The document discusses the establishment and services of Ireland's first CSIRT, iriss-cert, which provides free information security support and coordination. It highlights key achievements in cybersecurity, trends in incidents, and the importance of better security practices to combat rising threats. The emphasis is on learning from past incidents to improve organizational security measures.

1. Helping You Piece IT Together
http://www.bhconsulting.ie info@bhconsulting.ie
Learning From History

2. Who is Brian Honan?

3. Who is Brian Honan?

4. What is IRISS-CERT?
 Ireland’s First CSIRT
(Computer Security Incident Response Team)
 Provide Services On Information Security
 Services Provided Free of Charge
 Not For Profit Organisation

5. Services Offered
 Irish Focused Alerts and Warnings
Vulnerability Awareness
Incident Awareness
Sanitised Attack Notifications
Coordination Service
 Irish Focused Research
Trends and Metrics
General Awareness
 Knowledge Sharing
Informal discussion
Information Sharing & Dissemination

6. 2004 – The Journey Began

7. What’s Missing?

8. Not a Fair Fight !

9. Stakeholders

10. 2008 IRISS Is Born

11. IRISSCERT Team

12. Affiliations

13. Affiliations

14. IRISSCERT Achievements
Finalist in Best Information
Security Team Category

15. IRISSCERT SmileIreland

16. IRISSCERT SmileIreland

17. Other Key Achievements
 Verizon Databreach Investigations Report
(DBIR) 2012 & 2013
 Assisted NHTCU In Bredolab Cleanup
 Hosted Transits Training for 35 CERT Personnel
From Around Europe
 DNS Changer Cleanup
 Participated in A CERT Exercises
 Coordinated Vulnerability Disclosures (CNI,
vendors, & websites)

18. Infosec Certainties

19. Recognised Threat

20. Recognised Threat
“the cyber threat to our nation
is one of the most serious
economic and national
security challenges we face.”
"industrial-scale processes
involving many thousands of
people lying behind both state
sponsored cyber espionage and
organised cyber crime".

21. Traditional IT Security

22. Ancient Security

23. Ancient Security

24. Fortified Perimeter

25. Ingress/Egress Points

26. Layered Security

27. Perimeter Defences

28. Good Against

29. And

30. But Not Against

31. Or

32. Or

33. So In Reality Is Like

34. Crack the Outer Shell

35. Verizon DBIR

36. Breach Detection
69%
22%
9%
Detected by 3rd Party
Detected by Org
Detected by Customer
Source: Verizon DBIR 2013

37. Time To Discover Breach
34%
4%
62%
Less than A month
Years or More
Months or More
Source: Verizon DBIR 2013

38. Difficulty
78%
22%
Not Difficult
Moderate to Difficult
Source: Verizon DBIR 2013

39. 2012 - Incidents

40. 2012 - Incidents
Phishing,
74%
Malware,
19%
Other,
7%

41. 2012 - Incidents
Org Crime,
95%
Other, 5%

42. 2012 - Incidents
 Increase in Targeted Attacks
 Increase in DDOS Attacks
 Increase in Activism
 Ransomware Attacks

43. 2012 - Incidents
 Root Cause
 Poor Passwords
 Missing Patches
 Vulnerabilities
 Web Platforms
 Out of Data Anti-Virus Software
 Lack of Monitoring

44. Learning from The Past

45. Understand Your Business

46. Don’t Forget The Basics

47. Patching

48. Strong Passwords (2FA?)

49. Anti-Virus

50. Monitor Logs

51. Harden Systems

52. Use Security Tools

53. Segment Your Information

54. Analyse Network Patterns

55. Train Staff & Partners

56. Use Open Source Data

57. Set Traps

58. Share with Peers
http://www.veriscommunity.net/doku.php

59. Questions ?