5. <#>
This is why it really sucks!
• Facebook Single Sign-on affected
• Annuity Attack Issues
• User Apathy
6. <#>
2018 – 2019 Cyber Security Trends
• We expect to see up to a 60%
increase, with an increase in
sophistication.
• Contributing Factors:
• Very automated and opportunistic
= low upfront cost.
• Easily monetized
• Integrates well with other attack
goals.
• Security budgets appear stagnate,
board stakeholder interest waning,
breaches generally viewed as BAU
• Contributing Factors:
• Lack of vendor innovation
• EDR market saturation – confusing
consumers
• Recent huge breaches, including
Equifax
Ransomware Increase Stakeholder Apathy
7. <#>
2018 – 2019 Cyber Security Trends
• Expect to see significant
increase in the number and
sophistication of these attacks.
• Contributing Factors:
• Wild west development, minimal
standards
• Widespread consumer adoption
• Easily integrated into multi vector
attacks (WFH bridge)
• Expect to see attackers shift
to more targeted attacks, by
leveraging new and cheap
data analysis tools (Python,
R, Power BI)
• Contributing Factors
• Cyber crime business model
• More effective use of available
resources, higher ROI.
IOT Exploitation Leveraging Big Data
8. <#>
2018 – 2019 Cyber Security Trends
• Security Resources tend to be only
available during concern about a
breach or immediately following a
breach.
• Contributing Factors:
• Security, Compliance, and
Governance are cost centers, not
profit centers.
• ROI is rarely captured effectively and
the “story” isn’t told well.
• Attackers will continue to
leverage mis managed cloud
infrastructure.
• Contributing Factors
• Poor design and implementation –
rush to deploy
• Misperception of XaaS
technology and management
• Poorly secured middle layer
(Mesos) and transport layers
Sec Resource Scarcity March to the Cloud
9. <#>
Increased Staffing
The Issue - Funding
Training
Professional Services
Security Tools
As a Service
$ $ $
$ $ $
$ $ $
$ $ $
$ $ $
10. <#>
Choose your battles wisely.
Avoid spending on knee
jerk, point solutions.
What to Do …
Focus on your risk.
Remember, hackers tend to
opportunistic first.
Back to the basics. Security hygiene, risk
assessments, user awareness training.
Get involved with other IT areas and
departments. What is the near term and long
term IT strategy and how can it be secured.
Demonstrate value (metrics, KPIs, show up!
12. <#>
• Relating the funding need to the business
• Understanding your audience
• Supporting the case with data
• What is the cost to do nothing?
Building the Case
18. <#>
Who Has to Comply with PCI?
• All merchants and service providers who store, transmit, or process
credit cards must comply with all requirements.
• A merchant cannot outsource its PCI DSS responsibility
• Merchants CAN outsource operational responsibility for maintaining security
controls
• The card brands have outlined various reporting levels based on
volume of card transactions.
• Acquirer will determine a merchant’s reporting level and reporting obligations
• Merchant may have more than one acquirer (merchant ID)
19. <#>
Significant Changes for Service Providers
Security Controls Monitoring (Requirements 10.8 and 10.8.1)
The following processes need to be added to the incident response/problem
management programs:
• Restoring security functions
• Identifying and documenting the duration of the security failure
• Identifying and documenting the cause(s) of failure, including the root cause
and documenting remediation required to address the root cause
• Identifying and addressing any security issues that arose during the failure
• Performing a risk assessment to determine whether further actions are
required as a result of the security failure
• Implementing controls to prevent the cause of failure from reoccurring
• Resuming monitoring of security controls
22. <#>
PCI DSS 3.0 Req:1.1.2, 1.1.3 Diagrams
CDE Data Flow Network Diagram of CDE
23. <#>
Connect with IE!
Visit us online at: www.ineteng.com
Follow us on social media: Twitter | LinkedIn
Join us at one of our next Security User Groups
in Charlotte or Raleigh
Seems opportunistic – but Facebook is interesting ….
&lt;number&gt;
Were you affected? Chances are, you were.
&lt;number&gt;
The increased use of Facebook as an authentication tool has increased the affected user base exponentially.
&lt;number&gt;
Orchestration and Scheduling are key components of a cloud model, usually facilitated by Mesos (Middle Atmosphere) using the Apache model and now the Kubernets model
&lt;number&gt;
With dozens of EDR solutions to choose from, with wildly different feature sets and operational functionality, how do you even begin to narrow the field and choose the best fit solution? Especially given that these solutions are so very expensive, possibly accounting for up to 15% – 25% of the security budget.
&lt;number&gt;
Security controls, including EDR solutions, should be commiserate to the relative risk to the organization. If you have a large amount of risk associated with the endpoints, then you should consider an EDR solution. If your data, including user generated data, is housed on servers or cloud infrastructure and the endpoint is little more than an input device, why waste the money?
A good Security Risk Assessment performed by experienced and trained assessors, such as the Strategic Consulting group at Internetwork Engineering, can save you money. Ask us about the ROI on a Security Risk Assessment.
&lt;number&gt;
Many organizations associate Business Continuity and Disaster Recovery with natural disasters and align it to the data center. NEWS FLASH: A Cyber Breach or Incident is a BC/DR situation and you better have your security team involved. Ever wonder why the average time to recover from a breach is &gt;30 days? Now you know!
&lt;number&gt;
When your assessor is reviewing your network diagram and data flow diagram, they are verifying that your organization knows where your assets are located and how the connections in to and out of those environments exist. Your network documentation should include things such as:
Methods used for controlling traffic in and out of your network
Where your firewalls are located
Where your routers and switches are located
Intrusion Detection Systems (IDS)/Intrusion Prevention Systems (IPS)
Demilitarized Zone (DMZ)
Applications
Anti-virus
Wireless Networks
Remote access points
Operating systems
Email servers
DNS servers
Databases
&lt;number&gt;