The document discusses the rising threat of cyber attacks and what organizations can do about it. It notes that data breaches and attacks are becoming more common and severe due to factors such as the high value of data, the low barriers to entry for attackers, and the increasing complexity of technology. It recommends that organizations plan for security compromises, focus on security early in product development rather than after attacks, and recognize that well-trained employees can be their best defense. Organizations should prioritize assets, identify risks, conduct security assessments focused on business needs, and create response plans to improve their security posture.
Anyone handling sensitive information in this day and age needs to to have a solid security setup and a plan for when something goes wrong. This webinar aims to get you looking at your security with fresh eyes and give you an outline of an action plan.
Deral Heiland - Fail Now So I Don't Fail Latercentralohioissa
With network data breaches being reported weekly, it appears our implementation of prevention solutions is failing. With the average time to detect a breach being greater than 6 months our detection solutions also appear to be failing. Maybe these solutions and technologies are working correctly and we are just not training our teams how to manage, maintain, and leverage those solutions effectively. In this presentation I will be discussing security testing and validation methodologies that includes Internal/external pentesting, social engineering, and red team/blue team exercises. In addition I will be covering how using these methodologies we can better prepare and build a more robust security environment that will keep your organization off the front page.
Tre Smith - From Decision to Implementation: Who's On First?centralohioissa
This presentation will explore tactics to improve organizational control implementations that meet the spirit of organizational risk decisions. An approach that may help to improve the time it takes to see organizational policy reflected in everyday workplace practice and technologies. Starting with clarifying “Who’s On First?”
Mark Villinski - Top 10 Tips for Educating Employees about Cybersecuritycentralohioissa
Corporate cybercrime is usually blamed on outsiders, but sometimes, your employees can represent the biggest threat to your organization’s IT security. In this presentation, Kaspersky Lab’s Mark Villinski, will provide practical advice for educating your employees about cybersecurity. Attend to learn:
• How to create efficient and effective security policies
• Overview and statistics of the current threat landscape
• The importance of keeping your employees updated about the latest threats and scams
• Security solutions that can help keep your systems updated and protected
Endpoint threats have entered a new era, and the security industry has been rushing to catch up. The result is a highly fragmented and confusing market that has doubled in size to over 70 vendors in the last four years. We're in the midst of the second great endpoint security consolidation and will discuss precisely what that means. We'll discuss six progressive stages endpoint security will work through as this market continues to mature over the next five years or so.
Event Presentation: Cyber Security for Industrial Control SystemsInfonaligy
Get an inside look at practical examples of how hackers target control systems networks from the recent Lunch and Learn event put on by Infonaligy and Flexware Innovation.
Database Security Risks You Might Not Have Considered, but Need To IDERA Software
You can watch the replay for this Geek Sync webcast in the IDERA Resource Center: http://ow.ly/MzwU50A59GD
Database security is arguably the most important part of an information security program that many people aren’t paying attention to. Some might assume that network or server security controls are adequate to protect databases. They’re not. Furthermore, gaps in IT governance processes often lead to security policies that aren’t enforced which can directly impact database systems. This is not only creating tangible business risks but it’s also creating numerous compliance gaps.
Join IDERA and Kevin Beaver as he walks through how you can be more proactive with database security. He’ll share specific database security oversights he’s finding in his work along with some tips on how to better integrate databases into your overall information risk management initiatives.
Anyone handling sensitive information in this day and age needs to to have a solid security setup and a plan for when something goes wrong. This webinar aims to get you looking at your security with fresh eyes and give you an outline of an action plan.
Deral Heiland - Fail Now So I Don't Fail Latercentralohioissa
With network data breaches being reported weekly, it appears our implementation of prevention solutions is failing. With the average time to detect a breach being greater than 6 months our detection solutions also appear to be failing. Maybe these solutions and technologies are working correctly and we are just not training our teams how to manage, maintain, and leverage those solutions effectively. In this presentation I will be discussing security testing and validation methodologies that includes Internal/external pentesting, social engineering, and red team/blue team exercises. In addition I will be covering how using these methodologies we can better prepare and build a more robust security environment that will keep your organization off the front page.
Tre Smith - From Decision to Implementation: Who's On First?centralohioissa
This presentation will explore tactics to improve organizational control implementations that meet the spirit of organizational risk decisions. An approach that may help to improve the time it takes to see organizational policy reflected in everyday workplace practice and technologies. Starting with clarifying “Who’s On First?”
Mark Villinski - Top 10 Tips for Educating Employees about Cybersecuritycentralohioissa
Corporate cybercrime is usually blamed on outsiders, but sometimes, your employees can represent the biggest threat to your organization’s IT security. In this presentation, Kaspersky Lab’s Mark Villinski, will provide practical advice for educating your employees about cybersecurity. Attend to learn:
• How to create efficient and effective security policies
• Overview and statistics of the current threat landscape
• The importance of keeping your employees updated about the latest threats and scams
• Security solutions that can help keep your systems updated and protected
Endpoint threats have entered a new era, and the security industry has been rushing to catch up. The result is a highly fragmented and confusing market that has doubled in size to over 70 vendors in the last four years. We're in the midst of the second great endpoint security consolidation and will discuss precisely what that means. We'll discuss six progressive stages endpoint security will work through as this market continues to mature over the next five years or so.
Event Presentation: Cyber Security for Industrial Control SystemsInfonaligy
Get an inside look at practical examples of how hackers target control systems networks from the recent Lunch and Learn event put on by Infonaligy and Flexware Innovation.
Database Security Risks You Might Not Have Considered, but Need To IDERA Software
You can watch the replay for this Geek Sync webcast in the IDERA Resource Center: http://ow.ly/MzwU50A59GD
Database security is arguably the most important part of an information security program that many people aren’t paying attention to. Some might assume that network or server security controls are adequate to protect databases. They’re not. Furthermore, gaps in IT governance processes often lead to security policies that aren’t enforced which can directly impact database systems. This is not only creating tangible business risks but it’s also creating numerous compliance gaps.
Join IDERA and Kevin Beaver as he walks through how you can be more proactive with database security. He’ll share specific database security oversights he’s finding in his work along with some tips on how to better integrate databases into your overall information risk management initiatives.
Business-Critical Backup: Preparing for a DisasterNetWize
Here is a brief presentation on the importance of having a backup and recovery plan for your electronic data, especially planning for that recovery in the event of a natural or man-made disaster.
With new vulnerabilities surfacing daily, businesses need a solid strategy and internal plans to deal with them. This vendor-neutral talk helps people discover the things they need to do to get their house in order before considering costly technology purchases.
451 and Endgame - Zero breach Tolerance: Earliest protection across the attac...Adrian Sanabria
Enterprise security teams are facing numerous challenges because of evolving threat vectors bypassing existing technology, deluge of alerts, and lack of skilled resources to stop advanced threats. Even if enterprises have a budget to bring in outside incident response and forensics teams to stop the bleeding, by then, damages and loss have already occurred.
Security teams must change the shape of their security program to stop threats at the earliest and all stages of the attacker lifecycle. Join 451 Research Senior Analyst, Adrian Sanabria, and Director of Products at Endgame, Mike Nichols, talk about how earliest prevention and instant detection can change the shape and outcome of enterprise security program.
This talk will outline strategies for:
• Prioritizing the alerts and events that really matter
• Identifying parts of the investigation workflow that can be automated
• Building a detection methodology that creates confidence and continuously improves defenses
Jim Wojno: Incident Response - No Pain, No Gain!centralohioissa
Say incident response to 10 people and odds are you'll get 10 different opinions on how to do it right. When evaluating tools and procedures for enterprise Incident Response it's helpful to understand how to approach this in a way that will cause the adversary maximum pain. This talk will review the essential requirements for IR tools and procedures in a vendor / tool neutral approach. Find out the right questions to ask and the strategies to make sure you get the most out of your incident response team.
Alex Hanway - Securing the Breach: Using a Holistic Data Protection Frameworkcentralohioissa
From this presentation you will learn:
· A brief history of encryption
· How encryption is now deployed in the enterprise
· Encryption and key management best practices to keep data safe
Cultivating security in the small nonprofitRoger Hagedorn
This is an expanded version of a previous presentation; that I did for the Nonprofit Technology & Communications Conference held on April 10, 2013 in Minneapolis MN
Security threats are growing in volume, scale, and complexity. Not a day passes that we don’t hear about another data breach; and the average organization that’s hacked goes bankrupt within a year. From small and medium-size organizations to Fortune 500 companies, across every industry, no one is immune. It’s no longer enough to keep the bad stuff out (threat protection) or just keep the good stuff in (information protection). This session is a practical discussion on the ever evolving threat landscape, how you can keep up and protect yourself, your organization, and its reputation. It will help you build awareness about the types of resources and sensitive data that your nonprofit has, with tips on practical, accessible steps that you can take to ensure that information is safeguarded.
Ruben Melendez - Economically Justifying IT Security Initiativescentralohioissa
IT Security Initiatives create strategic and operational value to all enterprises; however, many IT professionals do not know how to economically quantify and forecast the benefits of IT security. Additionally, the new digital business ecosystem is resulting in rapid business cycles, which require faster speed and agility in all IT areas and IT services. The new ecosystem, largely caused by the Internet-of-Things, mobility and the Cloud, create a challenge for selecting and prioritizing IT security tools and projects. This session will present an overview of principles, models, trends and best practices, which can have been adopted by individuals and organizations to get right IT security initiatives approved.
Cyber attacks continue to increase in number and sophistication level. Recently, we've seen new types of malware and attack coordination; unfortunately, prevention and detection can only go so far. It’s time to get prepared for the high likelihood that cyber incidents will happen.
This slide deck provides an overview of the recent cyber attacks where we've assisted in organizational recovery and prevention, as well as new best practice ideas and techniques based on current cyber risk that should allow an organization to prevent many types of breaches and recovery faster
Phil Grimes - Penetrating the Perimeter: Tales from the Battlefieldcentralohioissa
Physical security controls have been found lacking in assessments against targets ranging from financial institutions to health care organizations, and from critical infrastructure and governments- city, state, and federal alike. While complex security programs address complex security problems, successful attacks often result from a cascade of minor security failures being leveraged in a damaging manner. In this session, walk in the shoes of an attacker as organizations are profiled, vulnerabilities cataloged, and attacks launched to gain unauthorized access to restricted areas and/or sensitive data. This 40 minute discussion will conclude with 10 minutes for Q&A on strategies to strengthen the existing physical security posture of an organization without overhauling all the guards, guns, and gates.
With more than 50,000 new malware created every day organisations can no longer afford to risk the financial and reputational impacts of a security or data breach, which can be too much for a business to recover from. Because of this, IT managers face increasing scrutiny and pressure from CEOs, managing directors and boards to prove that they are keeping the organisation secure.
The changing threat landscape means organisations need to be vigilant and smarter about security. While businesses still face threats from infected devices and malware, attackers have also moved beyond that. For example, there is an increasing number of targeted email attacks with cyber criminals spending time to monitor communications so they can imitate emails that are so sophisticated that even relatively savvy users will open them.
This webinar will explore the building blocks required to ensure you have the roadmap required to best protection against cyber attacks. We will provide you with a high level view of the following topics:
· Audit and discovery – What are your weaknesses and are you compliant?
· Education – Do your employees know when not to open that attachment?
· Policy – Do you have the right policies for your industry?
· Technology – Where to start and what has changed?
Business-Critical Backup: Preparing for a DisasterNetWize
Here is a brief presentation on the importance of having a backup and recovery plan for your electronic data, especially planning for that recovery in the event of a natural or man-made disaster.
With new vulnerabilities surfacing daily, businesses need a solid strategy and internal plans to deal with them. This vendor-neutral talk helps people discover the things they need to do to get their house in order before considering costly technology purchases.
451 and Endgame - Zero breach Tolerance: Earliest protection across the attac...Adrian Sanabria
Enterprise security teams are facing numerous challenges because of evolving threat vectors bypassing existing technology, deluge of alerts, and lack of skilled resources to stop advanced threats. Even if enterprises have a budget to bring in outside incident response and forensics teams to stop the bleeding, by then, damages and loss have already occurred.
Security teams must change the shape of their security program to stop threats at the earliest and all stages of the attacker lifecycle. Join 451 Research Senior Analyst, Adrian Sanabria, and Director of Products at Endgame, Mike Nichols, talk about how earliest prevention and instant detection can change the shape and outcome of enterprise security program.
This talk will outline strategies for:
• Prioritizing the alerts and events that really matter
• Identifying parts of the investigation workflow that can be automated
• Building a detection methodology that creates confidence and continuously improves defenses
Jim Wojno: Incident Response - No Pain, No Gain!centralohioissa
Say incident response to 10 people and odds are you'll get 10 different opinions on how to do it right. When evaluating tools and procedures for enterprise Incident Response it's helpful to understand how to approach this in a way that will cause the adversary maximum pain. This talk will review the essential requirements for IR tools and procedures in a vendor / tool neutral approach. Find out the right questions to ask and the strategies to make sure you get the most out of your incident response team.
Alex Hanway - Securing the Breach: Using a Holistic Data Protection Frameworkcentralohioissa
From this presentation you will learn:
· A brief history of encryption
· How encryption is now deployed in the enterprise
· Encryption and key management best practices to keep data safe
Cultivating security in the small nonprofitRoger Hagedorn
This is an expanded version of a previous presentation; that I did for the Nonprofit Technology & Communications Conference held on April 10, 2013 in Minneapolis MN
Security threats are growing in volume, scale, and complexity. Not a day passes that we don’t hear about another data breach; and the average organization that’s hacked goes bankrupt within a year. From small and medium-size organizations to Fortune 500 companies, across every industry, no one is immune. It’s no longer enough to keep the bad stuff out (threat protection) or just keep the good stuff in (information protection). This session is a practical discussion on the ever evolving threat landscape, how you can keep up and protect yourself, your organization, and its reputation. It will help you build awareness about the types of resources and sensitive data that your nonprofit has, with tips on practical, accessible steps that you can take to ensure that information is safeguarded.
Ruben Melendez - Economically Justifying IT Security Initiativescentralohioissa
IT Security Initiatives create strategic and operational value to all enterprises; however, many IT professionals do not know how to economically quantify and forecast the benefits of IT security. Additionally, the new digital business ecosystem is resulting in rapid business cycles, which require faster speed and agility in all IT areas and IT services. The new ecosystem, largely caused by the Internet-of-Things, mobility and the Cloud, create a challenge for selecting and prioritizing IT security tools and projects. This session will present an overview of principles, models, trends and best practices, which can have been adopted by individuals and organizations to get right IT security initiatives approved.
Cyber attacks continue to increase in number and sophistication level. Recently, we've seen new types of malware and attack coordination; unfortunately, prevention and detection can only go so far. It’s time to get prepared for the high likelihood that cyber incidents will happen.
This slide deck provides an overview of the recent cyber attacks where we've assisted in organizational recovery and prevention, as well as new best practice ideas and techniques based on current cyber risk that should allow an organization to prevent many types of breaches and recovery faster
Phil Grimes - Penetrating the Perimeter: Tales from the Battlefieldcentralohioissa
Physical security controls have been found lacking in assessments against targets ranging from financial institutions to health care organizations, and from critical infrastructure and governments- city, state, and federal alike. While complex security programs address complex security problems, successful attacks often result from a cascade of minor security failures being leveraged in a damaging manner. In this session, walk in the shoes of an attacker as organizations are profiled, vulnerabilities cataloged, and attacks launched to gain unauthorized access to restricted areas and/or sensitive data. This 40 minute discussion will conclude with 10 minutes for Q&A on strategies to strengthen the existing physical security posture of an organization without overhauling all the guards, guns, and gates.
With more than 50,000 new malware created every day organisations can no longer afford to risk the financial and reputational impacts of a security or data breach, which can be too much for a business to recover from. Because of this, IT managers face increasing scrutiny and pressure from CEOs, managing directors and boards to prove that they are keeping the organisation secure.
The changing threat landscape means organisations need to be vigilant and smarter about security. While businesses still face threats from infected devices and malware, attackers have also moved beyond that. For example, there is an increasing number of targeted email attacks with cyber criminals spending time to monitor communications so they can imitate emails that are so sophisticated that even relatively savvy users will open them.
This webinar will explore the building blocks required to ensure you have the roadmap required to best protection against cyber attacks. We will provide you with a high level view of the following topics:
· Audit and discovery – What are your weaknesses and are you compliant?
· Education – Do your employees know when not to open that attachment?
· Policy – Do you have the right policies for your industry?
· Technology – Where to start and what has changed?
With more than 50,000 new malware created every day organisations can no longer afford to risk the financial and reputational impacts of a security or data breach, which can be too much for a business to recover from. Because of this, IT managers face increasing scrutiny and pressure from CEOs, managing directors and boards to prove that they are keeping the organisation secure.
The changing threat landscape means organisations need to be vigilant and smarter about security. While businesses still face threats from infected devices and malware, attackers have also moved beyond that. For example, there is an increasing number of targeted email attacks with cyber criminals spending time to monitor communications so they can imitate emails that are so sophisticated that even relatively savvy users will open them.
This webinar will explore the building blocks required to ensure you have the roadmap required to best protection against cyber attacks. We will provide you with a high level view of the following topics:
· Audit and discovery – What are your weaknesses and are you compliant?
· Education – Do your employees know when not to open that attachment?
· Policy – Do you have the right policies for your industry?
· Technology – Where to start and what has changed?
2022 Rea & Associates' Cybersecurity Conference Rea & Associates
This presentation will give you insights into timely information about current cybersecurity threats faced by small and mid-sized businesses, incident response plans, and Cybersecurity Maturity Model Certification (CMMC) compliance protocols required for government contracts and what you need to do now to protect your business from a cyberattack.
Cyber Security 101: Training, awareness, strategies for small to medium sized...Stephen Cobb
I developed "Cyber Security 101: Training, awareness, strategies for small to medium sized business" for the second annual Small Business Summit on Security, Privacy, and Trust, co-hosted by ADP in New Jersey, October 2013.
The Hacking Team Hack: Lessons Learned for Enterprise SecurityStephen Cobb
Recent aggressive hacks on companies underline the need for good risk analysis, situational awareness, and incident response. Just ask AshleyMadison, Hacking Team, and Sony Pictures.
Be More Secure than your Competition: MePush Cyber Security for Small BusinessArt Ocain
These are the slides I used during my cyber security presentation at the Bucknell SBDC. Titled "Be More Secure than your Competition" this is geared toward small businesses.
Today's Breach Reality, The IR Imperative, And What You Can Do About ItResilient Systems
Despite changing threats and the near certainty of compromise, most
IT security programs are much the same as they were a decade ago. How
have attacker motivations and tactics changed, and why? What does
this mean for IT security departments, and how must they adapt?
This webinar will detail the security challenges organizations face
today, the implications of changes in attacker tactics and
motivations, and what firms can do to better align their security
program with today's reality.
Our featured speakers for this webinar will be:
- Ted Julian, Chief Marketing Officer, Co3 Systems
- Colby Clark, Director of Incident Management, Fishnet Security
Vendors, and Risk, and Tigers, and Bears, Oh My: How to Create a Vendor Revie...Wendy Knox Everette
ShmooCon 2020
You’ve just been tasked with creating a vendor review management process at your company, but what does that even mean, and how are you going to do this? Do you need to buy a lot of expensive GRC software and hire an army of compliance staffers? This talk will explain what a vendor review process is and walk through setting one up at your company, using nothing more complicated than email, text files, and maybe some Slack and Google Forms.
# Internet Security: Safeguarding Your Digital World
In the contemporary digital age, the internet is a cornerstone of our daily lives. It connects us to vast amounts of information, provides platforms for communication, enables commerce, and offers endless entertainment. However, with these conveniences come significant security challenges. Internet security is essential to protect our digital identities, sensitive data, and overall online experience. This comprehensive guide explores the multifaceted world of internet security, providing insights into its importance, common threats, and effective strategies to safeguard your digital world.
## Understanding Internet Security
Internet security encompasses the measures and protocols used to protect information, devices, and networks from unauthorized access, attacks, and damage. It involves a wide range of practices designed to safeguard data confidentiality, integrity, and availability. Effective internet security is crucial for individuals, businesses, and governments alike, as cyber threats continue to evolve in complexity and scale.
### Key Components of Internet Security
1. **Confidentiality**: Ensuring that information is accessible only to those authorized to access it.
2. **Integrity**: Protecting information from being altered or tampered with by unauthorized parties.
3. **Availability**: Ensuring that authorized users have reliable access to information and resources when needed.
## Common Internet Security Threats
Cyber threats are numerous and constantly evolving. Understanding these threats is the first step in protecting against them. Some of the most common internet security threats include:
### Malware
Malware, or malicious software, is designed to harm, exploit, or otherwise compromise a device, network, or service. Common types of malware include:
- **Viruses**: Programs that attach themselves to legitimate software and replicate, spreading to other programs and files.
- **Worms**: Standalone malware that replicates itself to spread to other computers.
- **Trojan Horses**: Malicious software disguised as legitimate software.
- **Ransomware**: Malware that encrypts a user's files and demands a ransom for the decryption key.
- **Spyware**: Software that secretly monitors and collects user information.
### Phishing
Phishing is a social engineering attack that aims to steal sensitive information such as usernames, passwords, and credit card details. Attackers often masquerade as trusted entities in email or other communication channels, tricking victims into providing their information.
### Man-in-the-Middle (MitM) Attacks
MitM attacks occur when an attacker intercepts and potentially alters communication between two parties without their knowledge. This can lead to the unauthorized acquisition of sensitive information.
### Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) Attacks
Multi-cluster Kubernetes Networking- Patterns, Projects and GuidelinesSanjeev Rampal
Talk presented at Kubernetes Community Day, New York, May 2024.
Technical summary of Multi-Cluster Kubernetes Networking architectures with focus on 4 key topics.
1) Key patterns for Multi-cluster architectures
2) Architectural comparison of several OSS/ CNCF projects to address these patterns
3) Evolution trends for the APIs of these projects
4) Some design recommendations & guidelines for adopting/ deploying these solutions.
This 7-second Brain Wave Ritual Attracts Money To You.!nirahealhty
Discover the power of a simple 7-second brain wave ritual that can attract wealth and abundance into your life. By tapping into specific brain frequencies, this technique helps you manifest financial success effortlessly. Ready to transform your financial future? Try this powerful ritual and start attracting money today!
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024APNIC
Ellisha Heppner, Grant Management Lead, presented an update on APNIC Foundation to the PNG DNS Forum held from 6 to 10 May, 2024 in Port Moresby, Papua New Guinea.
1.Wireless Communication System_Wireless communication is a broad term that i...JeyaPerumal1
Wireless communication involves the transmission of information over a distance without the help of wires, cables or any other forms of electrical conductors.
Wireless communication is a broad term that incorporates all procedures and forms of connecting and communicating between two or more devices using a wireless signal through wireless communication technologies and devices.
Features of Wireless Communication
The evolution of wireless technology has brought many advancements with its effective features.
The transmitted distance can be anywhere between a few meters (for example, a television's remote control) and thousands of kilometers (for example, radio communication).
Wireless communication can be used for cellular telephony, wireless access to the internet, wireless home networking, and so on.
Bridging the Digital Gap Brad Spiegel Macon, GA Initiative.pptxBrad Spiegel Macon GA
Brad Spiegel Macon GA’s journey exemplifies the profound impact that one individual can have on their community. Through his unwavering dedication to digital inclusion, he’s not only bridging the gap in Macon but also setting an example for others to follow.
Everything is not awesome: The rising threat of Cyber-attack and what to do about it
1. Everything Is
Not Awesome
The rising threat of Cyber-attack and
what to do about it
Robi Sen, CSO, Department 13, LLC
robi.sen@department13.com
2. Agenda
• Its all just getting worse
• Data breaches more common and larger
• Number of attacks in total rapidly increasing
• Threats are more sophisticated and hard to stop
• Technology is failing us
• Why is it getting worse
• High value low risk
• Low barrier to entry - Its so easy
• As technology gets more complex its harder to secure
• Vendors don’t really care
• What can we do
• Be realistic and plan for compromise
• Focus on security early not after a event
• Realize that the best defense is people
• What you can do right now
3. Realize security is core to your business
If you can answer no to any of these questions then your can ignore
security.
• Does your brand matter to you?
• Do you care about your customers and customer trust?
• Do you have important Intellectual Property?
• Do you have company secrets?
• Do your products, services, or systems effect peoples lives?
6. Technology is failing us; fighting yesterdays
battles
Antivirus "is dead," Brian Dye SVP INFOSEC at (2)
Symantec(1). "We don't think of antivirus as a
moneymaker in any way."
82 percent of all malware it detects stays active for a mere
hour, and 70 percent of all threats only surface once, as
malware authors rapidly change their software to skirt
detection from traditional antivirus solutions(3).
8. Why? Its just to easy
• Tools such as Kali are widely
• Point and click hacking tools
• Hacking and Malware as a service are now wide spread
• Most companies don’t even know if their are being hacked
• Most companies don’t know how to respond
9. Why? Complexity is the bane of security
• Organically grown systems – Bash and Shellshock are a great example
(1)
• Systems layered and so complex they are hard to understand (2)
• Overly specialized – nonsystem thinking
10. Why? Vendors really don’t care
• Vendors focus on features of their product and services first
• Vendors product cycle is vicious allowing little time for security testing
and analysis
• Vendors think security is something that should be added latter
• Vendors are rarely sued or held responsible for the low quality of
security in their products
12. Realize your going to get compromised
• Its not if. Its When!
• Ask your self… What do you do when your compromised?
• How well do you know how you will react? Timing, escalation, and
appropriateness.
• Have you made connections with law enforcement, legal, PR, and
your vendors?
• Who owns security in your company?
• Who are the people who are most likely to attack you?
13. Focus on security early
• Include security in your business plan
• Add security to your business model
• At the start of a new service, product, or business
• Add security as part of your cultural of excellence
• Plan for the inevitable and make a response plan
14. Your people are your best security resource
• Humans are better identifying modern threats
• People are flexible
• Humans assisted by technology are better than either
• Your people and employees can respond to your needs while vendors
may not
15. What you can do right now
1. Prioritize your assets based on YOUR BUSINESS NEEDS
2. Identify your major risks
3. Do a security assessment but make sure it focuses on YOUR BUSINESS NEEDS
4. Work internally to understand your current policies and process to see if they
align with one and two
5. Clarify and simplify
6. Make a response plan
7. Create the ONION – Add your technical, physical, and human security systems
8. Game and test
9. Lather, Rinse, Repeat!
16. What you can do right now
• Hire a CSO or senior security professional
• Invest in training
• Empower you security staff
• Invest in tools that empower people not replace
• Join security groups
• Connect with the FBI and local law enforcement
• Make a relationship with a security partner
• Remember security is a state not a goal
The problem is we think of Security all wrong. We think it’s a end goal. Its not it’s a changing state. That end goal drives the myth that tools and techniques can stop attacks. It does not. At some point the attacker will be successful especially when they can always attack and attack and attack. We need to change how we think of security.
Furthermore we have security backwards. We tend to focus on security, because we think of it as a static goal, a set of boxes on a check list. Its not. Threats constantly change. The attack surface, the techniques, and even the goals of attackers always change.
More importantly, you the target, have different needs, goals, and risks that cannot be accounted for by a simple checklist. Only you and your organization can decide what's important to you, not a government agency or third party. All your security goals, policies, and procedures must cascade from those business criteria and needs.
This is not just FUD. Attacks are more common and more sophisticated. They are also more likely to succeed. You need to accept this. You will be compromised and its worth repeating.
Even your email is worth something. Spammers and hackers will pay between a fraction of a cent to 5 to 10 cents for fully vetted valid emails
ALSO knowledge is power. If you know who is talking to who, who is investing in what, how someone will vote, what new laws are being made, and the like then you have REAL POWER.
Your people are worth a lot. CEO’s, CFO’s, your lawyers, and traveling representatives are now common targets of organized crime and state security apparatus. Everyone wants to know what your CEO is thinking!
1- http://blog.erratasec.com/2014/09/the-shockingly-bad-code-of-bash.html#.VE2fPvnF_xU and also read http://blog.erratasec.com/2014/09/many-eyes-theory-conclusively-disproven.html
2- http://www.wired.com/2013/01/uncovering-the-dangers-of-network-security-complexity/ 50+% of respondents' said complexity created security issues.
3 - – Engineers focus to much on one specific area of a system they touch, such a User Interface, instead of the system as a whole
You need to think about who is likely to attack you. If you don’t have a security back ground this might be hard. For example if your NGO helping poor farmers in Africa you might think you have no security risk. Yet one of the NGO’s who are a customer was compromised by a major state security group who has interests in African governments and business. Remember not everyone is after just simply money.
Your biggest threat are also your own people. Choose wisely!
Security has to be thought of as part of your business and your business model. As such only you can determine what levels of investment you need to make to balance risk versus investment. That being said you cannot make this assessment until you have really assessed your security, your threats, and your risks
Humans are better identifying modern threats than computers
People are flexible
Humans assisted by technology are better than either technology or people
Your people and employees can respond to your needs while vendors will not always
That being said finding the right people is very hard.
Talk about what the right people look like and how one good person can build a great team from just decent IT folks but a bunch of developers, IT folks, networking guys, and programmers rarely understand security.
2 - By risks we mean what would happen if you lost data, some got access, and the like not specific technology threats or issues
3 – you can do this yourself but its best practice to work with a third party
4 – don’t just follow a check list. Think this through.
5 – as we mentioned policy complexity leads to confusion and even security failures. Also simple policies and plans allow your team to use common sense and “on the ground” knowledge.
6 – You need to have a detailed plan but it does not need to be complex. Also your staff needs to know when to deviate and when to follow the script. This often requires you hiring good people.
7 – put in place your tools but make sure they are backed up by people who know how to use those tools, know when to get new tools, and know how to respond
8 – you have to test your system and not just penetration tests. You have to game the whole process. This may seem complex and expensive but often can be done in ½ a day with key stakeholders and staff and is far cheaper than a breach.