John Gilligan, profile picture
Uploaded byJohn Gilligan
PPTX, PDF2,261 views

Cyber Security: Threats and Needed Actions

The document discusses the critical state of cyber security, emphasizing it as a national security crisis exacerbated by increasing threats and vulnerabilities. It recommends immediate actions, such as appointing a cybersecurity official and enhancing public-private partnerships, while also outlining longer-term goals for improved security practices and infrastructure. The importance of a robust cyber defense strategy and the transformation of the software industry to ensure security and resilience are highlighted.

Technology
Related topics:
Cyber-Security

Embed presentation

Downloaded 197 times
Cyber Security: Threats and Needed Actions John M. Gilligan www.gilligangroupinc.com Research Board September 17, 2009
Topics • Historical Perspectives • Cyber Security Threats--A National Crisis • White House Cyber Security Policy Review • Near Term Opportunities • Ongoing Efforts • Longer term Needs • Closing Thoughts 2
Historical Perspectives • Internet, software industry, (personal) computers—rooted in creativity not engineering • Security in the Cold War Era – Security “Gurus”—Keepers of the Kingdom • The World Wide Web changes the security landscape-- forever • Post Cold War: The Age of Information Sharing Legacy of the past is now our “Achilles Heel” 3
Cyber Security Threats Today--A New “Ball Game” • Our way of life depends on a reliable cyberspace • Intellectual property is being downloaded at an alarming rate • Cyberspace is now a warfare domain • Attacks increasing at an exponential rate (e.g. Conficker) • Fundamental network and system vulnerabilities cannot be fixed quickly • Entire industries exist to “Band Aid” over engineering and operational weaknesses • Industry impacts can be profound (e.g., Heartland) Cyber Security is a National Security Crisis! 4
Heartland Payment Systems Disclosure of intrusions--Jan 20, 2009 5
Obama Cyberspace Policy Review— “60 Day Review” • The Nation is at a crossroads • Cyberspace risks pose some of most serious challenges to economic and national security • Need to begin national dialogue on cybersecurity • Solutions must involve partnership with private sector and international engagement • White House must lead the way 6
Recommended Near-Term Actions • Appoint White House Cybersecurity official and supporting organization • Prepare updated national strategy • Designate cybersecurity as Presidential priority • Initiate public awareness campaign and strengthen international partnerships • New policies regarding roles/responsibilities • Prepare cyber incident response plan • Develop research plan and vision for identity management On hold pending appointment of White House Cyber Czar 7
Government Actions • Comprehensive National Cyber Initiative (CNCI) • Department of Homeland Security Reorganization • Smart Grid Cyber Security Initiative • (Some) Public-Private Partnerships – Defense Industrial Base (DIB) – Other special relationships • (Many) Legislative Proposals 8
An Effective Public-Private Partnership: 20 Critical Controls for Effective Cyber Defense* • Underlying Rationale – Let “Offense drive Defense” – Focus on most critical areas • CAG: Twenty security controls based on attack patterns • Government and Private Sector consensus • Emphasis on auditable controls and automated implementation/enforcement • Pilots and standards for tools ongoing * Also called the “Consensus Audit Guidelines” or “CAG” (http://www.sans.org/cag/) 9
Longer-Term Actions: IT Reliably Enabling Business • Change the dialogue: Reliable, resilient IT is fundamental to future National Security and Economic Growth • New business model for software industry – First step—self certified, locked-down configurations – Longer term—software with reliability warranties • Redesign the Internet to provide reliable attribution, increased security • Get the “man out of the loop”—use automated tools (e.g., SCAP) • Foster new IT services models – Assume insecure environment – Increased use of virtualization – Secure “cloud” • Develop professional cyberspace workforceNeed to Fundamentally “Change the Game” to Make Progress 10
Closing Thoughts • Government and Industry need to treat cyber security as an urgent priority • Near-term actions important but need to fundamentally change the game to get ahead of the growing threat • IT community needs to reorient the dialogue on cyber security—the objective is reliable and resilient information • As an example, Cyber Security in DoD is more mature—but still woefully inadequate Cyber Security is Fundamentally a Leadership Issue!11
Contact Information jgilligan@gilligangroupinc.com www.gilligangroupinc.com John M. Gilligan 12
Security Content Automation Protocol (SCAP) • What is it: A set of open standards that allows for the monitoring, positive control, and reporting of security posture of every device in a network. • How is it implemented: Commercial products implement SCAP protocols to exchange and enforce configuration, security policy, and vulnerability information. • Where is it going: Extensions in development to address software design weaknesses, attack patterns, and malware attributes. SCAP Enables Automated Tools To Implement And Enforce Secure Operations 13
Top 20 Cyber Attacks and Related Control (not in priority order) Attack Control Summary Comments 1. Scan for unprotected systems on networks Maintain inventory of authorized and unauthorized devices on networks Find devices that can be exploited to gain access to other interconnected systems. 2. Scan for vulnerable versions of software Maintain inventory of authorized and unauthorized software Find software versions that are able to be exploited remotely to gain entry to other systems. 3. Scan for software with weak configurations Implement secure configurations for HW/SW computer devices Original configurations from vendors often have inadequate security controls enabled. 4. Scan for network devices with exploitable vulnerabilities Implement secure configurations for network devices (routers, switches, firewalls, etc.) Network devices often become less securely configured over time unless they are diligently maintained. 5. Attack boundary devices Implement multi-layered boundary defenses Attackers attempt to exploit boundary systems (e.g., DMZ or network perimeter) to gain access to network or interrelated networks 14
Top 20 Cyber Attacks and Related Control (Continued) (not in priority order) Attack Control Summary Comments 6. Attack without being detected and maintain long-term access due to weak audit logs Maintain and monitor audit logs Weak protection of or inadequate logging and monitoring permits attackers to hide actions 7. Attack web-based or other application software Robust security controls and testing of application software Longstanding code weaknesses (e.g., SQL injection, buffer overflows) can be exploited 8. Gain administrator privileges to control target machines Implement controlled use of administrator privileges Attacks exploit weak protection or control over administrator privileges 9. Gain access to sensitive data that is not adequately protected Implement controlled access based on need to know Once inside a system, attackers exploit weak access controls 10. Exploit newly discovered and unpatched vulnerabilities Continuous vulnerability assessment and remediation Attackers exploit the time between vulnerability discovery and patching 15
Top 20 Cyber Attacks and Related Control (Continued) (not in priority order) Attack Control Summary Comments 11. Exploit inactive user accounts Monitor and control user accounts Legitimate but inactive or accounts of former employees are exploited 12. Implement malware attacks Implement up-to-date anti- virus, anti-spyware, and Intrusion Prevention System controls Malware attacks continue to evolve leaving non- updated systems exposed 13. Exploit poorly configured network services Limit and control network ports, protocols and services Attackers focus on unprotected or unneeded ports and protocols 14. Exploit weak security of wireless devices Implement controls for wireless devices Example attacks include unauthorized access from parking lots, exploiting traveling employees, etc. 15. Steal sensitive data Implement controls to detect and prevent unauthorized exfiltration Includes both electronic and physical (i.e., stolen laptops) attacks 16
Top 20 Cyber Attacks and Related Control (Continued) (not in priority order) Attack Control Summary Comments 16. Map networks looking for vulnerabilities Implement secure network engineering Look for unprotected (i.e., weak) links or weak filtering/controls in network 17. Attack networks and systems by exploiting vulnerabilities undiscovered by target system personnel Conduct penetration tests to evaluate and exercise defenses Attack exploits social engineering and inability of system to respond to automated attacks 18. Attack systems or organizations that have no or poor attack response Implement effective cyber incident response capabilities True magnitude and impact of attack can be masked by inadequate response 19. Change system configurations and/or data so that organization cannot restore it properly Implement data and system recovery procedures Leave backdoors or data errors that permit future attacks or disrupt operations 20. Exploit poorly trained or poorly skilled employees Conduct skills assessment and ensure adequate training across the enterprise Attacks focus on manipulating end users, administrators, security operators, programmers, or even system owners 17

More Related Content

PPTX
Cyber security
byNimesh Gajjar
 
PDF
Cyber security
byBhavin Shah
 
PPTX
Cyber security and Hacking
byParth Makadiya
 
PPTX
Cyber security
byvishakha bhagwat
 
PPTX
The Importance of Cybersecurity in 2017
byR-Style Lab
 
PDF
Cyber Security Vulnerabilities
bySiemplify
 
PPTX
Cyber Security - Moving Past "Best Practices"
byBilltrust
 
PPTX
IT Security Presentation
byelihuwalker
 
Cyber security
byNimesh Gajjar
 
Cyber security
byBhavin Shah
 
Cyber security and Hacking
byParth Makadiya
 
Cyber security
byvishakha bhagwat
 
The Importance of Cybersecurity in 2017
byR-Style Lab
 
Cyber Security Vulnerabilities
bySiemplify
 
Cyber Security - Moving Past "Best Practices"
byBilltrust
 
IT Security Presentation
byelihuwalker
 

What's hot

PPTX
Cyber security
byPihu Goel
 
PPTX
Pranavi verma-cyber-security-ppt
byPranaviVerma
 
PPTX
Introduction to cyber security
bySelf-employed
 
PDF
Cybersecurity technology adoption survey
byPaperjam_redaction
 
PPTX
Cyber security
byDr. Kishor Nikam
 
DOCX
Hot Cyber Security Technologies
byRuchikaSachdeva4
 
PPTX
Cyber security ppt
byCH Asim Zubair
 
PPTX
cyber security presentation.pptx
bykishore golla
 
PDF
Cyber security and demonstration of security tools
byVicky Fernandes
 
PPTX
Cyber Security: A Common Problem 2018
byjoshquarrie
 
PPTX
What is Cyber Security - Avantika University
byAvantika University
 
PPTX
Cyber Security Demistyified
byMicrosoft UK
 
PDF
1. introduction to cyber security
byAnimesh Roy
 
PPTX
Cyber security 07
byHabib Siddiqui
 
PPTX
Introduction to Cybersecurity
byAdri Jovin
 
PDF
CyberSecurity - UH IEEE Presentation 2015-04
byKyle Lai
 
PPTX
Cyber awareness program
byAvanzo net
 
PPT
Cyber security 22-07-29=013
byDr. Amitabha Yadav
 
PDF
Cyber security
byPrem Raval
 
PPT
Basic knowledge of cyber security
bymahendra_chauhan
 
Cyber security
byPihu Goel
 
Pranavi verma-cyber-security-ppt
byPranaviVerma
 
Introduction to cyber security
bySelf-employed
 
Cybersecurity technology adoption survey
byPaperjam_redaction
 
Cyber security
byDr. Kishor Nikam
 
Hot Cyber Security Technologies
byRuchikaSachdeva4
 
Cyber security ppt
byCH Asim Zubair
 
cyber security presentation.pptx
bykishore golla
 
Cyber security and demonstration of security tools
byVicky Fernandes
 
Cyber Security: A Common Problem 2018
byjoshquarrie
 
What is Cyber Security - Avantika University
byAvantika University
 
Cyber Security Demistyified
byMicrosoft UK
 
1. introduction to cyber security
byAnimesh Roy
 
Cyber security 07
byHabib Siddiqui
 
Introduction to Cybersecurity
byAdri Jovin
 
CyberSecurity - UH IEEE Presentation 2015-04
byKyle Lai
 
Cyber awareness program
byAvanzo net
 
Cyber security 22-07-29=013
byDr. Amitabha Yadav
 
Cyber security
byPrem Raval
 
Basic knowledge of cyber security
bymahendra_chauhan
 

Similar to Cyber Security: Threats and Needed Actions

PPTX
Cybersecurity: Challenges, Initiatives, and Best Practices
byJohn Gilligan
 
PPTX
Cyber Security: Threats and Needed Actions
byJohn Gilligan
 
PPTX
Cyber Security: Past and Future
byJohn Gilligan
 
PPTX
Cloud Security.pptx
byBinod Rimal
 
PPTX
Cyber Security: Past and Future
byJohn Gilligan
 
PPT
Understanding Technology Stakeholders: Their Progress and Challenges
byJohn Gilligan
 
PPTX
Leveraging Federal Procurement to Improve Cyber Security
byJohn Gilligan
 
PDF
overview of cyber security and related chapters
byphoenixbyte
 
PPT
Understanding Technology Stakeholders
byJohn Gilligan
 
PPTX
Your cyber security webinar
byIntergen
 
PPTX
Cybersecurity.pptx
byJohn Donahue
 
PDF
DNS Cybersecurity in 2012-2015
byAndrzej Bartosiewicz
 
PDF
4. Mitigating a Cyber Attack
byisc2-hellenic
 
PPTX
Federal Cybersecurity: The latest challenges, initiatives and best practices
byJohn Gilligan
 
PDF
Presentation 10 (1).pdf
byKARANSINGHD
 
PPTX
Cyber Security Overview-breif note .pptx
byxbitindiacom
 
PPTX
Tsc2021 cyber-issues
byErnest Staats
 
PPTX
Cyber security by Gaurav Singh
byGaurav Singh
 
PPTX
Your cyber security webinar
byEmpired
 
PPTX
Lec 1- Intro to cyber security and recommendations
byBilalMehmood44
 
Cybersecurity: Challenges, Initiatives, and Best Practices
byJohn Gilligan
 
Cyber Security: Threats and Needed Actions
byJohn Gilligan
 
Cyber Security: Past and Future
byJohn Gilligan
 
Cloud Security.pptx
byBinod Rimal
 
Cyber Security: Past and Future
byJohn Gilligan
 
Understanding Technology Stakeholders: Their Progress and Challenges
byJohn Gilligan
 
Leveraging Federal Procurement to Improve Cyber Security
byJohn Gilligan
 
overview of cyber security and related chapters
byphoenixbyte
 
Understanding Technology Stakeholders
byJohn Gilligan
 
Your cyber security webinar
byIntergen
 
Cybersecurity.pptx
byJohn Donahue
 
DNS Cybersecurity in 2012-2015
byAndrzej Bartosiewicz
 
4. Mitigating a Cyber Attack
byisc2-hellenic
 
Federal Cybersecurity: The latest challenges, initiatives and best practices
byJohn Gilligan
 
Presentation 10 (1).pdf
byKARANSINGHD
 
Cyber Security Overview-breif note .pptx
byxbitindiacom
 
Tsc2021 cyber-issues
byErnest Staats
 
Cyber security by Gaurav Singh
byGaurav Singh
 
Your cyber security webinar
byEmpired
 
Lec 1- Intro to cyber security and recommendations
byBilalMehmood44
 

More from John Gilligan

PPTX
Automating Enterprise IT Management
byJohn Gilligan
 
PPTX
Solving the CIO’s Cybersecurity Dilemma
byJohn Gilligan
 
PPT
Ensuring Effective Security The CIOs Dilemma 11 17 08
byJohn Gilligan
 
PPT
Cyber Security - the 21st Century Domain
byJohn Gilligan
 
PPT
Consensus Audit Guidelines 2008
byJohn Gilligan
 
PPT
Security In The Supply Chain
byJohn Gilligan
 
Automating Enterprise IT Management
byJohn Gilligan
 
Solving the CIO’s Cybersecurity Dilemma
byJohn Gilligan
 
Ensuring Effective Security The CIOs Dilemma 11 17 08
byJohn Gilligan
 
Cyber Security - the 21st Century Domain
byJohn Gilligan
 
Consensus Audit Guidelines 2008
byJohn Gilligan
 
Security In The Supply Chain
byJohn Gilligan
 

Recently uploaded

PDF
Post Quantum Cryptography for Dummies.pdf
byAde Ismail Isnan
 
PPTX
Computer architecture, Computer architecture ,Computer architecture
bywaheedqazi123
 
PDF
How to Prepare for the RWA Tokenization Trend
byrose mason
 
PDF
shayk.online - Anonymous chat with Sinatra and WebSockets
byEleanor McHugh
 
PDF
Poročilo odbora CIS (CH08873) za leto 2025 na letni skupščini IEEE Slovenija ...
byUniversity of Maribor
 
PDF
Odoo Implementation Checklist: A Strategic ERP Blueprint for Business-Ready D...
byBANIBRO IT SOLUTION
 
PDF
Why Many Smart Device Platforms Fail to Scale?
byPromeraki Developments
 
PPTX
Do You Control the AI, or Does the AI Control You?
bymedhateltoukhy
 
PDF
Traditional-Security-Models-No-Longer-Work.pptx (1).pdf
byOhhproJunction
 
PPTX
Working Session — Build a Document Understanding Automation Using an OOTB ML ...
byDianaGray10
 
PPTX
Tech Trends 2026: AI Agents, Quantum Computing, Robotics & Cybersecurity
byridwansassman
 
PDF
The Manifesto for AI-enabled Governance !
byYannis Charalabidis
 
PDF
Explaining specific examples of purpose-specific BOM
byakipii ogaoga
 
PPTX
Beyond the Algorithm: Designing Human-Centric Public Service with AI
byAlan Dix
 
PDF
UiPath Automation Developer Associate Training Series 2026 - Session 2
byDianaGray10
 
PDF
Writing GPU-Ready AI Models in Pure Java with Babylon
byAna-Maria Mihalceanu
 
PPTX
Celonis Optimizing your future with process
bydevjeremyappleyard
 
PPTX
Workflow and decision Automation with Flowable
bychakib ch
 
PDF
final.pdf
byomarbishtawi04
 
PPTX
PPTX game guess the logo with a twistppt
byAdrianAnig
 
Post Quantum Cryptography for Dummies.pdf
byAde Ismail Isnan
 
Computer architecture, Computer architecture ,Computer architecture
bywaheedqazi123
 
How to Prepare for the RWA Tokenization Trend
byrose mason
 
shayk.online - Anonymous chat with Sinatra and WebSockets
byEleanor McHugh
 
Poročilo odbora CIS (CH08873) za leto 2025 na letni skupščini IEEE Slovenija ...
byUniversity of Maribor
 
Odoo Implementation Checklist: A Strategic ERP Blueprint for Business-Ready D...
byBANIBRO IT SOLUTION
 
Why Many Smart Device Platforms Fail to Scale?
byPromeraki Developments
 
Do You Control the AI, or Does the AI Control You?
bymedhateltoukhy
 
Traditional-Security-Models-No-Longer-Work.pptx (1).pdf
byOhhproJunction
 
Working Session — Build a Document Understanding Automation Using an OOTB ML ...
byDianaGray10
 
Tech Trends 2026: AI Agents, Quantum Computing, Robotics & Cybersecurity
byridwansassman
 
The Manifesto for AI-enabled Governance !
byYannis Charalabidis
 
Explaining specific examples of purpose-specific BOM
byakipii ogaoga
 
Beyond the Algorithm: Designing Human-Centric Public Service with AI
byAlan Dix
 
UiPath Automation Developer Associate Training Series 2026 - Session 2
byDianaGray10
 
Writing GPU-Ready AI Models in Pure Java with Babylon
byAna-Maria Mihalceanu
 
Celonis Optimizing your future with process
bydevjeremyappleyard
 
Workflow and decision Automation with Flowable
bychakib ch
 
final.pdf
byomarbishtawi04
 
PPTX game guess the logo with a twistppt
byAdrianAnig
 

Cyber Security: Threats and Needed Actions

  • 1.
    Cyber Security: Threatsand Needed Actions John M. Gilligan www.gilligangroupinc.com Research Board September 17, 2009
  • 2.
    Topics • Historical Perspectives •Cyber Security Threats--A National Crisis • White House Cyber Security Policy Review • Near Term Opportunities • Ongoing Efforts • Longer term Needs • Closing Thoughts 2
  • 3.
    Historical Perspectives • Internet,software industry, (personal) computers—rooted in creativity not engineering • Security in the Cold War Era – Security “Gurus”—Keepers of the Kingdom • The World Wide Web changes the security landscape-- forever • Post Cold War: The Age of Information Sharing Legacy of the past is now our “Achilles Heel” 3
  • 4.
    Cyber Security ThreatsToday--A New “Ball Game” • Our way of life depends on a reliable cyberspace • Intellectual property is being downloaded at an alarming rate • Cyberspace is now a warfare domain • Attacks increasing at an exponential rate (e.g. Conficker) • Fundamental network and system vulnerabilities cannot be fixed quickly • Entire industries exist to “Band Aid” over engineering and operational weaknesses • Industry impacts can be profound (e.g., Heartland) Cyber Security is a National Security Crisis! 4
  • 5.
    Heartland Payment Systems Disclosureof intrusions--Jan 20, 2009 5
  • 6.
    Obama Cyberspace PolicyReview— “60 Day Review” • The Nation is at a crossroads • Cyberspace risks pose some of most serious challenges to economic and national security • Need to begin national dialogue on cybersecurity • Solutions must involve partnership with private sector and international engagement • White House must lead the way 6
  • 7.
    Recommended Near-Term Actions •Appoint White House Cybersecurity official and supporting organization • Prepare updated national strategy • Designate cybersecurity as Presidential priority • Initiate public awareness campaign and strengthen international partnerships • New policies regarding roles/responsibilities • Prepare cyber incident response plan • Develop research plan and vision for identity management On hold pending appointment of White House Cyber Czar 7
  • 8.
    Government Actions • ComprehensiveNational Cyber Initiative (CNCI) • Department of Homeland Security Reorganization • Smart Grid Cyber Security Initiative • (Some) Public-Private Partnerships – Defense Industrial Base (DIB) – Other special relationships • (Many) Legislative Proposals 8
  • 9.
    An Effective Public-PrivatePartnership: 20 Critical Controls for Effective Cyber Defense* • Underlying Rationale – Let “Offense drive Defense” – Focus on most critical areas • CAG: Twenty security controls based on attack patterns • Government and Private Sector consensus • Emphasis on auditable controls and automated implementation/enforcement • Pilots and standards for tools ongoing * Also called the “Consensus Audit Guidelines” or “CAG” (http://www.sans.org/cag/) 9
  • 10.
    Longer-Term Actions: IT ReliablyEnabling Business • Change the dialogue: Reliable, resilient IT is fundamental to future National Security and Economic Growth • New business model for software industry – First step—self certified, locked-down configurations – Longer term—software with reliability warranties • Redesign the Internet to provide reliable attribution, increased security • Get the “man out of the loop”—use automated tools (e.g., SCAP) • Foster new IT services models – Assume insecure environment – Increased use of virtualization – Secure “cloud” • Develop professional cyberspace workforceNeed to Fundamentally “Change the Game” to Make Progress 10
  • 11.
    Closing Thoughts • Governmentand Industry need to treat cyber security as an urgent priority • Near-term actions important but need to fundamentally change the game to get ahead of the growing threat • IT community needs to reorient the dialogue on cyber security—the objective is reliable and resilient information • As an example, Cyber Security in DoD is more mature—but still woefully inadequate Cyber Security is Fundamentally a Leadership Issue!11
  • 12.
  • 13.
    Security Content AutomationProtocol (SCAP) • What is it: A set of open standards that allows for the monitoring, positive control, and reporting of security posture of every device in a network. • How is it implemented: Commercial products implement SCAP protocols to exchange and enforce configuration, security policy, and vulnerability information. • Where is it going: Extensions in development to address software design weaknesses, attack patterns, and malware attributes. SCAP Enables Automated Tools To Implement And Enforce Secure Operations 13
  • 14.
    Top 20 CyberAttacks and Related Control (not in priority order) Attack Control Summary Comments 1. Scan for unprotected systems on networks Maintain inventory of authorized and unauthorized devices on networks Find devices that can be exploited to gain access to other interconnected systems. 2. Scan for vulnerable versions of software Maintain inventory of authorized and unauthorized software Find software versions that are able to be exploited remotely to gain entry to other systems. 3. Scan for software with weak configurations Implement secure configurations for HW/SW computer devices Original configurations from vendors often have inadequate security controls enabled. 4. Scan for network devices with exploitable vulnerabilities Implement secure configurations for network devices (routers, switches, firewalls, etc.) Network devices often become less securely configured over time unless they are diligently maintained. 5. Attack boundary devices Implement multi-layered boundary defenses Attackers attempt to exploit boundary systems (e.g., DMZ or network perimeter) to gain access to network or interrelated networks 14
  • 15.
    Top 20 CyberAttacks and Related Control (Continued) (not in priority order) Attack Control Summary Comments 6. Attack without being detected and maintain long-term access due to weak audit logs Maintain and monitor audit logs Weak protection of or inadequate logging and monitoring permits attackers to hide actions 7. Attack web-based or other application software Robust security controls and testing of application software Longstanding code weaknesses (e.g., SQL injection, buffer overflows) can be exploited 8. Gain administrator privileges to control target machines Implement controlled use of administrator privileges Attacks exploit weak protection or control over administrator privileges 9. Gain access to sensitive data that is not adequately protected Implement controlled access based on need to know Once inside a system, attackers exploit weak access controls 10. Exploit newly discovered and unpatched vulnerabilities Continuous vulnerability assessment and remediation Attackers exploit the time between vulnerability discovery and patching 15
  • 16.
    Top 20 CyberAttacks and Related Control (Continued) (not in priority order) Attack Control Summary Comments 11. Exploit inactive user accounts Monitor and control user accounts Legitimate but inactive or accounts of former employees are exploited 12. Implement malware attacks Implement up-to-date anti- virus, anti-spyware, and Intrusion Prevention System controls Malware attacks continue to evolve leaving non- updated systems exposed 13. Exploit poorly configured network services Limit and control network ports, protocols and services Attackers focus on unprotected or unneeded ports and protocols 14. Exploit weak security of wireless devices Implement controls for wireless devices Example attacks include unauthorized access from parking lots, exploiting traveling employees, etc. 15. Steal sensitive data Implement controls to detect and prevent unauthorized exfiltration Includes both electronic and physical (i.e., stolen laptops) attacks 16
  • 17.
    Top 20 CyberAttacks and Related Control (Continued) (not in priority order) Attack Control Summary Comments 16. Map networks looking for vulnerabilities Implement secure network engineering Look for unprotected (i.e., weak) links or weak filtering/controls in network 17. Attack networks and systems by exploiting vulnerabilities undiscovered by target system personnel Conduct penetration tests to evaluate and exercise defenses Attack exploits social engineering and inability of system to respond to automated attacks 18. Attack systems or organizations that have no or poor attack response Implement effective cyber incident response capabilities True magnitude and impact of attack can be masked by inadequate response 19. Change system configurations and/or data so that organization cannot restore it properly Implement data and system recovery procedures Leave backdoors or data errors that permit future attacks or disrupt operations 20. Exploit poorly trained or poorly skilled employees Conduct skills assessment and ensure adequate training across the enterprise Attacks focus on manipulating end users, administrators, security operators, programmers, or even system owners 17