SlideShare a Scribd company logo

Good-cyber-hygiene-at-scale-and-speed

James '​-- Mckinlay
James '​-- Mckinlay

This document summarizes James McKinlay's presentation on "Cyber Hygiene at speed and scale - How to Clean a Datacenter". The presentation discusses the benefits of implementing vulnerability assessment and management (VMaaS) in managed datacenters to improve security. It recommends starting with quick wins like installing VMaaS agents, building a knowledgebase of patches, and linking VMaaS to configuration management databases. Long-term, security automation could be expanded to correlate software assets, maintain baselines, query systems, and collect security details. The takeaway is that datacenter operators should prioritize basic security hygiene and work with managed service providers to integrate more proactive security measures.

Technology
1 of 42
Download to read offline
Cyber Hygiene at speed and scale – How to Clean a Datacenter James Mckinlay – CSO Praetorian Consulting International
#whoami  Electoral Role  Landline  Broadband  Mobile Phone  Gas Electric  TV licence  Passport  Inland Revenue  High Street Bank  Online Retailers  Online webmail  Companies House  Online accountant  Births & Marriages Register  Hospital records / GP records Husband, Father, Son Cyber Consulting <-IT Security <- IT Solutions https://uk.linkedin.com/in/jmck4cybersecurity  Shares / Child ISA  Pension  Car Insurance  House Insurance  Flight Records (ARINC)  Mortgage  Postcode Address File  University Records  Water / Utilities  Council Tax  Driving Licence  Car registration / car tax  Equifax Experian Callcredit
#riskAssessment http://www.lkcyber.com/ http://www.slideshare.net/lkcyber/self-check
@CisoAdvisor Actual Agenda * Very quick look at datacentre issues * My take on “Good Cyber Hygiene” * Once more unto the breach * Takeaways “Everything should be as simple as it can be, but not simpler”
 (1) Before we go any further, I feel I should first point out that everything I’m about to say is obviously just my personal opinion, which you are of course entitled to take with the appropriate pinch of salt. I would expect that if you asked someone else who was considering the same points, they might have very different things that they are looking for.  (2) I am not currently in a UK Datacenter  (but …...) Disclaimer
* Section 1: Data centres Revolution Quote 1: “You will not be able to stay home, brother. You will not be able to plug in, turn on and cop out. You will not be able to lose yourself on skag and Skip out for beer during commercials, Because the revolution will not be televised.” - Gil Scott-Heron (1949 –2011)
Co-location (power & comms) Co-location (DRP site) Managed Service (physical) Corporate Servers (in house) Managed Service (virtual) Cloud (Public / Private) 19th Hole == DC3
Co-location (power & comms) Co-location (DRP site) Managed Service (physical) Corporate Servers (in house) Managed Service (virtual) Cloud (Public / Private) 19th Hole == DC3 Managed Service (physical) Corporate Servers (in house) Managed Service (virtual)
Co-location (power & comms) Co-location (DRP site) Managed Service (physical) Corporate Servers (in house) Managed Service (virtual) Cloud (Public / Private) 19th Hole == DC3 Cloud (Public / Private)
Tier what ? Tier 1: Guaranteeing 99.671% availability. Tier 2: Guaranteeing 99.741% availability. Tier 3: Guaranteeing 99.982% availability. Tier 4: Guaranteeing 99.995% availability. Availability over Security The more secure you are, physical, environmental, configuration management, change management, release management, infosec signoff .... The better the availability !
DC Problems External (public) DDoS on one customer affects all customers on a shared subnet External (partners) Third Party supplier access allows route into Managed Services and customer data Internal (bau) Managed Services network not secured adequately Managed Services network not split from corporate network Internal (strategic) Mergers & Acquisitions Business Transformation
Hold the front page
* Section 2: Cyber Hygiene Revolution quote 2: “The first revolution is when you change your mind about how you look at things, and see there might be another way to look at it that you have not been shown. What you see later on is the results of that, but that revolution, that change that takes place will not be televised.” - Gil Scott-heron (1949 –2011)
Not talking about 27001 here ISO 27002 can be traced back to the British Standard 7799, which was published in 1995. Originally written by the DTI, after several revisions ISO took it on as ISO/IEC 17799. There was a second part to BS 7799 which formed the implementation of an ISMS. This element was what ISO 27001 became in November 2005 (therefore named ISO 27001:2005)
So many to choose from  ACPO (DFIR)  AusDSD (ISPF) (ROSI)  CBEST  CIS (BM) (SM) (CSC)  COBIT4 & 5  CSA CCM  CPNI / CESG / CERT-UK  Carnegie Mellon CERT  EN16945 (NATS)  First.org  FCA  Gov.hk  HMG  ISO Standards, Frameworks and Good Practice guides  ISC2  ISF-SOGP  ISM3 Maturity Model  ISSAF  Microsoft  NARUC (Utilities)  NESA-IAS  NIST  OWASP  PAS-49  PCIDSS  SANS  Secure Pay Europe (ECB)  SOC I & SOC II reporting
So many questions What if someone had reviewed them all and made a list of the Top 100 Cyber Security Questions to ask ? Cyber Security Perspectives http://usahuawei.com/wp-content/uploads/2014/12/Top100-cyber-security-requirements.pdf
So to my favourites AusDSD T35 NSA T10 NSA Managed Network T20 CCv6
bestest bestest favourite NSA Adversary Obstruction https://www.youtube.com/watch?v=bDJb8WOJYdA https://www.iad.gov/iad/library/reports/nsa-methodology-for-adversary-obstruction.cfm
Inside favourite NSA Adversary Obstruction https://www.iad.gov/iad/library/reports/nsa-methodology-for-adversary-obstruction.cfm 1. Protect Credentials 2. Segregate Networks and Functions 3. Implement Host Intrusion Prevention System (HIPS) Rules 4. Centralize logging of all events 5. Take Advantage of Software Improvement 6. Implement Application Whitelisting 7. Install and correctly use EMET 8. Public Services Utilization 9. Use a Standard Baseline 10.Data-at-Rest and Data-in-Transit Encryption 11.Use Anti-Virus File Reputation Services
Chart and project plan AusDSD T35
Also C-Y-A DPA98 GDPR
* Section 3: Once more unto the ... Revolution quote 3: “There can't be any large-scale revolution until there's a personal revolution, on an individual level. It's got to happen inside first.” - Jim Morrison (1943 - 1971)
New agenda Why it sits well with DC-MS Speed and scale Security Operations First Steps & Roadmap
Service Delivery Why it sits well with DC-MS Work packages CAB CMDB tickets Service description Software library RCA Problem Management SLA
VisualOps Why it sits well with DC-MS
Secure Configuration Management Why it sits well with DC-MS
DevSecOps speed and scaleSpeed and scale
Concepts Easy to deploy, easy to operate MIG agents are designed to be lightweight, secure, and easy to deploy so you can ask your favorite sysadmins to add it to a base deployment without fear of breaking the entire production network. All parameters are built into the agent at compile time, including the list and ACLs of authorized investigators. Security is enforced using PGP keys, and even if MIG's servers are compromised, as long as our keys are safe on your investigator's laptop, no one will break into the agents. Fast and asynchronous MIG is designed to be fast, and asynchronous. It uses AMQP to distribute actions to endpoints, and relies on Go channels to prevent components from blocking. Running actions and commands are stored in a Postgresql database and on disk cache, such that the reliability of the platform doesn't depend on long-running processes. Speed is a strong requirement. Most actions will only take a few hundreds milliseconds to run on agents. Larger ones, for example when looking for a hash in a big directory, should run in less than a minute or two. All in all, an investigation usually completes in between 10 and 300 seconds. Strong security primitives Privacy and security are paramount. Agents never send raw data back to the platform, but only reply to questions instead. All actions are signed by GPG keys that are not stored in the platform, thus preventing a compromise from taking over the entire infrastructure.
Gareth Rushgrove @ Puppet Labs
Is it fast ? Does it scale ? Does it use python?
Secure continuous delivery? Security Automation? Pipeline, CI, API, Monitoring?
New thinking speed and scaleSpeed and scale Data Centre Cloud
Build your own ? speed and scaleSpeed and scale
SOC thinking Security operations
Secret Sauce
First Steps – quick wins First Steps Managed data centre is perfect situation to install an run VMaaS Managed data centre is perfect situation to build a knowledgebase of awkward patches SOC members are perfect researchers for remediation work following VMaaS Managed data centre is perfect situation to link VMaaS to CMDB and CAB SCM operations are perfect for testing remediation work
First Steps – quick wins Future Steps SCM can correlate software asset records SCM can maintain baseline security SCM can query system for files, hashes, registry entries SCM can collect local admin details SCM can collect local USB usage
Summary  It is in a Data Centre’s best interest to be more secure because that helps availability !!  IT Ops, Security Ops and Security Management (compliance) need to work closer together  SOC / SecOps doesn’t have to be about incident response in can also be incident prevention  If you have outsourced hosting and infrastructure management – why not add VMaaS and Remediation activities !
Takeaways  Take “Fix the basics” seriously we’ve had years to get this  Get started if you haven’t already  Use what has been learnt from years of vulnerability assessment and patch management and device hardening  Tailor it to your organisation (size and maturity)  Learn from other disciplines (collaborate or die)  Challenge Managed Service providers to do more security Network with likeminded peers
Time is precious thank you for yours James

Recommended

GPDR_Get-Data-Protection-Right
GPDR_Get-Data-Protection-RightGPDR_Get-Data-Protection-Right
GPDR_Get-Data-Protection-RightJames '​-- Mckinlay
 
Cyber Hygiene
Cyber HygieneCyber Hygiene
Cyber HygieneGAURAV. H .TANDON
 
Personal Digital Hygiene
Personal Digital HygienePersonal Digital Hygiene
Personal Digital HygieneLars Hilse Global Thought Leader in #CyberSecurity, #CyberTerrorism, #CyberDefence, #CyberCrime
 
Edith Turuka: Cyber-Security, An Eye Opener to the Society
Edith Turuka: Cyber-Security, An Eye Opener to the SocietyEdith Turuka: Cyber-Security, An Eye Opener to the Society
Edith Turuka: Cyber-Security, An Eye Opener to the SocietyHamisi Kibonde
 
Webinar - Cyber Hygiene: Stay Clean at Work and at Home
Webinar - Cyber Hygiene: Stay Clean at Work and at HomeWebinar - Cyber Hygiene: Stay Clean at Work and at Home
Webinar - Cyber Hygiene: Stay Clean at Work and at HomeWPICPE
 
Information Security For Small Business
Information Security For Small BusinessInformation Security For Small Business
Information Security For Small BusinessJulius Clark, CISSP, CISA
 
Webinar: Be Cyber Smart – Stories from the Trenches
Webinar: Be Cyber Smart – Stories from the TrenchesWebinar: Be Cyber Smart – Stories from the Trenches
Webinar: Be Cyber Smart – Stories from the TrenchesWithum
 
The importance of information security nowadays
The importance of information security nowadaysThe importance of information security nowadays
The importance of information security nowadaysPECB
 

Recommended

GPDR_Get-Data-Protection-Right
GPDR_Get-Data-Protection-RightGPDR_Get-Data-Protection-Right
GPDR_Get-Data-Protection-RightJames '​-- Mckinlay
 
Cyber Hygiene
Cyber HygieneCyber Hygiene
Cyber HygieneGAURAV. H .TANDON
 
Personal Digital Hygiene
Personal Digital HygienePersonal Digital Hygiene
Personal Digital HygieneLars Hilse Global Thought Leader in #CyberSecurity, #CyberTerrorism, #CyberDefence, #CyberCrime
 
Edith Turuka: Cyber-Security, An Eye Opener to the Society
Edith Turuka: Cyber-Security, An Eye Opener to the SocietyEdith Turuka: Cyber-Security, An Eye Opener to the Society
Edith Turuka: Cyber-Security, An Eye Opener to the SocietyHamisi Kibonde
 
Webinar - Cyber Hygiene: Stay Clean at Work and at Home
Webinar - Cyber Hygiene: Stay Clean at Work and at HomeWebinar - Cyber Hygiene: Stay Clean at Work and at Home
Webinar - Cyber Hygiene: Stay Clean at Work and at HomeWPICPE
 
Information Security For Small Business
Information Security For Small BusinessInformation Security For Small Business
Information Security For Small BusinessJulius Clark, CISSP, CISA
 
Webinar: Be Cyber Smart – Stories from the Trenches
Webinar: Be Cyber Smart – Stories from the TrenchesWebinar: Be Cyber Smart – Stories from the Trenches
Webinar: Be Cyber Smart – Stories from the TrenchesWithum
 
The importance of information security nowadays
The importance of information security nowadaysThe importance of information security nowadays
The importance of information security nowadaysPECB
 
Craft Your Cyber Incident Response Plan (Before It's Too Late)
Craft Your Cyber Incident Response Plan (Before It's Too Late)Craft Your Cyber Incident Response Plan (Before It's Too Late)
Craft Your Cyber Incident Response Plan (Before It's Too Late)Resilient Systems
 
Dino Tsibouris & Mehmet Munur - Legal Perspective on Data Security for 2016
Dino Tsibouris & Mehmet Munur - Legal Perspective on Data Security for 2016Dino Tsibouris & Mehmet Munur - Legal Perspective on Data Security for 2016
Dino Tsibouris & Mehmet Munur - Legal Perspective on Data Security for 2016centralohioissa
 
Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...
Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...
Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...centralohioissa
 
Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...
Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...
Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...centralohioissa
 
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...Eric Vanderburg
 
GDPR, Data Privacy and Cybersecurity - MIT Symposium
GDPR, Data Privacy and Cybersecurity - MIT SymposiumGDPR, Data Privacy and Cybersecurity - MIT Symposium
GDPR, Data Privacy and Cybersecurity - MIT SymposiumEric Vanderburg
 
Thinking like a criminal – Cybersecurity 101
Thinking like a criminal – Cybersecurity 101Thinking like a criminal – Cybersecurity 101
Thinking like a criminal – Cybersecurity 101PECB
 
New CISO - The First 90 Days
New CISO - The First 90 DaysNew CISO - The First 90 Days
New CISO - The First 90 DaysResilient Systems
 
Industrial Control Security USA Sacramento California Oct 6/7
Industrial Control Security USA Sacramento California Oct 6/7Industrial Control Security USA Sacramento California Oct 6/7
Industrial Control Security USA Sacramento California Oct 6/7James Nesbitt
 
Art Hathaway - Artificial Intelligence - Real Threat Prevention
Art Hathaway - Artificial Intelligence - Real Threat PreventionArt Hathaway - Artificial Intelligence - Real Threat Prevention
Art Hathaway - Artificial Intelligence - Real Threat Preventioncentralohioissa
 
Cyber Security 101: What Your Agency Needs to Know
Cyber Security 101: What Your Agency Needs to KnowCyber Security 101: What Your Agency Needs to Know
Cyber Security 101: What Your Agency Needs to KnowSandra Fathi
 
You are Doing IT Security Wrong - Understanding the Threat of Modern Cyber-at...
You are Doing IT Security Wrong - Understanding the Threat of Modern Cyber-at...You are Doing IT Security Wrong - Understanding the Threat of Modern Cyber-at...
You are Doing IT Security Wrong - Understanding the Threat of Modern Cyber-at...Michael Noel
 
Think You’re Covered? Think Again. Cybersecurity, Data Privacy, Payments Frau...
Think You’re Covered? Think Again. Cybersecurity, Data Privacy, Payments Frau...Think You’re Covered? Think Again. Cybersecurity, Data Privacy, Payments Frau...
Think You’re Covered? Think Again. Cybersecurity, Data Privacy, Payments Frau...Withum
 
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...Symantec
 
[Webinar Slides] Data Privacy Solving Negligence, Bad Practices, Access Contr...
[Webinar Slides] Data Privacy Solving Negligence, Bad Practices, Access Contr...[Webinar Slides] Data Privacy Solving Negligence, Bad Practices, Access Contr...
[Webinar Slides] Data Privacy Solving Negligence, Bad Practices, Access Contr...AIIM International
 
Cybersecurity report
Cybersecurity reportCybersecurity report
Cybersecurity reportKevin Leffew
 
State of Cyber: Views from an Industry Insider
State of Cyber: Views from an Industry InsiderState of Cyber: Views from an Industry Insider
State of Cyber: Views from an Industry InsiderBen Johnson
 
A Guide to Disaster Preparedness for Businesses
A Guide to Disaster Preparedness for BusinessesA Guide to Disaster Preparedness for Businesses
A Guide to Disaster Preparedness for BusinessesAdvanced Imaging Solutions & Pinnacle
 
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...Gohsuke Takama
 
Cyber Security Conference 2017
Cyber Security Conference 2017Cyber Security Conference 2017
Cyber Security Conference 2017Norfolk Chamber of Commerce
 
You Spent All That Money And Still Got Owned
You Spent All That Money And Still Got OwnedYou Spent All That Money And Still Got Owned
You Spent All That Money And Still Got OwnedJoe McCray
 
Glue con2011 future_of_net_systems
Glue con2011 future_of_net_systemsGlue con2011 future_of_net_systems
Glue con2011 future_of_net_systemsJames Urquhart
 

More Related Content

What's hot

Craft Your Cyber Incident Response Plan (Before It's Too Late)
Craft Your Cyber Incident Response Plan (Before It's Too Late)Craft Your Cyber Incident Response Plan (Before It's Too Late)
Craft Your Cyber Incident Response Plan (Before It's Too Late)Resilient Systems
 
Dino Tsibouris & Mehmet Munur - Legal Perspective on Data Security for 2016
Dino Tsibouris & Mehmet Munur - Legal Perspective on Data Security for 2016Dino Tsibouris & Mehmet Munur - Legal Perspective on Data Security for 2016
Dino Tsibouris & Mehmet Munur - Legal Perspective on Data Security for 2016centralohioissa
 
Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...
Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...
Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...centralohioissa
 
Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...
Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...
Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...centralohioissa
 
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...Eric Vanderburg
 
GDPR, Data Privacy and Cybersecurity - MIT Symposium
GDPR, Data Privacy and Cybersecurity - MIT SymposiumGDPR, Data Privacy and Cybersecurity - MIT Symposium
GDPR, Data Privacy and Cybersecurity - MIT SymposiumEric Vanderburg
 
Thinking like a criminal – Cybersecurity 101
Thinking like a criminal – Cybersecurity 101Thinking like a criminal – Cybersecurity 101
Thinking like a criminal – Cybersecurity 101PECB
 
New CISO - The First 90 Days
New CISO - The First 90 DaysNew CISO - The First 90 Days
New CISO - The First 90 DaysResilient Systems
 
Industrial Control Security USA Sacramento California Oct 6/7
Industrial Control Security USA Sacramento California Oct 6/7Industrial Control Security USA Sacramento California Oct 6/7
Industrial Control Security USA Sacramento California Oct 6/7James Nesbitt
 
Art Hathaway - Artificial Intelligence - Real Threat Prevention
Art Hathaway - Artificial Intelligence - Real Threat PreventionArt Hathaway - Artificial Intelligence - Real Threat Prevention
Art Hathaway - Artificial Intelligence - Real Threat Preventioncentralohioissa
 
Cyber Security 101: What Your Agency Needs to Know
Cyber Security 101: What Your Agency Needs to KnowCyber Security 101: What Your Agency Needs to Know
Cyber Security 101: What Your Agency Needs to KnowSandra Fathi
 
You are Doing IT Security Wrong - Understanding the Threat of Modern Cyber-at...
You are Doing IT Security Wrong - Understanding the Threat of Modern Cyber-at...You are Doing IT Security Wrong - Understanding the Threat of Modern Cyber-at...
You are Doing IT Security Wrong - Understanding the Threat of Modern Cyber-at...Michael Noel
 
Think You’re Covered? Think Again. Cybersecurity, Data Privacy, Payments Frau...
Think You’re Covered? Think Again. Cybersecurity, Data Privacy, Payments Frau...Think You’re Covered? Think Again. Cybersecurity, Data Privacy, Payments Frau...
Think You’re Covered? Think Again. Cybersecurity, Data Privacy, Payments Frau...Withum
 
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...Symantec
 
[Webinar Slides] Data Privacy Solving Negligence, Bad Practices, Access Contr...
[Webinar Slides] Data Privacy Solving Negligence, Bad Practices, Access Contr...[Webinar Slides] Data Privacy Solving Negligence, Bad Practices, Access Contr...
[Webinar Slides] Data Privacy Solving Negligence, Bad Practices, Access Contr...AIIM International
 
Cybersecurity report
Cybersecurity reportCybersecurity report
Cybersecurity reportKevin Leffew
 
State of Cyber: Views from an Industry Insider
State of Cyber: Views from an Industry InsiderState of Cyber: Views from an Industry Insider
State of Cyber: Views from an Industry InsiderBen Johnson
 
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...Gohsuke Takama
 

What's hot (20)

Craft Your Cyber Incident Response Plan (Before It's Too Late)
Craft Your Cyber Incident Response Plan (Before It's Too Late)Craft Your Cyber Incident Response Plan (Before It's Too Late)
Craft Your Cyber Incident Response Plan (Before It's Too Late)
 
Dino Tsibouris & Mehmet Munur - Legal Perspective on Data Security for 2016
Dino Tsibouris & Mehmet Munur - Legal Perspective on Data Security for 2016Dino Tsibouris & Mehmet Munur - Legal Perspective on Data Security for 2016
Dino Tsibouris & Mehmet Munur - Legal Perspective on Data Security for 2016
 
Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...
Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...
Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...
 
Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...
Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...
Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...
 
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
 
GDPR, Data Privacy and Cybersecurity - MIT Symposium
GDPR, Data Privacy and Cybersecurity - MIT SymposiumGDPR, Data Privacy and Cybersecurity - MIT Symposium
GDPR, Data Privacy and Cybersecurity - MIT Symposium
 
Thinking like a criminal – Cybersecurity 101
Thinking like a criminal – Cybersecurity 101Thinking like a criminal – Cybersecurity 101
Thinking like a criminal – Cybersecurity 101
 
New CISO - The First 90 Days
New CISO - The First 90 DaysNew CISO - The First 90 Days
New CISO - The First 90 Days
 
Industrial Control Security USA Sacramento California Oct 6/7
Industrial Control Security USA Sacramento California Oct 6/7Industrial Control Security USA Sacramento California Oct 6/7
Industrial Control Security USA Sacramento California Oct 6/7
 
Art Hathaway - Artificial Intelligence - Real Threat Prevention
Art Hathaway - Artificial Intelligence - Real Threat PreventionArt Hathaway - Artificial Intelligence - Real Threat Prevention
Art Hathaway - Artificial Intelligence - Real Threat Prevention
 
Cyber Security 101: What Your Agency Needs to Know
Cyber Security 101: What Your Agency Needs to KnowCyber Security 101: What Your Agency Needs to Know
Cyber Security 101: What Your Agency Needs to Know
 
You are Doing IT Security Wrong - Understanding the Threat of Modern Cyber-at...
You are Doing IT Security Wrong - Understanding the Threat of Modern Cyber-at...You are Doing IT Security Wrong - Understanding the Threat of Modern Cyber-at...
You are Doing IT Security Wrong - Understanding the Threat of Modern Cyber-at...
 
Think You’re Covered? Think Again. Cybersecurity, Data Privacy, Payments Frau...
Think You’re Covered? Think Again. Cybersecurity, Data Privacy, Payments Frau...Think You’re Covered? Think Again. Cybersecurity, Data Privacy, Payments Frau...
Think You’re Covered? Think Again. Cybersecurity, Data Privacy, Payments Frau...
 
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
 
[Webinar Slides] Data Privacy Solving Negligence, Bad Practices, Access Contr...
[Webinar Slides] Data Privacy Solving Negligence, Bad Practices, Access Contr...[Webinar Slides] Data Privacy Solving Negligence, Bad Practices, Access Contr...
[Webinar Slides] Data Privacy Solving Negligence, Bad Practices, Access Contr...
 
Cybersecurity report
Cybersecurity reportCybersecurity report
Cybersecurity report
 
State of Cyber: Views from an Industry Insider
State of Cyber: Views from an Industry InsiderState of Cyber: Views from an Industry Insider
State of Cyber: Views from an Industry Insider
 
A Guide to Disaster Preparedness for Businesses
A Guide to Disaster Preparedness for BusinessesA Guide to Disaster Preparedness for Businesses
A Guide to Disaster Preparedness for Businesses
 
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
 
Cyber Security Conference 2017
Cyber Security Conference 2017Cyber Security Conference 2017
Cyber Security Conference 2017
 

Similar to Good-cyber-hygiene-at-scale-and-speed

You Spent All That Money And Still Got Owned
You Spent All That Money And Still Got OwnedYou Spent All That Money And Still Got Owned
You Spent All That Money And Still Got OwnedJoe McCray
 
Glue con2011 future_of_net_systems
Glue con2011 future_of_net_systemsGlue con2011 future_of_net_systems
Glue con2011 future_of_net_systemsJames Urquhart
 
SGSB Webcast 3: Smart Grid IT Systems Security
SGSB Webcast 3: Smart Grid IT Systems SecuritySGSB Webcast 3: Smart Grid IT Systems Security
SGSB Webcast 3: Smart Grid IT Systems SecurityAndy Bochman
 
Cisco Phy Sec Overview Netversant
Cisco Phy Sec Overview NetversantCisco Phy Sec Overview Netversant
Cisco Phy Sec Overview NetversantJayCase
 
Get Real-Time Cyber Threat Protection with Risk Management and SIEM
Get Real-Time Cyber Threat Protection with Risk Management and SIEMGet Real-Time Cyber Threat Protection with Risk Management and SIEM
Get Real-Time Cyber Threat Protection with Risk Management and SIEMRapid7
 
Are you ready for the next attack? Reviewing the SP Security Checklist
Are you ready for the next attack? Reviewing the SP Security ChecklistAre you ready for the next attack? Reviewing the SP Security Checklist
Are you ready for the next attack? Reviewing the SP Security ChecklistAPNIC
 
Are you ready for the next attack? reviewing the sp security checklist (apnic...
Are you ready for the next attack? reviewing the sp security checklist (apnic...Are you ready for the next attack? reviewing the sp security checklist (apnic...
Are you ready for the next attack? reviewing the sp security checklist (apnic...Barry Greene
 
Cloud risk and business continuity v21
Cloud risk and business continuity v21Cloud risk and business continuity v21
Cloud risk and business continuity v21Jorge Sebastiao
 
Automation: The Wonderful Wizard of CTI (or is it?)
Automation: The Wonderful Wizard of CTI (or is it?) Automation: The Wonderful Wizard of CTI (or is it?)
Automation: The Wonderful Wizard of CTI (or is it?) MITRE ATT&CK
 
Top IT Management Practices for Government Entities
Top IT Management Practices for Government EntitiesTop IT Management Practices for Government Entities
Top IT Management Practices for Government EntitiesSolarWinds
 
Hacker Halted 2014 - Control Quotient: Adaptive Strategies For Gracefully Los...
Hacker Halted 2014 - Control Quotient: Adaptive Strategies For Gracefully Los...Hacker Halted 2014 - Control Quotient: Adaptive Strategies For Gracefully Los...
Hacker Halted 2014 - Control Quotient: Adaptive Strategies For Gracefully Los...EC-Council
 
Control Quotient: Adaptive Strategies For Gracefully Losing Control (Hacker H...
Control Quotient: Adaptive Strategies For Gracefully Losing Control (Hacker H...Control Quotient: Adaptive Strategies For Gracefully Losing Control (Hacker H...
Control Quotient: Adaptive Strategies For Gracefully Losing Control (Hacker H...David Etue
 
Encryption in industrial control systems; Is the juice worth the squeeze?
Encryption in industrial control systems; Is the juice worth the squeeze?Encryption in industrial control systems; Is the juice worth the squeeze?
Encryption in industrial control systems; Is the juice worth the squeeze?Brian Proctor - GICSP, CISSP, CRISC
 
Cloud Security @ TIM - Current Practises and Future Challanges
Cloud Security @ TIM - Current Practises and Future ChallangesCloud Security @ TIM - Current Practises and Future Challanges
Cloud Security @ TIM - Current Practises and Future ChallangesMichele Vecchione
 
Layer one 2011-joe-mccray-you-spent-all-that-money-and-still-got-0wned
Layer one 2011-joe-mccray-you-spent-all-that-money-and-still-got-0wnedLayer one 2011-joe-mccray-you-spent-all-that-money-and-still-got-0wned
Layer one 2011-joe-mccray-you-spent-all-that-money-and-still-got-0wnedfangjiafu
 
Cloud computing security - Insights
Cloud computing security - InsightsCloud computing security - Insights
Cloud computing security - Insightsgiorgiacaleffi
 
Automated prevention of ransomware with machine learning and gpos
Automated prevention of ransomware with machine learning and gposAutomated prevention of ransomware with machine learning and gpos
Automated prevention of ransomware with machine learning and gposPriyanka Aash
 
SPO2-T11_Automated-Prevention-of-Ransomware-with-Machine-Learning-and-GPOs
SPO2-T11_Automated-Prevention-of-Ransomware-with-Machine-Learning-and-GPOsSPO2-T11_Automated-Prevention-of-Ransomware-with-Machine-Learning-and-GPOs
SPO2-T11_Automated-Prevention-of-Ransomware-with-Machine-Learning-and-GPOsRod Soto
 
Architecting Secure Web Systems
Architecting Secure Web SystemsArchitecting Secure Web Systems
Architecting Secure Web SystemsInnoTech
 

Similar to Good-cyber-hygiene-at-scale-and-speed (20)

You Spent All That Money And Still Got Owned
You Spent All That Money And Still Got OwnedYou Spent All That Money And Still Got Owned
You Spent All That Money And Still Got Owned
 
Glue con2011 future_of_net_systems
Glue con2011 future_of_net_systemsGlue con2011 future_of_net_systems
Glue con2011 future_of_net_systems
 
SGSB Webcast 3: Smart Grid IT Systems Security
SGSB Webcast 3: Smart Grid IT Systems SecuritySGSB Webcast 3: Smart Grid IT Systems Security
SGSB Webcast 3: Smart Grid IT Systems Security
 
Cisco Phy Sec Overview Netversant
Cisco Phy Sec Overview NetversantCisco Phy Sec Overview Netversant
Cisco Phy Sec Overview Netversant
 
Get Real-Time Cyber Threat Protection with Risk Management and SIEM
Get Real-Time Cyber Threat Protection with Risk Management and SIEMGet Real-Time Cyber Threat Protection with Risk Management and SIEM
Get Real-Time Cyber Threat Protection with Risk Management and SIEM
 
Are you ready for the next attack? Reviewing the SP Security Checklist
Are you ready for the next attack? Reviewing the SP Security ChecklistAre you ready for the next attack? Reviewing the SP Security Checklist
Are you ready for the next attack? Reviewing the SP Security Checklist
 
Are you ready for the next attack? reviewing the sp security checklist (apnic...
Are you ready for the next attack? reviewing the sp security checklist (apnic...Are you ready for the next attack? reviewing the sp security checklist (apnic...
Are you ready for the next attack? reviewing the sp security checklist (apnic...
 
Cloud risk and business continuity v21
Cloud risk and business continuity v21Cloud risk and business continuity v21
Cloud risk and business continuity v21
 
Automation: The Wonderful Wizard of CTI (or is it?)
Automation: The Wonderful Wizard of CTI (or is it?) Automation: The Wonderful Wizard of CTI (or is it?)
Automation: The Wonderful Wizard of CTI (or is it?)
 
Top IT Management Practices for Government Entities
Top IT Management Practices for Government EntitiesTop IT Management Practices for Government Entities
Top IT Management Practices for Government Entities
 
Hacker Halted 2014 - Control Quotient: Adaptive Strategies For Gracefully Los...
Hacker Halted 2014 - Control Quotient: Adaptive Strategies For Gracefully Los...Hacker Halted 2014 - Control Quotient: Adaptive Strategies For Gracefully Los...
Hacker Halted 2014 - Control Quotient: Adaptive Strategies For Gracefully Los...
 
Control Quotient: Adaptive Strategies For Gracefully Losing Control (Hacker H...
Control Quotient: Adaptive Strategies For Gracefully Losing Control (Hacker H...Control Quotient: Adaptive Strategies For Gracefully Losing Control (Hacker H...
Control Quotient: Adaptive Strategies For Gracefully Losing Control (Hacker H...
 
Using the Cloud
Using the CloudUsing the Cloud
Using the Cloud
 
Encryption in industrial control systems; Is the juice worth the squeeze?
Encryption in industrial control systems; Is the juice worth the squeeze?Encryption in industrial control systems; Is the juice worth the squeeze?
Encryption in industrial control systems; Is the juice worth the squeeze?
 
Cloud Security @ TIM - Current Practises and Future Challanges
Cloud Security @ TIM - Current Practises and Future ChallangesCloud Security @ TIM - Current Practises and Future Challanges
Cloud Security @ TIM - Current Practises and Future Challanges
 
Layer one 2011-joe-mccray-you-spent-all-that-money-and-still-got-0wned
Layer one 2011-joe-mccray-you-spent-all-that-money-and-still-got-0wnedLayer one 2011-joe-mccray-you-spent-all-that-money-and-still-got-0wned
Layer one 2011-joe-mccray-you-spent-all-that-money-and-still-got-0wned
 
Cloud computing security - Insights
Cloud computing security - InsightsCloud computing security - Insights
Cloud computing security - Insights
 
Automated prevention of ransomware with machine learning and gpos
Automated prevention of ransomware with machine learning and gposAutomated prevention of ransomware with machine learning and gpos
Automated prevention of ransomware with machine learning and gpos
 
SPO2-T11_Automated-Prevention-of-Ransomware-with-Machine-Learning-and-GPOs
SPO2-T11_Automated-Prevention-of-Ransomware-with-Machine-Learning-and-GPOsSPO2-T11_Automated-Prevention-of-Ransomware-with-Machine-Learning-and-GPOs
SPO2-T11_Automated-Prevention-of-Ransomware-with-Machine-Learning-and-GPOs
 
Architecting Secure Web Systems
Architecting Secure Web SystemsArchitecting Secure Web Systems
Architecting Secure Web Systems
 

More from James '​-- Mckinlay

40 things to do before you spend $1 on AI
40 things to do before you spend $1 on AI40 things to do before you spend $1 on AI
40 things to do before you spend $1 on AIJames '​-- Mckinlay
 
BsidesMCR_2016-what-can-infosec-learn-from-devops
BsidesMCR_2016-what-can-infosec-learn-from-devopsBsidesMCR_2016-what-can-infosec-learn-from-devops
BsidesMCR_2016-what-can-infosec-learn-from-devopsJames '​-- Mckinlay
 
Living with Determined Attackers MOSI Edition
Living with Determined Attackers MOSI EditionLiving with Determined Attackers MOSI Edition
Living with Determined Attackers MOSI EditionJames '​-- Mckinlay
 
ELITE.BCS-Cloud-and-Mobile-Risk-Assessments
ELITE.BCS-Cloud-and-Mobile-Risk-AssessmentsELITE.BCS-Cloud-and-Mobile-Risk-Assessments
ELITE.BCS-Cloud-and-Mobile-Risk-AssessmentsJames '​-- Mckinlay
 
Living with the threat of Determined Attackers - RANT0214
Living with the threat of Determined Attackers - RANT0214Living with the threat of Determined Attackers - RANT0214
Living with the threat of Determined Attackers - RANT0214James '​-- Mckinlay
 

More from James '​-- Mckinlay (11)

Cracking for the Blue Team
Cracking for the Blue TeamCracking for the Blue Team
Cracking for the Blue Team
 
Security at the speed of dev ops v3
Security at the speed of dev ops v3Security at the speed of dev ops v3
Security at the speed of dev ops v3
 
40 things to do before you spend $1 on AI
40 things to do before you spend $1 on AI40 things to do before you spend $1 on AI
40 things to do before you spend $1 on AI
 
Securing Smart Cities
Securing Smart CitiesSecuring Smart Cities
Securing Smart Cities
 
cybersecurity-workforce-papers
cybersecurity-workforce-paperscybersecurity-workforce-papers
cybersecurity-workforce-papers
 
BsidesMCR_2016-what-can-infosec-learn-from-devops
BsidesMCR_2016-what-can-infosec-learn-from-devopsBsidesMCR_2016-what-can-infosec-learn-from-devops
BsidesMCR_2016-what-can-infosec-learn-from-devops
 
Metrics evolution breakfast edition
Metrics evolution breakfast editionMetrics evolution breakfast edition
Metrics evolution breakfast edition
 
IGPC Data Breach Planning braindump
IGPC Data Breach Planning braindumpIGPC Data Breach Planning braindump
IGPC Data Breach Planning braindump
 
Living with Determined Attackers MOSI Edition
Living with Determined Attackers MOSI EditionLiving with Determined Attackers MOSI Edition
Living with Determined Attackers MOSI Edition
 
ELITE.BCS-Cloud-and-Mobile-Risk-Assessments
ELITE.BCS-Cloud-and-Mobile-Risk-AssessmentsELITE.BCS-Cloud-and-Mobile-Risk-Assessments
ELITE.BCS-Cloud-and-Mobile-Risk-Assessments
 
Living with the threat of Determined Attackers - RANT0214
Living with the threat of Determined Attackers - RANT0214Living with the threat of Determined Attackers - RANT0214
Living with the threat of Determined Attackers - RANT0214
 

Recently uploaded

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024SynarionITSolutions
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsRoshan Dwivedi
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Principled Technologies
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 

Recently uploaded (20)

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 

Good-cyber-hygiene-at-scale-and-speed

  • 1. Cyber Hygiene at speed and scale – How to Clean a Datacenter James Mckinlay – CSO Praetorian Consulting International
  • 2. #whoami  Electoral Role  Landline  Broadband  Mobile Phone  Gas Electric  TV licence  Passport  Inland Revenue  High Street Bank  Online Retailers  Online webmail  Companies House  Online accountant  Births & Marriages Register  Hospital records / GP records Husband, Father, Son Cyber Consulting <-IT Security <- IT Solutions https://uk.linkedin.com/in/jmck4cybersecurity  Shares / Child ISA  Pension  Car Insurance  House Insurance  Flight Records (ARINC)  Mortgage  Postcode Address File  University Records  Water / Utilities  Council Tax  Driving Licence  Car registration / car tax  Equifax Experian Callcredit
  • 4. @CisoAdvisor Actual Agenda * Very quick look at datacentre issues * My take on “Good Cyber Hygiene” * Once more unto the breach * Takeaways “Everything should be as simple as it can be, but not simpler”
  • 5.  (1) Before we go any further, I feel I should first point out that everything I’m about to say is obviously just my personal opinion, which you are of course entitled to take with the appropriate pinch of salt. I would expect that if you asked someone else who was considering the same points, they might have very different things that they are looking for.  (2) I am not currently in a UK Datacenter  (but …...) Disclaimer
  • 6. * Section 1: Data centres Revolution Quote 1: “You will not be able to stay home, brother. You will not be able to plug in, turn on and cop out. You will not be able to lose yourself on skag and Skip out for beer during commercials, Because the revolution will not be televised.” - Gil Scott-Heron (1949 –2011)
  • 7. Co-location (power & comms) Co-location (DRP site) Managed Service (physical) Corporate Servers (in house) Managed Service (virtual) Cloud (Public / Private) 19th Hole == DC3
  • 8. Co-location (power & comms) Co-location (DRP site) Managed Service (physical) Corporate Servers (in house) Managed Service (virtual) Cloud (Public / Private) 19th Hole == DC3 Managed Service (physical) Corporate Servers (in house) Managed Service (virtual)
  • 9. Co-location (power & comms) Co-location (DRP site) Managed Service (physical) Corporate Servers (in house) Managed Service (virtual) Cloud (Public / Private) 19th Hole == DC3 Cloud (Public / Private)
  • 10.
  • 11. Tier what ? Tier 1: Guaranteeing 99.671% availability. Tier 2: Guaranteeing 99.741% availability. Tier 3: Guaranteeing 99.982% availability. Tier 4: Guaranteeing 99.995% availability. Availability over Security The more secure you are, physical, environmental, configuration management, change management, release management, infosec signoff .... The better the availability !
  • 12. DC Problems External (public) DDoS on one customer affects all customers on a shared subnet External (partners) Third Party supplier access allows route into Managed Services and customer data Internal (bau) Managed Services network not secured adequately Managed Services network not split from corporate network Internal (strategic) Mergers & Acquisitions Business Transformation
  • 14. * Section 2: Cyber Hygiene Revolution quote 2: “The first revolution is when you change your mind about how you look at things, and see there might be another way to look at it that you have not been shown. What you see later on is the results of that, but that revolution, that change that takes place will not be televised.” - Gil Scott-heron (1949 –2011)
  • 15. Not talking about 27001 here ISO 27002 can be traced back to the British Standard 7799, which was published in 1995. Originally written by the DTI, after several revisions ISO took it on as ISO/IEC 17799. There was a second part to BS 7799 which formed the implementation of an ISMS. This element was what ISO 27001 became in November 2005 (therefore named ISO 27001:2005)
  • 16. So many to choose from  ACPO (DFIR)  AusDSD (ISPF) (ROSI)  CBEST  CIS (BM) (SM) (CSC)  COBIT4 & 5  CSA CCM  CPNI / CESG / CERT-UK  Carnegie Mellon CERT  EN16945 (NATS)  First.org  FCA  Gov.hk  HMG  ISO Standards, Frameworks and Good Practice guides  ISC2  ISF-SOGP  ISM3 Maturity Model  ISSAF  Microsoft  NARUC (Utilities)  NESA-IAS  NIST  OWASP  PAS-49  PCIDSS  SANS  Secure Pay Europe (ECB)  SOC I & SOC II reporting
  • 17. So many questions What if someone had reviewed them all and made a list of the Top 100 Cyber Security Questions to ask ? Cyber Security Perspectives http://usahuawei.com/wp-content/uploads/2014/12/Top100-cyber-security-requirements.pdf
  • 18. So to my favourites AusDSD T35 NSA T10 NSA Managed Network T20 CCv6
  • 19. bestest bestest favourite NSA Adversary Obstruction https://www.youtube.com/watch?v=bDJb8WOJYdA https://www.iad.gov/iad/library/reports/nsa-methodology-for-adversary-obstruction.cfm
  • 20. Inside favourite NSA Adversary Obstruction https://www.iad.gov/iad/library/reports/nsa-methodology-for-adversary-obstruction.cfm 1. Protect Credentials 2. Segregate Networks and Functions 3. Implement Host Intrusion Prevention System (HIPS) Rules 4. Centralize logging of all events 5. Take Advantage of Software Improvement 6. Implement Application Whitelisting 7. Install and correctly use EMET 8. Public Services Utilization 9. Use a Standard Baseline 10.Data-at-Rest and Data-in-Transit Encryption 11.Use Anti-Virus File Reputation Services
  • 21. Chart and project plan AusDSD T35
  • 23. * Section 3: Once more unto the ... Revolution quote 3: “There can't be any large-scale revolution until there's a personal revolution, on an individual level. It's got to happen inside first.” - Jim Morrison (1943 - 1971)
  • 24. New agenda Why it sits well with DC-MS Speed and scale Security Operations First Steps & Roadmap
  • 25. Service Delivery Why it sits well with DC-MS Work packages CAB CMDB tickets Service description Software library RCA Problem Management SLA
  • 26. VisualOps Why it sits well with DC-MS
  • 29. Concepts Easy to deploy, easy to operate MIG agents are designed to be lightweight, secure, and easy to deploy so you can ask your favorite sysadmins to add it to a base deployment without fear of breaking the entire production network. All parameters are built into the agent at compile time, including the list and ACLs of authorized investigators. Security is enforced using PGP keys, and even if MIG's servers are compromised, as long as our keys are safe on your investigator's laptop, no one will break into the agents. Fast and asynchronous MIG is designed to be fast, and asynchronous. It uses AMQP to distribute actions to endpoints, and relies on Go channels to prevent components from blocking. Running actions and commands are stored in a Postgresql database and on disk cache, such that the reliability of the platform doesn't depend on long-running processes. Speed is a strong requirement. Most actions will only take a few hundreds milliseconds to run on agents. Larger ones, for example when looking for a hash in a big directory, should run in less than a minute or two. All in all, an investigation usually completes in between 10 and 300 seconds. Strong security primitives Privacy and security are paramount. Agents never send raw data back to the platform, but only reply to questions instead. All actions are signed by GPG keys that are not stored in the platform, thus preventing a compromise from taking over the entire infrastructure.
  • 30.
  • 31. Gareth Rushgrove @ Puppet Labs
  • 32. Is it fast ? Does it scale ? Does it use python?
  • 33. Secure continuous delivery? Security Automation? Pipeline, CI, API, Monitoring?
  • 34. New thinking speed and scaleSpeed and scale Data Centre Cloud
  • 35. Build your own ? speed and scaleSpeed and scale
  • 38. First Steps – quick wins First Steps Managed data centre is perfect situation to install an run VMaaS Managed data centre is perfect situation to build a knowledgebase of awkward patches SOC members are perfect researchers for remediation work following VMaaS Managed data centre is perfect situation to link VMaaS to CMDB and CAB SCM operations are perfect for testing remediation work
  • 39. First Steps – quick wins Future Steps SCM can correlate software asset records SCM can maintain baseline security SCM can query system for files, hashes, registry entries SCM can collect local admin details SCM can collect local USB usage
  • 40. Summary  It is in a Data Centre’s best interest to be more secure because that helps availability !!  IT Ops, Security Ops and Security Management (compliance) need to work closer together  SOC / SecOps doesn’t have to be about incident response in can also be incident prevention  If you have outsourced hosting and infrastructure management – why not add VMaaS and Remediation activities !
  • 41. Takeaways  Take “Fix the basics” seriously we’ve had years to get this  Get started if you haven’t already  Use what has been learnt from years of vulnerability assessment and patch management and device hardening  Tailor it to your organisation (size and maturity)  Learn from other disciplines (collaborate or die)  Challenge Managed Service providers to do more security Network with likeminded peers
  • 42. Time is precious thank you for yours James