SlideShare a Scribd company logo

SynerComm's Tech TV series CIS Top 20 Critical Security Controls #1

Lisa Niles
Lisa Niles

SynerComm's Tech TV series CIS Top 20 Critical Security Controls

Technology
1 of 36
Download to read offline
Tech TV Series COLLABORATE, INNOVATE, VALIDATE CIS Top 20 #1 Inventory of Authorized and Unauthorized Devices Lisa Niles – CISSP, Chief Solution Architect 1
TECHTVSERIES COLLABORATE,INNOVATE,VALIDATE CIS Top 20 Critical Security Controls “Monitor, detect, analyze, protect, report, and respond against known vulnerabilities, known & unknown attacks, and exploitations” and “continuously test and evaluate information And the security controls and techniques to ensure that they are effectively implemented.” 2
TECHTVSERIES COLLABORATE,INNOVATE,VALIDATE CIS Top 20 Critical Security Controls • The control areas in the CIS CSC focus on various technical aspects of information security • Primary goal of supporting organizations in prioritizing their efforts in defending against today’s most common and damaging attacks. • Outside of the technical realm, a comprehensive security program should also take into account: • Numerous additional areas of security, including overall policy, organizational structure, personnel issues (e.g., background checks, etc.), and physical security. • To help maintain focus, the controls in this document do not deal with these important, but non-technical, aspects of information security. • Organizations should build a comprehensive approach in these other aspects of security as well 3
TECHTVSERIES COLLABORATE,INNOVATE,VALIDATE 4 CIS Top 20 Critical Security Controls • What is an IT security framework? • An information security framework is a series of documented processes that are used to define policies and procedures around the implementation and ongoing management of information security controls in an enterprise environment. • These frameworks are basically a "blueprint" for building an information security program to manage risk and reduce vulnerabilities. Information security teams can utilize these frameworks to define and prioritize the tasks required to build security into an organization. • NISTCybersecurity Framework, NIST guidelines, and the ISO 27000 series or regulations such as PCI DSS, HIPAA, NERC CIP, FISMA
TECHTVSERIES COLLABORATE,INNOVATE,VALIDATE CIS Top 20 Critical Security Controls 5
TECHTVSERIES COLLABORATE,INNOVATE,VALIDATE CIS Top 20 Critical Security Controls Understanding the CIS Critical Security Controls • In 2008, the Center for Internet Security’s Critical Security Controls (“CIS Controls”) were created • A collaboration between representatives from the U.S. government and private sector security & research organizations. • A set of practical defenses specifically targeted toward stopping cyber attacks • The CIS Controls were crafted to answer the frequent question: • “Where should I start when I want to improve my cyber defenses?” 6
TECHTVSERIES COLLABORATE,INNOVATE,VALIDATE CIS Top 20 Critical Security Controls • The CIS CSC Relationship to Other Federal Guidelines, Recommendations, and Requirements • Once companies have addressed the 20 Critical Controls, it is recommended that NIST 800-53 guidelines be used to ensure that they have assessed and implemented an appropriate set of management controls • The CIS controls are meant to reinforce and prioritize some of the most important elements of other frameworks, guidelines, standards, and requirements put forth in other US Government documentation, such as NIST Special Publication 800-53: Recommended Security Controls for Federal Information Systems, SCAP, FDCC, FISMA, and Department of Homeland Security Software Assurance documents. 7
TECHTVSERIES COLLABORATE,INNOVATE,VALIDATE CIS Top 20 Critical Security Controls Guiding principles used in devising these control areas and their associated sub controls include: • Defenses should focus on addressing the most common and damaging attacks • Enterprise environments must ensure consistent controls across an enterprise to effectively negate attacks. • Defenses should be automated where possible, and periodically or continuously measured using automated measurement techniques where feasible. 8
TECHTVSERIES COLLABORATE,INNOVATE,VALIDATE •Getting Started: Ask and Answer Key Questions • What am I trying to protect? • Where are my gaps? • What are my priorities? • Where can I automate? • How can my vendor partners help? 9 CIS Top 20 Critical Security Controls
TECHTVSERIES COLLABORATE,INNOVATE,VALIDATE CIS Top 20 Critical Security Controls • General Guidance for Implementing the Controls: • Carefully plan. • Organizational structure for program’s success. • Establish a “Governance, Risk, and Compliance (GRC)” program. • Assigning program managers 10
TECHTVSERIES COLLABORATE,INNOVATE,VALIDATE CIS Top 20 Critical Security Controls • There are a few practical considerations an organization should make when embarking on this journey. Specifically, an organization should: • Make a formal, top-level decision to make the CIS Controls part of the organization’s standard • Senior management - support and accountability. • Assign a program manager • Who will be responsible for the long-term maintaining cyber defenses. • Start with a gap analysis • Develop an implementation plan • Document the long-term plan (3-5 years) • Embed the definitions of CIS Controls into organization’s security policies • Educate workforce on the organization’s security goals and enlist their help as a part of the long-term defense of the organization’s data. 11
TECHTVSERIES COLLABORATE,INNOVATE,VALIDATE CIS Top 20 Critical Security Controls • Successful implementation of the Controls will require many organizations to shift their mindset on security and how they approach IT operations and defense. • No longer can employees be allowed to install software at random or travel with sensitive data in their pockets. • It has been established that the cultural acceptance of changes needed to implement the technical controls is a necessary prerequisite for success. • This is probably the most significant obstacle most organizations need to overcome. 12
TECHTVSERIES COLLABORATE,INNOVATE,VALIDATE CIS Top 20 Critical Security Controls • The Controls are not limited to blocking the initial compromise of systems • Detecting already--‐compromised machines and preventing or disrupting attackers’ follow--‐on actions. • Reducing the initial attack surface by hardening device configurations, identifying compromised machines to address long--‐term threats inside an organization’s network, disrupting attackers’ command--‐and--‐control of implanted malicious code, and establishing an adaptive, continuous defense 13
TECHTVSERIES COLLABORATE,INNOVATE,VALIDATE • The five critical tenets of an effective cyber defense system as reflected in the CIS Critical Security Controls are: • Offense informs defense • Prioritization • Metrics • Continuous diagnostics and mitigation • Automation 14 CIS Top 20 Critical Security Controls
TECHTVSERIES COLLABORATE,INNOVATE,VALIDATE 15 CIS Top 20 Critical Security Controls
TECHTVSERIES COLLABORATE,INNOVATE,VALIDATE •How to Get Started •Step 1. Perform Initial GapAssessment. •Step 2. Develop an Implementation Roadmap •Step 3. Implement the First Phase of Controls •Step 4. Integrate Controls into Operations •Step 5. Report and Manage Progress against the Implementation Roadmap 16 CIS Top 20 Critical Security Controls
TECHTVSERIES COLLABORATE,INNOVATE,VALIDATE • Control #1 • Inventory of Authorized and Unauthorized Devices • Key Principle Control: • Actively manage (inventory, track, and correct) all hardware devices on the network so that only authorized devices are given access, and unauthorized and unmanaged devices are found and prevented from gaining access. 17 CIS Top 20 Critical Security Controls
TECHTVSERIES COLLABORATE,INNOVATE,VALIDATE • The purpose of this Control is to help organizations define a baseline of what must be defended. • Without an understanding of what devices and data are connected, they cannot be defended. 18 CIS Top 20 Critical Security Controls
TECHTVSERIES COLLABORATE,INNOVATE,VALIDATE • Why is CIS Control 1 critical? • Attackers are continuously scanning the address space of target organizations, waiting for new and unprotected systems to be attached to the network. • Devices that are not visible from the Internet can be used by attackers who have already gained internal access and are hunting for internal jump points or victims. • Looking for new or test systems 19 CIS Top 20 Critical Security Controls
TECHTVSERIES COLLABORATE,INNOVATE,VALIDATE 20 Family Control Control Description Foundational Advanced Critical Security Control #1: Inventory of Authorized and Unauthorized Devices System 1.1 Deploy an automated asset inventory discovery tool and use it to build a preliminary inventory of systems connected to an organization’s public and private network(s). Both active tools that scan through IPv4 or IPv6 network address ranges and passive tools that identify hosts based on analyzing their traffic should be employed. Y Use a mix of active and passive tools, and apply as part of a continuous monitoring program. System 1.2 If the organization is dynamically assigning addresses using DHCP, then deploy dynamic host configuration protocol (DHCP) server logging, and use this information to improve the asset inventory and help detect unknown systems. Y System 1.3 Ensure that all equipment acquisitions automatically update the inventory system as new, approved devices are connected to the network. Y System 1.4 Maintain an asset inventory of all systems connected to the network and the network devices themselves, recording at least the network addresses, machine name(s), purpose of each system, an asset owner responsible for each device, and the department associated with each device.The inventory should include every system that has an Internet protocol (IP) address on the network, including but not limited to desktops, laptops, servers, network equipment (routers, switches, firewalls, etc.), printers, storage area networks,Voice Over-IP telephones, multi-homed addresses, virtual addresses, etc. The asset inventory created must also include data on whether the device is a portable and/or personal device. Devices such as mobile phones, tablets, laptops, and other portable electronic devices that store or process data must be identified, regardless of whether they are attached to the organization’s network. Y System 1.5 Deploy network level authentication via 802.1x to limit and control which devices can be connected to the network. The 802.1x must be tied into the inventory data to determine authorized versus unauthorized systems. Y Authentication mechanisms are closely coupled to management of hardware inventory System 1.6 Use client certificates to validate and authenticate systems prior to connecting to the private network. Y CIS Top 20 Critical Security Controls
TECHTVSERIES COLLABORATE,INNOVATE,VALIDATE • CSC 1 Procedures andTools • The Control requires both technical and procedural actions; • It is critical for all devices to have an accurate and up-to-date inventory control system in place (excel, database, manual or commercial automatic tool) with device details/owners • Securely pull device details (MAC) switch, routers, aps, DHCP, servers, span ports • Scanning tools (Active/passive) every 12 hours, ICMP sweep, fingerprinting • Standard device naming conventions can help so unrecognized device names stand out • Maturity goes from manual, automated, monitored and measured • Place new device on network monthly to test tools/procedures effectiveness 21 CIS Top 20 Critical Security Controls
TECHTVSERIES COLLABORATE,INNOVATE,VALIDATE CIS Top 20 Critical Security Controls • CSC 1 Procedures andTools • Ensure that network inventory monitoring tools keeping the asset inventory up to date on a real-time basis • Looking for deviations from the expected inventory of assets on the network, and alerting security • Secure the asset inventory database with asset information is encrypted. • Limit access to these systems to authorized personnel only, and carefully log all such access. • For additional security, a secure copy of the asset inventory may be kept in an off-line system. 22
TECHTVSERIES COLLABORATE,INNOVATE,VALIDATE CIS Top 20 Critical Security Controls • CSC 1 Procedures andTools • In addition to an inventory of hardware, organizations should develop an inventory of data/information assets and maps critical information to the hardware assets • A department and individual responsible for each data asset should be identified, recorded, and tracked. • To evaluate the effectiveness of automated asset inventory tools, periodically attach several hardened computer systems not already included in asset inventories to the network and measure the delay before each device connection is disabled or the installers confronted. • Advanced:The organization’s asset inventory should include removable media devices, including USB sticks, external hard drives, and other related information storage devices. 23
TECHTVSERIES COLLABORATE,INNOVATE,VALIDATE 24 CIS Top 20 Critical Security Controls
TECHTVSERIES COLLABORATE,INNOVATE,VALIDATE CIS Top 20 Critical Security Controls 25
TECHTVSERIES COLLABORATE,INNOVATE,VALIDATE CIS Top 20 Critical Security Controls 26 CSC 1.1 Requirement: Inventory of Authorized and Unauthorized devices CSC 1.1 Procedure: Asset Inventory The organization: 1. Departments will document and clearly define what authorized and unauthorized devices are in their respective areas. 1. Departments will update the Assets inventory reports and auditors of inventory devices. 1. Departments will spot check devices monthly to ensure that they are authorized Metrics: 1. The IT department will maintain a list of de-authorized devices 1. The IT department spot check each department every 6-months
TECHTVSERIES COLLABORATE,INNOVATE,VALIDATE Sub-Control Description Control SecurityTechnology Controls 1 Inventory of Authorized and Unauthorized Devices Active Device Discovery System Tenable, Qualys, Infoblox NetMRI, ForeScout 2 Inventory of Authorized and Unauthorized Devices Passive Device Discovery System Tenable, Qualys, Infoblox NetMRI, ForeScout 3 Inventory of Authorized and Unauthorized Devices Log Management System / SIEM Log Rhythm, Splunk 4 Inventory of Authorized and Unauthorized Devices Asset Inventory System Tenable, Qualys, Infoblox NetMRI, ForeScout, Db, Excel 5 Inventory of Authorized and Unauthorized Devices Network Level Authentication (NLA) Tenable, Qualys, Infoblox NetMRI, ForeScout, Juniper 6 Inventory of Authorized and Unauthorized Devices Public Key Infrastruture (PKI) Microsoft 27 CIS Top 20 Critical Security Controls
TECHTVSERIES COLLABORATE,INNOVATE,VALIDATE CIS Top 20 Critical Security Controls • Inventory of Authorized and Unauthorized Devices 1-1 - Deploy an automated asset inventory discovery tool FreeTools • Spiceworks - active scanning. • AlienVault OSSIM - Inventorying • OpenAudIT - All open source inventorying, and auditing platform • OpenNSM - Open Network Management System • Windows DHCP Server Audit EventTool -This tool can be used by Admins to view all the events generated by DHCP Server directly • Linux DHCP Server Config and Logging - CentOS DHCP Server 28
TECHTVSERIES COLLABORATE,INNOVATE,VALIDATE CIS Top 20 Critical Security Controls • 1-5 - Deploy network level authentication via 802.1x to limit and control which devices can be connected to the network.The 802.1x must be tied into the inventory data to determine authorized versus unauthorized systems. FreeTools • Windows NPS Server Role - Just beware that NAP is deprecated inWindows 10 so you will need a 2rd party NAP client. • FreeRADIUS & 802.1x - How to setup 802.1x with FreeRADIUS. • SANS guide to deploy 802.1x • Group Policy forWireless 802.1x - Group Policy forWired 802.1x • 802.1x standard on most switches Enterprise tools • Cisco ISE 29
TECHTVSERIES COLLABORATE,INNOVATE,VALIDATE CIS Top 20 Critical Security Controls • 1-6 - Deploy network access control (NAC) to monitor authorized systems so if attacks occur, the impact can be remediated by moving the untrusted system to a virtual local area network that has minimal access. FreeTools • PacketFence - Flagship of open source Network Access Control (NAC). • OpenNAC - Open source Network access control that provide secure access for LAN/WAN. CommercialTools • Forescout - Offers health checks before authenticating supplicants to your network. For wired and wireless networks. • Microsoft SCCM - NAC with health checks is but one small piece of the SCCM 30
TECHTVSERIES COLLABORATE,INNOVATE,VALIDATE CIS Top 20 Critical Security Controls 31
TECHTVSERIES COLLABORATE,INNOVATE,VALIDATE CIS Top 20 Critical Security Controls CIS Critical Security Controls # Customer solution? Budgeted 2018? Reviewed solutions? SynerComm Solutions 1 Inventory of Authorized and Unauthorized Devices Tenable, Qualys, Infoblox, Forescout 2 Inventory of Authorized and Unauthorized Software Tenable, Qualys, Infoblox, Carbonblack 3 Secure Configuration of end-user devices Tenable, Rapid7 4 Continious Vulnerability & remediation Qualys, Tenable, Rapid7 5 Controlled Use of Administrative priviledges Centrify, CyberArk, BeyondTrust, Okta 6 Maintenance, Monitoring and Analysis of Audit Logs SolarWinds, Log Rhythum 7 Email and Web Browser Protection Barracuda, Proofpoint, zScaler, Fireeye (Web - Palo, Checkpoint, Forcepoint) 8 Malware Defense Bitdefender, carbonblack, PaloAlto TRAPS, Sophos, TrendMicro 9 Limitation & Control of network Ports, protocols, and Service PaloAlto, Juniper, Checkpoint, Fortinet 10 Data Recovery Capability Barracuda 11 Secure Configuration of Network Devices SynerComm Config Assurance, A&A, Firemon, RedSeal, Tenable, Rapid7 12 Boundry Defense PaloAlto, Juniper, Checkpoint, Fortinet 13 Data Protection Rapid7, tenable, Imperva, Infoblox, PaloAlto 14 Controlled Access Based on Need to Know Centrify , OKTA 15 Wireless Access Control Aerohive with 802.1x & WIPS/FW 16 Account Monitoring and Control Centrify, Beyond Trust, OKTA, 17 Security Skills Assessment and Appropriate Training A&A training 18 Application Software Security Rapid7, Splunk 19 Incident Response and Management Rapid7, redseal, A&A 20 Penetration Tests and Red Team Exercises A&A 32
TECHTVSERIES COLLABORATE,INNOVATE,VALIDATE CIS Top 20 Critical Security Controls 33 • Center for Internet Security (CIS): https://www.cisecurity.org/ • NIST Cyber Security Framework (CSF): http://www.nist.gov/cyberframework/ • CIS Critical Security Controls (CSC): https://www.cisecurity.org/critical-controls.cfm • Auditscripts resources (provided by James Tarala, CSC Editor): https://www.auditscripts.com/free-resources/critical-security- controls/ • CSF planning spreadsheet: http://www.tenable.com/whitepapers/nist- csf-implementation-planning-tool
TECHTVSERIES COLLABORATE,INNOVATE,VALIDATE • CISsecurity.org JOIN!! 34 CIS Top 20 Critical Security Controls
TECHTVSERIES COLLABORATE,INNOVATE,VALIDATE CIS Top 20 Critical Security Controls 35
TECHTVSERIES COLLABORATE,INNOVATE,VALIDATE Thank you for Attending. Hope you can join us for the Complete CIS Top 20 CSC 36 CIS Top 20 Critical Security Controls

Recommended

SynerComm's Tech TV series CIS Top 20 Critical Security Controls #2
SynerComm's Tech TV series CIS Top 20 Critical Security Controls #2SynerComm's Tech TV series CIS Top 20 Critical Security Controls #2
SynerComm's Tech TV series CIS Top 20 Critical Security Controls #2Lisa Niles
 
SynerComm's Tech TV series CIS Top 20 Critical Security Controls #4
SynerComm's Tech TV series CIS Top 20 Critical Security Controls #4SynerComm's Tech TV series CIS Top 20 Critical Security Controls #4
SynerComm's Tech TV series CIS Top 20 Critical Security Controls #4Lisa Niles
 
SynerComm's Tech TV series CIS Top 20 Critical Security Controls #3
SynerComm's Tech TV series CIS Top 20 Critical Security Controls #3SynerComm's Tech TV series CIS Top 20 Critical Security Controls #3
SynerComm's Tech TV series CIS Top 20 Critical Security Controls #3Lisa Niles
 
SynerComm's Tech TV series CIS Top 20 Critical Security Controls #5
SynerComm's Tech TV series CIS Top 20 Critical Security Controls #5SynerComm's Tech TV series CIS Top 20 Critical Security Controls #5
SynerComm's Tech TV series CIS Top 20 Critical Security Controls #5Lisa Niles
 
Effective Cyber Defense Using CIS Critical Security Controls
Effective Cyber Defense Using CIS Critical Security ControlsEffective Cyber Defense Using CIS Critical Security Controls
Effective Cyber Defense Using CIS Critical Security ControlsBSides Delhi
 
Top 20 Security Controls for a More Secure Infrastructure
Top 20 Security Controls for a More Secure InfrastructureTop 20 Security Controls for a More Secure Infrastructure
Top 20 Security Controls for a More Secure InfrastructureInfosec
 
The CIS Critical Security Controls the International Standard for Defense
The CIS Critical Security Controls the International Standard for DefenseThe CIS Critical Security Controls the International Standard for Defense
The CIS Critical Security Controls the International Standard for DefenseEnclaveSecurity
 
Overview of the 20 critical controls
Overview of the 20 critical controlsOverview of the 20 critical controls
Overview of the 20 critical controlsEnclaveSecurity
 

Recommended

SynerComm's Tech TV series CIS Top 20 Critical Security Controls #2
SynerComm's Tech TV series CIS Top 20 Critical Security Controls #2SynerComm's Tech TV series CIS Top 20 Critical Security Controls #2
SynerComm's Tech TV series CIS Top 20 Critical Security Controls #2Lisa Niles
 
SynerComm's Tech TV series CIS Top 20 Critical Security Controls #4
SynerComm's Tech TV series CIS Top 20 Critical Security Controls #4SynerComm's Tech TV series CIS Top 20 Critical Security Controls #4
SynerComm's Tech TV series CIS Top 20 Critical Security Controls #4Lisa Niles
 
SynerComm's Tech TV series CIS Top 20 Critical Security Controls #3
SynerComm's Tech TV series CIS Top 20 Critical Security Controls #3SynerComm's Tech TV series CIS Top 20 Critical Security Controls #3
SynerComm's Tech TV series CIS Top 20 Critical Security Controls #3Lisa Niles
 
SynerComm's Tech TV series CIS Top 20 Critical Security Controls #5
SynerComm's Tech TV series CIS Top 20 Critical Security Controls #5SynerComm's Tech TV series CIS Top 20 Critical Security Controls #5
SynerComm's Tech TV series CIS Top 20 Critical Security Controls #5Lisa Niles
 
Effective Cyber Defense Using CIS Critical Security Controls
Effective Cyber Defense Using CIS Critical Security ControlsEffective Cyber Defense Using CIS Critical Security Controls
Effective Cyber Defense Using CIS Critical Security ControlsBSides Delhi
 
Top 20 Security Controls for a More Secure Infrastructure
Top 20 Security Controls for a More Secure InfrastructureTop 20 Security Controls for a More Secure Infrastructure
Top 20 Security Controls for a More Secure InfrastructureInfosec
 
The CIS Critical Security Controls the International Standard for Defense
The CIS Critical Security Controls the International Standard for DefenseThe CIS Critical Security Controls the International Standard for Defense
The CIS Critical Security Controls the International Standard for DefenseEnclaveSecurity
 
Overview of the 20 critical controls
Overview of the 20 critical controlsOverview of the 20 critical controls
Overview of the 20 critical controlsEnclaveSecurity
 
Cs cmaster
Cs cmasterCs cmaster
Cs cmasterHafid CHEBRAOUI
 
Ebook: Splunk SANS - CIS Top 20 Critical Security Controls
Ebook: Splunk SANS - CIS Top 20 Critical Security ControlsEbook: Splunk SANS - CIS Top 20 Critical Security Controls
Ebook: Splunk SANS - CIS Top 20 Critical Security ControlsDominique Dessy
 
Recent changes to the 20 critical controls
Recent changes to the 20 critical controlsRecent changes to the 20 critical controls
Recent changes to the 20 critical controlsEnclaveSecurity
 
Information Assurance Metrics: Practical Steps to Measurement
Information Assurance Metrics: Practical Steps to MeasurementInformation Assurance Metrics: Practical Steps to Measurement
Information Assurance Metrics: Practical Steps to MeasurementEnclaveSecurity
 
More practical insights on the 20 critical controls
More practical insights on the 20 critical controlsMore practical insights on the 20 critical controls
More practical insights on the 20 critical controlsEnclaveSecurity
 
Using an Open Source Threat Model for Prioritized Defense
Using an Open Source Threat Model for Prioritized DefenseUsing an Open Source Threat Model for Prioritized Defense
Using an Open Source Threat Model for Prioritized DefenseEnclaveSecurity
 
Prioritizing an audit program using the 20 critical controls
Prioritizing an audit program using the 20 critical controlsPrioritizing an audit program using the 20 critical controls
Prioritizing an audit program using the 20 critical controlsEnclaveSecurity
 
Solving the CIO’s Cybersecurity Dilemma
Solving the CIO’s Cybersecurity DilemmaSolving the CIO’s Cybersecurity Dilemma
Solving the CIO’s Cybersecurity DilemmaJohn Gilligan
 
Utilizing the Critical Security Controls to Secure Healthcare Technology
Utilizing the Critical Security Controls to Secure Healthcare TechnologyUtilizing the Critical Security Controls to Secure Healthcare Technology
Utilizing the Critical Security Controls to Secure Healthcare TechnologyEnclaveSecurity
 
Soc
SocSoc
SocMukesh Chaudhari
 
Practical steps for assessing tablet & mobile device security
Practical steps for assessing tablet & mobile device securityPractical steps for assessing tablet & mobile device security
Practical steps for assessing tablet & mobile device securityEnclaveSecurity
 
20 Security Controls for the Cloud
20 Security Controls for the Cloud20 Security Controls for the Cloud
20 Security Controls for the CloudNetStandard
 
Security operations center 5 security controls
Security operations center 5 security controls Security operations center 5 security controls
Security operations center 5 security controlsAlienVault
 
Federal Cybersecurity: The latest challenges, initiatives and best practices
Federal Cybersecurity: The latest challenges, initiatives and best practicesFederal Cybersecurity: The latest challenges, initiatives and best practices
Federal Cybersecurity: The latest challenges, initiatives and best practicesJohn Gilligan
 
Skill Set Needed to work successfully in a SOC
Skill Set Needed to work successfully in a SOCSkill Set Needed to work successfully in a SOC
Skill Set Needed to work successfully in a SOCFuad Khan
 
DTS Solution - Building a SOC (Security Operations Center)
DTS Solution - Building a SOC (Security Operations Center)DTS Solution - Building a SOC (Security Operations Center)
DTS Solution - Building a SOC (Security Operations Center)Shah Sheikh
 
Cyber essentials-overview-sep-2021-211019100139
Cyber essentials-overview-sep-2021-211019100139Cyber essentials-overview-sep-2021-211019100139
Cyber essentials-overview-sep-2021-211019100139evaleng2
 
Simplify PCI DSS Compliance with AlienVault USM
Simplify PCI DSS Compliance with AlienVault USMSimplify PCI DSS Compliance with AlienVault USM
Simplify PCI DSS Compliance with AlienVault USMAlienVault
 
Accelerating OT - A Case Study
Accelerating OT - A Case StudyAccelerating OT - A Case Study
Accelerating OT - A Case StudyDigital Bond
 
"Backoff" Malware: How to Know If You're Infected
"Backoff" Malware: How to Know If You're Infected"Backoff" Malware: How to Know If You're Infected
"Backoff" Malware: How to Know If You're InfectedTripwire
 
Colorado-Society-of-CPAs-Cybersecurity-Presentation-v3_Feb8.pptx
Colorado-Society-of-CPAs-Cybersecurity-Presentation-v3_Feb8.pptxColorado-Society-of-CPAs-Cybersecurity-Presentation-v3_Feb8.pptx
Colorado-Society-of-CPAs-Cybersecurity-Presentation-v3_Feb8.pptxAkramAlqadasi1
 
What is the UK Cyber Essentials scheme?
What is the UK Cyber Essentials scheme?What is the UK Cyber Essentials scheme?
What is the UK Cyber Essentials scheme?IT Governance Ltd
 

More Related Content

What's hot

Ebook: Splunk SANS - CIS Top 20 Critical Security Controls
Ebook: Splunk SANS - CIS Top 20 Critical Security ControlsEbook: Splunk SANS - CIS Top 20 Critical Security Controls
Ebook: Splunk SANS - CIS Top 20 Critical Security ControlsDominique Dessy
 
Recent changes to the 20 critical controls
Recent changes to the 20 critical controlsRecent changes to the 20 critical controls
Recent changes to the 20 critical controlsEnclaveSecurity
 
Information Assurance Metrics: Practical Steps to Measurement
Information Assurance Metrics: Practical Steps to MeasurementInformation Assurance Metrics: Practical Steps to Measurement
Information Assurance Metrics: Practical Steps to MeasurementEnclaveSecurity
 
More practical insights on the 20 critical controls
More practical insights on the 20 critical controlsMore practical insights on the 20 critical controls
More practical insights on the 20 critical controlsEnclaveSecurity
 
Using an Open Source Threat Model for Prioritized Defense
Using an Open Source Threat Model for Prioritized DefenseUsing an Open Source Threat Model for Prioritized Defense
Using an Open Source Threat Model for Prioritized DefenseEnclaveSecurity
 
Prioritizing an audit program using the 20 critical controls
Prioritizing an audit program using the 20 critical controlsPrioritizing an audit program using the 20 critical controls
Prioritizing an audit program using the 20 critical controlsEnclaveSecurity
 
Solving the CIO’s Cybersecurity Dilemma
Solving the CIO’s Cybersecurity DilemmaSolving the CIO’s Cybersecurity Dilemma
Solving the CIO’s Cybersecurity DilemmaJohn Gilligan
 
Utilizing the Critical Security Controls to Secure Healthcare Technology
Utilizing the Critical Security Controls to Secure Healthcare TechnologyUtilizing the Critical Security Controls to Secure Healthcare Technology
Utilizing the Critical Security Controls to Secure Healthcare TechnologyEnclaveSecurity
 
Practical steps for assessing tablet & mobile device security
Practical steps for assessing tablet & mobile device securityPractical steps for assessing tablet & mobile device security
Practical steps for assessing tablet & mobile device securityEnclaveSecurity
 
20 Security Controls for the Cloud
20 Security Controls for the Cloud20 Security Controls for the Cloud
20 Security Controls for the CloudNetStandard
 
Security operations center 5 security controls
Security operations center 5 security controls Security operations center 5 security controls
Security operations center 5 security controlsAlienVault
 
Federal Cybersecurity: The latest challenges, initiatives and best practices
Federal Cybersecurity: The latest challenges, initiatives and best practicesFederal Cybersecurity: The latest challenges, initiatives and best practices
Federal Cybersecurity: The latest challenges, initiatives and best practicesJohn Gilligan
 
Skill Set Needed to work successfully in a SOC
Skill Set Needed to work successfully in a SOCSkill Set Needed to work successfully in a SOC
Skill Set Needed to work successfully in a SOCFuad Khan
 
DTS Solution - Building a SOC (Security Operations Center)
DTS Solution - Building a SOC (Security Operations Center)DTS Solution - Building a SOC (Security Operations Center)
DTS Solution - Building a SOC (Security Operations Center)Shah Sheikh
 
Cyber essentials-overview-sep-2021-211019100139
Cyber essentials-overview-sep-2021-211019100139Cyber essentials-overview-sep-2021-211019100139
Cyber essentials-overview-sep-2021-211019100139evaleng2
 
Simplify PCI DSS Compliance with AlienVault USM
Simplify PCI DSS Compliance with AlienVault USMSimplify PCI DSS Compliance with AlienVault USM
Simplify PCI DSS Compliance with AlienVault USMAlienVault
 
Accelerating OT - A Case Study
Accelerating OT - A Case StudyAccelerating OT - A Case Study
Accelerating OT - A Case StudyDigital Bond
 
"Backoff" Malware: How to Know If You're Infected
"Backoff" Malware: How to Know If You're Infected"Backoff" Malware: How to Know If You're Infected
"Backoff" Malware: How to Know If You're InfectedTripwire
 

What's hot (20)

Cs cmaster
Cs cmasterCs cmaster
Cs cmaster
 
Ebook: Splunk SANS - CIS Top 20 Critical Security Controls
Ebook: Splunk SANS - CIS Top 20 Critical Security ControlsEbook: Splunk SANS - CIS Top 20 Critical Security Controls
Ebook: Splunk SANS - CIS Top 20 Critical Security Controls
 
Recent changes to the 20 critical controls
Recent changes to the 20 critical controlsRecent changes to the 20 critical controls
Recent changes to the 20 critical controls
 
Information Assurance Metrics: Practical Steps to Measurement
Information Assurance Metrics: Practical Steps to MeasurementInformation Assurance Metrics: Practical Steps to Measurement
Information Assurance Metrics: Practical Steps to Measurement
 
More practical insights on the 20 critical controls
More practical insights on the 20 critical controlsMore practical insights on the 20 critical controls
More practical insights on the 20 critical controls
 
Using an Open Source Threat Model for Prioritized Defense
Using an Open Source Threat Model for Prioritized DefenseUsing an Open Source Threat Model for Prioritized Defense
Using an Open Source Threat Model for Prioritized Defense
 
Prioritizing an audit program using the 20 critical controls
Prioritizing an audit program using the 20 critical controlsPrioritizing an audit program using the 20 critical controls
Prioritizing an audit program using the 20 critical controls
 
Solving the CIO’s Cybersecurity Dilemma
Solving the CIO’s Cybersecurity DilemmaSolving the CIO’s Cybersecurity Dilemma
Solving the CIO’s Cybersecurity Dilemma
 
Utilizing the Critical Security Controls to Secure Healthcare Technology
Utilizing the Critical Security Controls to Secure Healthcare TechnologyUtilizing the Critical Security Controls to Secure Healthcare Technology
Utilizing the Critical Security Controls to Secure Healthcare Technology
 
Soc
SocSoc
Soc
 
Practical steps for assessing tablet & mobile device security
Practical steps for assessing tablet & mobile device securityPractical steps for assessing tablet & mobile device security
Practical steps for assessing tablet & mobile device security
 
20 Security Controls for the Cloud
20 Security Controls for the Cloud20 Security Controls for the Cloud
20 Security Controls for the Cloud
 
Security operations center 5 security controls
Security operations center 5 security controls Security operations center 5 security controls
Security operations center 5 security controls
 
Federal Cybersecurity: The latest challenges, initiatives and best practices
Federal Cybersecurity: The latest challenges, initiatives and best practicesFederal Cybersecurity: The latest challenges, initiatives and best practices
Federal Cybersecurity: The latest challenges, initiatives and best practices
 
Skill Set Needed to work successfully in a SOC
Skill Set Needed to work successfully in a SOCSkill Set Needed to work successfully in a SOC
Skill Set Needed to work successfully in a SOC
 
DTS Solution - Building a SOC (Security Operations Center)
DTS Solution - Building a SOC (Security Operations Center)DTS Solution - Building a SOC (Security Operations Center)
DTS Solution - Building a SOC (Security Operations Center)
 
Cyber essentials-overview-sep-2021-211019100139
Cyber essentials-overview-sep-2021-211019100139Cyber essentials-overview-sep-2021-211019100139
Cyber essentials-overview-sep-2021-211019100139
 
Simplify PCI DSS Compliance with AlienVault USM
Simplify PCI DSS Compliance with AlienVault USMSimplify PCI DSS Compliance with AlienVault USM
Simplify PCI DSS Compliance with AlienVault USM
 
Accelerating OT - A Case Study
Accelerating OT - A Case StudyAccelerating OT - A Case Study
Accelerating OT - A Case Study
 
"Backoff" Malware: How to Know If You're Infected
"Backoff" Malware: How to Know If You're Infected"Backoff" Malware: How to Know If You're Infected
"Backoff" Malware: How to Know If You're Infected
 

Similar to SynerComm's Tech TV series CIS Top 20 Critical Security Controls #1

Colorado-Society-of-CPAs-Cybersecurity-Presentation-v3_Feb8.pptx
Colorado-Society-of-CPAs-Cybersecurity-Presentation-v3_Feb8.pptxColorado-Society-of-CPAs-Cybersecurity-Presentation-v3_Feb8.pptx
Colorado-Society-of-CPAs-Cybersecurity-Presentation-v3_Feb8.pptxAkramAlqadasi1
 
What is the UK Cyber Essentials scheme?
What is the UK Cyber Essentials scheme?What is the UK Cyber Essentials scheme?
What is the UK Cyber Essentials scheme?IT Governance Ltd
 
Cybersecurity Frameworks and You: The Perfect Match
Cybersecurity Frameworks and You: The Perfect MatchCybersecurity Frameworks and You: The Perfect Match
Cybersecurity Frameworks and You: The Perfect MatchMcKonly & Asbury, LLP
 
Cybersecurity Assurance at CloudSec 2015 Kuala Lumpur
Cybersecurity Assurance at CloudSec 2015 Kuala LumpurCybersecurity Assurance at CloudSec 2015 Kuala Lumpur
Cybersecurity Assurance at CloudSec 2015 Kuala LumpurAlan Yau Ti Dun
 
UMASS-NISTCSF-October-2016-Presentation-rev2.pptx
UMASS-NISTCSF-October-2016-Presentation-rev2.pptxUMASS-NISTCSF-October-2016-Presentation-rev2.pptx
UMASS-NISTCSF-October-2016-Presentation-rev2.pptxAbid Ur Rehman
 
Top Cybersecurity Challenges Facing Your Business
Top Cybersecurity Challenges Facing Your BusinessTop Cybersecurity Challenges Facing Your Business
Top Cybersecurity Challenges Facing Your BusinessNicholas Davis
 
Cybersecurity: Challenges, Initiatives, and Best Practices
Cybersecurity: Challenges, Initiatives, and Best PracticesCybersecurity: Challenges, Initiatives, and Best Practices
Cybersecurity: Challenges, Initiatives, and Best PracticesJohn Gilligan
 
PCI and Vulnerability Assessments - What’s Missing
PCI and Vulnerability Assessments - What’s MissingPCI and Vulnerability Assessments - What’s Missing
PCI and Vulnerability Assessments - What’s MissingBlack Duck by Synopsys
 
Meletis BelsisManaging and enforcing information security
Meletis BelsisManaging and enforcing information securityMeletis BelsisManaging and enforcing information security
Meletis BelsisManaging and enforcing information securityMeletis Belsis MPhil/MRes/BSc
 
Cybersecurity Best Practices in Financial Services
Cybersecurity Best Practices in Financial ServicesCybersecurity Best Practices in Financial Services
Cybersecurity Best Practices in Financial ServicesJohn Rapa
 
When to Implement a Vulnerability Assessment or Pen Test | IT Security & Risk...
When to Implement a Vulnerability Assessment or Pen Test | IT Security & Risk...When to Implement a Vulnerability Assessment or Pen Test | IT Security & Risk...
When to Implement a Vulnerability Assessment or Pen Test | IT Security & Risk...Cam Fulton
 
NCCDC 2019 Standards Presentation.pptx
NCCDC 2019 Standards Presentation.pptxNCCDC 2019 Standards Presentation.pptx
NCCDC 2019 Standards Presentation.pptxJeffThompson991132
 
Cybersecurity Risk Management Program and Your Organization
Cybersecurity Risk Management Program and Your OrganizationCybersecurity Risk Management Program and Your Organization
Cybersecurity Risk Management Program and Your OrganizationMcKonly & Asbury, LLP
 
[EMC] Source Code Protection
[EMC] Source Code Protection[EMC] Source Code Protection
[EMC] Source Code ProtectionPerforce
 
SLVA - Security monitoring and reporting itweb workshop
SLVA - Security monitoring and reporting itweb workshopSLVA - Security monitoring and reporting itweb workshop
SLVA - Security monitoring and reporting itweb workshopSLVA Information Security
 
Tech 2 Tech: increasing security posture and threat intelligence sharing
Tech 2 Tech: increasing security posture and threat intelligence sharingTech 2 Tech: increasing security posture and threat intelligence sharing
Tech 2 Tech: increasing security posture and threat intelligence sharingJisc
 
Nist cybersecurity framework isc2 quantico
Nist cybersecurity framework isc2 quanticoNist cybersecurity framework isc2 quantico
Nist cybersecurity framework isc2 quanticoTuan Phan
 
How to Perform Continuous Vulnerability Management
How to Perform Continuous Vulnerability ManagementHow to Perform Continuous Vulnerability Management
How to Perform Continuous Vulnerability ManagementIvanti
 

Similar to SynerComm's Tech TV series CIS Top 20 Critical Security Controls #1 (20)

Colorado-Society-of-CPAs-Cybersecurity-Presentation-v3_Feb8.pptx
Colorado-Society-of-CPAs-Cybersecurity-Presentation-v3_Feb8.pptxColorado-Society-of-CPAs-Cybersecurity-Presentation-v3_Feb8.pptx
Colorado-Society-of-CPAs-Cybersecurity-Presentation-v3_Feb8.pptx
 
What is the UK Cyber Essentials scheme?
What is the UK Cyber Essentials scheme?What is the UK Cyber Essentials scheme?
What is the UK Cyber Essentials scheme?
 
Cybersecurity Frameworks and You: The Perfect Match
Cybersecurity Frameworks and You: The Perfect MatchCybersecurity Frameworks and You: The Perfect Match
Cybersecurity Frameworks and You: The Perfect Match
 
Cybersecurity Assurance at CloudSec 2015 Kuala Lumpur
Cybersecurity Assurance at CloudSec 2015 Kuala LumpurCybersecurity Assurance at CloudSec 2015 Kuala Lumpur
Cybersecurity Assurance at CloudSec 2015 Kuala Lumpur
 
UMASS-NISTCSF-October-2016-Presentation-rev2.pptx
UMASS-NISTCSF-October-2016-Presentation-rev2.pptxUMASS-NISTCSF-October-2016-Presentation-rev2.pptx
UMASS-NISTCSF-October-2016-Presentation-rev2.pptx
 
Top Cybersecurity Challenges Facing Your Business
Top Cybersecurity Challenges Facing Your BusinessTop Cybersecurity Challenges Facing Your Business
Top Cybersecurity Challenges Facing Your Business
 
Cybersecurity: Challenges, Initiatives, and Best Practices
Cybersecurity: Challenges, Initiatives, and Best PracticesCybersecurity: Challenges, Initiatives, and Best Practices
Cybersecurity: Challenges, Initiatives, and Best Practices
 
PCI and Vulnerability Assessments - What’s Missing
PCI and Vulnerability Assessments - What’s MissingPCI and Vulnerability Assessments - What’s Missing
PCI and Vulnerability Assessments - What’s Missing
 
Meletis BelsisManaging and enforcing information security
Meletis BelsisManaging and enforcing information securityMeletis BelsisManaging and enforcing information security
Meletis BelsisManaging and enforcing information security
 
Cybersecurity Best Practices in Financial Services
Cybersecurity Best Practices in Financial ServicesCybersecurity Best Practices in Financial Services
Cybersecurity Best Practices in Financial Services
 
IT Audit - Evolve and Stay in the Game
IT Audit - Evolve and Stay in the GameIT Audit - Evolve and Stay in the Game
IT Audit - Evolve and Stay in the Game
 
IT & the Auditor
IT & the AuditorIT & the Auditor
IT & the Auditor
 
When to Implement a Vulnerability Assessment or Pen Test | IT Security & Risk...
When to Implement a Vulnerability Assessment or Pen Test | IT Security & Risk...When to Implement a Vulnerability Assessment or Pen Test | IT Security & Risk...
When to Implement a Vulnerability Assessment or Pen Test | IT Security & Risk...
 
NCCDC 2019 Standards Presentation.pptx
NCCDC 2019 Standards Presentation.pptxNCCDC 2019 Standards Presentation.pptx
NCCDC 2019 Standards Presentation.pptx
 
Cybersecurity Risk Management Program and Your Organization
Cybersecurity Risk Management Program and Your OrganizationCybersecurity Risk Management Program and Your Organization
Cybersecurity Risk Management Program and Your Organization
 
[EMC] Source Code Protection
[EMC] Source Code Protection[EMC] Source Code Protection
[EMC] Source Code Protection
 
SLVA - Security monitoring and reporting itweb workshop
SLVA - Security monitoring and reporting itweb workshopSLVA - Security monitoring and reporting itweb workshop
SLVA - Security monitoring and reporting itweb workshop
 
Tech 2 Tech: increasing security posture and threat intelligence sharing
Tech 2 Tech: increasing security posture and threat intelligence sharingTech 2 Tech: increasing security posture and threat intelligence sharing
Tech 2 Tech: increasing security posture and threat intelligence sharing
 
Nist cybersecurity framework isc2 quantico
Nist cybersecurity framework isc2 quanticoNist cybersecurity framework isc2 quantico
Nist cybersecurity framework isc2 quantico
 
How to Perform Continuous Vulnerability Management
How to Perform Continuous Vulnerability ManagementHow to Perform Continuous Vulnerability Management
How to Perform Continuous Vulnerability Management
 

Recently uploaded

Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 

Recently uploaded (20)

Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 

SynerComm's Tech TV series CIS Top 20 Critical Security Controls #1

  • 1. Tech TV Series COLLABORATE, INNOVATE, VALIDATE CIS Top 20 #1 Inventory of Authorized and Unauthorized Devices Lisa Niles – CISSP, Chief Solution Architect 1
  • 2. TECHTVSERIES COLLABORATE,INNOVATE,VALIDATE CIS Top 20 Critical Security Controls “Monitor, detect, analyze, protect, report, and respond against known vulnerabilities, known & unknown attacks, and exploitations” and “continuously test and evaluate information And the security controls and techniques to ensure that they are effectively implemented.” 2
  • 3. TECHTVSERIES COLLABORATE,INNOVATE,VALIDATE CIS Top 20 Critical Security Controls • The control areas in the CIS CSC focus on various technical aspects of information security • Primary goal of supporting organizations in prioritizing their efforts in defending against today’s most common and damaging attacks. • Outside of the technical realm, a comprehensive security program should also take into account: • Numerous additional areas of security, including overall policy, organizational structure, personnel issues (e.g., background checks, etc.), and physical security. • To help maintain focus, the controls in this document do not deal with these important, but non-technical, aspects of information security. • Organizations should build a comprehensive approach in these other aspects of security as well 3
  • 4. TECHTVSERIES COLLABORATE,INNOVATE,VALIDATE 4 CIS Top 20 Critical Security Controls • What is an IT security framework? • An information security framework is a series of documented processes that are used to define policies and procedures around the implementation and ongoing management of information security controls in an enterprise environment. • These frameworks are basically a "blueprint" for building an information security program to manage risk and reduce vulnerabilities. Information security teams can utilize these frameworks to define and prioritize the tasks required to build security into an organization. • NISTCybersecurity Framework, NIST guidelines, and the ISO 27000 series or regulations such as PCI DSS, HIPAA, NERC CIP, FISMA
  • 6. TECHTVSERIES COLLABORATE,INNOVATE,VALIDATE CIS Top 20 Critical Security Controls Understanding the CIS Critical Security Controls • In 2008, the Center for Internet Security’s Critical Security Controls (“CIS Controls”) were created • A collaboration between representatives from the U.S. government and private sector security & research organizations. • A set of practical defenses specifically targeted toward stopping cyber attacks • The CIS Controls were crafted to answer the frequent question: • “Where should I start when I want to improve my cyber defenses?” 6
  • 7. TECHTVSERIES COLLABORATE,INNOVATE,VALIDATE CIS Top 20 Critical Security Controls • The CIS CSC Relationship to Other Federal Guidelines, Recommendations, and Requirements • Once companies have addressed the 20 Critical Controls, it is recommended that NIST 800-53 guidelines be used to ensure that they have assessed and implemented an appropriate set of management controls • The CIS controls are meant to reinforce and prioritize some of the most important elements of other frameworks, guidelines, standards, and requirements put forth in other US Government documentation, such as NIST Special Publication 800-53: Recommended Security Controls for Federal Information Systems, SCAP, FDCC, FISMA, and Department of Homeland Security Software Assurance documents. 7
  • 8. TECHTVSERIES COLLABORATE,INNOVATE,VALIDATE CIS Top 20 Critical Security Controls Guiding principles used in devising these control areas and their associated sub controls include: • Defenses should focus on addressing the most common and damaging attacks • Enterprise environments must ensure consistent controls across an enterprise to effectively negate attacks. • Defenses should be automated where possible, and periodically or continuously measured using automated measurement techniques where feasible. 8
  • 9. TECHTVSERIES COLLABORATE,INNOVATE,VALIDATE •Getting Started: Ask and Answer Key Questions • What am I trying to protect? • Where are my gaps? • What are my priorities? • Where can I automate? • How can my vendor partners help? 9 CIS Top 20 Critical Security Controls
  • 10. TECHTVSERIES COLLABORATE,INNOVATE,VALIDATE CIS Top 20 Critical Security Controls • General Guidance for Implementing the Controls: • Carefully plan. • Organizational structure for program’s success. • Establish a “Governance, Risk, and Compliance (GRC)” program. • Assigning program managers 10
  • 11. TECHTVSERIES COLLABORATE,INNOVATE,VALIDATE CIS Top 20 Critical Security Controls • There are a few practical considerations an organization should make when embarking on this journey. Specifically, an organization should: • Make a formal, top-level decision to make the CIS Controls part of the organization’s standard • Senior management - support and accountability. • Assign a program manager • Who will be responsible for the long-term maintaining cyber defenses. • Start with a gap analysis • Develop an implementation plan • Document the long-term plan (3-5 years) • Embed the definitions of CIS Controls into organization’s security policies • Educate workforce on the organization’s security goals and enlist their help as a part of the long-term defense of the organization’s data. 11
  • 12. TECHTVSERIES COLLABORATE,INNOVATE,VALIDATE CIS Top 20 Critical Security Controls • Successful implementation of the Controls will require many organizations to shift their mindset on security and how they approach IT operations and defense. • No longer can employees be allowed to install software at random or travel with sensitive data in their pockets. • It has been established that the cultural acceptance of changes needed to implement the technical controls is a necessary prerequisite for success. • This is probably the most significant obstacle most organizations need to overcome. 12
  • 13. TECHTVSERIES COLLABORATE,INNOVATE,VALIDATE CIS Top 20 Critical Security Controls • The Controls are not limited to blocking the initial compromise of systems • Detecting already--‐compromised machines and preventing or disrupting attackers’ follow--‐on actions. • Reducing the initial attack surface by hardening device configurations, identifying compromised machines to address long--‐term threats inside an organization’s network, disrupting attackers’ command--‐and--‐control of implanted malicious code, and establishing an adaptive, continuous defense 13
  • 14. TECHTVSERIES COLLABORATE,INNOVATE,VALIDATE • The five critical tenets of an effective cyber defense system as reflected in the CIS Critical Security Controls are: • Offense informs defense • Prioritization • Metrics • Continuous diagnostics and mitigation • Automation 14 CIS Top 20 Critical Security Controls
  • 16. TECHTVSERIES COLLABORATE,INNOVATE,VALIDATE •How to Get Started •Step 1. Perform Initial GapAssessment. •Step 2. Develop an Implementation Roadmap •Step 3. Implement the First Phase of Controls •Step 4. Integrate Controls into Operations •Step 5. Report and Manage Progress against the Implementation Roadmap 16 CIS Top 20 Critical Security Controls
  • 17. TECHTVSERIES COLLABORATE,INNOVATE,VALIDATE • Control #1 • Inventory of Authorized and Unauthorized Devices • Key Principle Control: • Actively manage (inventory, track, and correct) all hardware devices on the network so that only authorized devices are given access, and unauthorized and unmanaged devices are found and prevented from gaining access. 17 CIS Top 20 Critical Security Controls
  • 18. TECHTVSERIES COLLABORATE,INNOVATE,VALIDATE • The purpose of this Control is to help organizations define a baseline of what must be defended. • Without an understanding of what devices and data are connected, they cannot be defended. 18 CIS Top 20 Critical Security Controls
  • 19. TECHTVSERIES COLLABORATE,INNOVATE,VALIDATE • Why is CIS Control 1 critical? • Attackers are continuously scanning the address space of target organizations, waiting for new and unprotected systems to be attached to the network. • Devices that are not visible from the Internet can be used by attackers who have already gained internal access and are hunting for internal jump points or victims. • Looking for new or test systems 19 CIS Top 20 Critical Security Controls
  • 20. TECHTVSERIES COLLABORATE,INNOVATE,VALIDATE 20 Family Control Control Description Foundational Advanced Critical Security Control #1: Inventory of Authorized and Unauthorized Devices System 1.1 Deploy an automated asset inventory discovery tool and use it to build a preliminary inventory of systems connected to an organization’s public and private network(s). Both active tools that scan through IPv4 or IPv6 network address ranges and passive tools that identify hosts based on analyzing their traffic should be employed. Y Use a mix of active and passive tools, and apply as part of a continuous monitoring program. System 1.2 If the organization is dynamically assigning addresses using DHCP, then deploy dynamic host configuration protocol (DHCP) server logging, and use this information to improve the asset inventory and help detect unknown systems. Y System 1.3 Ensure that all equipment acquisitions automatically update the inventory system as new, approved devices are connected to the network. Y System 1.4 Maintain an asset inventory of all systems connected to the network and the network devices themselves, recording at least the network addresses, machine name(s), purpose of each system, an asset owner responsible for each device, and the department associated with each device.The inventory should include every system that has an Internet protocol (IP) address on the network, including but not limited to desktops, laptops, servers, network equipment (routers, switches, firewalls, etc.), printers, storage area networks,Voice Over-IP telephones, multi-homed addresses, virtual addresses, etc. The asset inventory created must also include data on whether the device is a portable and/or personal device. Devices such as mobile phones, tablets, laptops, and other portable electronic devices that store or process data must be identified, regardless of whether they are attached to the organization’s network. Y System 1.5 Deploy network level authentication via 802.1x to limit and control which devices can be connected to the network. The 802.1x must be tied into the inventory data to determine authorized versus unauthorized systems. Y Authentication mechanisms are closely coupled to management of hardware inventory System 1.6 Use client certificates to validate and authenticate systems prior to connecting to the private network. Y CIS Top 20 Critical Security Controls
  • 21. TECHTVSERIES COLLABORATE,INNOVATE,VALIDATE • CSC 1 Procedures andTools • The Control requires both technical and procedural actions; • It is critical for all devices to have an accurate and up-to-date inventory control system in place (excel, database, manual or commercial automatic tool) with device details/owners • Securely pull device details (MAC) switch, routers, aps, DHCP, servers, span ports • Scanning tools (Active/passive) every 12 hours, ICMP sweep, fingerprinting • Standard device naming conventions can help so unrecognized device names stand out • Maturity goes from manual, automated, monitored and measured • Place new device on network monthly to test tools/procedures effectiveness 21 CIS Top 20 Critical Security Controls
  • 22. TECHTVSERIES COLLABORATE,INNOVATE,VALIDATE CIS Top 20 Critical Security Controls • CSC 1 Procedures andTools • Ensure that network inventory monitoring tools keeping the asset inventory up to date on a real-time basis • Looking for deviations from the expected inventory of assets on the network, and alerting security • Secure the asset inventory database with asset information is encrypted. • Limit access to these systems to authorized personnel only, and carefully log all such access. • For additional security, a secure copy of the asset inventory may be kept in an off-line system. 22
  • 23. TECHTVSERIES COLLABORATE,INNOVATE,VALIDATE CIS Top 20 Critical Security Controls • CSC 1 Procedures andTools • In addition to an inventory of hardware, organizations should develop an inventory of data/information assets and maps critical information to the hardware assets • A department and individual responsible for each data asset should be identified, recorded, and tracked. • To evaluate the effectiveness of automated asset inventory tools, periodically attach several hardened computer systems not already included in asset inventories to the network and measure the delay before each device connection is disabled or the installers confronted. • Advanced:The organization’s asset inventory should include removable media devices, including USB sticks, external hard drives, and other related information storage devices. 23
  • 26. TECHTVSERIES COLLABORATE,INNOVATE,VALIDATE CIS Top 20 Critical Security Controls 26 CSC 1.1 Requirement: Inventory of Authorized and Unauthorized devices CSC 1.1 Procedure: Asset Inventory The organization: 1. Departments will document and clearly define what authorized and unauthorized devices are in their respective areas. 1. Departments will update the Assets inventory reports and auditors of inventory devices. 1. Departments will spot check devices monthly to ensure that they are authorized Metrics: 1. The IT department will maintain a list of de-authorized devices 1. The IT department spot check each department every 6-months
  • 27. TECHTVSERIES COLLABORATE,INNOVATE,VALIDATE Sub-Control Description Control SecurityTechnology Controls 1 Inventory of Authorized and Unauthorized Devices Active Device Discovery System Tenable, Qualys, Infoblox NetMRI, ForeScout 2 Inventory of Authorized and Unauthorized Devices Passive Device Discovery System Tenable, Qualys, Infoblox NetMRI, ForeScout 3 Inventory of Authorized and Unauthorized Devices Log Management System / SIEM Log Rhythm, Splunk 4 Inventory of Authorized and Unauthorized Devices Asset Inventory System Tenable, Qualys, Infoblox NetMRI, ForeScout, Db, Excel 5 Inventory of Authorized and Unauthorized Devices Network Level Authentication (NLA) Tenable, Qualys, Infoblox NetMRI, ForeScout, Juniper 6 Inventory of Authorized and Unauthorized Devices Public Key Infrastruture (PKI) Microsoft 27 CIS Top 20 Critical Security Controls
  • 28. TECHTVSERIES COLLABORATE,INNOVATE,VALIDATE CIS Top 20 Critical Security Controls • Inventory of Authorized and Unauthorized Devices 1-1 - Deploy an automated asset inventory discovery tool FreeTools • Spiceworks - active scanning. • AlienVault OSSIM - Inventorying • OpenAudIT - All open source inventorying, and auditing platform • OpenNSM - Open Network Management System • Windows DHCP Server Audit EventTool -This tool can be used by Admins to view all the events generated by DHCP Server directly • Linux DHCP Server Config and Logging - CentOS DHCP Server 28
  • 29. TECHTVSERIES COLLABORATE,INNOVATE,VALIDATE CIS Top 20 Critical Security Controls • 1-5 - Deploy network level authentication via 802.1x to limit and control which devices can be connected to the network.The 802.1x must be tied into the inventory data to determine authorized versus unauthorized systems. FreeTools • Windows NPS Server Role - Just beware that NAP is deprecated inWindows 10 so you will need a 2rd party NAP client. • FreeRADIUS & 802.1x - How to setup 802.1x with FreeRADIUS. • SANS guide to deploy 802.1x • Group Policy forWireless 802.1x - Group Policy forWired 802.1x • 802.1x standard on most switches Enterprise tools • Cisco ISE 29
  • 30. TECHTVSERIES COLLABORATE,INNOVATE,VALIDATE CIS Top 20 Critical Security Controls • 1-6 - Deploy network access control (NAC) to monitor authorized systems so if attacks occur, the impact can be remediated by moving the untrusted system to a virtual local area network that has minimal access. FreeTools • PacketFence - Flagship of open source Network Access Control (NAC). • OpenNAC - Open source Network access control that provide secure access for LAN/WAN. CommercialTools • Forescout - Offers health checks before authenticating supplicants to your network. For wired and wireless networks. • Microsoft SCCM - NAC with health checks is but one small piece of the SCCM 30
  • 32. TECHTVSERIES COLLABORATE,INNOVATE,VALIDATE CIS Top 20 Critical Security Controls CIS Critical Security Controls # Customer solution? Budgeted 2018? Reviewed solutions? SynerComm Solutions 1 Inventory of Authorized and Unauthorized Devices Tenable, Qualys, Infoblox, Forescout 2 Inventory of Authorized and Unauthorized Software Tenable, Qualys, Infoblox, Carbonblack 3 Secure Configuration of end-user devices Tenable, Rapid7 4 Continious Vulnerability & remediation Qualys, Tenable, Rapid7 5 Controlled Use of Administrative priviledges Centrify, CyberArk, BeyondTrust, Okta 6 Maintenance, Monitoring and Analysis of Audit Logs SolarWinds, Log Rhythum 7 Email and Web Browser Protection Barracuda, Proofpoint, zScaler, Fireeye (Web - Palo, Checkpoint, Forcepoint) 8 Malware Defense Bitdefender, carbonblack, PaloAlto TRAPS, Sophos, TrendMicro 9 Limitation & Control of network Ports, protocols, and Service PaloAlto, Juniper, Checkpoint, Fortinet 10 Data Recovery Capability Barracuda 11 Secure Configuration of Network Devices SynerComm Config Assurance, A&A, Firemon, RedSeal, Tenable, Rapid7 12 Boundry Defense PaloAlto, Juniper, Checkpoint, Fortinet 13 Data Protection Rapid7, tenable, Imperva, Infoblox, PaloAlto 14 Controlled Access Based on Need to Know Centrify , OKTA 15 Wireless Access Control Aerohive with 802.1x & WIPS/FW 16 Account Monitoring and Control Centrify, Beyond Trust, OKTA, 17 Security Skills Assessment and Appropriate Training A&A training 18 Application Software Security Rapid7, Splunk 19 Incident Response and Management Rapid7, redseal, A&A 20 Penetration Tests and Red Team Exercises A&A 32
  • 33. TECHTVSERIES COLLABORATE,INNOVATE,VALIDATE CIS Top 20 Critical Security Controls 33 • Center for Internet Security (CIS): https://www.cisecurity.org/ • NIST Cyber Security Framework (CSF): http://www.nist.gov/cyberframework/ • CIS Critical Security Controls (CSC): https://www.cisecurity.org/critical-controls.cfm • Auditscripts resources (provided by James Tarala, CSC Editor): https://www.auditscripts.com/free-resources/critical-security- controls/ • CSF planning spreadsheet: http://www.tenable.com/whitepapers/nist- csf-implementation-planning-tool
  • 36. TECHTVSERIES COLLABORATE,INNOVATE,VALIDATE Thank you for Attending. Hope you can join us for the Complete CIS Top 20 CSC 36 CIS Top 20 Critical Security Controls