E. Andrew Keeney presented CyberSecurity (Emerging Threats) at The Credit Union League of Connecticut's Compliance Series: Social Media Compliance Risks on February 10, 2015.
Cyber Security Layers - Defense in Depth
7P's, 2D's & 1 N
People
Process
Perimeter
Physical
Points (End)
Network
Platform
Programs (Apps)
Database
Data
This document provides an introduction to information system security. It discusses key concepts like security, information security, vulnerabilities, threats, attacks, security policies, and security measures. The document outlines common security risks like interruption, interception, modification, masquerading, and repudiation. It explains that security policies provide guidelines for implementing security controls to protect information system assets from such risks according to the security principles of confidentiality, integrity, and availability.
This document provides an overview of network security concepts. It begins by stating the goals of network security are to protect confidentiality, maintain integrity, and ensure availability. It then discusses common network security vulnerabilities and threats that can arise from misconfigured hardware/software, poor network design, inherent technology weaknesses, end-user carelessness, or intentional end-user acts. The document also covers the need for network security due to increased connectivity from closed to open networks and differentiates between open versus closed security models. It emphasizes striking a balance between security and user productivity.
This document provides an overview of intrusion detection systems (IDS). It begins with an introduction that defines intrusion, intrusion detection, and IDS. It then discusses the history and typical scenarios of intrusions. The document outlines different types of attacks and what an IDS is supposed to do in detecting them. It classifies IDS based on detection approach and protected system, covering network/host-based detection. The advantages and disadvantages of different IDS types are presented. Commonly used open source and commercial IDS are listed, with Snort discussed in more detail. References for further information are provided at the end.
- Malware analysis involves both static and dynamic analysis techniques to understand malware behavior and assess potential damage. Static analysis involves disassembling and reviewing malware code and structure without executing it. Dynamic analysis observes malware behavior when executed in an isolated virtual environment.
- Tools for static analysis include file hashing, string extraction, and PE header examination. Dynamic analysis tools monitor the registry, file system, processes, and network traffic created by malware runtime behavior. These include Process Monitor, Wireshark, Process Explorer, and network sniffers.
- To safely conduct malware analysis, one should create an isolated virtual lab separated from production networks, and install behavioral monitoring and code analysis tools like OllyDbg, Process Monitor, and Wiresh
Network security (vulnerabilities, threats, and attacks)Fabiha Shahzad
Network security involves protecting network usability and integrity through hardware and software technologies. It addresses vulnerabilities that threats may exploit to launch attacks. Common vulnerabilities include issues with technologies, configurations, and security policies. Threats aim to take advantage of vulnerabilities and can be structured, unstructured, internal, or external. Common attacks include reconnaissance to gather information, unauthorized access attempts, denial-of-service to disrupt availability, and use of malicious code like worms, viruses, and Trojan horses.
SIEM for Beginners: Everything You Wanted to Know About Log Management but We...AlienVault
This document provides an overview of log management and security information and event management (SIEM). It explains that SIEM systems evolved from separate technologies like log management systems, security log/event management, security information management, and security event correlation. A SIEM system provides centralized log collection, normalization, storage, and analysis. It allows security events from different systems to be correlated to detect patterns and automated threats. The document emphasizes that SIEM provides context around security events to help analysts investigate incidents.
Cyber Security Layers - Defense in Depth
7P's, 2D's & 1 N
People
Process
Perimeter
Physical
Points (End)
Network
Platform
Programs (Apps)
Database
Data
This document provides an introduction to information system security. It discusses key concepts like security, information security, vulnerabilities, threats, attacks, security policies, and security measures. The document outlines common security risks like interruption, interception, modification, masquerading, and repudiation. It explains that security policies provide guidelines for implementing security controls to protect information system assets from such risks according to the security principles of confidentiality, integrity, and availability.
This document provides an overview of network security concepts. It begins by stating the goals of network security are to protect confidentiality, maintain integrity, and ensure availability. It then discusses common network security vulnerabilities and threats that can arise from misconfigured hardware/software, poor network design, inherent technology weaknesses, end-user carelessness, or intentional end-user acts. The document also covers the need for network security due to increased connectivity from closed to open networks and differentiates between open versus closed security models. It emphasizes striking a balance between security and user productivity.
This document provides an overview of intrusion detection systems (IDS). It begins with an introduction that defines intrusion, intrusion detection, and IDS. It then discusses the history and typical scenarios of intrusions. The document outlines different types of attacks and what an IDS is supposed to do in detecting them. It classifies IDS based on detection approach and protected system, covering network/host-based detection. The advantages and disadvantages of different IDS types are presented. Commonly used open source and commercial IDS are listed, with Snort discussed in more detail. References for further information are provided at the end.
- Malware analysis involves both static and dynamic analysis techniques to understand malware behavior and assess potential damage. Static analysis involves disassembling and reviewing malware code and structure without executing it. Dynamic analysis observes malware behavior when executed in an isolated virtual environment.
- Tools for static analysis include file hashing, string extraction, and PE header examination. Dynamic analysis tools monitor the registry, file system, processes, and network traffic created by malware runtime behavior. These include Process Monitor, Wireshark, Process Explorer, and network sniffers.
- To safely conduct malware analysis, one should create an isolated virtual lab separated from production networks, and install behavioral monitoring and code analysis tools like OllyDbg, Process Monitor, and Wiresh
Network security (vulnerabilities, threats, and attacks)Fabiha Shahzad
Network security involves protecting network usability and integrity through hardware and software technologies. It addresses vulnerabilities that threats may exploit to launch attacks. Common vulnerabilities include issues with technologies, configurations, and security policies. Threats aim to take advantage of vulnerabilities and can be structured, unstructured, internal, or external. Common attacks include reconnaissance to gather information, unauthorized access attempts, denial-of-service to disrupt availability, and use of malicious code like worms, viruses, and Trojan horses.
SIEM for Beginners: Everything You Wanted to Know About Log Management but We...AlienVault
This document provides an overview of log management and security information and event management (SIEM). It explains that SIEM systems evolved from separate technologies like log management systems, security log/event management, security information management, and security event correlation. A SIEM system provides centralized log collection, normalization, storage, and analysis. It allows security events from different systems to be correlated to detect patterns and automated threats. The document emphasizes that SIEM provides context around security events to help analysts investigate incidents.
Linux is well-suited for forensic investigations due to its free and open-source tools, flexible environment, and ability to access low-level interfaces. However, its tools are more complicated to use than commercial packages and typically lack technical support. Linux distributions use a directory tree with essential directories like /bin, /etc, /home, and /var. Important commands provide information on processes, network connections, and disk usage. The Linux boot process involves the BIOS, boot loader, kernel initialization, and starting of processes at designated run levels.
Network security involves protecting computer networks from threats. It targets a variety of threats to stop them from entering or spreading on a network. The objectives of network security are access, confidentiality, authentication, integrity, and non-repudiation. As networks became more common in the 1980s and 1990s, security concerns increased and organizations like CERT were created to address issues. Network security uses multiple layers including firewalls, intrusion prevention systems, antivirus software, and encryption to secure networks from threats.
VAPT defines a wide range of security testing services to ascertain and address cyber security exposures. It includes vulnerability testing through perimeter scans for missing patches or custom exploits to bypass perimeters, as well as penetration testing by simulating real-world attacks to provide a point-in-time assessment of vulnerabilities and threats to a network infrastructure. Customers can inquire more about these security testing and analysis services by contacting the company.
This document discusses security issues with wireless networks and protocols. It describes common wireless standards like 802.11b, g, and a. It then covers security protocols that aimed to improve on WEP like WPA and WPA2, discussing their encryption methods. The document also outlines various threats to wireless security like eavesdropping, unauthorized access, and denial of service attacks. It concludes by listing some common wireless hacking tools.
Information Security Principles - Access Controlidingolay
The document discusses various concepts related to access controls and authentication methods in information security. It covers identification, authentication, authorization, accountability and different authentication factors like something you know, something you have, something you are. It also discusses access control models, biometrics, passwords and single sign-on systems.
Secure by Design - Security Design Principles for the Working ArchitectEoin Woods
As our world becomes digital, the systems we build must be secure by design. The security community has developed a well-understood set of principles used to build systems that are secure (or at least securable) by design, but this topic often isn’t included in the training of software developers. And when the principles are explained, they are often shrouded in the jargon of the security engineering community, so mainstream developers struggle to understand and apply them.
This talk explains why secure design matters and introduces 10 of the most important proven principles for designing secure systems, distilled from the wisdom of the security engineering community.
This document discusses mobile device forensics. It explains that mobile devices store a variety of personal information, including calls, texts, emails, photos and more. It also outlines the challenges of investigating mobile devices and describes the components of mobile devices like the IMEI, SIM card, and memory. The document provides details on acquiring data from mobile devices, including identifying the device, isolating it to prevent remote wiping, and extracting data from internal memory, SIM cards and external storage.
This document discusses information security and system security. It defines information, information security, and the goals of security including confidentiality, integrity and availability. It describes different types of attacks such as interruption, interception, modification and fabrication. It explains passive attacks like eavesdropping and traffic analysis, as well as active attacks including masquerade, replay, message modification, and denial of service. The document outlines why computer security is needed and covers topics like vulnerabilities, threats, and controls to protect against various security risks.
In this PPT you can learn a firewall and types which help you a lot and you can able to understand. So, that you must read at once I sure that you are understand
Thank you!!!
I
The document discusses security policies and standards. It defines different types of policies like enterprise, issue-specific, and systems-specific policies. It also discusses how policies are developed based on an organization's mission and vision. Effective policies require dissemination, review, comprehension, and compliance. Frameworks and industry standards also guide policy development. Additionally, the document outlines the importance of security education, training, and awareness programs to inform employees and reinforce security practices.
This document discusses network risks and vulnerabilities. It begins by defining vulnerabilities as software flaws or misconfigurations that weaken security. It then examines various types of vulnerabilities like design flaws, viruses, impersonation, worms, port scanning, man-in-the-middle attacks, denial-of-service attacks. The document also covers network risk assessment methodology and impact analysis. It concludes with a brief mention of network risk mitigation as a way to reduce risks.
Forensics analysis and validation: Determining what data to collect and analyze, validating forensic data, addressing data-hiding techniques, performing remote acquisitions Network Forensics: Network forensics overview, performing live acquisitions, developing standard procedures for network forensics, using network tools, examining the honeynet project.
security
,
system
,
introduction
,
threats to computer system
,
computer
,
security
,
types of software
,
system software
,
bios
,
need of an operating system
,
major functions of operating system
,
types of operating system
,
language
,
processor
,
application software
,
thank you
This document defines key information security concepts: assets are anything of value to an organization, vulnerabilities are weaknesses of assets, threats are potential dangers, risk is the exposure of a vulnerability to a threat, and controls are countermeasures to reduce risk. It provides an example where human resources are the most valuable asset, an imbalance is a vulnerability, crocodiles are threats, and the possibility of falling is the risk, with controls implemented to reduce risk.
Ethical Hacking n VAPT presentation by Suvrat jainSuvrat Jain
a perfect example of your 6 weeks summer training ppt. Course-Ethical Hacking , its info and VAPT- Vulnerability Assessment n Penetration testing. about how vulnerability scanning , tools used , cracking password , etc.
A DOS attack is designed to deny legitimate users access to a resource by overwhelming it with requests. There are two main types: a basic DOS attack from a single host, and a distributed DOS (DDOS) attack from multiple compromised machines targeting the same victim. To prevent DOS attacks, organizations can install security patches, use intrusion detection systems to identify illegal activities, configure firewalls to block traffic from attackers, and use access control lists on routers to limit network access and drop suspicious traffic.
Vulnerability assessment is the systematic evaluation of an organization's exposure to threats. It involves identifying assets, evaluating threats against those assets, determining vulnerabilities, assessing risks, and selecting appropriate controls. Various techniques can be used including asset identification, threat modeling, vulnerability scanning, penetration testing, and risk assessment. The goal is to establish a security baseline and mitigate risks through hardening systems and ongoing monitoring.
Introduction to Risk Management via the NIST Cyber Security FrameworkPECB
The cyber security profession has successfully established explicit guidance for practitioners to implement effective cyber security programs via the NIST Cyber Security Framework (CSF). The CSF provides both a roadmap and a measuring stick for effective cyber security. Application of the CSF within cyber is nothing new, but the resurgence of Enterprise Security Risk Management and Security Convergence highlight opportunities for expanded application for cyber, physical, and personnel security risks. This NIST CSF can help practitioners build a cross-pollenated understanding of holistic risk.
Main points covered:
• Understand the purpose, value, and application of the NIST CSF in familiar non-technical terms.
• Understand how the Functions and Categories of the NIST CSF (the CSF “Core”) and an organization's “current” and “target” profiles are relevant and valuable in a variety of sectors and environments.
• Understand how an organization’s physical and cyber security resources and stakeholders can align with the NIST CSF as a tool to achieve holistic security risk management.
Presenters:
David Feeney, CPP, PMP has 17 years of security industry experience assisting organizations with risk management matters specific to physical, personnel, and cyber security. He has 9 years of experience with service providers and 8 years of experience within enterprise security organizations. David has worked with industry leaders in the energy, technology, healthcare, and real estate sectors. Areas of specialization include Security Operations Center design and management, Security Systems design and implementation, and Enterprise Risk Management. David holds leadership positions in ASIS International and is also a member of the InfraGard FBI program. David holds Certification Protection Professional (CPP) and Project Management Professional (PMP) certifications.
Andrea LeStarge, MS has over ten years of experience in program management, risk analysis and curriculum development. Being specialized in Homeland Security, Andrea leverages her experience in formerly managing projects to support various Federal Government entities in identifying, detecting and responding to man-made, natural and cyber incidents. She has an established track record in recognizing security gaps and corrective risk mitigation options, while effectively communicating findings to stakeholders, private sector owners and operators, and first-responder personnel within tactical, operational and strategic levels. Overall, Andrea encompasses analytical tradecraft and demonstrates consistent, repeatable and defensible methodologies pertaining to risk and the elements of threat, vulnerability and consequence.
Recorded webinar: https://youtu.be/hxpuYtMQgf0
The document is about CyberSecurity Malaysia's CyberSAFE program, which aims to educate the general public on internet safety and the dangers of being online. The CyberSAFE program provides internet safety awareness talks, materials on their portal, and a community for discussing internet safety issues. It also includes multimedia content, games, and quizzes targeted at different groups like kids, parents, youth, and organizations.
Addressing Cyber Threats in The Banking Sector - Lt Col (R) Sazali Bin SukardiKnowledge Group
The document discusses addressing cyber threats in the banking sector. It outlines CyberSecurity Malaysia's mandate to monitor national cybersecurity and provide specialized cybersecurity services. It then discusses trends in cyber attacks targeting the banking and financial sector, including advanced persistent threats and malware attacks. Specific data on phishing and ransomware attacks is also presented. The document concludes by noting growing concerns around threats posed by the expanding Internet of Things.
Linux is well-suited for forensic investigations due to its free and open-source tools, flexible environment, and ability to access low-level interfaces. However, its tools are more complicated to use than commercial packages and typically lack technical support. Linux distributions use a directory tree with essential directories like /bin, /etc, /home, and /var. Important commands provide information on processes, network connections, and disk usage. The Linux boot process involves the BIOS, boot loader, kernel initialization, and starting of processes at designated run levels.
Network security involves protecting computer networks from threats. It targets a variety of threats to stop them from entering or spreading on a network. The objectives of network security are access, confidentiality, authentication, integrity, and non-repudiation. As networks became more common in the 1980s and 1990s, security concerns increased and organizations like CERT were created to address issues. Network security uses multiple layers including firewalls, intrusion prevention systems, antivirus software, and encryption to secure networks from threats.
VAPT defines a wide range of security testing services to ascertain and address cyber security exposures. It includes vulnerability testing through perimeter scans for missing patches or custom exploits to bypass perimeters, as well as penetration testing by simulating real-world attacks to provide a point-in-time assessment of vulnerabilities and threats to a network infrastructure. Customers can inquire more about these security testing and analysis services by contacting the company.
This document discusses security issues with wireless networks and protocols. It describes common wireless standards like 802.11b, g, and a. It then covers security protocols that aimed to improve on WEP like WPA and WPA2, discussing their encryption methods. The document also outlines various threats to wireless security like eavesdropping, unauthorized access, and denial of service attacks. It concludes by listing some common wireless hacking tools.
Information Security Principles - Access Controlidingolay
The document discusses various concepts related to access controls and authentication methods in information security. It covers identification, authentication, authorization, accountability and different authentication factors like something you know, something you have, something you are. It also discusses access control models, biometrics, passwords and single sign-on systems.
Secure by Design - Security Design Principles for the Working ArchitectEoin Woods
As our world becomes digital, the systems we build must be secure by design. The security community has developed a well-understood set of principles used to build systems that are secure (or at least securable) by design, but this topic often isn’t included in the training of software developers. And when the principles are explained, they are often shrouded in the jargon of the security engineering community, so mainstream developers struggle to understand and apply them.
This talk explains why secure design matters and introduces 10 of the most important proven principles for designing secure systems, distilled from the wisdom of the security engineering community.
This document discusses mobile device forensics. It explains that mobile devices store a variety of personal information, including calls, texts, emails, photos and more. It also outlines the challenges of investigating mobile devices and describes the components of mobile devices like the IMEI, SIM card, and memory. The document provides details on acquiring data from mobile devices, including identifying the device, isolating it to prevent remote wiping, and extracting data from internal memory, SIM cards and external storage.
This document discusses information security and system security. It defines information, information security, and the goals of security including confidentiality, integrity and availability. It describes different types of attacks such as interruption, interception, modification and fabrication. It explains passive attacks like eavesdropping and traffic analysis, as well as active attacks including masquerade, replay, message modification, and denial of service. The document outlines why computer security is needed and covers topics like vulnerabilities, threats, and controls to protect against various security risks.
In this PPT you can learn a firewall and types which help you a lot and you can able to understand. So, that you must read at once I sure that you are understand
Thank you!!!
I
The document discusses security policies and standards. It defines different types of policies like enterprise, issue-specific, and systems-specific policies. It also discusses how policies are developed based on an organization's mission and vision. Effective policies require dissemination, review, comprehension, and compliance. Frameworks and industry standards also guide policy development. Additionally, the document outlines the importance of security education, training, and awareness programs to inform employees and reinforce security practices.
This document discusses network risks and vulnerabilities. It begins by defining vulnerabilities as software flaws or misconfigurations that weaken security. It then examines various types of vulnerabilities like design flaws, viruses, impersonation, worms, port scanning, man-in-the-middle attacks, denial-of-service attacks. The document also covers network risk assessment methodology and impact analysis. It concludes with a brief mention of network risk mitigation as a way to reduce risks.
Forensics analysis and validation: Determining what data to collect and analyze, validating forensic data, addressing data-hiding techniques, performing remote acquisitions Network Forensics: Network forensics overview, performing live acquisitions, developing standard procedures for network forensics, using network tools, examining the honeynet project.
security
,
system
,
introduction
,
threats to computer system
,
computer
,
security
,
types of software
,
system software
,
bios
,
need of an operating system
,
major functions of operating system
,
types of operating system
,
language
,
processor
,
application software
,
thank you
This document defines key information security concepts: assets are anything of value to an organization, vulnerabilities are weaknesses of assets, threats are potential dangers, risk is the exposure of a vulnerability to a threat, and controls are countermeasures to reduce risk. It provides an example where human resources are the most valuable asset, an imbalance is a vulnerability, crocodiles are threats, and the possibility of falling is the risk, with controls implemented to reduce risk.
Ethical Hacking n VAPT presentation by Suvrat jainSuvrat Jain
a perfect example of your 6 weeks summer training ppt. Course-Ethical Hacking , its info and VAPT- Vulnerability Assessment n Penetration testing. about how vulnerability scanning , tools used , cracking password , etc.
A DOS attack is designed to deny legitimate users access to a resource by overwhelming it with requests. There are two main types: a basic DOS attack from a single host, and a distributed DOS (DDOS) attack from multiple compromised machines targeting the same victim. To prevent DOS attacks, organizations can install security patches, use intrusion detection systems to identify illegal activities, configure firewalls to block traffic from attackers, and use access control lists on routers to limit network access and drop suspicious traffic.
Vulnerability assessment is the systematic evaluation of an organization's exposure to threats. It involves identifying assets, evaluating threats against those assets, determining vulnerabilities, assessing risks, and selecting appropriate controls. Various techniques can be used including asset identification, threat modeling, vulnerability scanning, penetration testing, and risk assessment. The goal is to establish a security baseline and mitigate risks through hardening systems and ongoing monitoring.
Introduction to Risk Management via the NIST Cyber Security FrameworkPECB
The cyber security profession has successfully established explicit guidance for practitioners to implement effective cyber security programs via the NIST Cyber Security Framework (CSF). The CSF provides both a roadmap and a measuring stick for effective cyber security. Application of the CSF within cyber is nothing new, but the resurgence of Enterprise Security Risk Management and Security Convergence highlight opportunities for expanded application for cyber, physical, and personnel security risks. This NIST CSF can help practitioners build a cross-pollenated understanding of holistic risk.
Main points covered:
• Understand the purpose, value, and application of the NIST CSF in familiar non-technical terms.
• Understand how the Functions and Categories of the NIST CSF (the CSF “Core”) and an organization's “current” and “target” profiles are relevant and valuable in a variety of sectors and environments.
• Understand how an organization’s physical and cyber security resources and stakeholders can align with the NIST CSF as a tool to achieve holistic security risk management.
Presenters:
David Feeney, CPP, PMP has 17 years of security industry experience assisting organizations with risk management matters specific to physical, personnel, and cyber security. He has 9 years of experience with service providers and 8 years of experience within enterprise security organizations. David has worked with industry leaders in the energy, technology, healthcare, and real estate sectors. Areas of specialization include Security Operations Center design and management, Security Systems design and implementation, and Enterprise Risk Management. David holds leadership positions in ASIS International and is also a member of the InfraGard FBI program. David holds Certification Protection Professional (CPP) and Project Management Professional (PMP) certifications.
Andrea LeStarge, MS has over ten years of experience in program management, risk analysis and curriculum development. Being specialized in Homeland Security, Andrea leverages her experience in formerly managing projects to support various Federal Government entities in identifying, detecting and responding to man-made, natural and cyber incidents. She has an established track record in recognizing security gaps and corrective risk mitigation options, while effectively communicating findings to stakeholders, private sector owners and operators, and first-responder personnel within tactical, operational and strategic levels. Overall, Andrea encompasses analytical tradecraft and demonstrates consistent, repeatable and defensible methodologies pertaining to risk and the elements of threat, vulnerability and consequence.
Recorded webinar: https://youtu.be/hxpuYtMQgf0
The document is about CyberSecurity Malaysia's CyberSAFE program, which aims to educate the general public on internet safety and the dangers of being online. The CyberSAFE program provides internet safety awareness talks, materials on their portal, and a community for discussing internet safety issues. It also includes multimedia content, games, and quizzes targeted at different groups like kids, parents, youth, and organizations.
Addressing Cyber Threats in The Banking Sector - Lt Col (R) Sazali Bin SukardiKnowledge Group
The document discusses addressing cyber threats in the banking sector. It outlines CyberSecurity Malaysia's mandate to monitor national cybersecurity and provide specialized cybersecurity services. It then discusses trends in cyber attacks targeting the banking and financial sector, including advanced persistent threats and malware attacks. Specific data on phishing and ransomware attacks is also presented. The document concludes by noting growing concerns around threats posed by the expanding Internet of Things.
Top 5 Cybersecurity Threats to Watch Out for in 2017 - An InfographicInApp
Major cybersecurity threats in 2017 according to the article include hacks of mobile payment systems like Apple Pay and Google Wallet as they don't require carrying physical cards, cloud hacks which stole celebrities' and corporations' private data in 2016 and will likely continue to be a problem, extortion hacks where hackers threaten to release stolen corporate data unless a ransom is paid, and information theft becoming more sophisticated with improved hacking methods.
Cyber Risk Management in 2017: Challenges & RecommendationsUlf Mattsson
Ulf Mattsson presented on cyber risk management challenges and recommendations in 2017. He discussed trends like the increasing involvement of boards in cybersecurity oversight. Mattsson also covered topics such as talking to boards about cyber risk, data security blind spots within organizations, and how the Payment Card Industry Data Security Standard is evolving to incorporate concepts like data discovery and integrating security into the development process. He emphasized the importance of generating security metrics and adopting a DevSecOps approach to strengthen an organization's security posture and compliance.
The current presentation is based on different Cyber Security Threats for 2017 published in Internet. All threats are explained at a high level but at the end of this presentation all references URL are present if you want to investigate deeply any threat.
With mega-breaches like Anthem, OPM, IRS, Ashley Madison, UCLA Health and TalkTalk all within the past 12 months, chances are your data has been targeted. What does this mean for 2016?
Review this presentation and learn:
• Why cyber attacks continue to increase in sophistication, magnitude and velocity
• What trends will have the largest and smallest impact on cyber security in 2016
• Why cloud-based apps and the Internet of Things have transformed cyber security
• How you can protect your organization from attacks from the inside
This document provides an overview of cyber crime and security. It defines cyber crime as illegal activity committed on the internet, such as stealing data or importing malware. The document then covers the history and evolution of cyber threats. It categorizes cyber crimes as those using the computer as a target or weapon. Specific types of cyber crimes discussed include hacking, denial of service attacks, virus dissemination, computer vandalism, cyber terrorism, and software piracy. The document concludes by emphasizing the importance of cyber security.
Join Kaseya and guest cybersecurity expert from Kaspersky, Cynthia James, to hear how companies like Target, eBay, and Home Depot are losing data, and how you can protect your company from suffering the same fate.
• The latest cybersecurity threats and vectors putting organizations at risk
• How your organization can avoid falling victim to a data breach
• Additional strategies to secure your organization and its data
Science of Security: Cyber Ecosystem Attack Analysis MethodologyShawn Riley
Shawn Riley presented on the science of security and cyber intelligence analysis. He discussed analyzing the cyber attack lifecycle using the cyber ecosystem model, which views cybersecurity as an interacting system of people, processes, and technology. Riley's threat intelligence method uses the OODA loop to observe attacks, orient on threat actors, decide on indicators, and act by disseminating intelligence reports. His active defense method applies the PDCA cycle to plan defenses based on intelligence, implement countermeasures, check their effectiveness, and provide feedback to improve security over time.
Securing Fintech: Threats, Challenges & Best PracticesUlf Mattsson
Cyber attacks have increased in frequency and severity, and financial institutions are particularly interesting targets to cyber criminals. Join this presentation to learn the latest cybersecurity threats and challenges plaguing the financial industry, and the policies and solutions your organization needs to have in place to protect against them.
Viewers will learn:
• Current trends in Cyber attacks
• FFIEC Cyber Assessment Toolkit
• NIST Cybersecurity Framework principles
• Security Metrics
• Oversight of third parties
• How to measure cybersecurity preparedness
• Automated approaches to integrate Security into DevOps
About the Presenter:
Ulf Mattsson is the Chief Technology Officer of Security Solutions at Atlantic BT, and earlier at Compliance Engineering. Ulf was the Chief Technology Officer and a founder of Protegrity, He invented the Protegrity Vaultless Tokenization, Data Type Preservation (DTP2) and created the initial architecture of Protegrity's database security technology. Prior to Protegrity, Ulf worked 20 years at IBM in software development and in IBM's Research organization, in the areas of IT Architecture and Security, and received a US Green Card of class ‘EB 11 – Individual of Extraordinary Ability’ after endorsement by IBM. Ulf is the inventor of more than 45 patents in the areas of Encryption, Policy Driven Data Encryption, Internal Threat Protection, Data Usage Control and Intrusion Prevention
2014-12-16 defense news - shutdown the hackersShawn Wells
The document discusses technologies for continuous monitoring and data standardization. It begins with an overview of a presentation on vulnerability management, configuration management, and the DoD Centralized Super Computing Facility story. It then covers various topics related to cybersecurity including reliance on technology over time, the ever-increasing capability and complexity of systems, cybercrime statistics, and the Security Content Automation Protocol (SCAP).
Ransomware is the number one IT security challenge facing asset managers today, with resource-limited small and mid-size businesses the most likely targets. Don’t let malware attackers find and encrypt your most important data.
This webinar will explore the ways in which cybercriminals are exploiting a variety of threat vectors, including email, network traffic, user behavior, and application traffic. Don’t miss out on this important program. Financial institutions without a comprehensive strategy that secures all vectors are almost certain to become a victim. CIOs, web teams, data teams, and other decision makers within asset management and financial services will benefit from the following educational topics:
- Understanding the types of ransomware, malicious software, and phishing attacks
- Assessing the potential risks posed to financial firms
- Providing digital opportunities to shareholders while protecting data integrity
This document provides an overview of IT security essentials and data security best practices. It discusses common data security concerns, including access controls, encryption, APIs, auditing and more. Specific frameworks and standards are also reviewed, such as PCI DSS, NIST and ISO. The document outlines steps for conducting a risk assessment and implementing controls. It emphasizes quick wins can be achieved through controls in areas like access management, encryption, patching and monitoring. Overall the document serves to educate about the threat landscape, compliance obligations and how to establish an effective data security program.
Regional Cyber Security Summit 2016 May 11th-13th Weston Hotel Nairobi KenyaMartin M
This document provides information about the Regional Cyber Security Summit 2016 happening from May 11-13 in Nairobi, Kenya. The summit will discuss securing enterprises in today's connected world and ensuring business continuity in the face of human, organizational, and governance factors related to cybersecurity.
Over the three days, expert speakers will lead discussions on best practices in cybersecurity management and key issues like the skills gap in Africa, virtualization security, the internet of things risks, and using data analytics for cyber intelligence. Attendees will include CISOs, CIOs, and other IT security professionals. The goal is information sharing across the region to help organizations improve their cybersecurity posture through better funding, skills, and awareness of
This document discusses enterprise software security and provides examples of how organizations like Accenture and ANZ Bank have implemented software security programs using Fortify's platform. It describes what organizations are protecting (e.g. personal information, financial data), the risks of data breaches, and case studies of past breaches at companies like Heartland Payment Systems. It then outlines how ANZ Bank established a "SAFE Program" using Fortify to integrate security practices into development and meet compliance obligations. The document promotes Fortify as a software security partner that can help achieve compliance, identify vulnerabilities, and effectively manage security programs.
Symantec and ForeScout Delivering a Unified Cyber Security SolutionDLT Solutions
Tom Blauvelt from Symantec and Sean Telles and Chris Dullea from ForeScout share how both companies together can deliver a unified cyber security solution.
Cybersecurity: Challenges, Initiatives, and Best PracticesJohn Gilligan
The document discusses cybersecurity challenges and initiatives. It begins with an overview of the current cybersecurity situation and a top-level strategy. This involves implementing a comprehensive baseline of security (well-managed IT infrastructure) according to the level of threat and criticality of systems. It then focuses on the 20 Critical Controls and the Security Content Automation Protocol (SCAP) as ways to prioritize security efforts and automate compliance. Legislative initiatives and longer term directions are also reviewed, with an emphasis on public-private partnerships and the need for fundamental changes to effectively address cybersecurity issues.
For many companies thinking about moving sensitive data to the cloud, security issues remain a significant concern. But one company, Operational Research Consultants Inc. (ORC) a WidePoint Company, is proving that the cloud really can be made as safe or even safer than on-premise deployments even for organizations as security-focused as the U.S. Federal Government.
– A pioneer in federal identity management:
ORC has been a trusted partner of the U.S. government since the mid-‘90s, when the company launched the Navy Acquisition Public Key Infrastructure to support secure interactions with contractors and suppliers. As the government’s emphasis on information assurance expanded over the next two decades, ORC became a go-to partner for security solutions and one of the first companies authorized to provide government-compliant identity management solutions.
Today ORC manages more than three million identities and has issued more than 10 million federal-compliant digital certificates to a variety of employees, contractors, allies, veterans and citizens conducting business with the government.
- The need for secure and interoperable identification and authentication:
In August 2004, the Bush administration issued a Homeland Security Presidential Directive (HSPD-12) to secure federal facilities and resources by establishing a government-wide standard for secure and reliable forms of identification. Going far beyond simply issuing ID badges to government employees, this initiative would focus on the processes needed to issue secure personal credentials, on methods to validate those issuance processes and credentials and on managing risk and quality throughout the lifecycle of the credentials.
The Personal Identity Verification (PIV) program implements these processes, and FIPS (Federal Information Processing Standard) 201 specifies interface and data elements of the PIV smart card. Among the data elements on a PIV card are one or more asymmetric private cryptographic keys. Departments and agencies must use a compliant public key infrastructure (PKI) to issue digital certificates to users. The PIV initiative has also spawned other high assurance credentials that support specific Business-to-Government, Citizen-to-Government and Citizen-to-Business transactions while supporting federated interoperability between the issued credentials. These include various PIV-Interoperable (PIV-I) and PIV variants, such as: Transportation Worker Identification Credential (TWIC®), First Responder Authentication Credentials (FRAC), Commercial Identity Verification (CIV), and External Certificate Authority (ECA) PIV-I that address various regulatory requirements and are built to scale globally. The processes and policies for certificate issuance and the protections afforded to the critical root and issuing certificate authority keys in that PKI are critical factors in the overall assurance level of the system.
Cacs na isaca session 414 ulf mattsson may 10 finalUlf Mattsson
Ulf Mattsson, CTO of Protegrity, discusses securing data through tokenization. He reviews threats to data like SQL injection attacks and organized criminal groups stealing data. Case studies show how tokenization reduces PCI compliance costs and improves security and performance compared to encryption. Vaultless tokenization provides unlimited scalability without collateral impacts. Tokenization is recommended over encryption for securing structured and unstructured data as well as credit cards, medical records, and other sensitive information. Industry guidelines provide best practices for token generation and management.
Cyber security for manufacturers umuc cadf-ron mcfarlandHighervista
1. The document discusses implications of cybersecurity for small and medium manufacturers, including risk management and compliance requirements.
2. It covers topics like being compliant with certifications but still being breached, cybersecurity for industrial control systems, and Department of Defense Federal Acquisition Regulation Supplement (DFARS) requirements.
3. The document provides an overview of various laws and standards around data security, including the Health Insurance Portability and Accountability Act (HIPAA), Payment Card Industry Data Security Standard (PCI DSS), Gramm-Leach-Bliley Act (GLBA), Sarbanes-Oxley Act (SOX), and Family Educational Rights and Privacy Act (FERPA).
The Legal Case for Cybersecurity - SecureWorld Dallas 2017 (Lunch Keynote)Shawn Tuma
Cybersecurity & Data Privacy Attorney Shawn Tuma presents the lunch keynote on the Legal Case for Cybersecurity at SecureWorld-Dallas in 2017.
Here is a link directly to the YouTube video of this presentation: https://youtu.be/3ZeJ86Ebas0
Complicate, detect, respond: stopping cyber attacks with identity analyticsCA Technologies
Corporate boards and audit committees are taking a greater interest in cybersecurity and plans to mitigate related risks. Headline-grabbing data breaches are prevalent. Shareholders and oversight bodies are concerned about the potential impact to their organizations’ financial well-being and reputation.
Today, cyber adversaries are well-organized and well-funded, and they are more able to enter commercial and governmental organizations than ever before. No company has the capability and capacity to prevent all attacks. The only way to operate securely is to assume a breach has occurred, is occurring and will occur. This requires “complicate, detect and respond” mindset when developing and automating controls.
For more information, please visit http://cainc.to/Nv2VOe
The document discusses how Splunk can provide analytics-driven security for higher education through ingesting and analyzing machine data. It outlines how advanced threats have evolved to be more coordinated and evasive. A new approach is needed that fuses technology, human intuition, and processes like collaboration to detect attackers through contextual behavioral analysis of all available data. Examples are provided of security questions that can be answered through Splunk analytics.
This document discusses the importance of conducting due diligence on vendors for credit unions. It notes that credit unions now rely more on third parties for member services, so existing agreements may be outdated or not protective of credit unions. The NCUA also mandates that credit unions properly manage risks from third party relationships. The document provides examples of vendor management risks and horror stories from 2009 to emphasize the need for thorough due diligence. It offers tips for developing vendor management policies, conducting legal reviews of contracts, monitoring vendor relationships on an ongoing basis, and using software programs to help track third party risks.
Ceo, Director and Officer Liabilities and the Risks of Being SuedKaufman & Canoles
This document discusses various types of liabilities and risks that CEOs, directors, and officers of organizations may face. It covers their basic roles and responsibilities, including standards of conduct around good faith, reasonable belief, and acting in the best interests of the organization. It also discusses defenses like the business judgment rule. The document notes increasing risks from regulations, litigation, cyber threats, and other influences. It provides examples of management liability insurance options and coverage types that can help protect personal assets from lawsuits.
The threat of fraud against your members continues to grow. Criminals will continue to find new ways to breach information technology systems and seek access to money and sensitive information from credit union members. This session covered the latest state-of-the-art ways to better manage fraud.
E. Andrew Keeney presented NCUA’s Examinations and Your Credit Union’s Rights at the NAFCU Annual Conference and Annual Solutions Expo on June 26, 2015.
The document discusses the benefits of exercise for mental health. Regular physical activity can help reduce anxiety and depression and improve mood and cognitive function. Exercise causes chemical changes in the brain that may help protect against mental illness and improve symptoms.
E. Andrew Keeney presented Social Media Compliance Risks at The Credit Union League of Connecticut's Compliance Series: Social Media Compliance Risks on February 10, 2015.
This document summarizes the key points from a cybersecurity workshop presented by E. Andrew Keeney. The workshop covered the value of electronically stored data, common cybersecurity threats like hackers and rogue employees, best practices for prevention and response, and insurance options. Major data breaches are occurring almost weekly, costing companies hundreds of thousands of dollars on average. While many organizations remain complacent about cybersecurity, the consequences of a breach include loss of goodwill, reputation damage, and regulatory fines. The workshop emphasized employee training, strong access controls, encryption, insurance, and having an incident response plan to mitigate risks.
The document discusses the benefits of exercise for mental health. Regular physical activity can help reduce anxiety and depression and improve mood and cognitive function. Exercise causes chemical changes in the brain that may help protect against mental illness and improve symptoms.
NAFCU Regulatory Compliance Seminar - Required Policies and Risk Assessments:
The Good News; Policy Generally Defined; Policy as Defined by NCUA; Master List of Policies; Required Policies
Understanding the Fundamentals of Credit Union Third-Party Vendor Due DiligenceKaufman & Canoles
The document discusses the benefits of exercise for mental health. Regular physical activity can help reduce anxiety and depression and improve mood and cognitive functioning. Exercise causes chemical changes in the brain that may help protect against mental illness and improve symptoms.
The document discusses the benefits of exercise for mental health. Regular physical activity can help reduce anxiety and depression and improve mood and cognitive functioning. Exercise boosts blood flow, releases endorphins, and promotes changes in the brain which help enhance one's emotional well-being and mental clarity.
The document discusses the benefits of exercise for mental health. Regular physical activity can help reduce anxiety and depression and improve mood and cognitive function. Exercise causes chemical changes in the brain that may help protect against mental illness and improve symptoms.
The document discusses the benefits of exercise for mental health. Regular physical activity can help reduce anxiety and depression and improve mood and cognitive functioning. Exercise causes chemical changes in the brain that may help protect against mental illness and improve symptoms.
Tila respa, one of the most expensive changes in decadesKaufman & Canoles
This document summarizes new integrated mortgage disclosure requirements under TILA and RESPA that take effect on August 1, 2015. It discusses the new Loan Estimate form that must be provided within 3 business days of application and the Closing Disclosure that must be provided 3 days before closing. It also covers timing requirements, tolerance limits for cost variations, and best practices for implementation. Creditors must make significant changes to comply with the new rules for providing standardized, consumer-friendly disclosures.
Defending Weapons Offence Charges: Role of Mississauga Criminal Defence LawyersHarpreetSaini48
Discover how Mississauga criminal defence lawyers defend clients facing weapon offence charges with expert legal guidance and courtroom representation.
To know more visit: https://www.saini-law.com/
What are the common challenges faced by women lawyers working in the legal pr...lawyersonia
The legal profession, which has historically been male-dominated, has experienced a significant increase in the number of women entering the field over the past few decades. Despite this progress, women lawyers continue to encounter various challenges as they strive for top positions.
This document briefly explains the June compliance calendar 2024 with income tax returns, PF, ESI, and important due dates, forms to be filled out, periods, and who should file them?.
Receivership and liquidation Accounts
Being a Paper Presented at Business Recovery and Insolvency Practitioners Association of Nigeria (BRIPAN) on Friday, August 18, 2023.
Matthew Professional CV experienced Government LiaisonMattGardner52
As an experienced Government Liaison, I have demonstrated expertise in Corporate Governance. My skill set includes senior-level management in Contract Management, Legal Support, and Diplomatic Relations. I have also gained proficiency as a Corporate Liaison, utilizing my strong background in accounting, finance, and legal, with a Bachelor's degree (B.A.) from California State University. My Administrative Skills further strengthen my ability to contribute to the growth and success of any organization.
Synopsis On Annual General Meeting/Extra Ordinary General Meeting With Ordinary And Special Businesses And Ordinary And Special Resolutions with Companies (Postal Ballot) Regulations, 2018
The Future of Criminal Defense Lawyer in India.pdfveteranlegal
https://veteranlegal.in/defense-lawyer-in-india/ | Criminal defense Lawyer in India has always been a vital aspect of the country's legal system. As defenders of justice, criminal Defense Lawyer play a critical role in ensuring that individuals accused of crimes receive a fair trial and that their constitutional rights are protected. As India evolves socially, economically, and technologically, the role and future of criminal Defense Lawyer are also undergoing significant changes. This comprehensive blog explores the current landscape, challenges, technological advancements, and prospects for criminal Defense Lawyer in India.
Lifting the Corporate Veil. Power Point Presentationseri bangash
"Lifting the Corporate Veil" is a legal concept that refers to the judicial act of disregarding the separate legal personality of a corporation or limited liability company (LLC). Normally, a corporation is considered a legal entity separate from its shareholders or members, meaning that the personal assets of shareholders or members are protected from the liabilities of the corporation. However, there are certain situations where courts may decide to "pierce" or "lift" the corporate veil, holding shareholders or members personally liable for the debts or actions of the corporation.
Here are some common scenarios in which courts might lift the corporate veil:
Fraud or Illegality: If shareholders or members use the corporate structure to perpetrate fraud, evade legal obligations, or engage in illegal activities, courts may disregard the corporate entity and hold those individuals personally liable.
Undercapitalization: If a corporation is formed with insufficient capital to conduct its intended business and meet its foreseeable liabilities, and this lack of capitalization results in harm to creditors or other parties, courts may lift the corporate veil to hold shareholders or members liable.
Failure to Observe Corporate Formalities: Corporations and LLCs are required to observe certain formalities, such as holding regular meetings, maintaining separate financial records, and avoiding commingling of personal and corporate assets. If these formalities are not observed and the corporate structure is used as a mere façade, courts may disregard the corporate entity.
Alter Ego: If there is such a unity of interest and ownership between the corporation and its shareholders or members that the separate personalities of the corporation and the individuals no longer exist, courts may treat the corporation as the alter ego of its owners and hold them personally liable.
Group Enterprises: In some cases, where multiple corporations are closely related or form part of a single economic unit, courts may pierce the corporate veil to achieve equity, particularly if one corporation's actions harm creditors or other stakeholders and the corporate structure is being used to shield culpable parties from liability.
2. kaufCAN.com
Slideshow originally prepared by
Jerald L. Garner, MS, CRMA, ISO 27001,
CRISC, CISA, CISSP
National Field Supervisor
National Credit Union Administration
Office of National Examinations and Supervision
Presented today by E. Andrew
Keeney, Esq., with permission.
3. kaufCAN.com
3
E. Andrew Keeney, Esq.
Kaufman & Canoles, P.C.
150 West Main Street, Suite 2100
Norfolk, VA 23510
(757) 624-3153
eakeeney@kaufcan.com
http://www.kaufmanandcanoles.com/movies/credit-unions.html
4. kaufCAN.com
4
This presentation is for information sharing purposes
only. All contents of this presentation are based on my
independent research efforts and years of experience.
Mention of trade names or commercial products does
not constitute endorsement or recommendation of use
by NCUA. The existence of hyperlinks does not
constitute endorsement by NCUA or of these Web sites
or documents or of the information contained therein.
Interested parties should do their own research, and the
list of references may provide a starting point.
Additionally, participants of this presentation assume the
risk of use or reliance on such information.
5. kaufCAN.com
5
Overview
CyberSecurity
What is it?
What about Information Security?
Threat Sources
Nation State
Organized Crime (underground)
Hackers
Consumers/EndUsers/Employees
Recent Events
Threat Environment
Disturbed Denial of Service
Attacks (DDoS)
Data Breaches
Open Systems
Contributing Factors
Consumerization of Information
Technology (IT)
Threat Mitigation
Awareness
Training
Guidance
Policies
Best Practices
SANS’s
NIST Framework
2015 Exam Focus
Questions and Answers
7. kaufCAN.com
7
CyberSecurity
• Cybersecurity
– The process for managing cyber threats and
vulnerabilities and for protecting information and
information systems by identifying, defending against,
responding to, and recovering from attacks.
• Information Security
– Information security is the process by which an
organization protects and secures its systems, media,
and facilities that process and maintain information
vital to its operations. (Source: FFIEC IT Handbooks –
Information Security)
8. kaufCAN.com
8
Cyberattacks
• Cyberattack
– A cyberattack is deliberate exploitation of computer
systems, technology-dependent enterprises and
networks. Cyberattacks use malicious code to alter
computer code, logic or data, resulting in disruptive
consequences that can compromise data and lead to
cybercrimes, such as information and identity theft.
http://www.techopedia.com
9. kaufCAN.com
9
CyberSecurity continued
• Presidential Executive Order
– 13636
– February 2013
– Improving Critical Infrastructure CyberSecurity
• Cybersecurity Framework
– A set of standards, methodologies, policies and
procedures that align policy, business, and
technological approaches to manage cyber risks
11. kaufCAN.com
11
Threats
• Nation State Sponsored
– South Korea (2013)
• Banks, Media Outlets
• Systems Compromised – Patch Management
– Why?
• Cyber-attacks
– Project national power @ low-cost, and
– High-payoff way to defend national sovereignty
– Power Grid (US)
12. kaufCAN.com
12
The Underground
• Internet source for cybercriminals
– Buy/sell different products and services
– 2014 security predictions
• Leverage Targeted Attacks (TrendMicro)
– Spear Phishing
– Remote Access Trojans
13. kaufCAN.com
13
Most Requested - Underground
– Download sales
– DDoS services
– Traffic sales
– File encryption
services
– Trojan sales
– Exploit writing services
and sales
Attack Tools
Programming services
and software sales
Hacking services
Dedicated server sales
and bulletproof-hosting
services
Spam and flooding
services, including call
and SMS flooding
services
14. kaufCAN.com
14
Organized Crime
• Organized Crime
– Low Cost
– Utilize proofing effective attack tools
– Effective Attacks
– Large Payoffs
• Social engineering attack tricks companies into large wire transfers
- (May 2014) TrustedSec study
• Consumers (Technology Users, Employees)
– Utilize advance technology
– Negligence and user errors
• Insider Theft soared 80% over 2012 stats
- Identity Theft Resource Center Study (ITRC) 2014
16. kaufCAN.com
16
Recent Events
• Distributed Denial of Services (DDoS) Attacks
– Financial and government entities have become the
target
– Increased attack efforts
• Difficult to defend (3rd party or Internet Service Provider
(ISP) involvement)
• Data Breaches
– 1st Qtr 2014 – 200,000 million records breached
(SafeNet)
• Approximately 93,000 records per hour,
• 233 percent increase over the same quarter in 2013
– State Laws – Data Breach notification laws
17. kaufCAN.com
17
Recent Events continued
• Incident Sources and Costs
– Attacks
• Malicious insider
– Cost the most ($213,542) (rarest)
• DDoS attacks
– Cost ($166,545)
– Energy and utility organizations priciest attacks
($13.18 million)
– Financial services ($12.97 million)
• Per-capita
– Small organizations are higher than large ones
($1,601 versus $437)
Ponemon Institute
18. kaufCAN.com
18
Recent Events Continued
• Merchants
– Target – 30 million card credentials (vendor
management)
– Michaels – Kmart (Oct 2014)
• Banks
– JPMorgan Chase
• 76 million, and 7 million businesses
– Other Financial Institutions (FIs)
• Fast Food
– DQ – Jimmy Johns
• POS Malware - BackOff
19. kaufCAN.com
19
Recent Events Continued
• Technology Management Issues
– Open Systems
• Heartbleed (OpenSSL) - Patch management issue
• Shellshock Bash
• NACH - ACH file
– Microsoft Windows XP (Dropped support April 14, 2014)
• ATM’s (Status)
• Desktops (Status) - Lifecycle issue
20. kaufCAN.com
20
Methods/Process
• Attacking the weakest link
– Humans
• Unpatched systems
– Attackers know which systems
• Easy access to code builders and other tools
make carrying out attacks easier
• Cybercriminal precisely target individuals with
access to information they want
26. kaufCAN.com
26
Understand the Threats
• Awareness of the Cyber Environment
– Threat Intelligence
• Alert Services
– SANS - SysAdmin, Audit, Networking, and Security SANS
» NewsBites – Executive Summary
» @RISK: The Consensus Security Alert - advanced
» Ouch! - basic
» http://www.sans.org/newsletters/
– CERT – US-Computer Emergency Response Team
» Alerts - advanced
» Bulletins - advanced
» Tips – basic
» http://www.us-cert.gov/ncas
• NCUA - http://www.ncua.gov/Resources/Pages/cyber-security-
resources.aspx
27. kaufCAN.com
27
Shifts
• Layered Approaches to Security
– Confidential, Integrity, and Availability (CIA)
• Administrative controls
• Delivery methods (User interface)
• Data communications
• Active monitoring
• Encryption
28. kaufCAN.com
28
Training and Guidance
• Training
– SANS Institute – http://www.SANS.org
– Multi-State Information Sharing & Analysis Center
• https://msisac.cisecurity.org/resources/videos/free-training.cfm
– NCUA/OSCUI
• Guidance
– NCUA Rules & Regs:
• 12 CFR Part 748: Security Program, Report of Crime and
Catastrophic Act, Bank Secrecy Act Compliance, and
• 12 CFR Part 749: Records Preservation Program
– FFIEC – Information Technology Manuals
29. kaufCAN.com
29
Policy
• Part 748
– Information Security Program
• Security Awareness Training Program
• Incident Response Policy
• Patch Management Policy
• Part 749
– Business Continuity Plan/Policy
• Document Destruction Procedures
• Pandemic Procedures
• Response Plan/Policy
• Disaster Recovery Plan/Policy
31. kaufCAN.com
31
Best Practices
• Basic’s of Information Security
– Confidential, Integrity, and Availability (CIA)
• Layered Security
– arises from the desire to cover for the failings of each
component by combining components into a single,
comprehensive strategy, the whole of which is greater
than the sum of its parts, focused on technology
implementation with an artificial goal of securing the
entire system against threats
http://www.techrepublic.com/
33. kaufCAN.com
33
Firewalls (FW),
routers (ACL's),
and segmented
systems
Intrusion Detection
/ Prevention
Systems (IDS/IPS)
Active Monitoring
Admin
Lockdown
Anti-virus,
FW, updates,
host IDS, etc
Authentication
Methodology
IP Address
Lockdown &
Dual Controls, etc
Secure
Transactions/privacy
data access
34. kaufCAN.com
34
Best Practices
• Controls
– Policies
• Employee Acceptable Use Policy
• Social Media Policy
• Vendor Management Policy
– Networking Environment
• Utilize Firewalls
• Intrusion Detection and Prevention (ID/IP) Systems
– Desktop and Server
• Malware Protection (Anti-Virus)
• Administrative Permissions
• Patch Management Program
35. kaufCAN.com
35
Breach Ready Credit Union
• Maintain
– Current network diagram that shows data flows
• Logs – critical ones
– Security Logs
• Server and workstation operating system logs
• Application logs (e.g., web server, database server)
• Security tool logs (e.g., anti-virus, change detection, intrusion
detection/prevention system, end-user apps)
• Hostname-IP addresses
– Dynamic Host Configuration Protocol (DHCP) rotates the
mapping of IP addresses to internal systems
36. kaufCAN.com
36
Breach Ready continued
• Know how to find files in your environment
– If malicious files are spotted on the network
– Be able to locate where that file exists
• Incident Response Plans
– Incident Response Policies and procedures are controls
– test them!
• Public notification – know the answers
– What and how it happen?
– Prevention and protection steps
37. kaufCAN.com
37
Cyber Security
• National Institute of Science and Technology
(NIST) - The ability to protect or defend the use
of cyberspace from cyber attacks.
– The National Institute of Science and Technology
(NIST) developed a Cybersecurity Framework for
critical industry entities
– Basic Cybersecurity/information security functions
(CORE)
• Identify (Asset inventory/risk assessments; systems,
software, hardware, personnel, information, etc)
40. kaufCAN.com
40
E. Andrew Keeney, Esq.
Kaufman & Canoles, P.C.
150 West Main Street, Suite 2100
Norfolk, VA 23510
(757) 624-3153
eakeeney@kaufcan.com
http://www.kaufmanandcanoles.com/movies/credit-unions.html