SlideShare a Scribd company logo

DRC -- Cybersecurity concepts2015

T. J. Saotome
T. J. Saotome
1 of 19
Download to read offline
Reunión del proyecto 2015 - Dartmouth Research & Consulting T. J. Saotome 5 Basic Cybersecurity Concepts You Must Know
Who/What Poses Threat? 2 •Hackers – casual or pro •Intruders – organized crime, states •Insiders – employees can steal •Contractors – hired guns can steal •Nature – hurricanes, fire, disasters •Human Error – input error, deletion
What’s the Problem? 3 •General Lack of Awareness – Vague understanding of users threats & risks associated with computers and the Internet •General Lack of Quality Help – Many view security as cumbersome – Many think it is complicated& expensive •Complacency – Software is in place – Does not involve me
Key Areas of Concerns 4 • Do you accept the risk level? – Ignore it – Take insurance against it – Do something about it • What are your concerns? Policies/proce dures & education Policies/proce dures & education AuthenticationAuthentication AvailabilityAvailability ConfidentialityConfidentiality IntegrityIntegrity Non- repudiation Non- repudiation
Security Model Types of Threat • Masquerade • Interception • Tampering • Denial of Service • No Evidence • Complacency Types of Solutions • Authentication • Confidentiality • Integrity • Availability • Non-Repudiation • Training & education
Is it Possible to Eliminate All Risks? • You know the answer – No, impossible • But you can get close by employing “Defense in Depth” 6 ProtectionLayers Authentication Access Control Confidentiality Availability
Concept #1 - Authentication 7 Permission to Access Resources Password Biometrics Electronic Token 2 Factor Authentication Passwords are easily “cracked” By guessing Social Engineering Deception Widely available cracking tools
Concept #2 - Confidentiality Symmetric Encryption Same key for encryption/decryption RC4, DES, 3DES, AES, IDEA, Blowfish, Twofish Asymmetric Encryption Different keys for encryption/description PGP, GnuPG, PKI (using X.509) Cryptography promotes confidentiality
Concept #3 – Information Integrity Hash Algorithm MD5 (RFC 1321), SHA (RFC 3174) Digital Signature Combination of PKI & Hash technology Digital Signature - Encrypted Hash of Private Key Digital Signature Standard – US DSS uses SHA-1 for Hash & DSA (Digital Signature Algorithm) for encryption Tampering can be detected by integrity mechanisms
Concept #4 - Availability Denial of Service Attacks Via Internet (e.g. Ping of Death) Via errant applications on LAN Via Trojan Horse Guard Against DOS & Sabotage Physical Security Dual and Multi Paths Redundant storage Good backup is essential Cryptography promotes confidentiality
Concept #5 - Non-Repudiation Destroying Evidence Log all access to covered entities Separate sys admin rights to log access rights Set event alarms for log tampering Hacker or employee may cover tracks by destroying evidence
System & Network Intrusion • Trojan Horse • Masquerading insider • Dormant malware • NetBIOS on TCP/IP especially vulnerable Many Faces of Attack Data breach Authentication info Denial of Service
Security Administration 13 • Operating System Security – Earlier versions of Windows OS lacked security mechanism – “OS Hardening” needed for critical systems • User account password/permission • Internet Security – Encrypting communication (e.g. IPSec) – SSL and TLS for Web • Scan for vulnerabilities
Mitigating Risk Security Policies Procedures Backup & Recovery Plan Off-site & Contingency Plan User Education ● ● Firewalls Anti-Virus Biometrics Cryptography PKI
15 Reducing Risks • Non-Technical Solutions – Security Policies – Procedures – Backup and Disaster Recovery Plan – Off-site and Contingency Plan – User Education • Security Technologies – Firewalls – Anti-Virus – Biometrics – Cryptography – PKI – Intrusion Detection – Logs You must have a combination of both to be effective
Reducing the Risks – How? Policies & Procedures • Define Security Policies • Define Security Process • Define Security Policies • Define Security Process Security Technology • Employ Security Technologies for enforcement • Automate Event Monitoring/Compliance • Employ Intelligent Event Correlation • Employ Security Technologies for enforcement • Automate Event Monitoring/Compliance • Employ Intelligent Event Correlation Residual Risks • Recognize that there will be residual risks • Take insurance against it, or transfer the risks • Recognize that there will be residual risks • Take insurance against it, or transfer the risks 16
Security Policies – Key Elements Network access/ permission Network access/ permission Information Retention Information Retention PasswordsPasswords Account AccessAccount Access Virus UpdatesVirus UpdatesLog UpdatesLog Updates Security FixesSecurity Fixes Backup Restore & Verify Backup Restore & Verify Network security audit Network security audit
How you can start Objective Assessment off the current state & desired future state Combination of policies & technology appropriate for the risks Continuous User Education Monitoring & Due Diligence Periodic Audit & Fire Drill
Resources 19 •These slides are available at – www.Dartmouth-research.com •Security Templates www.sans.org – Security Tools and Training www.cert.org – CERT Coordination Center www.itl.nist.gov – NIST IT Security Checklist

Recommended

DRC - Cybersecurity Concepts 2015 - 5 Basics you must know!
DRC - Cybersecurity Concepts 2015 - 5 Basics you must know!DRC - Cybersecurity Concepts 2015 - 5 Basics you must know!
DRC - Cybersecurity Concepts 2015 - 5 Basics you must know!Kevin Fisher
 
Information security
Information securityInformation security
Information securitylinalona515
 
Network Security
Network SecurityNetwork Security
Network SecurityJoe Baker
 
Understanding the need for security measures
Understanding the need for security measuresUnderstanding the need for security measures
Understanding the need for security measuresjoy grace bagui
 
APT Event - New York
APT Event - New YorkAPT Event - New York
APT Event - New YorkProf John Walker FRSA Purveyor Dark Intelligence
 
Current & Emerging Cyber Security Threats
Current & Emerging Cyber Security ThreatsCurrent & Emerging Cyber Security Threats
Current & Emerging Cyber Security ThreatsNCC Group
 
Cyber Security & User's Privacy Invasion
Cyber Security & User's Privacy InvasionCyber Security & User's Privacy Invasion
Cyber Security & User's Privacy InvasionIsaiah Edem
 
Introduction to Network Security
Introduction to Network SecurityIntroduction to Network Security
Introduction to Network SecurityJohn Ely Masculino
 

Recommended

DRC - Cybersecurity Concepts 2015 - 5 Basics you must know!
DRC - Cybersecurity Concepts 2015 - 5 Basics you must know!DRC - Cybersecurity Concepts 2015 - 5 Basics you must know!
DRC - Cybersecurity Concepts 2015 - 5 Basics you must know!Kevin Fisher
 
Information security
Information securityInformation security
Information securitylinalona515
 
Network Security
Network SecurityNetwork Security
Network SecurityJoe Baker
 
Understanding the need for security measures
Understanding the need for security measuresUnderstanding the need for security measures
Understanding the need for security measuresjoy grace bagui
 
APT Event - New York
APT Event - New YorkAPT Event - New York
APT Event - New YorkProf John Walker FRSA Purveyor Dark Intelligence
 
Current & Emerging Cyber Security Threats
Current & Emerging Cyber Security ThreatsCurrent & Emerging Cyber Security Threats
Current & Emerging Cyber Security ThreatsNCC Group
 
Cyber Security & User's Privacy Invasion
Cyber Security & User's Privacy InvasionCyber Security & User's Privacy Invasion
Cyber Security & User's Privacy InvasionIsaiah Edem
 
Introduction to Network Security
Introduction to Network SecurityIntroduction to Network Security
Introduction to Network SecurityJohn Ely Masculino
 
Covert channels: A Window of Data Exfiltration Opportunities
Covert channels: A Window of Data Exfiltration Opportunities Covert channels: A Window of Data Exfiltration Opportunities
Covert channels: A Window of Data Exfiltration Opportunities Joel Aleburu
 
Current trends in information security โดย ผศ.ดร.ปราโมทย์ กั่วเจริญ
Current trends in information security โดย ผศ.ดร.ปราโมทย์ กั่วเจริญCurrent trends in information security โดย ผศ.ดร.ปราโมทย์ กั่วเจริญ
Current trends in information security โดย ผศ.ดร.ปราโมทย์ กั่วเจริญBAINIDA
 
Information cyber security
Information cyber securityInformation cyber security
Information cyber securitySumanPramanik7
 
CNIT 123: Ch 1 Ethical Hacking Overview
CNIT 123: Ch 1 Ethical Hacking OverviewCNIT 123: Ch 1 Ethical Hacking Overview
CNIT 123: Ch 1 Ethical Hacking OverviewSam Bowne
 
Incident handling of cyber espionage
Incident handling of cyber espionageIncident handling of cyber espionage
Incident handling of cyber espionageMarie Elisabeth Gaup Moe
 
Security Fundamentals and Threat Modelling
Security Fundamentals and Threat ModellingSecurity Fundamentals and Threat Modelling
Security Fundamentals and Threat ModellingKnoldus Inc.
 
Cyber Security Awareness Month 2017-Nugget 6
Cyber Security Awareness Month 2017-Nugget 6Cyber Security Awareness Month 2017-Nugget 6
Cyber Security Awareness Month 2017-Nugget 6Chinatu Uzuegbu
 
Network Security Topic 1 intro
Network Security Topic 1 introNetwork Security Topic 1 intro
Network Security Topic 1 introKhawar Nehal khawar.nehal@atrc.net.pk
 
Advanced Persistent Threats (APTs) - Information Security Management
Advanced Persistent Threats (APTs) - Information Security ManagementAdvanced Persistent Threats (APTs) - Information Security Management
Advanced Persistent Threats (APTs) - Information Security ManagementMayur Nanotkar
 
Chapter 15 incident handling
Chapter 15 incident handlingChapter 15 incident handling
Chapter 15 incident handlingnewbie2019
 
Offensive cyber security engineer updated
Offensive cyber security engineer updatedOffensive cyber security engineer updated
Offensive cyber security engineer updatedInfosecTrain
 
Cyber Security # Lec 3
Cyber Security # Lec 3 Cyber Security # Lec 3
Cyber Security # Lec 3 Kabul Education University
 
Cybersecurity and data privacy
Cybersecurity and data privacyCybersecurity and data privacy
Cybersecurity and data privacyKatherine Cancelado
 
Data Security
Data SecurityData Security
Data SecurityAkNirojan
 
IMA - Anatomy of an Attack - Presentation- 28Aug15
IMA - Anatomy of an Attack - Presentation- 28Aug15IMA - Anatomy of an Attack - Presentation- 28Aug15
IMA - Anatomy of an Attack - Presentation- 28Aug15Benjamin D. Brooks, CISSP
 
Intrusion in computing
Intrusion in computingIntrusion in computing
Intrusion in computingEduardo Cambinda
 
CS8792 - Cryptography and Network Security
CS8792 - Cryptography and Network SecurityCS8792 - Cryptography and Network Security
CS8792 - Cryptography and Network Securityvishnukp34
 
Cryptography and Network security # Lecture 3
Cryptography and Network security # Lecture 3Cryptography and Network security # Lecture 3
Cryptography and Network security # Lecture 3Kabul Education University
 
Software Security
Software SecuritySoftware Security
Software SecurityAkNirojan
 
Cyber Security # Lec 2
Cyber Security # Lec 2Cyber Security # Lec 2
Cyber Security # Lec 2Kabul Education University
 
Cloud Security.pptx
Cloud Security.pptxCloud Security.pptx
Cloud Security.pptxBinod Rimal
 
Network Security
Network SecurityNetwork Security
Network SecurityManoj Singh
 

More Related Content

What's hot

Covert channels: A Window of Data Exfiltration Opportunities
Covert channels: A Window of Data Exfiltration Opportunities Covert channels: A Window of Data Exfiltration Opportunities
Covert channels: A Window of Data Exfiltration Opportunities Joel Aleburu
 
Current trends in information security โดย ผศ.ดร.ปราโมทย์ กั่วเจริญ
Current trends in information security โดย ผศ.ดร.ปราโมทย์ กั่วเจริญCurrent trends in information security โดย ผศ.ดร.ปราโมทย์ กั่วเจริญ
Current trends in information security โดย ผศ.ดร.ปราโมทย์ กั่วเจริญBAINIDA
 
Information cyber security
Information cyber securityInformation cyber security
Information cyber securitySumanPramanik7
 
CNIT 123: Ch 1 Ethical Hacking Overview
CNIT 123: Ch 1 Ethical Hacking OverviewCNIT 123: Ch 1 Ethical Hacking Overview
CNIT 123: Ch 1 Ethical Hacking OverviewSam Bowne
 
Security Fundamentals and Threat Modelling
Security Fundamentals and Threat ModellingSecurity Fundamentals and Threat Modelling
Security Fundamentals and Threat ModellingKnoldus Inc.
 
Cyber Security Awareness Month 2017-Nugget 6
Cyber Security Awareness Month 2017-Nugget 6Cyber Security Awareness Month 2017-Nugget 6
Cyber Security Awareness Month 2017-Nugget 6Chinatu Uzuegbu
 
Advanced Persistent Threats (APTs) - Information Security Management
Advanced Persistent Threats (APTs) - Information Security ManagementAdvanced Persistent Threats (APTs) - Information Security Management
Advanced Persistent Threats (APTs) - Information Security ManagementMayur Nanotkar
 
Chapter 15 incident handling
Chapter 15 incident handlingChapter 15 incident handling
Chapter 15 incident handlingnewbie2019
 
Offensive cyber security engineer updated
Offensive cyber security engineer updatedOffensive cyber security engineer updated
Offensive cyber security engineer updatedInfosecTrain
 
Data Security
Data SecurityData Security
Data SecurityAkNirojan
 
IMA - Anatomy of an Attack - Presentation- 28Aug15
IMA - Anatomy of an Attack - Presentation- 28Aug15IMA - Anatomy of an Attack - Presentation- 28Aug15
IMA - Anatomy of an Attack - Presentation- 28Aug15Benjamin D. Brooks, CISSP
 
CS8792 - Cryptography and Network Security
CS8792 - Cryptography and Network SecurityCS8792 - Cryptography and Network Security
CS8792 - Cryptography and Network Securityvishnukp34
 
Software Security
Software SecuritySoftware Security
Software SecurityAkNirojan
 

What's hot (20)

Covert channels: A Window of Data Exfiltration Opportunities
Covert channels: A Window of Data Exfiltration Opportunities Covert channels: A Window of Data Exfiltration Opportunities
Covert channels: A Window of Data Exfiltration Opportunities
 
Current trends in information security โดย ผศ.ดร.ปราโมทย์ กั่วเจริญ
Current trends in information security โดย ผศ.ดร.ปราโมทย์ กั่วเจริญCurrent trends in information security โดย ผศ.ดร.ปราโมทย์ กั่วเจริญ
Current trends in information security โดย ผศ.ดร.ปราโมทย์ กั่วเจริญ
 
Information cyber security
Information cyber securityInformation cyber security
Information cyber security
 
CNIT 123: Ch 1 Ethical Hacking Overview
CNIT 123: Ch 1 Ethical Hacking OverviewCNIT 123: Ch 1 Ethical Hacking Overview
CNIT 123: Ch 1 Ethical Hacking Overview
 
Incident handling of cyber espionage
Incident handling of cyber espionageIncident handling of cyber espionage
Incident handling of cyber espionage
 
Security Fundamentals and Threat Modelling
Security Fundamentals and Threat ModellingSecurity Fundamentals and Threat Modelling
Security Fundamentals and Threat Modelling
 
Cyber Security Awareness Month 2017-Nugget 6
Cyber Security Awareness Month 2017-Nugget 6Cyber Security Awareness Month 2017-Nugget 6
Cyber Security Awareness Month 2017-Nugget 6
 
Network Security Topic 1 intro
Network Security Topic 1 introNetwork Security Topic 1 intro
Network Security Topic 1 intro
 
Advanced Persistent Threats (APTs) - Information Security Management
Advanced Persistent Threats (APTs) - Information Security ManagementAdvanced Persistent Threats (APTs) - Information Security Management
Advanced Persistent Threats (APTs) - Information Security Management
 
Chapter 15 incident handling
Chapter 15 incident handlingChapter 15 incident handling
Chapter 15 incident handling
 
Offensive cyber security engineer updated
Offensive cyber security engineer updatedOffensive cyber security engineer updated
Offensive cyber security engineer updated
 
Cyber Security # Lec 3
Cyber Security # Lec 3 Cyber Security # Lec 3
Cyber Security # Lec 3
 
Cybersecurity and data privacy
Cybersecurity and data privacyCybersecurity and data privacy
Cybersecurity and data privacy
 
Data Security
Data SecurityData Security
Data Security
 
IMA - Anatomy of an Attack - Presentation- 28Aug15
IMA - Anatomy of an Attack - Presentation- 28Aug15IMA - Anatomy of an Attack - Presentation- 28Aug15
IMA - Anatomy of an Attack - Presentation- 28Aug15
 
Intrusion in computing
Intrusion in computingIntrusion in computing
Intrusion in computing
 
CS8792 - Cryptography and Network Security
CS8792 - Cryptography and Network SecurityCS8792 - Cryptography and Network Security
CS8792 - Cryptography and Network Security
 
Cryptography and Network security # Lecture 3
Cryptography and Network security # Lecture 3Cryptography and Network security # Lecture 3
Cryptography and Network security # Lecture 3
 
Software Security
Software SecuritySoftware Security
Software Security
 
Cyber Security # Lec 2
Cyber Security # Lec 2Cyber Security # Lec 2
Cyber Security # Lec 2
 

Similar to DRC -- Cybersecurity concepts2015

Cloud Security.pptx
Cloud Security.pptxCloud Security.pptx
Cloud Security.pptxBinod Rimal
 
Network Security
Network SecurityNetwork Security
Network SecurityManoj Singh
 
Lecture 7---Security (1).pdf
Lecture 7---Security (1).pdfLecture 7---Security (1).pdf
Lecture 7---Security (1).pdfZeeshanMajeed15
 
Internet Issues (How to Deal on Internet Security)
Internet Issues (How to Deal on Internet Security)Internet Issues (How to Deal on Internet Security)
Internet Issues (How to Deal on Internet Security)Hannah Jane del Castillo
 
Security in Computer System
Security in Computer SystemSecurity in Computer System
Security in Computer SystemManesh T
 
Security in computer systems fundamentals
Security in computer systems fundamentalsSecurity in computer systems fundamentals
Security in computer systems fundamentalsManesh T
 
Starting your Career in Information Security
Starting your Career in Information SecurityStarting your Career in Information Security
Starting your Career in Information SecurityAhmed Sayed-
 
Cyber Security and Data Privacy in Information Systems.pptx
Cyber Security and Data Privacy in Information Systems.pptxCyber Security and Data Privacy in Information Systems.pptx
Cyber Security and Data Privacy in Information Systems.pptxRoshni814224
 
Unit 1&2.pdf
Unit 1&2.pdfUnit 1&2.pdf
Unit 1&2.pdfNdheh
 
Information Systems.pptx
Information Systems.pptxInformation Systems.pptx
Information Systems.pptxKnownId
 
1. introduction to cyber security
1. introduction to cyber security1. introduction to cyber security
1. introduction to cyber securityAnimesh Roy
 
Security architecture principles isys 0575general att
Security architecture principles isys 0575general attSecurity architecture principles isys 0575general att
Security architecture principles isys 0575general attSHIVA101531
 
Class4 Security
Class4 SecurityClass4 Security
Class4 SecurityRMS
 
2015 Cyber Security
2015 Cyber Security2015 Cyber Security
2015 Cyber SecurityAllen Zhang
 
The myth of secure computing; management information system; MIS
The myth of secure computing; management information system; MISThe myth of secure computing; management information system; MIS
The myth of secure computing; management information system; MISSaazan Shrestha
 

Similar to DRC -- Cybersecurity concepts2015 (20)

Cloud Security.pptx
Cloud Security.pptxCloud Security.pptx
Cloud Security.pptx
 
Network Security
Network SecurityNetwork Security
Network Security
 
Insider threat v3
Insider threat v3Insider threat v3
Insider threat v3
 
Lecture 7---Security (1).pdf
Lecture 7---Security (1).pdfLecture 7---Security (1).pdf
Lecture 7---Security (1).pdf
 
Ns lecture5: Introduction to Computer, Information, and Network Security.
Ns lecture5: Introduction to Computer, Information, and Network Security.Ns lecture5: Introduction to Computer, Information, and Network Security.
Ns lecture5: Introduction to Computer, Information, and Network Security.
 
Internet Issues (How to Deal on Internet Security)
Internet Issues (How to Deal on Internet Security)Internet Issues (How to Deal on Internet Security)
Internet Issues (How to Deal on Internet Security)
 
Security in Computer System
Security in Computer SystemSecurity in Computer System
Security in Computer System
 
Security in computer systems fundamentals
Security in computer systems fundamentalsSecurity in computer systems fundamentals
Security in computer systems fundamentals
 
Starting your Career in Information Security
Starting your Career in Information SecurityStarting your Career in Information Security
Starting your Career in Information Security
 
Cyber Security and Data Privacy in Information Systems.pptx
Cyber Security and Data Privacy in Information Systems.pptxCyber Security and Data Privacy in Information Systems.pptx
Cyber Security and Data Privacy in Information Systems.pptx
 
Unit 1&2.pdf
Unit 1&2.pdfUnit 1&2.pdf
Unit 1&2.pdf
 
Information Systems.pptx
Information Systems.pptxInformation Systems.pptx
Information Systems.pptx
 
Security.ppt
Security.pptSecurity.ppt
Security.ppt
 
1. introduction to cyber security
1. introduction to cyber security1. introduction to cyber security
1. introduction to cyber security
 
Security architecture principles isys 0575general att
Security architecture principles isys 0575general attSecurity architecture principles isys 0575general att
Security architecture principles isys 0575general att
 
Class4 Security
Class4 SecurityClass4 Security
Class4 Security
 
2015 Cyber Security
2015 Cyber Security2015 Cyber Security
2015 Cyber Security
 
3-UnitV_security.pptx
3-UnitV_security.pptx3-UnitV_security.pptx
3-UnitV_security.pptx
 
The myth of secure computing; management information system; MIS
The myth of secure computing; management information system; MISThe myth of secure computing; management information system; MIS
The myth of secure computing; management information system; MIS
 
002.itsecurity bcp v1
002.itsecurity bcp v1002.itsecurity bcp v1
002.itsecurity bcp v1
 

DRC -- Cybersecurity concepts2015

  • 1. Reunión del proyecto 2015 - Dartmouth Research & Consulting T. J. Saotome 5 Basic Cybersecurity Concepts You Must Know
  • 2. Who/What Poses Threat? 2 •Hackers – casual or pro •Intruders – organized crime, states •Insiders – employees can steal •Contractors – hired guns can steal •Nature – hurricanes, fire, disasters •Human Error – input error, deletion
  • 3. What’s the Problem? 3 •General Lack of Awareness – Vague understanding of users threats & risks associated with computers and the Internet •General Lack of Quality Help – Many view security as cumbersome – Many think it is complicated& expensive •Complacency – Software is in place – Does not involve me
  • 4. Key Areas of Concerns 4 • Do you accept the risk level? – Ignore it – Take insurance against it – Do something about it • What are your concerns? Policies/proce dures & education Policies/proce dures & education AuthenticationAuthentication AvailabilityAvailability ConfidentialityConfidentiality IntegrityIntegrity Non- repudiation Non- repudiation
  • 5. Security Model Types of Threat • Masquerade • Interception • Tampering • Denial of Service • No Evidence • Complacency Types of Solutions • Authentication • Confidentiality • Integrity • Availability • Non-Repudiation • Training & education
  • 6. Is it Possible to Eliminate All Risks? • You know the answer – No, impossible • But you can get close by employing “Defense in Depth” 6 ProtectionLayers Authentication Access Control Confidentiality Availability
  • 7. Concept #1 - Authentication 7 Permission to Access Resources Password Biometrics Electronic Token 2 Factor Authentication Passwords are easily “cracked” By guessing Social Engineering Deception Widely available cracking tools
  • 8. Concept #2 - Confidentiality Symmetric Encryption Same key for encryption/decryption RC4, DES, 3DES, AES, IDEA, Blowfish, Twofish Asymmetric Encryption Different keys for encryption/description PGP, GnuPG, PKI (using X.509) Cryptography promotes confidentiality
  • 9. Concept #3 – Information Integrity Hash Algorithm MD5 (RFC 1321), SHA (RFC 3174) Digital Signature Combination of PKI & Hash technology Digital Signature - Encrypted Hash of Private Key Digital Signature Standard – US DSS uses SHA-1 for Hash & DSA (Digital Signature Algorithm) for encryption Tampering can be detected by integrity mechanisms
  • 10. Concept #4 - Availability Denial of Service Attacks Via Internet (e.g. Ping of Death) Via errant applications on LAN Via Trojan Horse Guard Against DOS & Sabotage Physical Security Dual and Multi Paths Redundant storage Good backup is essential Cryptography promotes confidentiality
  • 11. Concept #5 - Non-Repudiation Destroying Evidence Log all access to covered entities Separate sys admin rights to log access rights Set event alarms for log tampering Hacker or employee may cover tracks by destroying evidence
  • 12. System & Network Intrusion • Trojan Horse • Masquerading insider • Dormant malware • NetBIOS on TCP/IP especially vulnerable Many Faces of Attack Data breach Authentication info Denial of Service
  • 13. Security Administration 13 • Operating System Security – Earlier versions of Windows OS lacked security mechanism – “OS Hardening” needed for critical systems • User account password/permission • Internet Security – Encrypting communication (e.g. IPSec) – SSL and TLS for Web • Scan for vulnerabilities
  • 14. Mitigating Risk Security Policies Procedures Backup & Recovery Plan Off-site & Contingency Plan User Education ● ● Firewalls Anti-Virus Biometrics Cryptography PKI
  • 15. 15 Reducing Risks • Non-Technical Solutions – Security Policies – Procedures – Backup and Disaster Recovery Plan – Off-site and Contingency Plan – User Education • Security Technologies – Firewalls – Anti-Virus – Biometrics – Cryptography – PKI – Intrusion Detection – Logs You must have a combination of both to be effective
  • 16. Reducing the Risks – How? Policies & Procedures • Define Security Policies • Define Security Process • Define Security Policies • Define Security Process Security Technology • Employ Security Technologies for enforcement • Automate Event Monitoring/Compliance • Employ Intelligent Event Correlation • Employ Security Technologies for enforcement • Automate Event Monitoring/Compliance • Employ Intelligent Event Correlation Residual Risks • Recognize that there will be residual risks • Take insurance against it, or transfer the risks • Recognize that there will be residual risks • Take insurance against it, or transfer the risks 16
  • 17. Security Policies – Key Elements Network access/ permission Network access/ permission Information Retention Information Retention PasswordsPasswords Account AccessAccount Access Virus UpdatesVirus UpdatesLog UpdatesLog Updates Security FixesSecurity Fixes Backup Restore & Verify Backup Restore & Verify Network security audit Network security audit
  • 18. How you can start Objective Assessment off the current state & desired future state Combination of policies & technology appropriate for the risks Continuous User Education Monitoring & Due Diligence Periodic Audit & Fire Drill
  • 19. Resources 19 •These slides are available at – www.Dartmouth-research.com •Security Templates www.sans.org – Security Tools and Training www.cert.org – CERT Coordination Center www.itl.nist.gov – NIST IT Security Checklist