SlideShare a Scribd company logo

InfraGard Webinar March 2016 033016 A

Download as PPTX, PDF
W
Ward Pyles

The document summarizes key takeaways from the RSA Conference 2016. It discusses the rising threat of ransomware and the need to back to basics on security fundamentals like authentication, firewalls, and software updates. It also notes that the target of attacks is expanding to cloud and big data, and that organizations need to treat data as toxic. Other topics covered include new approaches to threat modeling, developing resilience after a breach, extending security teams through outsourcing, and reassessing threat detection capabilities. The document provides an agenda and information on speakers for an upcoming cybersecurity summit event.

1 of 27
RSA Conference 2016 Seven Key Takeaways You Can Use Today
INFRAGARD InfraGard is a partnership between the FBI and the private sector. It is an association of persons who represent businesses, academic institutions, state and local law enforcement agencies, and other participants dedicated to sharing information and intelligence to prevent hostile acts against the U.S. Disclaimer The views, opinions, and content of this webinar are solely those of the speakers and other contributors. These views and opinions do not necessarily represent those of InfraGard or InfraGard Atlanta Members Alliance (IAMA). The views expressed here are commentary on themes emerging from the RSA Conferences 2016 and not in any way affiliated or connected with the official event.
JOSEPH DYER JR. Joseph Dyer is Chief Information Security Officer with ICF International. ICF International provides professional services, technology solutions, and policy consulting that deliver beneficial impact in areas critical to energy, environment, infrastructure, health, social programs, public safety and defense. ICF has more than 5,000 employees that service government and commercial clients from more than 70 offices worldwide. Mr. Dyer manages ICF International’s corporate global cyber security program. Mr. Dyer has over 30 years of information technology experience with over 15 years of information security involvement. Mr. Dyer holds a BS degree in Information Systems and maintains several industry certifications including Certified Information System Security Professional (CISSP), Certified Chief Information Security Officer (C|CISO), Global Information Assurance Certification (GIAC), Certified Hacking Forensic Investigator (CHIF), and Certified Computer Forensic Examiner (CHFI). Connect LinkedIn josephdyer
WARD PYLES Connect LinkedIn wardpyles Ward Pyles is the Manager of Security Risk and Governance with The Home Depot, the world’s largest home improvement specialty retailer with more than 2,200 North American stores and 350,000 employees. With a Master of Law and more than 15 years of experience in Information Security, Ward’s extensive background in technology, regulatory compliance, and risk management assists The Home Depot in security practices and infrastructure protection. During Mr. Pyles career he has advised Congressional staff and DHS on critical infrastructure security practices and participated as an author of the first Smart Grid security standards, the nationally industry leverage NIST Cyber Security Framework, and maturity models from DOE. His global experience advising electric organizations of critical infrastructure security threats was leveraged in the development of the industries first in-house proactive ISO 27001 assessment processes.
TREVOR HORWITZ Trevor Horwitz is the founder and CISO of TrustNet, a leading specialized provider of IT Security and Compliance services. Trevor has designed, developed, and assessed security and compliance solutions for corporations of all sizes and across multiple industries for over twenty years. Trevor is a PCI Qualified Security Assessor and contributing member of the PCI Security Council’s special interest group on virtualization and cloud security. His career experience includes roles as the CEO of a pioneering network security company and a senior consultant at PWC. He is the President of InfraGard Atlanta, past Executive Board member of ISACA Atlanta, and has been active in the Technology Association of Georgia for over fifteen years. Trevor holds a Bachelor of Commerce from the University of the Witwatersrand, Johannesburg, South Africa with a triple major in Accounting, Information Systems, and Business Law. Connect LinkedIn trevorhorwitz
SUPPORT OUR SPONSORS TrustNet helps businesses build trusted relationships with their customers, partners, and employees by providing CyberSecurity and Compliance services and solutions  Managed Security Services  Compliance – PCI QSA, SOC, HIPAA, FISMA, ISO, SOX  Security Consulting – Penetration Testing  Awareness Training www.TrustNetInc.com The Cyber Security Summit, an exclusive C-Suite conference series, connects senior level executives responsible for protecting their companies’ critical infrastructures with innovative solution providers and renowned information security experts. www.CyberSummitUSA.com
1. Ransomware on the Rise 2. Back to Basics - we’re still playing defense 3. The Target is Expanding 4. The New Face of Threat Modelling 5. Breached – Now what? 6. Extending Your Security Team 7. Threat Detection – It’s still a thing AGENDA
1. Yes, the presentation will be available after the webinar ends. We will email you a link to the recording in the next day or so. 2. If you have a question, send it to us in the chat window on the left side of your screen! FAQ’S
RANSOMWARE ON THE RISE The earliest known ransomware was devised by Joseph Popp. Popp wrote the “AIDS” Trojan (aka PC Cyborg) in 1989
RANSOMWARE ON THE RISE  Backup, backup, backup  Maintain vigilance with anti-spam and anti-malware s/w  Train users to be suspicious of email  Check sender addresses  Check content of messages  Avoid clicking links in email  Keep all software patched and up-to-date  Practice you incident response plan with a ransomware scenario  Setup a bitcoin account, just in case
BACK TO BASICS we’re still playing defense, but not very well
BACK TO BASICS we’re still playing defense, but not very well  Authentication  Multi factor is an emerging standard, even for local network access  Firewalls, routers, IDS/IPS  Endpoints - anti-malware, secure browsers, file integrity monitoring  Software updates and patching  Yes, we know it’s tedious and you hate it  Encryption  Data at rest and in motion, even on the corporate network  Monitoring - log management, threat management, vulnerability management  Don’t have the capabilities and resources? Consider Managed Security Services
THE TARGET IS EXPANDING – DATA IS TOXIC Data breaches average $154 per record, while the average cost per data breach has reached $3.79MM
THE TARGET IS EXPANDING – DATA IS TOXIC  Cloud and Big Data - a marriage made in heaven is heading for a break-up  Focus on data ex-filtration and DLP is not enough  Many organization have no idea where all their data resides  Risk of storing some types of data may exceed its value to the organization  Some data types have diminishing returns  Tokenization highly recommended  Treating data as toxic will change the security posture
THE NEW FACE OF THREAT MODELLING  Threat Modeling Approaches  Software-centric  Asset-centric  Attacker-centric
THE NEW FACE OF THREAT MODELLING Process  Decompose the application/network/system  Identification and classification, external dependencies, entry points, assets, trust levels  Identify and rank threats  STRIDE (spoofing, tampering, repudiation, information disclosure, denial of service, elevation of privilege)  DREAD risk ranking (damage potential, reproducibility, exploitability, affected users, discoverability)  Develop countermeasures and mitigation  OWASP Application Threat Modeling  https://www.owasp.org/index.php/Application_Threat_Modeling
ATLANTA CYBER SECURITY SUMMIT Wednesday, April 6, 2016 9:00 AM to 6:00 PM The Ritz-Carlton Buckhead The Cyber Security Summit, an exclusive C-Suite conference series, connects senior level executives responsible for protecting their companies’ critical infrastructures with innovative solution providers and renowned information security experts. “Special Offer for InfraGard Members” http://cybersummitusa.com/atlanta-2016/
BREACHED – NOW WHAT?
BREACHED – NOW WHAT?  Build security resilience and elasticity into architecture  Automation – incident detection and response  Interoperability – distributed detection across the network  Authentication – trusted communication and collaboration  Resilience cycles  Pre-disruption – scan and eliminate vulnerabilities  During Disruption– rapid automated response  Post Disruption– reshape the environment new  Technical tools to achieve this are not mature  Software-Defined Networking may be the catalyst
OUR PANELISTS Trevor HorwitzJoseph Dyer Jr. LinkedIn josephdyer LinkedIn trevorhorwitz LinkedIn wardpyles Ward Pyles
EXTENDING YOUR SECURITY TEAM Malicious cyber attacks cost US $300 B to US $ 1Trillion a year Demand for information security professionals is expected to grow by 53% by 2018
EXTENDING YOUR SECURITY TEAM  Shortage of resources can’t be fixed in the short term  Coopting resources – the “extended security team”  Leveraging non-security team personnel as security champions/advocates  Build security into organizational culture  Educate employees – #WeAreAllSecurity  Reward positive behavior  Outsourcing  Managed Security Services  Co-Managed Security
THREAT DETECTION – IT’S STILL A THING
THREAT DETECTION – IT’S STILL A THING  Three pillars of threat detection  Visibility  Real time collection  Identity  Accurate identification  Automate analysis  Risk  Escalate response based on risk  Get serious about vulnerability scanning  More frequent penetration testing
SUPPORT OUR SPONSORS TrustNet helps businesses build trusted relationships with their customers, partners, and employees by providing CyberSecurity and Compliance services and solutions  Managed Security Services  Compliance – PCI QSA, SOC, HIPAA, FISMA, ISO, SOX  Security Consulting – Penetration Testing  Awareness Training www.TrustNetInc.com The Cyber Security Summit, an exclusive C-Suite conference series, connects senior level executives responsible for protecting their companies’ critical infrastructures with innovative solution providers and renowned information security experts. www.CyberSummitUSA.com
THE RECAP 1. Prepare for a ransomware attack 2. Revisit your defensive strategy 3. Revaluate what data you retain 4. Improve your threat modelling 5. Develop a resilience strategy 6. Extend your security team 7. Assess your threat detection capabilities
www.TrustNetInc.com Twitter @TrustNetInc LinkedIn #TrustNetInc www.CyberSummitUSA.com

Recommended

Shift Toward Dynamic Cyber Resilience
Shift Toward Dynamic Cyber ResilienceShift Toward Dynamic Cyber Resilience
Shift Toward Dynamic Cyber ResilienceDarren Argyle
 
A Manifesto for Cyber Resilience
A Manifesto for Cyber ResilienceA Manifesto for Cyber Resilience
A Manifesto for Cyber Resilience
Symantec
 
Cyber Risk Management in 2017 - Challenges & Recommendations
Cyber Risk Management in 2017 - Challenges & RecommendationsCyber Risk Management in 2017 - Challenges & Recommendations
Cyber Risk Management in 2017 - Challenges & Recommendations
Ulf Mattsson
 
Cyber resilience itsm academy_april2015
Cyber resilience itsm academy_april2015Cyber resilience itsm academy_april2015
Cyber resilience itsm academy_april2015
ITSM Academy, Inc.
 
Cyber Security Landscape: Changes, Threats and Challenges
Cyber Security Landscape: Changes, Threats and Challenges Cyber Security Landscape: Changes, Threats and Challenges
Cyber Security Landscape: Changes, Threats and Challenges
Bloxx
 
Establishing an insider threat programme: Know your Snowden - Puneet Kukreja,...
Establishing an insider threat programme: Know your Snowden - Puneet Kukreja,...Establishing an insider threat programme: Know your Snowden - Puneet Kukreja,...
Establishing an insider threat programme: Know your Snowden - Puneet Kukreja,...
Puneet Kukreja
 
A Strategy for Addressing Cyber Security Challenges
A Strategy for Addressing Cyber Security Challenges A Strategy for Addressing Cyber Security Challenges
A Strategy for Addressing Cyber Security Challenges
Cybersecurity Education and Research Centre
 
Cyber security resilience ESRM Conference Amsterdam 2016
Cyber security resilience ESRM Conference Amsterdam 2016Cyber security resilience ESRM Conference Amsterdam 2016
Cyber security resilience ESRM Conference Amsterdam 2016
Niran Seriki, CCISO, CISM
 

Recommended

Shift Toward Dynamic Cyber Resilience
Shift Toward Dynamic Cyber ResilienceShift Toward Dynamic Cyber Resilience
Shift Toward Dynamic Cyber ResilienceDarren Argyle
 
A Manifesto for Cyber Resilience
A Manifesto for Cyber ResilienceA Manifesto for Cyber Resilience
A Manifesto for Cyber Resilience
Symantec
 
Cyber Risk Management in 2017 - Challenges & Recommendations
Cyber Risk Management in 2017 - Challenges & RecommendationsCyber Risk Management in 2017 - Challenges & Recommendations
Cyber Risk Management in 2017 - Challenges & Recommendations
Ulf Mattsson
 
Cyber resilience itsm academy_april2015
Cyber resilience itsm academy_april2015Cyber resilience itsm academy_april2015
Cyber resilience itsm academy_april2015
ITSM Academy, Inc.
 
Cyber Security Landscape: Changes, Threats and Challenges
Cyber Security Landscape: Changes, Threats and Challenges Cyber Security Landscape: Changes, Threats and Challenges
Cyber Security Landscape: Changes, Threats and Challenges
Bloxx
 
Establishing an insider threat programme: Know your Snowden - Puneet Kukreja,...
Establishing an insider threat programme: Know your Snowden - Puneet Kukreja,...Establishing an insider threat programme: Know your Snowden - Puneet Kukreja,...
Establishing an insider threat programme: Know your Snowden - Puneet Kukreja,...
Puneet Kukreja
 
A Strategy for Addressing Cyber Security Challenges
A Strategy for Addressing Cyber Security Challenges A Strategy for Addressing Cyber Security Challenges
A Strategy for Addressing Cyber Security Challenges
Cybersecurity Education and Research Centre
 
Cyber security resilience ESRM Conference Amsterdam 2016
Cyber security resilience ESRM Conference Amsterdam 2016Cyber security resilience ESRM Conference Amsterdam 2016
Cyber security resilience ESRM Conference Amsterdam 2016
Niran Seriki, CCISO, CISM
 
2 21677 splunk_big_data_futureofsecurity
2 21677 splunk_big_data_futureofsecurity2 21677 splunk_big_data_futureofsecurity
2 21677 splunk_big_data_futureofsecuritySvetlana Belyaeva
 
Challenges2013
Challenges2013Challenges2013
Challenges2013
Lancope, Inc.
 
Making Threat Modeling Useful To Software Development
Making Threat Modeling Useful To Software DevelopmentMaking Threat Modeling Useful To Software Development
Making Threat Modeling Useful To Software DevelopmentConSanFrancisco123
 
Whitepaper-When-Admins-go-bad
Whitepaper-When-Admins-go-badWhitepaper-When-Admins-go-bad
Whitepaper-When-Admins-go-badbanerjeea
 
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial InstitutionsCybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
Shawn Tuma
 
The Journey to Cyber Resilience in a World of Fear, Uncertainty and Doubt
The Journey to Cyber Resilience in a World of Fear, Uncertainty and DoubtThe Journey to Cyber Resilience in a World of Fear, Uncertainty and Doubt
The Journey to Cyber Resilience in a World of Fear, Uncertainty and Doubt
John D. Johnson
 
Cyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & RecommendationsCyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & Recommendations
Ulf Mattsson
 
Cybersecurity - Sam Maccherola
Cybersecurity - Sam MaccherolaCybersecurity - Sam Maccherola
Cybersecurity - Sam Maccherola
TechBiz Forense Digital
 
OSB50: Operational Security: State of the Union
OSB50: Operational Security: State of the UnionOSB50: Operational Security: State of the Union
OSB50: Operational Security: State of the Union
Ivanti
 
Think Cyber Think Resilience | William Barker | March 2016
Think Cyber Think Resilience | William Barker | March 2016Think Cyber Think Resilience | William Barker | March 2016
Think Cyber Think Resilience | William Barker | March 2016
Anna Fenston
 
csxnewsletter
csxnewslettercsxnewsletter
csxnewsletterDominic Vogel
 
Task Incident Readiness with Veris, Judy Nowak at TASK Toronto, April 27, 2...
Task Incident Readiness with Veris, Judy Nowak at TASK Toronto, April 27, 2...Task Incident Readiness with Veris, Judy Nowak at TASK Toronto, April 27, 2...
Task Incident Readiness with Veris, Judy Nowak at TASK Toronto, April 27, 2...
patmisasi
 
Mark Lanterman - The Risk Report October 2015
Mark Lanterman - The Risk Report October 2015Mark Lanterman - The Risk Report October 2015
Mark Lanterman - The Risk Report October 2015Mark Lanterman
 
CERT Australia Update, by Scott Brown [APNIC 38 / Network Abuse BoF]
CERT Australia Update, by Scott Brown [APNIC 38 / Network Abuse BoF]CERT Australia Update, by Scott Brown [APNIC 38 / Network Abuse BoF]
CERT Australia Update, by Scott Brown [APNIC 38 / Network Abuse BoF]
APNIC
 
Cyber Resilience white paper 20160401_sd
Cyber Resilience white paper 20160401_sdCyber Resilience white paper 20160401_sd
Cyber Resilience white paper 20160401_sdSusan Darby
 
CERT Certification
CERT CertificationCERT Certification
CERT CertificationConferencias FIST
 
What trends will 2018 bring for Business Continuity Professionals?
What trends will 2018 bring for Business Continuity Professionals?What trends will 2018 bring for Business Continuity Professionals?
What trends will 2018 bring for Business Continuity Professionals?
PECB
 
Adam Bulava GCC 2019
Adam Bulava GCC 2019Adam Bulava GCC 2019
Adam Bulava GCC 2019
ImekDesign
 
Noah Maina: Computer Emergency Response Team (CERT)
Noah Maina: Computer Emergency Response Team (CERT)Noah Maina: Computer Emergency Response Team (CERT)
Noah Maina: Computer Emergency Response Team (CERT)Hamisi Kibonde
 
Cybersecurity Risks for Businesses
Cybersecurity Risks for BusinessesCybersecurity Risks for Businesses
Cybersecurity Risks for Businesses
Alex Rudie
 
CounterTack: 10 Experts on Active Threat Management
CounterTack: 10 Experts on Active Threat ManagementCounterTack: 10 Experts on Active Threat Management
CounterTack: 10 Experts on Active Threat Management
Mighty Guides, Inc.
 
ION-E Defense In Depth Presentation for The Institiute of Internal Auditors
ION-E Defense In Depth Presentation for The Institiute of Internal AuditorsION-E Defense In Depth Presentation for The Institiute of Internal Auditors
ION-E Defense In Depth Presentation for The Institiute of Internal Auditors
mdagrossa
 

More Related Content

What's hot

2 21677 splunk_big_data_futureofsecurity
2 21677 splunk_big_data_futureofsecurity2 21677 splunk_big_data_futureofsecurity
2 21677 splunk_big_data_futureofsecuritySvetlana Belyaeva
 
Challenges2013
Challenges2013Challenges2013
Challenges2013
Lancope, Inc.
 
Making Threat Modeling Useful To Software Development
Making Threat Modeling Useful To Software DevelopmentMaking Threat Modeling Useful To Software Development
Making Threat Modeling Useful To Software DevelopmentConSanFrancisco123
 
Whitepaper-When-Admins-go-bad
Whitepaper-When-Admins-go-badWhitepaper-When-Admins-go-bad
Whitepaper-When-Admins-go-badbanerjeea
 
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial InstitutionsCybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
Shawn Tuma
 
The Journey to Cyber Resilience in a World of Fear, Uncertainty and Doubt
The Journey to Cyber Resilience in a World of Fear, Uncertainty and DoubtThe Journey to Cyber Resilience in a World of Fear, Uncertainty and Doubt
The Journey to Cyber Resilience in a World of Fear, Uncertainty and Doubt
John D. Johnson
 
Cyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & RecommendationsCyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & Recommendations
Ulf Mattsson
 
Cybersecurity - Sam Maccherola
Cybersecurity - Sam MaccherolaCybersecurity - Sam Maccherola
Cybersecurity - Sam Maccherola
TechBiz Forense Digital
 
OSB50: Operational Security: State of the Union
OSB50: Operational Security: State of the UnionOSB50: Operational Security: State of the Union
OSB50: Operational Security: State of the Union
Ivanti
 
Think Cyber Think Resilience | William Barker | March 2016
Think Cyber Think Resilience | William Barker | March 2016Think Cyber Think Resilience | William Barker | March 2016
Think Cyber Think Resilience | William Barker | March 2016
Anna Fenston
 
Task Incident Readiness with Veris, Judy Nowak at TASK Toronto, April 27, 2...
Task Incident Readiness with Veris, Judy Nowak at TASK Toronto, April 27, 2...Task Incident Readiness with Veris, Judy Nowak at TASK Toronto, April 27, 2...
Task Incident Readiness with Veris, Judy Nowak at TASK Toronto, April 27, 2...
patmisasi
 
Mark Lanterman - The Risk Report October 2015
Mark Lanterman - The Risk Report October 2015Mark Lanterman - The Risk Report October 2015
Mark Lanterman - The Risk Report October 2015Mark Lanterman
 
CERT Australia Update, by Scott Brown [APNIC 38 / Network Abuse BoF]
CERT Australia Update, by Scott Brown [APNIC 38 / Network Abuse BoF]CERT Australia Update, by Scott Brown [APNIC 38 / Network Abuse BoF]
CERT Australia Update, by Scott Brown [APNIC 38 / Network Abuse BoF]
APNIC
 
Cyber Resilience white paper 20160401_sd
Cyber Resilience white paper 20160401_sdCyber Resilience white paper 20160401_sd
Cyber Resilience white paper 20160401_sdSusan Darby
 
What trends will 2018 bring for Business Continuity Professionals?
What trends will 2018 bring for Business Continuity Professionals?What trends will 2018 bring for Business Continuity Professionals?
What trends will 2018 bring for Business Continuity Professionals?
PECB
 
Adam Bulava GCC 2019
Adam Bulava GCC 2019Adam Bulava GCC 2019
Adam Bulava GCC 2019
ImekDesign
 
Noah Maina: Computer Emergency Response Team (CERT)
Noah Maina: Computer Emergency Response Team (CERT)Noah Maina: Computer Emergency Response Team (CERT)
Noah Maina: Computer Emergency Response Team (CERT)Hamisi Kibonde
 
Cybersecurity Risks for Businesses
Cybersecurity Risks for BusinessesCybersecurity Risks for Businesses
Cybersecurity Risks for Businesses
Alex Rudie
 

What's hot (20)

2 21677 splunk_big_data_futureofsecurity
2 21677 splunk_big_data_futureofsecurity2 21677 splunk_big_data_futureofsecurity
2 21677 splunk_big_data_futureofsecurity
 
Challenges2013
Challenges2013Challenges2013
Challenges2013
 
Making Threat Modeling Useful To Software Development
Making Threat Modeling Useful To Software DevelopmentMaking Threat Modeling Useful To Software Development
Making Threat Modeling Useful To Software Development
 
Whitepaper-When-Admins-go-bad
Whitepaper-When-Admins-go-badWhitepaper-When-Admins-go-bad
Whitepaper-When-Admins-go-bad
 
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial InstitutionsCybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
 
The Journey to Cyber Resilience in a World of Fear, Uncertainty and Doubt
The Journey to Cyber Resilience in a World of Fear, Uncertainty and DoubtThe Journey to Cyber Resilience in a World of Fear, Uncertainty and Doubt
The Journey to Cyber Resilience in a World of Fear, Uncertainty and Doubt
 
Cyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & RecommendationsCyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & Recommendations
 
Cybersecurity - Sam Maccherola
Cybersecurity - Sam MaccherolaCybersecurity - Sam Maccherola
Cybersecurity - Sam Maccherola
 
OSB50: Operational Security: State of the Union
OSB50: Operational Security: State of the UnionOSB50: Operational Security: State of the Union
OSB50: Operational Security: State of the Union
 
Think Cyber Think Resilience | William Barker | March 2016
Think Cyber Think Resilience | William Barker | March 2016Think Cyber Think Resilience | William Barker | March 2016
Think Cyber Think Resilience | William Barker | March 2016
 
csxnewsletter
csxnewslettercsxnewsletter
csxnewsletter
 
Task Incident Readiness with Veris, Judy Nowak at TASK Toronto, April 27, 2...
Task Incident Readiness with Veris, Judy Nowak at TASK Toronto, April 27, 2...Task Incident Readiness with Veris, Judy Nowak at TASK Toronto, April 27, 2...
Task Incident Readiness with Veris, Judy Nowak at TASK Toronto, April 27, 2...
 
Mark Lanterman - The Risk Report October 2015
Mark Lanterman - The Risk Report October 2015Mark Lanterman - The Risk Report October 2015
Mark Lanterman - The Risk Report October 2015
 
CERT Australia Update, by Scott Brown [APNIC 38 / Network Abuse BoF]
CERT Australia Update, by Scott Brown [APNIC 38 / Network Abuse BoF]CERT Australia Update, by Scott Brown [APNIC 38 / Network Abuse BoF]
CERT Australia Update, by Scott Brown [APNIC 38 / Network Abuse BoF]
 
Cyber Resilience white paper 20160401_sd
Cyber Resilience white paper 20160401_sdCyber Resilience white paper 20160401_sd
Cyber Resilience white paper 20160401_sd
 
CERT Certification
CERT CertificationCERT Certification
CERT Certification
 
What trends will 2018 bring for Business Continuity Professionals?
What trends will 2018 bring for Business Continuity Professionals?What trends will 2018 bring for Business Continuity Professionals?
What trends will 2018 bring for Business Continuity Professionals?
 
Adam Bulava GCC 2019
Adam Bulava GCC 2019Adam Bulava GCC 2019
Adam Bulava GCC 2019
 
Noah Maina: Computer Emergency Response Team (CERT)
Noah Maina: Computer Emergency Response Team (CERT)Noah Maina: Computer Emergency Response Team (CERT)
Noah Maina: Computer Emergency Response Team (CERT)
 
Cybersecurity Risks for Businesses
Cybersecurity Risks for BusinessesCybersecurity Risks for Businesses
Cybersecurity Risks for Businesses
 

Similar to InfraGard Webinar March 2016 033016 A

CounterTack: 10 Experts on Active Threat Management
CounterTack: 10 Experts on Active Threat ManagementCounterTack: 10 Experts on Active Threat Management
CounterTack: 10 Experts on Active Threat Management
Mighty Guides, Inc.
 
ION-E Defense In Depth Presentation for The Institiute of Internal Auditors
ION-E Defense In Depth Presentation for The Institiute of Internal AuditorsION-E Defense In Depth Presentation for The Institiute of Internal Auditors
ION-E Defense In Depth Presentation for The Institiute of Internal Auditors
mdagrossa
 
All About Network Security & its Essentials.pptx
All About Network Security & its Essentials.pptxAll About Network Security & its Essentials.pptx
All About Network Security & its Essentials.pptx
Infosectrain3
 
Anatomy of a cyber attack
Anatomy of a cyber attackAnatomy of a cyber attack
Anatomy of a cyber attack
Mark Silver
 
Assuring Reliable and Secure IT Services
Assuring Reliable and Secure IT ServicesAssuring Reliable and Secure IT Services
Assuring Reliable and Secure IT Servicestsaiblake
 
Assess risks to IT security.pptx
Assess risks to IT security.pptxAssess risks to IT security.pptx
Assess risks to IT security.pptx
lochanrajdahal
 
6 Steps for Operationalizing Threat Intelligence
6 Steps for Operationalizing Threat Intelligence6 Steps for Operationalizing Threat Intelligence
6 Steps for Operationalizing Threat Intelligence
Sirius
 
Matt_Cyber Security Core Deck September 2016.pptx
Matt_Cyber Security Core Deck September 2016.pptxMatt_Cyber Security Core Deck September 2016.pptx
Matt_Cyber Security Core Deck September 2016.pptx
Nakhoudah
 
BLACKOPS_USCS CyberSecurity Literacy
BLACKOPS_USCS CyberSecurity LiteracyBLACKOPS_USCS CyberSecurity Literacy
BLACKOPS_USCS CyberSecurity LiteracyCasey Fleming
 
Symantec cyber-resilience
Symantec cyber-resilienceSymantec cyber-resilience
Symantec cyber-resilience
Symantec
 
Cybersecurity risk assessments help organizations identify.pdf
Cybersecurity risk assessments help organizations identify.pdfCybersecurity risk assessments help organizations identify.pdf
Cybersecurity risk assessments help organizations identify.pdf
TheWalkerGroup1
 
Cyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdfCyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdf
Anil
 
Cyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdfCyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdf
Anil
 
What i learned at issa international summit 2019
What i learned at issa international summit 2019What i learned at issa international summit 2019
What i learned at issa international summit 2019
Ulf Mattsson
 
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdfFor Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
JustinBrown267905
 
Riverside Healthcare Accelerate Tech 2016 presentation
Riverside Healthcare Accelerate Tech 2016 presentationRiverside Healthcare Accelerate Tech 2016 presentation
Riverside Healthcare Accelerate Tech 2016 presentation
Economic Alliance of Kankakee County
 
Top Cyber Security Interview Questions and Answers 2022.pdf
Top Cyber Security Interview Questions and Answers 2022.pdfTop Cyber Security Interview Questions and Answers 2022.pdf
Top Cyber Security Interview Questions and Answers 2022.pdf
Careerera
 
Cyber Security Management in a Highly Innovative World
Cyber Security Management in a Highly Innovative WorldCyber Security Management in a Highly Innovative World
Cyber Security Management in a Highly Innovative World
SafeNet
 
Network Security Risks and Challenges for Enterprises
Network Security Risks and Challenges for EnterprisesNetwork Security Risks and Challenges for Enterprises
Network Security Risks and Challenges for Enterprises
Sandeep Yadav
 
Strategic Leadership for Managing Evolving Cybersecurity Risks
Strategic Leadership for Managing Evolving Cybersecurity RisksStrategic Leadership for Managing Evolving Cybersecurity Risks
Strategic Leadership for Managing Evolving Cybersecurity Risks
Matthew Rosenquist
 

Similar to InfraGard Webinar March 2016 033016 A (20)

CounterTack: 10 Experts on Active Threat Management
CounterTack: 10 Experts on Active Threat ManagementCounterTack: 10 Experts on Active Threat Management
CounterTack: 10 Experts on Active Threat Management
 
ION-E Defense In Depth Presentation for The Institiute of Internal Auditors
ION-E Defense In Depth Presentation for The Institiute of Internal AuditorsION-E Defense In Depth Presentation for The Institiute of Internal Auditors
ION-E Defense In Depth Presentation for The Institiute of Internal Auditors
 
All About Network Security & its Essentials.pptx
All About Network Security & its Essentials.pptxAll About Network Security & its Essentials.pptx
All About Network Security & its Essentials.pptx
 
Anatomy of a cyber attack
Anatomy of a cyber attackAnatomy of a cyber attack
Anatomy of a cyber attack
 
Assuring Reliable and Secure IT Services
Assuring Reliable and Secure IT ServicesAssuring Reliable and Secure IT Services
Assuring Reliable and Secure IT Services
 
Assess risks to IT security.pptx
Assess risks to IT security.pptxAssess risks to IT security.pptx
Assess risks to IT security.pptx
 
6 Steps for Operationalizing Threat Intelligence
6 Steps for Operationalizing Threat Intelligence6 Steps for Operationalizing Threat Intelligence
6 Steps for Operationalizing Threat Intelligence
 
Matt_Cyber Security Core Deck September 2016.pptx
Matt_Cyber Security Core Deck September 2016.pptxMatt_Cyber Security Core Deck September 2016.pptx
Matt_Cyber Security Core Deck September 2016.pptx
 
BLACKOPS_USCS CyberSecurity Literacy
BLACKOPS_USCS CyberSecurity LiteracyBLACKOPS_USCS CyberSecurity Literacy
BLACKOPS_USCS CyberSecurity Literacy
 
Symantec cyber-resilience
Symantec cyber-resilienceSymantec cyber-resilience
Symantec cyber-resilience
 
Cybersecurity risk assessments help organizations identify.pdf
Cybersecurity risk assessments help organizations identify.pdfCybersecurity risk assessments help organizations identify.pdf
Cybersecurity risk assessments help organizations identify.pdf
 
Cyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdfCyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdf
 
Cyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdfCyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdf
 
What i learned at issa international summit 2019
What i learned at issa international summit 2019What i learned at issa international summit 2019
What i learned at issa international summit 2019
 
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdfFor Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
 
Riverside Healthcare Accelerate Tech 2016 presentation
Riverside Healthcare Accelerate Tech 2016 presentationRiverside Healthcare Accelerate Tech 2016 presentation
Riverside Healthcare Accelerate Tech 2016 presentation
 
Top Cyber Security Interview Questions and Answers 2022.pdf
Top Cyber Security Interview Questions and Answers 2022.pdfTop Cyber Security Interview Questions and Answers 2022.pdf
Top Cyber Security Interview Questions and Answers 2022.pdf
 
Cyber Security Management in a Highly Innovative World
Cyber Security Management in a Highly Innovative WorldCyber Security Management in a Highly Innovative World
Cyber Security Management in a Highly Innovative World
 
Network Security Risks and Challenges for Enterprises
Network Security Risks and Challenges for EnterprisesNetwork Security Risks and Challenges for Enterprises
Network Security Risks and Challenges for Enterprises
 
Strategic Leadership for Managing Evolving Cybersecurity Risks
Strategic Leadership for Managing Evolving Cybersecurity RisksStrategic Leadership for Managing Evolving Cybersecurity Risks
Strategic Leadership for Managing Evolving Cybersecurity Risks
 

InfraGard Webinar March 2016 033016 A

  • 1. RSA Conference 2016 Seven Key Takeaways You Can Use Today
  • 2. INFRAGARD InfraGard is a partnership between the FBI and the private sector. It is an association of persons who represent businesses, academic institutions, state and local law enforcement agencies, and other participants dedicated to sharing information and intelligence to prevent hostile acts against the U.S. Disclaimer The views, opinions, and content of this webinar are solely those of the speakers and other contributors. These views and opinions do not necessarily represent those of InfraGard or InfraGard Atlanta Members Alliance (IAMA). The views expressed here are commentary on themes emerging from the RSA Conferences 2016 and not in any way affiliated or connected with the official event.
  • 3. JOSEPH DYER JR. Joseph Dyer is Chief Information Security Officer with ICF International. ICF International provides professional services, technology solutions, and policy consulting that deliver beneficial impact in areas critical to energy, environment, infrastructure, health, social programs, public safety and defense. ICF has more than 5,000 employees that service government and commercial clients from more than 70 offices worldwide. Mr. Dyer manages ICF International’s corporate global cyber security program. Mr. Dyer has over 30 years of information technology experience with over 15 years of information security involvement. Mr. Dyer holds a BS degree in Information Systems and maintains several industry certifications including Certified Information System Security Professional (CISSP), Certified Chief Information Security Officer (C|CISO), Global Information Assurance Certification (GIAC), Certified Hacking Forensic Investigator (CHIF), and Certified Computer Forensic Examiner (CHFI). Connect LinkedIn josephdyer
  • 4. WARD PYLES Connect LinkedIn wardpyles Ward Pyles is the Manager of Security Risk and Governance with The Home Depot, the world’s largest home improvement specialty retailer with more than 2,200 North American stores and 350,000 employees. With a Master of Law and more than 15 years of experience in Information Security, Ward’s extensive background in technology, regulatory compliance, and risk management assists The Home Depot in security practices and infrastructure protection. During Mr. Pyles career he has advised Congressional staff and DHS on critical infrastructure security practices and participated as an author of the first Smart Grid security standards, the nationally industry leverage NIST Cyber Security Framework, and maturity models from DOE. His global experience advising electric organizations of critical infrastructure security threats was leveraged in the development of the industries first in-house proactive ISO 27001 assessment processes.
  • 5. TREVOR HORWITZ Trevor Horwitz is the founder and CISO of TrustNet, a leading specialized provider of IT Security and Compliance services. Trevor has designed, developed, and assessed security and compliance solutions for corporations of all sizes and across multiple industries for over twenty years. Trevor is a PCI Qualified Security Assessor and contributing member of the PCI Security Council’s special interest group on virtualization and cloud security. His career experience includes roles as the CEO of a pioneering network security company and a senior consultant at PWC. He is the President of InfraGard Atlanta, past Executive Board member of ISACA Atlanta, and has been active in the Technology Association of Georgia for over fifteen years. Trevor holds a Bachelor of Commerce from the University of the Witwatersrand, Johannesburg, South Africa with a triple major in Accounting, Information Systems, and Business Law. Connect LinkedIn trevorhorwitz
  • 6. SUPPORT OUR SPONSORS TrustNet helps businesses build trusted relationships with their customers, partners, and employees by providing CyberSecurity and Compliance services and solutions  Managed Security Services  Compliance – PCI QSA, SOC, HIPAA, FISMA, ISO, SOX  Security Consulting – Penetration Testing  Awareness Training www.TrustNetInc.com The Cyber Security Summit, an exclusive C-Suite conference series, connects senior level executives responsible for protecting their companies’ critical infrastructures with innovative solution providers and renowned information security experts. www.CyberSummitUSA.com
  • 7. 1. Ransomware on the Rise 2. Back to Basics - we’re still playing defense 3. The Target is Expanding 4. The New Face of Threat Modelling 5. Breached – Now what? 6. Extending Your Security Team 7. Threat Detection – It’s still a thing AGENDA
  • 8. 1. Yes, the presentation will be available after the webinar ends. We will email you a link to the recording in the next day or so. 2. If you have a question, send it to us in the chat window on the left side of your screen! FAQ’S
  • 9. RANSOMWARE ON THE RISE The earliest known ransomware was devised by Joseph Popp. Popp wrote the “AIDS” Trojan (aka PC Cyborg) in 1989
  • 10. RANSOMWARE ON THE RISE  Backup, backup, backup  Maintain vigilance with anti-spam and anti-malware s/w  Train users to be suspicious of email  Check sender addresses  Check content of messages  Avoid clicking links in email  Keep all software patched and up-to-date  Practice you incident response plan with a ransomware scenario  Setup a bitcoin account, just in case
  • 11. BACK TO BASICS we’re still playing defense, but not very well
  • 12. BACK TO BASICS we’re still playing defense, but not very well  Authentication  Multi factor is an emerging standard, even for local network access  Firewalls, routers, IDS/IPS  Endpoints - anti-malware, secure browsers, file integrity monitoring  Software updates and patching  Yes, we know it’s tedious and you hate it  Encryption  Data at rest and in motion, even on the corporate network  Monitoring - log management, threat management, vulnerability management  Don’t have the capabilities and resources? Consider Managed Security Services
  • 13. THE TARGET IS EXPANDING – DATA IS TOXIC Data breaches average $154 per record, while the average cost per data breach has reached $3.79MM
  • 14. THE TARGET IS EXPANDING – DATA IS TOXIC  Cloud and Big Data - a marriage made in heaven is heading for a break-up  Focus on data ex-filtration and DLP is not enough  Many organization have no idea where all their data resides  Risk of storing some types of data may exceed its value to the organization  Some data types have diminishing returns  Tokenization highly recommended  Treating data as toxic will change the security posture
  • 15. THE NEW FACE OF THREAT MODELLING  Threat Modeling Approaches  Software-centric  Asset-centric  Attacker-centric
  • 16. THE NEW FACE OF THREAT MODELLING Process  Decompose the application/network/system  Identification and classification, external dependencies, entry points, assets, trust levels  Identify and rank threats  STRIDE (spoofing, tampering, repudiation, information disclosure, denial of service, elevation of privilege)  DREAD risk ranking (damage potential, reproducibility, exploitability, affected users, discoverability)  Develop countermeasures and mitigation  OWASP Application Threat Modeling  https://www.owasp.org/index.php/Application_Threat_Modeling
  • 17. ATLANTA CYBER SECURITY SUMMIT Wednesday, April 6, 2016 9:00 AM to 6:00 PM The Ritz-Carlton Buckhead The Cyber Security Summit, an exclusive C-Suite conference series, connects senior level executives responsible for protecting their companies’ critical infrastructures with innovative solution providers and renowned information security experts. “Special Offer for InfraGard Members” http://cybersummitusa.com/atlanta-2016/
  • 19. BREACHED – NOW WHAT?  Build security resilience and elasticity into architecture  Automation – incident detection and response  Interoperability – distributed detection across the network  Authentication – trusted communication and collaboration  Resilience cycles  Pre-disruption – scan and eliminate vulnerabilities  During Disruption– rapid automated response  Post Disruption– reshape the environment new  Technical tools to achieve this are not mature  Software-Defined Networking may be the catalyst
  • 20. OUR PANELISTS Trevor HorwitzJoseph Dyer Jr. LinkedIn josephdyer LinkedIn trevorhorwitz LinkedIn wardpyles Ward Pyles
  • 21. EXTENDING YOUR SECURITY TEAM Malicious cyber attacks cost US $300 B to US $ 1Trillion a year Demand for information security professionals is expected to grow by 53% by 2018
  • 22. EXTENDING YOUR SECURITY TEAM  Shortage of resources can’t be fixed in the short term  Coopting resources – the “extended security team”  Leveraging non-security team personnel as security champions/advocates  Build security into organizational culture  Educate employees – #WeAreAllSecurity  Reward positive behavior  Outsourcing  Managed Security Services  Co-Managed Security
  • 23. THREAT DETECTION – IT’S STILL A THING
  • 24. THREAT DETECTION – IT’S STILL A THING  Three pillars of threat detection  Visibility  Real time collection  Identity  Accurate identification  Automate analysis  Risk  Escalate response based on risk  Get serious about vulnerability scanning  More frequent penetration testing
  • 25. SUPPORT OUR SPONSORS TrustNet helps businesses build trusted relationships with their customers, partners, and employees by providing CyberSecurity and Compliance services and solutions  Managed Security Services  Compliance – PCI QSA, SOC, HIPAA, FISMA, ISO, SOX  Security Consulting – Penetration Testing  Awareness Training www.TrustNetInc.com The Cyber Security Summit, an exclusive C-Suite conference series, connects senior level executives responsible for protecting their companies’ critical infrastructures with innovative solution providers and renowned information security experts. www.CyberSummitUSA.com
  • 26. THE RECAP 1. Prepare for a ransomware attack 2. Revisit your defensive strategy 3. Revaluate what data you retain 4. Improve your threat modelling 5. Develop a resilience strategy 6. Extend your security team 7. Assess your threat detection capabilities