ITP - Information Technology Professionals, profile picture
Uploaded byITP - Information Technology Professionals
PPTX, PDF567 views

Private Date and PRYING Eyes - Talking Cybersecurity at After Work Network

Viruses, malware, and cyber attacks are increasingly sophisticated threats. The document discusses the history of security issues like spam and botnets. It defines common types of malware like rootkits, trojans, and ransomware. The document examines notable data breaches and the most active current malware. It profiles the adversaries behind attacks and the countries most targeted. The anatomy of a hack is outlined, and statistics about breach detection times and costs are provided. Examples show security risks for small businesses and risks of unsecured mobile devices. The document promotes managed security services and assessments to bolster protection beyond antivirus and firewalls alone.

Embed presentation

Download to read offline
By Paul Hager, CEO Information Technology Professionals
Your Questions Answered Today ā€¢ Who is that is writing all these viruses? ā€¢ Why do they do it? ā€¢ I have Anti Virus and a Firewall so my company is safe, right? ā€¢ What do you do to keep our company data safe?
Vocabulary: ā€“ Rootkit ā€“ Virus that provides unauthorized access to a remote system ā€“ Trojan - a piece of software that looks like it is doing what the user thought, but in reality it is malware designed to infect the user's PC. It is named after the horse that the Greeks used in the Trojan War, as detailed in Virgil's Latin epic poem The Aeneid. ā€“ Ransomeware ā€“ virus used to demand payment ā€“ BOTNET ā€“ Network of infected computers used to send SPAM or DDoS attacks ā€“ DDoS ā€“ Denial of Service. Volumes of junk traffic to prevent the good traffic from getting through
A Brief History of Security ā€¢ The first SPAM email in 1978 ā€¢ Name does come from Monty Python ā€¢ Grows in the 90ā€™s and early 2000ā€™s ā€¢ SPAM exists to sell: ā€“ Adult Content ā€“ Pharma ā€¢ Major Botnet and ISP take downs in 2008 but they strive on
A Brief History of Security ā€¢ Only stopped byā€¦. ā€“ VISA and MASTERCARD ā€¢ Now what? ā€¢ Viruses ā€¢ Ransomware ā€¢ BOTNETS
A Brief History of Security ā€¢ New Currency in a new modern black market Bitcoins ā€¢ Bit mining is the new money laundering ā€¢ The Onion Router Network ā€¢ The Darknet
Where is it sold?
State of the State of Security ā€¢ 65 Adversaries, 36 most active ā€¢ Increase in Ransomware ā€¢ Increase in sophistication ā€¢ POS Targeting Credit Card Track Data in memory ā€¢ Phone scams on the rise (https://www.youtube.com/watch?v=sz0cEo2h3f8) ā€¢ More Damage Than Ever ā€¢ XP EOL and Server 2003 EOL ā€¢ http://map.ipviking.com
Review of Recent Noteable Breaches http://www.informationisbeautiful.net /visualizations/worlds-biggest-data- breaches-hacks/ ā€¢ Target ā€¢ Sony ā€¢ Home Depot ā€¢ 477 million identities/accounts have been compromised in the last 12 months.
Sony
Sony Part 2 ā€¢ DDoS ā€¢ Lizard Squad ā€¢ DDoS for hire for $40 take down a competitor ā€¢ Average cost for DDoS event defense is $40,000 ā€¢ Believed to be captured
The Adversary
The Adversary ā€¢ Criminal ā€¢ Hacktivist ā€¢ State-sponsored ā€¢ Nationalist
Countries Most Attacked
Most Active Malware
PlugX ā€¢ Commonly delivered via a spear phishing attack. ā€¢ Comes from zero day from last March, CVE-2014-1761, which exploits vulnerable Microsoft RTF or Word documents. ā€¢ Others make use of well-worm holes like CVE-2012-0158 in PowerPoint and Excel, that were also used by the IceFog, Red October, and Cloud Atlas attacks. ā€¢ While some of the groups using PlugX have gone out of their way to register new domains for leveraging the malwareā€™s C+C, many domains from the last several years remain active
Cryptolocker aka Cryptowall ā€¢ First version taken down in June of 2014 with the ZeusBot Net going down ā€¢ No longer uses BOTNETS uses P2P ā€¢ Polymorhpic and self registering Domain names ā€¢ Locking Computer Screens ā€¢ AV wonā€™t prevent it
Anatomy of a Hack Footprinting ā€¢ DNS WHOIS ā€¢ Website Scanning ā€¢ NAMP Scan Enumeration ā€¢ Probe open ports phish for data Gaining Access ā€¢ Password Sniffing, Penatration, Brute Force Escalating privilege ā€¢ Known Exploits Pilfering ā€¢ Gather information and use it to re- enumerate and steal data Covering Tracks ā€¢ Delete log files ā€¢ Hide tools Create Backdoors DDoS Steps 1-4 take less than a week on average
Other Security Statistics that Will Scare You ā€¢ The Average time to detection is 271 days ā€¢ https://databreachcalculator.com ā€¢ Average is around $200 per record Source: Crowdstrike.com
Just an Enterprise Problem Right? ā€¢ No ā€¢ As a percentage of revenue a single HIPPA or PCI fine could be worse than the Target breach for small to midsized company
Example: Dental Practice in Madison ā€¢ Virus Leads to Customer Database being compromised ā€¢ Patient Information Breach ā€¢ HIPPA fines total $130,000 for a 11 person office
Example: Commercial Business in Madison ā€¢ Virus keylogged CFOā€™s machine for months ā€¢ Executed valid wire transfer from his PC to offshore account ā€¢ Only stopped because of the bank
Example: Importance of Security With mobile Employees ā€¢ In 2009, the FBI told Coca-Cola executives that hackers had broken into their computer systems and spent a month "pilfering sensitive files" about Coke's "attempted $2.4 billion acquisition of China Huiyuan Juice Group,ā€ ā€¢ The subject line on the email was "Save power is save money! (from CEO) ā€¢ Gave hackers full access to Etchells's computer ā€¢ Once in control of the computer, the hackers installed various other programs, gaining access to the company's corporate network and using Etchells's machine as a staging point to store and download data taken from other computers.ā€ http://www.networkworld.com/article/2223443/microsoft-subnet/coca- cola-hacked-by-chinese-and-kept-it-a-secret.html
Firewall and AV is Not Enough ā€¢ Need threat intelligence ā€¢ You will be breached its how quickly you respond
ITP Your Outsourced CISO
ITP Offerings ā€¢ Yes we do Strategic, Support & Project ā€¢ We have a security practice ā€¢ Assessment ā€¢ Remediation ā€¢ Ongoing Protection
Solutions ā€¢ ITP Managed Security Service Packages ā€¢ ITP Managed Security products ā€¢ Assessments ā€“ PCI DSS ā€“ HIPPA ā€“ SOX ā€“ NIST ā€“ FISMA
Assessment Process (NIST) Step 1 CATEGORIZE Information System Step 2 SELECT Security Controls Step 3 IMPLEMENT Security Controls Step 4 ASSESS Security Controls Step 5 AUTHORIZE Information System Step 6 MONITOR Security Controls
Parting Personal Security Tips ā€¢ Credit monitoring for your kids ā€¢ Use DuckDuckGo.com for your search engine ā€¢ IP Vanish as a personal VPN solution if you donā€™t have a corporate network ā€¢ Enable Privacy Protections on your devices and in your browsers ā€¢ Donā€™t use public wifi especially when travelling
Contact Info ā€¢ Bill Henry, VP of Sales ā€¢ bhenry@itprosusa.com ā€¢ 414-453-7100

More Related Content

PPT
News Bytes June 2012
byn|u - The Open Security Community
Ā 
PPTX
The EU Data Protection Regulation and what it means for your organization
bySophos Benelux
Ā 
PPTX
News Bytes - May 2015
byn|u - The Open Security Community
Ā 
PPTX
Study on Zeus Banking Malware
byShaik Anisa
Ā 
PDF
Internet of things, New Challenges in Cyber Crime
byMurray Security Services
Ā 
PDF
E Fraud And Predictive Forensic Profiling Reducing Losses By Combining Sci...
byStefano Maria De' Rossi
Ā 
PPTX
Protect the Unexpected
byCharles Mok
Ā 
PDF
5 Critical Steps to Handling a Security Breach
bySeculert
Ā 
News Bytes June 2012
byn|u - The Open Security Community
Ā 
The EU Data Protection Regulation and what it means for your organization
bySophos Benelux
Ā 
News Bytes - May 2015
byn|u - The Open Security Community
Ā 
Study on Zeus Banking Malware
byShaik Anisa
Ā 
Internet of things, New Challenges in Cyber Crime
byMurray Security Services
Ā 
E Fraud And Predictive Forensic Profiling Reducing Losses By Combining Sci...
byStefano Maria De' Rossi
Ā 
Protect the Unexpected
byCharles Mok
Ā 
5 Critical Steps to Handling a Security Breach
bySeculert
Ā 

What's hot

PPT
Top 10 most famous hackers of all time
byPRESENTATIONSFORESL
Ā 
PPTX
I want to be a cyber forensic examiner
byNeeraj Aarora
Ā 
PDF
AECF: A Look into Cyber Crime - Doomsday Preppers for the Naked and Afraid
byPhil Agcaoili
Ā 
PPT
Lumension Security - Adjusting our defenses for 2012
byAndris Soroka
Ā 
PPTX
Vulnerability Intelligence - Standing Still in a world full of change
byEoin Keary
Ā 
PPTX
Cyber-Espionage: Understanding the Advanced Threat Landscape
byAaron White
Ā 
PPT
network security lec2 ccns
byDanish Mahmood
Ā 
PDF
Cyber Attack Phase Progression
byWilliam Kiss
Ā 
PPTX
Fundamental of ethical hacking
byWaseem Rauf
Ā 
PDF
Mobile Security
byXavier Mertens
Ā 
PPT
Hacking
bythajmohammed
Ā 
PDF
Frontier Secure: Handout for small business leaders on "How to be Secure"
byFrontier Small Business
Ā 
PPTX
CyberCrime attacks on Small Businesses
byJose L. QuiƱones-Borrero
Ā 
PPTX
Cyber Security for Financial Planners
byMichael O'Phelan
Ā 
PDF
Symantec Mobile Security Whitepaper June 2011
bySymantec
Ā 
PDF
The Secret Of Hacking Trial Pages
byleoimpact
Ā 
PPTX
Introduction to cybercrime
bypatelripal99
Ā 
PDF
Outlook Briefing 2016: Cyber Security
byMastel Indonesia
Ā 
PPT
Jitter Bugslec
byscottdp3
Ā 
PDF
Incident handling of cyber espionage
byMarie Elisabeth Gaup Moe
Ā 
Top 10 most famous hackers of all time
byPRESENTATIONSFORESL
Ā 
I want to be a cyber forensic examiner
byNeeraj Aarora
Ā 
AECF: A Look into Cyber Crime - Doomsday Preppers for the Naked and Afraid
byPhil Agcaoili
Ā 
Lumension Security - Adjusting our defenses for 2012
byAndris Soroka
Ā 
Vulnerability Intelligence - Standing Still in a world full of change
byEoin Keary
Ā 
Cyber-Espionage: Understanding the Advanced Threat Landscape
byAaron White
Ā 
network security lec2 ccns
byDanish Mahmood
Ā 
Cyber Attack Phase Progression
byWilliam Kiss
Ā 
Fundamental of ethical hacking
byWaseem Rauf
Ā 
Mobile Security
byXavier Mertens
Ā 
Hacking
bythajmohammed
Ā 
Frontier Secure: Handout for small business leaders on "How to be Secure"
byFrontier Small Business
Ā 
CyberCrime attacks on Small Businesses
byJose L. QuiƱones-Borrero
Ā 
Cyber Security for Financial Planners
byMichael O'Phelan
Ā 
Symantec Mobile Security Whitepaper June 2011
bySymantec
Ā 
The Secret Of Hacking Trial Pages
byleoimpact
Ā 
Introduction to cybercrime
bypatelripal99
Ā 
Outlook Briefing 2016: Cyber Security
byMastel Indonesia
Ā 
Jitter Bugslec
byscottdp3
Ā 
Incident handling of cyber espionage
byMarie Elisabeth Gaup Moe
Ā 

Similar to Private Date and PRYING Eyes - Talking Cybersecurity at After Work Network

PDF
Information security
byAppin Faridabad
Ā 
PPT
C3
byPraveen Malisetty
Ā 
PPT
Hackers Cracker Network Intruder
byErdo Deshiant Garnaby
Ā 
PPT
How to become Hackers .
byGreater Noida Institute Of Technology
Ā 
PPTX
What's New In CompTIA Security+ - Course Technology Computing Conference
byCengage Learning
Ā 
PPT
Information security in todays world
bySibghatullah Khattak
Ā 
PPSX
csa2014 IBC
byapyn
Ā 
PPT
Hackers
byyozusaki
Ā 
PPT
Hackers
byguesta04f59b
Ā 
PPT
Hackers
byAlvaro Cipriano
Ā 
PPTX
It security the condensed version
byBrian Pichman
Ā 
PPT
Hackers
byMohamed Boudchiche
Ā 
PPT
Direct infection: virus can infect files every time a user opens that specif...
byBUSHRASHAIKH804312
Ā 
PPT
cybertestqas.ppt
byJacobJose37
Ā 
PPT
Cyber-Security]shhsjjsjsjdjdjjddjjdjh.ppt
byAjitGouda4
Ā 
PPT
Cyber-Security-20211013105857.ppt
byUmeshBansal18
Ā 
PPT
Cyber-Security-.ppt
bymabiratu
Ā 
PPT
cs0123.ppt
byHeroZero12
Ā 
PPTX
Cyber-Security.ppt
bychandakujjwal6
Ā 
PPT
Cyber-Security-20211013105857.ppt
byssuser77bda9
Ā 
Information security
byAppin Faridabad
Ā 
C3
byPraveen Malisetty
Ā 
Hackers Cracker Network Intruder
byErdo Deshiant Garnaby
Ā 
How to become Hackers .
byGreater Noida Institute Of Technology
Ā 
What's New In CompTIA Security+ - Course Technology Computing Conference
byCengage Learning
Ā 
Information security in todays world
bySibghatullah Khattak
Ā 
csa2014 IBC
byapyn
Ā 
Hackers
byyozusaki
Ā 
Hackers
byguesta04f59b
Ā 
Hackers
byAlvaro Cipriano
Ā 
It security the condensed version
byBrian Pichman
Ā 
Hackers
byMohamed Boudchiche
Ā 
Direct infection: virus can infect files every time a user opens that specif...
byBUSHRASHAIKH804312
Ā 
cybertestqas.ppt
byJacobJose37
Ā 
Cyber-Security]shhsjjsjsjdjdjjddjjdjh.ppt
byAjitGouda4
Ā 
Cyber-Security-20211013105857.ppt
byUmeshBansal18
Ā 
Cyber-Security-.ppt
bymabiratu
Ā 
cs0123.ppt
byHeroZero12
Ā 
Cyber-Security.ppt
bychandakujjwal6
Ā 
Cyber-Security-20211013105857.ppt
byssuser77bda9
Ā 

Recently uploaded

PDF
Explaining the flow of purpose-specific BOM
byakipii ogaoga
Ā 
PPTX
Beyond the Algorithm: Designing Human-Centric Public Service with AI
byAlan Dix
Ā 
PPT
Introduction to Risk Based Inspection API-580 & 581
byumerfaiz99
Ā 
PDF
Self-Correction Failure Diagnostic: Detecting Drift in Complex Systems
bySystems Research Group
Ā 
PPTX
Retrieval Augmented Generation- The Synergistic Power of Prompt Engineering
bySemantic SEO BD
Ā 
PDF
Designing a Blog Using Wordpress
bymarkzubi50
Ā 
PDF
Rustici Software: eLearning standards in the age of AI
byRustici Software
Ā 
PDF
Analyze and Preserve Logs - RHCSA (RH134).pdf
byLinuxCert Guru
Ā 
PDF
Advanced SELinux Management - RHCSA (RH134).pdf
byLinuxCert Guru
Ā 
PDF
How does MES(Manufacturing Execution System) work?
byakipii ogaoga
Ā 
PPTX
Do You Control the AI, or Does the AI Control You?
bymedhateltoukhy
Ā 
PDF
The Manifesto for AI-enabled Governance !
byYannis Charalabidis
Ā 
PDF
AI for Risk Management & Fraud Detection ppt.pdf
byalexmartincaneda
Ā 
PPTX
TravelTech Paris 2025 | Beyond the pipes: Why Channel Management isnā€™t really...
byapidays
Ā 
PDF
UiPath Automation Developer Associate Training Series 2026 - Session 3
byDianaGray10
Ā 
PDF
Traditional-Security-Models-No-Longer-Work.pptx (1).pdf
byOhhproJunction
Ā 
PPTX
Computer architecture, Computer architecture ,Computer architecture
bywaheedqazi123
Ā 
PDF
Configure and Manage Systemd Timers- RHCSA (RH134).pdf
byLinuxCert Guru
Ā 
PPTX
Automation Without Apprentices: How AI Challenges the Open Source Way
byIcinga
Ā 
PDF
From DeFi POC to Production MVP - A 12-16 Week Blueprint.pdf
byniahiggins21
Ā 
Explaining the flow of purpose-specific BOM
byakipii ogaoga
Ā 
Beyond the Algorithm: Designing Human-Centric Public Service with AI
byAlan Dix
Ā 
Introduction to Risk Based Inspection API-580 & 581
byumerfaiz99
Ā 
Self-Correction Failure Diagnostic: Detecting Drift in Complex Systems
bySystems Research Group
Ā 
Retrieval Augmented Generation- The Synergistic Power of Prompt Engineering
bySemantic SEO BD
Ā 
Designing a Blog Using Wordpress
bymarkzubi50
Ā 
Rustici Software: eLearning standards in the age of AI
byRustici Software
Ā 
Analyze and Preserve Logs - RHCSA (RH134).pdf
byLinuxCert Guru
Ā 
Advanced SELinux Management - RHCSA (RH134).pdf
byLinuxCert Guru
Ā 
How does MES(Manufacturing Execution System) work?
byakipii ogaoga
Ā 
Do You Control the AI, or Does the AI Control You?
bymedhateltoukhy
Ā 
The Manifesto for AI-enabled Governance !
byYannis Charalabidis
Ā 
AI for Risk Management & Fraud Detection ppt.pdf
byalexmartincaneda
Ā 
TravelTech Paris 2025 | Beyond the pipes: Why Channel Management isnā€™t really...
byapidays
Ā 
UiPath Automation Developer Associate Training Series 2026 - Session 3
byDianaGray10
Ā 
Traditional-Security-Models-No-Longer-Work.pptx (1).pdf
byOhhproJunction
Ā 
Computer architecture, Computer architecture ,Computer architecture
bywaheedqazi123
Ā 
Configure and Manage Systemd Timers- RHCSA (RH134).pdf
byLinuxCert Guru
Ā 
Automation Without Apprentices: How AI Challenges the Open Source Way
byIcinga
Ā 
From DeFi POC to Production MVP - A 12-16 Week Blueprint.pdf
byniahiggins21
Ā 

Private Date and PRYING Eyes - Talking Cybersecurity at After Work Network

  • 1.
    By Paul Hager,CEO Information Technology Professionals
  • 2.
    Your Questions AnsweredToday ā€¢ Who is that is writing all these viruses? ā€¢ Why do they do it? ā€¢ I have Anti Virus and a Firewall so my company is safe, right? ā€¢ What do you do to keep our company data safe?
  • 3.
    Vocabulary: ā€“ Rootkit ā€“Virus that provides unauthorized access to a remote system ā€“ Trojan - a piece of software that looks like it is doing what the user thought, but in reality it is malware designed to infect the user's PC. It is named after the horse that the Greeks used in the Trojan War, as detailed in Virgil's Latin epic poem The Aeneid. ā€“ Ransomeware ā€“ virus used to demand payment ā€“ BOTNET ā€“ Network of infected computers used to send SPAM or DDoS attacks ā€“ DDoS ā€“ Denial of Service. Volumes of junk traffic to prevent the good traffic from getting through
  • 4.
    A Brief Historyof Security ā€¢ The first SPAM email in 1978 ā€¢ Name does come from Monty Python ā€¢ Grows in the 90ā€™s and early 2000ā€™s ā€¢ SPAM exists to sell: ā€“ Adult Content ā€“ Pharma ā€¢ Major Botnet and ISP take downs in 2008 but they strive on
  • 5.
    A Brief Historyof Security ā€¢ Only stopped byā€¦. ā€“ VISA and MASTERCARD ā€¢ Now what? ā€¢ Viruses ā€¢ Ransomware ā€¢ BOTNETS
  • 6.
    A Brief Historyof Security ā€¢ New Currency in a new modern black market Bitcoins ā€¢ Bit mining is the new money laundering ā€¢ The Onion Router Network ā€¢ The Darknet
  • 7.
  • 8.
    State of theState of Security ā€¢ 65 Adversaries, 36 most active ā€¢ Increase in Ransomware ā€¢ Increase in sophistication ā€¢ POS Targeting Credit Card Track Data in memory ā€¢ Phone scams on the rise (https://www.youtube.com/watch?v=sz0cEo2h3f8) ā€¢ More Damage Than Ever ā€¢ XP EOL and Server 2003 EOL ā€¢ http://map.ipviking.com
  • 9.
    Review of RecentNoteable Breaches http://www.informationisbeautiful.net /visualizations/worlds-biggest-data- breaches-hacks/ ā€¢ Target ā€¢ Sony ā€¢ Home Depot ā€¢ 477 million identities/accounts have been compromised in the last 12 months.
  • 10.
  • 11.
    Sony Part 2 ā€¢DDoS ā€¢ Lizard Squad ā€¢ DDoS for hire for $40 take down a competitor ā€¢ Average cost for DDoS event defense is $40,000 ā€¢ Believed to be captured
  • 12.
  • 13.
    The Adversary ā€¢ Criminal ā€¢Hacktivist ā€¢ State-sponsored ā€¢ Nationalist
  • 14.
  • 15.
  • 16.
    PlugX ā€¢ Commonly deliveredvia a spear phishing attack. ā€¢ Comes from zero day from last March, CVE-2014-1761, which exploits vulnerable Microsoft RTF or Word documents. ā€¢ Others make use of well-worm holes like CVE-2012-0158 in PowerPoint and Excel, that were also used by the IceFog, Red October, and Cloud Atlas attacks. ā€¢ While some of the groups using PlugX have gone out of their way to register new domains for leveraging the malwareā€™s C+C, many domains from the last several years remain active
  • 17.
    Cryptolocker aka Cryptowall ā€¢First version taken down in June of 2014 with the ZeusBot Net going down ā€¢ No longer uses BOTNETS uses P2P ā€¢ Polymorhpic and self registering Domain names ā€¢ Locking Computer Screens ā€¢ AV wonā€™t prevent it
  • 18.
    Anatomy of aHack Footprinting ā€¢ DNS WHOIS ā€¢ Website Scanning ā€¢ NAMP Scan Enumeration ā€¢ Probe open ports phish for data Gaining Access ā€¢ Password Sniffing, Penatration, Brute Force Escalating privilege ā€¢ Known Exploits Pilfering ā€¢ Gather information and use it to re- enumerate and steal data Covering Tracks ā€¢ Delete log files ā€¢ Hide tools Create Backdoors DDoS Steps 1-4 take less than a week on average
  • 19.
    Other Security Statisticsthat Will Scare You ā€¢ The Average time to detection is 271 days ā€¢ https://databreachcalculator.com ā€¢ Average is around $200 per record Source: Crowdstrike.com
  • 20.
    Just an EnterpriseProblem Right? ā€¢ No ā€¢ As a percentage of revenue a single HIPPA or PCI fine could be worse than the Target breach for small to midsized company
  • 21.
    Example: Dental Practicein Madison ā€¢ Virus Leads to Customer Database being compromised ā€¢ Patient Information Breach ā€¢ HIPPA fines total $130,000 for a 11 person office
  • 22.
    Example: Commercial Businessin Madison ā€¢ Virus keylogged CFOā€™s machine for months ā€¢ Executed valid wire transfer from his PC to offshore account ā€¢ Only stopped because of the bank
  • 23.
    Example: Importance ofSecurity With mobile Employees ā€¢ In 2009, the FBI told Coca-Cola executives that hackers had broken into their computer systems and spent a month "pilfering sensitive files" about Coke's "attempted $2.4 billion acquisition of China Huiyuan Juice Group,ā€ ā€¢ The subject line on the email was "Save power is save money! (from CEO) ā€¢ Gave hackers full access to Etchells's computer ā€¢ Once in control of the computer, the hackers installed various other programs, gaining access to the company's corporate network and using Etchells's machine as a staging point to store and download data taken from other computers.ā€ http://www.networkworld.com/article/2223443/microsoft-subnet/coca- cola-hacked-by-chinese-and-kept-it-a-secret.html
  • 24.
    Firewall and AVis Not Enough ā€¢ Need threat intelligence ā€¢ You will be breached its how quickly you respond
  • 25.
  • 26.
    ITP Offerings ā€¢ Yeswe do Strategic, Support & Project ā€¢ We have a security practice ā€¢ Assessment ā€¢ Remediation ā€¢ Ongoing Protection
  • 27.
    Solutions ā€¢ ITP ManagedSecurity Service Packages ā€¢ ITP Managed Security products ā€¢ Assessments ā€“ PCI DSS ā€“ HIPPA ā€“ SOX ā€“ NIST ā€“ FISMA
  • 28.
    Assessment Process (NIST) Step1 CATEGORIZE Information System Step 2 SELECT Security Controls Step 3 IMPLEMENT Security Controls Step 4 ASSESS Security Controls Step 5 AUTHORIZE Information System Step 6 MONITOR Security Controls
  • 29.
    Parting Personal SecurityTips ā€¢ Credit monitoring for your kids ā€¢ Use DuckDuckGo.com for your search engine ā€¢ IP Vanish as a personal VPN solution if you donā€™t have a corporate network ā€¢ Enable Privacy Protections on your devices and in your browsers ā€¢ Donā€™t use public wifi especially when travelling
  • 31.
    Contact Info ā€¢ BillHenry, VP of Sales ā€¢ bhenry@itprosusa.com ā€¢ 414-453-7100