Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Cybersecurity Health Checks: Safeguarding Your Organisation

10,645 views

Published on

Find out how a business can improve its cyber posture by adopting recently released cybersecurity frameworks, and by implementing essential cyber safeguards.

Learn more: http://www.lynda.com/IT-Security-tutorials/Foundations-Cybersecurity/388081-2.html

Published in: Technology
  • DOWNLOAD FULL BOOKS, INTO AVAILABLE FORMAT ......................................................................................................................... ......................................................................................................................... 1.DOWNLOAD FULL. PDF EBOOK here { https://tinyurl.com/y6a5rkg5 } ......................................................................................................................... 1.DOWNLOAD FULL. EPUB Ebook here { https://tinyurl.com/y6a5rkg5 } ......................................................................................................................... 1.DOWNLOAD FULL. doc Ebook here { https://tinyurl.com/y6a5rkg5 } ......................................................................................................................... 1.DOWNLOAD FULL. PDF EBOOK here { https://tinyurl.com/y6a5rkg5 } ......................................................................................................................... 1.DOWNLOAD FULL. EPUB Ebook here { https://tinyurl.com/y6a5rkg5 } ......................................................................................................................... 1.DOWNLOAD FULL. doc Ebook here { https://tinyurl.com/y6a5rkg5 } ......................................................................................................................... ......................................................................................................................... ......................................................................................................................... .............. Browse by Genre Available eBooks ......................................................................................................................... Art, Biography, Business, Chick Lit, Children's, Christian, Classics, Comics, Contemporary, Cookbooks, Crime, Ebooks, Fantasy, Fiction, Graphic Novels, Historical Fiction, History, Horror, Humor And Comedy, Manga, Memoir, Music, Mystery, Non Fiction, Paranormal, Philosophy, Poetry, Psychology, Religion, Romance, Science, Science Fiction, Self Help, Suspense, Spirituality, Sports, Thriller, Travel, Young Adult,
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • Awesome details, you have brought the complete guide under one roof. Regards, andy(reviewadda.com)
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • http://ow.ly/zRVL30fc7uN
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here

Cybersecurity Health Checks: Safeguarding Your Organisation

  1. 1 Cybersecurity Health Checks: Safeguarding Your Organisation Dr. Malcolm Shore
  2. 2 Quick Facts about Lynda.com Government • Major government agencies • Branches of military Corporations • More than half of the Fortune 50 across all key industry sectors Education • 60% of all US colleges and universities 40% of Australian universities 4M+ Members …with 350k paying out of pocket 20 Years Lynda.com was founded in 1995 12,000+ Enterprise Clients …located across 52 countries 6,000+ Courses …available in 5 languages (German, Spanish, French, Japanese) The Global Leader in Online Skills Instruction INTRODUCTION
  3. 3 Dr. Malcolm Shore Lynda.com author Technical Director, BAE Systems Applied Intelligence, Australia INTRODUCTION
  4. 4 • 1983 - US DoD rainbow series • 1993 – UK PD0003 • 1998 – BS 7799……ISO 27000 • 2005 – NIST Special Publication 800-53 • … but too difficult and costly Information Security Standards BACKGROUND Cybersecurity Health Checks
  5. 5 • From Bulletin Boards to the Web • Ubiquitous connectivity across the globe • Clouds aren’t just in the sky… • From email to social media… • From telephone to smartphone • Cyber kill chain … the world has changed Information Security Standards BACKGROUND Cybersecurity Health Checks
  6. 6 • Evolution of information security standards lagging • Information security policies ineffective* New Approach BACKGROUND Cybersecurity Health Checks *Doherty, NF and Fulford H. Do Information Security Policies Reduce the Incidence of Security Breaches? 2005
  7. 7 • UK Cybersecurity Strategy • Cyber Governance Health Check • top 350 listed companies • only15% of Boards manage cyber risk • only 30% use threat intelligence • Majority of attacks exploit basic weaknesses Information Security Policies BACKGROUND Cybersecurity Health Checks
  8. 8 • Term used in audit community • Now used in cybersecurity consulting • Various interpretations … is simply cyber fitness Cybersecurity Health Check DEFINITION Cybersecurity Health Checks
  9. 9 • Check-up – unauthorised users, malware • Health test - check network traffic for infections • Full examination - rules, patches, access and privileges - operational defences • Fitness test - external penetration exercise • Cyber insurance Cybersecurity Health Check DEFINITION Cybersecurity Health Checks
  10. 10 • Baseline security • Operational focus • Affordable, manageable Cyber Essentials CYBER ESSENTIALS Cybersecurity Health Checks
  11. 11 CYBER ESSENTIALS Cybersecurity Health Checks
  12. 12 • Prevents low grade technical attacks on • desktop PCs, laptops • tablets, smartphones • email • web applications Cyber Essentials CYBER ESSENTIALS Cybersecurity Health Checks
  13. 13 • Boundary devices • Secure configuration • User access control • Malware protection • Patch management Cyber Essentials CYBER ESSENTIALS Cybersecurity Health Checks
  14. 14 Boundary Firewalls and Internet Gateways CYBER ESSENTIALS Cybersecurity health Checks
  15. 15 • administrative password must be changed • documented and authorised rules • obsolete rules removed • unnecessary services blocked • administrative interface accessible only internally Boundary Firewalls and Internet Gateways CYBER ESSENTIALS Cybersecurity health Checks
  16. 16 Secure Configuration CYBER ESSENTIALS Cybersecurity health Checks
  17. 17 • Issues: • easy to install • no security configured • default administrator accounts and passwords Secure Configuration CYBER ESSENTIALS Cybersecurity health Checks
  18. 18 Secure Configuration CYBER ESSENTIALS Cybersecurity health Checks • remove unnecessary default accounts • change default passwords • remove or disable unnecessary applications and services • install personal firewalls on all PCs
  19. 19 Cybersecurity Health Checks
  20. 20 Cybersecurity Health Checks
  21. 21 • Issues: • legacy access • excess privileges User Access Control CYBER ESSENTIALS Cybersecurity health Checks
  22. 22 User Access Control CYBER ESSENTIALS Cybersecurity health Checks • minimum privileges • userid and strong passwords • ensure privileged accounts are not used for internet activity • disable or remove accounts when no longer required
  23. 23 User Access Control CYBER ESSENTIALS Cybersecurity health Checks
  24. 24 • Install anti-virus software • up to date signatures • Use real-time protection • Scan the filebase • Blacklisting known malicious sites Malware Protection CYBER ESSENTIALS Cybersecurity Health Checks
  25. 25 • Flaws found by developers, researchers, hackers • Often exploited within 24 hours • Timely patching • Licenced software Patching CYBER ESSENTIALS Cybersecurity Health Checks
  26. 26 • Good routine check-up and examination • Does not propose a full cyber fitness test Cyber Essentials – Health Check? CYBER ESSENTIALS Cybersecurity Health Checks
  27. 27 • Published March 2015 • Improve cyber resilience • Cyber defence posture • Incident management ASIC Report 429 ASIC REPORT 429 Cybersecurity Health Checks
  28. 28 • Adopted in ASIC Report 429 • 26 prompts • 2 governance • 24 across the five Framework areas US Cybersecurity Framework ASIC REPORT 429 Cybersecurity Health Checks
  29. 29 • Board and Executive awareness of cyber risk • Assessment against the Cybersecurity Framework Governance ASIC REPORT 429 Cybersecurity Health Checks
  30. 30 • What are the essential information and assets? • What are the cyber risks? • Are third party risks considered? • Does enterprise risk management include cyber risks? • Are staff aware of cyber risks? Identify ASIC REPORT 429 Cybersecurity Health Checks
  31. 31 • Are security policies and standards up to date? • Have IT systems and processes been tested? • Are there sufficient resources in place? Protect ASIC REPORT 429 Cybersecurity Health Checks
  32. 32 • Monitoring for cyber attacks • External engagement Detect ASIC REPORT 429 Cybersecurity Health Checks
  33. 33 • Is response planning adequate? • Notifying law enforcement of an attack • Notifying customers of a breach Respond ASIC REPORT 429 Cybersecurity Health Checks
  34. 34 • Does the organisation have a recovery plan? Recover ASIC REPORT 429 Cybersecurity Health Checks
  35. 35 • Full set of controls • Cyber health checks lost in the noise • A through life fitness programme ASIC Report 429 – Cyber Health Check? ASIC REPORT 429 Cybersecurity Health Checks
  36. 36 • Security standards are evolving • Traditional approach is having limited success • Cyber health checks are a more manageable approach • Cyber Essentials provides a health check Conclusion CONCLUSION Cybersecurity Health Checks
  37. 37 Resources CONCLUSION Cybersecurity Health Checks
  38. 38 Q&A CONCLUSION Cybersecurity Health Checks

×