Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Ntxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeq

ntxissacsc5

  • Login to see the comments

  • Be the first to like this

Ntxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeq

  1. 1. NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5 Taking a Holistic Approach to Cybersecurity Abu Sadeq Founder & CEO Zartech Nov 10, 2017
  2. 2. NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5 About me • Currently Founder & CEO of Zartech – a cybersecurity products and advisory services company • Also work as ‘Fractional CISO’ for several companies • Over 20+ years in the technology space within diverse industries • Creator of Cyberator - a best-of-breed cybersecurity assessment tool 2
  3. 3. NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5 Who invented the Internet? 3
  4. 4. NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5 The Birthplace of Internet 4 Room 3420 at the University of California, Los Angeles’s Boetler Hall. Back in 1969 the Advanced Research Projects Agency Network (ARPANET) which developed the network that became the basis for the Internet.
  5. 5. NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5 5
  6. 6. NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5 The Internet Today 6 - Google has indexed over 50 billion webpages - 3.8 Billion Internet users in June 30, 2017 - 2.8 Billion active social media users - 8.4 Billion Connected "Things" in Use and expected to be >25 Billion by 2020 - 1.6 Billion users purchasing via e-commerce - Digital data stored in the cloud is 16.1 zettabytes
  7. 7. NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5 7
  8. 8. NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5 HACKED! 8 80M records/$100M+ 33M Records/$850M+ 76M households/$1B+ 1B records/$350M 40M records/$252M+ 412M records 145M Records/$200M+56M records/$80M+ 3K records/$35M
  9. 9. NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5 We need a holistic approach 9
  10. 10. NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5 Start by taking a 360 view of your security program 10
  11. 11. NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5 NIST Cybersecurity Framework (CSF) 11 Tex t Tex t Tex t Tex t Protect Detect Respond Recover Identify Identify: What's the organization's understanding to managing cybersecurity risk to systems, assets, data, and capabilities Protect: What appropriate safeguards have been developed and implemented to ensure delivery of critical infrastructure services Detect: What appropriate activities have been developed and implemented to identify the occurrence of a cybersecurity event Respond: What appropriate activities have been develop and implemented to take action regarding a detected cybersecurity event Recover: What appropriate activities have been developed and implemented to maintain plans for resilience and to restore any capabilities or services that were impaired due to a cybersecurity event NIST Cybersecurity Framework Tex t
  12. 12. NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5 Why NIST CSF? 12
  13. 13. NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5 Purpose of the NIST CSF 13
  14. 14. NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5 Function: Identify 14 What's the organization's understanding to managing cybersecurity risk to systems, assets, data, and capabilities?
  15. 15. NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5 Function: Protect 15 What appropriate safeguards have been developed and implemented to ensure delivery of critical infrastructure services?
  16. 16. NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5 Function: Detect 16 What appropriate activities have been developed and implemented to identify the occurrence of a cybersecurity event?
  17. 17. NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5 Function: Respond 17 What appropriate activities have been develop and implemented to take action regarding a detected cybersecurity event?
  18. 18. NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5 Function: Recover 18 What appropriate activities have been developed and implemented to maintain plans for resilience and to restore any capabilities or services that were impaired due to a cybersecurity event?
  19. 19. NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5 19 A number of studies show that implementation of these seven Controls provides an effective defense against the most common cyber attacks (~90% of attacks).
  20. 20. NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5 7 controls for effective defense #1. Implementing a formal information security governance approach #2. Inventory of Authorized & Unauthorized Devices #3. Inventory of Authorized & Unauthorized Software #4. Secure Configurations for Hardware & Software on Mobile Devices, Laptops, Workstations, & Servers #5. Continuous Vulnerability Assessment & Remediation #6. Controlled Use of Administrative Privileges #7. User Education & Awareness 20
  21. 21. NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5 21 Thank you

×