Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Security Essentials

271 views

Published on

Slides from Just People breakfast presentation 22/03/2016

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Security Essentials

  1. 1. SECURITY ESSENTIALS https://au.linkedin.com/in/ashleydeuble
  2. 2. BAD STUFF HAPPENS ..
  3. 3. ORGANISATIONS CAN BE TIGHT .. • There are many reasons why there is no cash for a security program • We don’t have anything that anyone would want? • We’ve never been hacked! • What do we get in return? • We have other pressing priorities .. Get back to work!
  4. 4. YOU CAN DO IT! • Start off with the basics and show that it has some business value • Implement policies – have a security position • Patch you systems and applications regularly • Run anti-virus • Limit the use of privileged access • Backups & recovery processes • Incident response • Security awareness
  5. 5. POLICIES/SECURITY POSITION • Grab some template policies and modify them suit your organisation • Have a security statement (e.g. “We take security seriously blah blah blah”) • Have an acceptable use policy • Refer to existing frameworks for guidance • ISO27001/2 • IS18 • NIST • COBIT • PCI DSS
  6. 6. PATCH YOUR SYSTEMS • According to CNN Money – In 2015, 90% of attacks leveraged old vulnerabilities that already had patches available • Use free tools to patch your Windows systems – Windows Server Update Services (WSUS) • Set Windows desktop machines to automatically install updates if you can’t use a patching tool • Java and Flash are evil!! Patch regularly or remove if possible
  7. 7. ANTI-VIRUS • Anti-virus is dead ?!? • Symantec reported 317 million new malware samples were seen in 2014 • Microsoft Security Essentials/Windows Defender
  8. 8. PRIVILEGED ACCESS • Principle of least access • Limiting access to the minimal level that will allow normal functioning • Often user error is the cause of incidents & additional work • Do you need to browse Facebook as an administrator to your organisation? • 2016 Mandiant M-Trends report discussed a case where an attacker obtained admin access and spread ransomware through Group Policy
  9. 9. BACKUP & RECOVERY • Determine what your critical business systems and information are • Back up regularly and test often • Periodically review and ensure all critical business data is backed up • Encrypt your backups if they contain sensitive data • Think about business continuity and disaster recovery (short & long term outages)
  10. 10. INCIDENT RESPONSE • Have a plan ready for when it all goes bad • Your plan could be to have someone else do it! • Keep regular contacts with law enforcement, AusCERT, Cert Australia etc. • Maybe put a 3rd party on a retainer for IR & investigations
  11. 11. SECURITY AWARENESS • We’re all human .. That’s why we’re targets • Inform the users what security means to the organisation • Relate it back to your security policies and guidelines • Tell them what to do if they make a mistake or suspect a weakness • Conduct it regularly and for all new users
  12. 12. RESOURCES • Security Policy • SANS - https://www.sans.org/security-resources/policies • CSO - http://www.csoonline.com/article/3019126/security/security-policy-samples- templates-and-tools.html • Security Frameworks • ISO 27001 - http://www.iso27001security.com/ • ISACA COBIT 5 - http://www.isaca.org/cobit/pages/cobit-5-framework-product- page.aspx • PCI DSS - https://www.pcisecuritystandards.org/pci_security/ • NIST Cybersecurity Framework - http://www.nist.gov/cyberframework/
  13. 13. RESOURCES • Patching Systems • Microsoft WSUS - https://www.microsoft.com/en-au/download/details.aspx?id=5216 • Red Hat Satellite - https://www.redhat.com/en/technologies/linux-platforms/satellite • Antivirus • Microsoft Security Essentials/Windows Defender - http://windows.microsoft.com/en- AU/windows/security-essentials-download
  14. 14. RESOURCES • Mandiant M-Trends 2016 report • https://www2.fireeye.com/rs/848-DID-242/images/Mtrends2016.pdf • Incident Response • Count Upon Security (with links to supplementary materials) - http://countuponsecurity.com/2012/12/21/computer-security-incident-handling-6- steps/ • SANS Incident Handlers Handbook Whitepaper - https://www.sans.org/reading- room/whitepapers/incident/incident-handlers-handbook-33901
  15. 15. RESOURCES • Security Awareness • NIST: Building an Information Technology Security Awareness and Training Program - http://csrc.nist.gov/publications/nistpubs/800-50/NIST-SP800-50.pdf • SANS Securing the Human (look in the resources area) - http://securingthehuman.sans.org/ • PCI Best practices for implementing a security awareness program - https://www.pcisecuritystandards.org/documents/PCI_DSS_V1.0_Best_Practices_for_Imple menting_Security_Awareness_Program.pdf

×