address security issues for the type of data your service providers handle in your contract with them.
Insist that your service providers notify you of any security incidents they experience, even if the
incidents may not have led to an actual compromise of your data.
March 15, 2016
31
SEGMENT 2:
Shameka L. Walker
Attorney, Division of Privacy and Identity
Protection
Federal Trade Commission
32. Incident Response Plans
Have a plan to respond to security incidents. Designate a senior staff member to coordinate and
implement the plan.
If a computer is compromised, disconnect it immediately from your network.
Investigate security incidents immediately and take steps to close off existing vulnerabilities or threats
to personal information.
Consider whom to notify in the event of an incident, both inside and outside your organization. You
may need to notify consumers, law enforcement, customers, credit bureaus, and other businesses
that may be affected by the breach. In addition, many states and the federal bank regulatory agencies
have laws or guidelines addressing data breaches. Consult your attorney.
March 15, 2016
32
SEGMENT 2:
Shameka L. Walker
Attorney, Division of Privacy and Identity
Protection
Federal Trade Commission
33. March 15, 2016
33
SEGMENT 2:
Shameka L. Walker
Attorney, Division of Privacy and Identity
Protection
Federal Trade Commission
34. March 15, 2016
34
SEGMENT 2:
Shameka L. Walker
Attorney, Division of Privacy and Identity
Protection
Federal Trade Commission
Lessons Learned From FTC Cases
Don’t collect what you don’t need and don’t use unnecessary PII
Control access to data sensibly
Require secure passwords and authentication
Store sensitive PII and securely and protect it during transmission
Segment your network and monitor activity
Secure remote access to your network
Apply sound security practices when developing new products
Make sure your service providers implement reasonable security measures
Keep security current
Secure paper, physical media and devices
35. Some Common Remedies
Injunction against misrepresentations;
Comprehensive data security or privacy program appropriate to the company’s size, nature of
activities, and information collected;
Third party assessments of these programs;
Other specific requirements, e.g., disclosures, privacy choices, data deletion, or software updates;
and
Civil penalties for rule and order violations.
March 15, 2016
35
SEGMENT 2:
Shameka L. Walker
Attorney, Division of Privacy and Identity
Protection
Federal Trade Commission
36. March 15, 2016
36
SEGMENT 2:
Shameka L. Walker
Attorney, Division of Privacy and Identity
Protection
Federal Trade Commission
The FTC’s Business Center (www.business.ftc.gov)
has a Privacy and Data Security section with
more information.
Questions?
swalker@ftc.gov
37. Panel Discussion:
March 15, 2016
37
SEGMENT 2:
Shameka L. Walker
Attorney, Division of Privacy and Identity
Protection
Federal Trade Commission
SEGMENT 3:
Andy Tomaszewski
Chief Information Officer (CIO) / Chief
Information Security Officer (CISO)
VT iDirect, Inc.
SEGMENT 1:
Tim Layton
Chief Intelligence Officer
SurfWatch Labs
38. Introduction
Andy Tomaszewski is the CIO/ CISO at iDirect, where he is responsible for developing and managing iDirect’s strategic IT
and computing plans, business applications, end user support, and security services.
Previously, Mr. Tomaszewski held the position of vice president, Envisioning Services at CoreBTS, a technology solutions
company. An industry-recognized expert in Security and Risk Assessment, he began his career in programming and
architecture working at firms including Integrated Information Systems and Novell.
Mr. Tomaszewski holds a B.A. from the University of Wisconsin-Madison, earned his Management and Leadership
Certification from the MIT Sloan School of Management, and is certified in CISSP, TOGAF, and Project Management.
March 15, 2016
38
SEGMENT 3:
Andy Tomaszewski
Chief Information Officer (CIO) / Chief
Information Security Officer (CISO)
VT iDirect, Inc.
39. Disclaimer
The opinions expressed are solely those of the presenter and do not necessarily reflect the views
or opinions of VT iDirect.
March 15, 2016
39
SEGMENT 3:
Andy Tomaszewski
Chief Information Officer (CIO) / Chief
Information Security Officer (CISO)
VT iDirect, Inc.
40. iDirect Quick Facts
March 15, 2016
40
SEGMENT 3:
Andy Tomaszewski
Chief Information Officer (CIO) / Chief
Information Security Officer (CISO)
VT iDirect, Inc.
• Leader in IP-based satellite communications
• World’s largest TDMA enterprise VSAT manufacturer –
32% market share*
• 350+ global service provider and operators partners
Source: Comsys 13th edition VSAT Report
Aero
Maritime
Defense
Mobile
Backhaul
Oil & Gas
Government and
Commercial
clients in many
different
markets around
the globe
41. Protecting your People, Property and IP
3 Areas of Focus
• Organizational Structure
• Design pattern which reduces risk for customers, employees and shareholders
• Attribution
• While you can’t attack back, you can attribute.
• Taking Action
• If your company is getting attacked by nation state actors, here’s what you can do
March 15, 2016
41
SEGMENT 3:
Andy Tomaszewski
Chief Information Officer (CIO) / Chief
Information Security Officer (CISO)
VT iDirect, Inc.
42. Organizational Structure
March 15, 2016
42
SEGMENT 3:
Andy Tomaszewski
Chief Information Officer (CIO) / Chief
Information Security Officer (CISO)
VT iDirect, Inc.
• Accountability
• Assign leadership (CISO) responsible for corporate and product and/or services
• Communication
• Provide direct feedback by Security leadership
to Board
• Organizational Design
• Establish separate department to track expense as a % of revenue for YOY
benchmark
43. Attribution
March 15, 2016
43
SEGMENT 3:
Andy Tomaszewski
Chief Information Officer (CIO) / Chief
Information Security Officer (CISO)
VT iDirect, Inc.
• Attacking back – against the law
• Attributing – is legal and effective
• Publish exploits to security partners
• Publish exploits to partners
• Publish exploits to law enforcement
• Attribute every time – the attacker will need to expend resources to achieve their goal
• Use Threat Intelligence to be effective
44. Top 10 Threat Vectors
March 15, 2016
44
SEGMENT 3:
Andy Tomaszewski
Chief Information Officer (CIO) / Chief
Information Security Officer (CISO)
VT iDirect, Inc.
Sat Link
hijacking
26%
Turla spyware
16%
Watering hole
attack
10%
Proof of concept exploit
Network security
SMS trojan
7%
Device-level
Hardcoded
credentials
Vulnerability
Insecure
protocols
5%
45. To 10 Threat Actors
March 15, 2016
45
SEGMENT 3:
Andy Tomaszewski
Chief Information Officer (CIO) / Chief
Information Security Officer (CISO)
VT iDirect, Inc.
Epic Turla APT
People's
Liberation Army
(PLA)
Researchers
46. Threat Intelligence - Lowering your Risk
March 15, 2016
46
SEGMENT 3:
Andy Tomaszewski
Chief Information Officer (CIO) / Chief
Information Security Officer (CISO)
VT iDirect, Inc.
• Know what they know – Effectively change your attack surface
• Be proactive – Reduces the success rate of attack campaigns
• Play defense – Respond to attack campaigns with the most effective countermeasures
• If properly leveraged, demonstrates due diligence and due care
47. Take Action
March 15, 2016
47
SEGMENT 3:
Andy Tomaszewski
Chief Information Officer (CIO) / Chief
Information Security Officer (CISO)
VT iDirect, Inc.
Work Together
• Competition is getting the same attention
• Law enforcement can form an industry group
• Share intelligence
• Develop preventative & detective control sets
• If they can’t get to you, they will use vendors/partners
• Phishing attacks from trusted sources
Reduce Risk
• Train employees, over communicate when attacked
• Update vendor contracts
• Audit vendors
• Collaborate with partners and vendors
48. Panel Discussion:
March 15, 2016
48
SEGMENT 2:
Shameka L. Walker
Attorney, Division of Privacy and Identity
Protection
Federal Trade Commission
SEGMENT 3:
Andy Tomaszewski
Chief Information Officer (CIO) / Chief
Information Security Officer (CISO)
VT iDirect, Inc.
SEGMENT 1:
Tim Layton
Chief Intelligence Officer
SurfWatch Labs
49. March 15, 2016
49
Contact Info:
Tim Layton
Chief Intelligence Officer
SurfWatch Labs
E: tim.layton@surfwatchlabs.com
Andy Tomaszewski
Chief Information Officer (CIO) /
Chief Information Security Officer
(CISO)
VT iDirect, Inc.
E: Atomaszewski@idirect.net
Shameka L. Walker
Attorney, Division of Privacy and
Identity Protection
Federal Trade Commission
E: swalker@ftc.gov
T: (202) 326-2570
50. ► You may ask a question at anytime throughout the presentation today. Simply click on the question mark icon located on the floating tool bar on the bottom right side of your screen. Type
your question in the box that appears and click send.
► Questions will be answered in the order they are received.
Q&A:
March 15, 2016
50
SEGMENT 2:
Shameka L. Walker
Attorney, Division of Privacy and Identity
Protection
Federal Trade Commission
SEGMENT 3:
Andy Tomaszewski
Chief Information Officer (CIO) / Chief
Information Security Officer (CISO)
VT iDirect, Inc.
SEGMENT 1:
Tim Layton
Chief Intelligence Officer
SurfWatch Labs
51. March 15, 2016
51
Welcome to the Knowledge Group Unlimited Subscription Programs. We have Two Options Available for You:
FREE UNLIMITED: This program is free of charge with no further costs or obligations. It includes:
Unlimited access to over 15,000 pages of course material from all Knowledge Group Webcasts.
Subscribers to this program can download any slides, white papers, or supplemental material covered during all live webcasts.
50% discount for purchase of all Live webcasts and downloaded recordings.
PAID UNLIMITED: Our most comprehensive and cost-effective plan, for a one-time fee:
Access to all LIVE Webcasts (Normally $199 to $349 for each event without a subscription). Including: Bring-a-Friend – Invite a
client or associate outside your firm to attend for FREE. Sign up for as many webcasts as you wish.
Access to all of Recorded/Archived Events & Course Material includes 1,500+ hours of audio material (Normally $299 for each
event without a subscription).
Free Certificate of Attendance Processing (Normally $49 Per Course without a subscription).
Access to over 15,000 pages of course material from Knowledge Group Webcasts.
Ability to invite a guest of your choice to attend any live webcast Free of charge (Exclusive benefit only available for PAID
UNLIMITED subscribers).
6 Month Subscription is $499 with No Additional Fees Other options are available.
Special Offer: Sign up today and add 2 of your colleagues to your plan for free Check the “Triple Play” box on the sign-up
sheet contained in the link below.
https://gkc.memberclicks.net/index.php?option=com_mc&view=mc&mcid=form_157964
52. March 15, 2016
52
Knowledge Group UNLIMITED PAID Subscription Programs Pricing:
Individual Subscription Fees: (2 Options)
Semi-Annual: $499 one-time fee for a 6 month subscription with unlimited access to all webcasts, recordings, and materials.
Annual: $799 one-time fee for a 12 month unlimited subscription with unlimited access to all webcasts, recordings, and materials.
Group plans are available. See the registration form for details.
Best ways to sign up:
1. Fill out the sign up form attached to the post conference survey email.
2. Sign up online by clicking the link contained in the post conference survey email.
3. Click the link below or the one we just posted in the chat window to the right.
https://gkc.memberclicks.net/index.php?option=com_mc&view=mc&mcid=form_157964
Questions: Send an email to: info@theknowledgegroup.org with “Unlimited” in the subject.
53. March 15, 2016
53
ABOUT THE KNOWLEDGE GROUP
The Knowledge Group is an organization that produces live webcasts which examine regulatory
changes and their impacts across a variety of industries. “We bring together the world's leading
authorities and industry participants through informative two-hour webcasts to study the impact of
changing regulations.”
If you would like to be informed of other upcoming events, please click here.
Disclaimer:
The Knowledge Group is producing this event for information purposes only. We do not intend to
provide or offer business advice.
The contents of this event are based upon the opinions of our speakers. The Knowledge Group does
not warrant their accuracy and completeness. The statements made by them are based on their
independent opinions and does not necessarily reflect that of The Knowledge Group‘s views.
In no event shall The Knowledge Group be liable to any person or business entity for any special,
direct, indirect, punitive, incidental or consequential damages as a result of any information gathered
from this webcast.
Certain images and/or photos on this page are the copyrighted property of 123RF Limited, their
Contributors or Licensed Partners and are being used with permission under license. These images
and/or photos may not be copied or downloaded without permission from 123RF Limited
Editor's Notes
Section 5 of the FTC Act - Flexible law that can be applied to many different situations, entities, and technologies.
Deception a material representation, omission, or practice that is likely to mislead consumers acting reasonably under the circumstances/
Unfairness practices that cause or are likely to cause substantial injury to consumers that are not outweighed by the benefits to consumers or competition and are not reasonably avoidable by consumers.
Under Section 5, we bring both privacy and data security cases.
This slide shows some of the companies against which the FTC has brought cases, alleging law violations related to data security or other privacy issues. These are key areas for the agency’s law enforcement work…
Intro to iDirect for those that don’t know and intro yourself.
For over 20 years, VT iDirect has realized the value of satellite connectivity and its power to serve a broad range of industries and geographies.
Today, we are the industry’s leading satellite communications company providing technology and solutions that enable our partners deliver VSAT services. Whether that’s extending private networks to remote offices , providing mobile connectivity across land, sea and air; delivering broadband access in emerging nations, or expanding cellular networks to remote and rural areas.. Whatever the services are, delivers the highest quality connectivity wherever and whenever it’s needed. For our partners, that’s a compelling differentiator that allows them to optimize their networks, differentiate and profitably expanded their business .
Quick Facts
Founded in 1994
Owned by VT Systems, a subsidiary of ST Engineering
600+ employees
350+ global partners
3500+ iDirect hubs – 57% market share
#1 in maritime, military/government, oil and gas
iDirect Government Technologies (iGT) wholly owned subsidiary
Threats are different for all companies
Political
Geographical
Economic
Threats are different for all companies
Political
Geographical
Economic
Threats are different for all companies
Political
Geographical
Economic
Threats are different for all companies
Political
Geographical
Economic
Threats are different for all companies
Political
Geographical
Economic
Know your enemy, they know you
Understand what information is available to them about you
Be proactive in your security measures
Know your enemy, they know you
Understand what information is available to them about you
Be proactive in your security measures