SlideShare a Scribd company logo

You will be breached

Mike Saunders
Mike Saunders

Your organization will be breached. It's a matter of when, not if. How you respond may be the difference between recovering and closing your doors. This talk is designed to help small businesses or businesses with small IT organizations to develop a viable incident response program. Presented at the 2013 ND IT Symposium on 5/1/2013.

Technology
1 of 35
Download to read offline
Are you prepared? What is your response plan? Mike Saunders – CISSP, GCIH, GPEN
Agenda  Definition of a breach  Background statistics on breaches  What a breach may look like  Preparing your response plan  Putting your plan into action  Links to resources
Key Assumptions  Small to medium-sized business (SMB)  25 – 500 employees  Few IT resources, few or none dedicated to IT security
What Is a Breach?  Breach means an intrusion into a computer system, i.e. hacking or exposure of sensitive data  Causes of a breach:  crimes of opportunity  targeted attacks  viruses  web-delivered malware  malicious insiders  unintentional disclosures
Breach Statistics  55% of SMBs surveyed were breached in the last year, 53% more than once – Ponemon Institute  Verizon 2012 DBIR found 71.5% of incidents studied were in organizations of less than 100 employees  Up from 63% in 2011  2011 Symantec ISTR found 28% of targeted attacks were against companies with less than 500 employees
Costs of a Breach  Average cost of reported breach: $5.5 million  Average cost per stolen record: $194  Symantec ISTR  Fines  Possible jail terms under HIPAA  Loss of customer and business partner confidence
How Do I Know I’ve Been Breached? www.digitaltrends.com
Overt  Defaced website
Defaced Websites bundlr.com
Defaced Websites sunbeltblog.blogspot.com
Defaced Websites news.cnet.com
Overt  Defaced website  Unauthorized bank transfers
Unauthorized wire transfer krebsonsecurity.com
Compromised PayPal Account yadiwibowo30.blogspot.com
Overt  Defaced website  Unauthorized bank transfers  Destruction of data  Data held hostage – “ransomware”
Image of Ransomware arstechnica.com
Overt  Defaced website  Unauthorized bank transfers  Destruction of data  Data held hostage – “ransomware”  Notification from outside entity
Covert  System slowness  Abnormal log entries  Strange notifications when visiting a website  Helpdesk may notice a pattern
Malicious Java Applet www.cso.com.au
Fake AntiVirus Notification blog.unmaskparasites.com
No obvious indicators  There may not be an obvious indicator of a breach  Detect through well-developed security intelligence program  66% of breaches went undiscovered for several months or longer  Verizon 2013 DBIR
Benefits of Adequate Preparation  Economic  Stop ongoing loss of data or business interruption  Reduce time to resolution after incident is discovered  Public Relations  PR plan helps reassure customers to prevent loss of confidence  Legal  Demonstrates due diligence
Preparation: Getting Started  Get management support!  Define your incident handling team members  Not just IT! IT, Security, Legal, HR, PR, Management, external IT vendor  Designate an incident leader. This person needs to be calm under fire
Preparation: Basics  Policies  Strong policies help enforce compliance and define roles and responsibilities  Incident Handling policies provide legal authority to investigate, “sniff” network traffic, monitor activities  Procedures  Clear, thorough, tested procedures help reduce confusion when tensions are high  Checklists  Notification procedures – legal, PR, law enforcement
Preparation: Communications  Define a communications plan  Email and phone may be down or compromised; make sure you have cell numbers  Identify alternate contacts  Don’t forget to include IT vendor, network provider, etc.  Test your calling tree at least annually  Keep paper copies and keep them up to date
Preparation: Testing and Practice  Perform incident handling tabletop exercises  When problems are identified, be sure to update procedures
Execution  Document all steps in a notebook  Helps to have one person working, another keeping notes  Measure twice, cut once… First, do no harm…  In other words, don’t be too hasty  Step back to see the forest for the trees
Mistakes Happen  Success does not consist in never making mistakes, but in never making the same one a second time. – George Bernard Shaw
Lessons Learned  Be sure to hold a lessons learned session after breach  Hold within two weeks  Identify what failed and why  Implement fixes and update documentation
Resources  Local law enforcement, including FBI  Professional Security Organizations  ISSA  https://sites.google.com/site/northdakotaissa/  InfraGard  http://infragard-nd.org  SANS Reading Room  http://www.sans.org/reading_room/  SANS Incident Handling Forms  http://www.sans.org/score/incidentforms/
Summary  All sizes of organizations are being attacked  Vast majority of attacks are from outsiders – 92%  Verizon 2013 DBIR  Hacking constitutes the majority of attacks – 52%  Verizon 2013 DBIR  Incident response plans are key to recovery and limiting liability  There is a vast array of resources available to help you build your plan
Resources  An Incident Handling Process for Small and Medium Businesses  http://www.sans.org/reading_room/whitepapers/incident/incident- handling-process-small-medium-businesses_1791  Creating a Computer Security Incident Response Team (CSIRT)  http://www.cert.org/csirts/Creating-A-CSIRT.html  NIST SP800-61 Rev. 2: Computer Security Incident Handling Guide  http://crsc.nist.gov/publications/nistpubs/800-61rev2/SP800- 61rev2.pdf  Corporate Incident Response – Why You Can’t Afford to Ignore It  http://www.mcafee.com/us/resources/white-papers/foundstone/wp- corp-incident-response.pdf
References  Ponemon Institute Survey for Hartford Steam Boiler  http://www.hsbwhistlestop.com/agents/express/2013/02/hsbSurvey.ph p  Verizon 2013 Data Breach Investigations Report  http://www.verizonenterprise.com/DBIR/2013/  Verizon 2012 Data Breach Investigations Report  http://www.verizonenterprise.com/resources/reports/rp_data-breach- investigations-report-2012_en_xg.pdf  Symantec 2011 Internet Security Threat Report  http://www.symantec.com/content/en/us/enterprise/other_resources/ b-istr_main_report_2011_21239364.en-us.pdf
Contact Me  msaunders.sec@gmail.com  @hardwaterhacker  http://hardwatersec.blogspot.com/
Questions?

Recommended

Craft Your Cyber Incident Response Plan (Before It's Too Late)
Craft Your Cyber Incident Response Plan (Before It's Too Late)Craft Your Cyber Incident Response Plan (Before It's Too Late)
Craft Your Cyber Incident Response Plan (Before It's Too Late)Resilient Systems
 
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial InstitutionsCybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
Shawn Tuma
 
SFScon 21 - Matteo Falsetti - Cybersecurity Management in the Supply Chain
SFScon 21 - Matteo Falsetti - Cybersecurity Management in the Supply ChainSFScon 21 - Matteo Falsetti - Cybersecurity Management in the Supply Chain
SFScon 21 - Matteo Falsetti - Cybersecurity Management in the Supply Chain
South Tyrol Free Software Conference
 
You Will Be Breached
You Will Be BreachedYou Will Be Breached
You Will Be Breached
Mike Saunders
 
Data Driven Risk Assessment
Data Driven Risk AssessmentData Driven Risk Assessment
Data Driven Risk Assessment
Resolver Inc.
 
Window of Compromise
Window of CompromiseWindow of Compromise
Window of Compromise
SecurityMetrics
 
FireEye Cyber Defense Summit 2016 Now What - Before & After The Breach
FireEye Cyber Defense Summit 2016 Now What - Before & After The BreachFireEye Cyber Defense Summit 2016 Now What - Before & After The Breach
FireEye Cyber Defense Summit 2016 Now What - Before & After The Breach
FireEye, Inc.
 
Making Threat Modeling Useful To Software Development
Making Threat Modeling Useful To Software DevelopmentMaking Threat Modeling Useful To Software Development
Making Threat Modeling Useful To Software DevelopmentConSanFrancisco123
 

Recommended

Craft Your Cyber Incident Response Plan (Before It's Too Late)
Craft Your Cyber Incident Response Plan (Before It's Too Late)Craft Your Cyber Incident Response Plan (Before It's Too Late)
Craft Your Cyber Incident Response Plan (Before It's Too Late)Resilient Systems
 
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial InstitutionsCybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
Shawn Tuma
 
SFScon 21 - Matteo Falsetti - Cybersecurity Management in the Supply Chain
SFScon 21 - Matteo Falsetti - Cybersecurity Management in the Supply ChainSFScon 21 - Matteo Falsetti - Cybersecurity Management in the Supply Chain
SFScon 21 - Matteo Falsetti - Cybersecurity Management in the Supply Chain
South Tyrol Free Software Conference
 
You Will Be Breached
You Will Be BreachedYou Will Be Breached
You Will Be Breached
Mike Saunders
 
Data Driven Risk Assessment
Data Driven Risk AssessmentData Driven Risk Assessment
Data Driven Risk Assessment
Resolver Inc.
 
Window of Compromise
Window of CompromiseWindow of Compromise
Window of Compromise
SecurityMetrics
 
FireEye Cyber Defense Summit 2016 Now What - Before & After The Breach
FireEye Cyber Defense Summit 2016 Now What - Before & After The BreachFireEye Cyber Defense Summit 2016 Now What - Before & After The Breach
FireEye Cyber Defense Summit 2016 Now What - Before & After The Breach
FireEye, Inc.
 
Making Threat Modeling Useful To Software Development
Making Threat Modeling Useful To Software DevelopmentMaking Threat Modeling Useful To Software Development
Making Threat Modeling Useful To Software DevelopmentConSanFrancisco123
 
Bob West - Educating the Board of Directors
Bob West - Educating the Board of DirectorsBob West - Educating the Board of Directors
Bob West - Educating the Board of Directors
centralohioissa
 
Cyber security do your part be the resistance
Cyber security do your part be the resistanceCyber security do your part be the resistance
Cyber security do your part be the resistance
Paul-Charife Allen
 
Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...
Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...
Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...
Shawn Tuma
 
Tripwire Energy Working Group Session w/Dale Peterson
Tripwire Energy Working Group Session w/Dale PetersonTripwire Energy Working Group Session w/Dale Peterson
Tripwire Energy Working Group Session w/Dale Peterson
Tripwire
 
How to Establish a Cyber Security Readiness Program
How to Establish a Cyber Security Readiness ProgramHow to Establish a Cyber Security Readiness Program
How to Establish a Cyber Security Readiness Program
Matt Moneypenny
 
Unintentional Insider Threat featuring Dr. Eric Cole
Unintentional Insider Threat featuring Dr. Eric ColeUnintentional Insider Threat featuring Dr. Eric Cole
Unintentional Insider Threat featuring Dr. Eric Cole
David Mai, MBA
 
Security Program Guidance and Establishing a Culture of Security
Security Program Guidance and Establishing a Culture of SecuritySecurity Program Guidance and Establishing a Culture of Security
Security Program Guidance and Establishing a Culture of Security
Doug Copley
 
Not-For-Profit Cybersecurity and Privacy Disrupters During COVID-19
Not-For-Profit Cybersecurity and Privacy Disrupters During COVID-19Not-For-Profit Cybersecurity and Privacy Disrupters During COVID-19
Not-For-Profit Cybersecurity and Privacy Disrupters During COVID-19
Citrin Cooperman
 
How To Handle Cybersecurity Risk PowerPoint Presentation Slides
How To Handle Cybersecurity Risk PowerPoint Presentation SlidesHow To Handle Cybersecurity Risk PowerPoint Presentation Slides
How To Handle Cybersecurity Risk PowerPoint Presentation Slides
SlideTeam
 
Incident Response: How To Prepare
Incident Response: How To PrepareIncident Response: How To Prepare
Incident Response: How To Prepare
Resilient Systems
 
Building Human Intelligence – Pun Intended
Building Human Intelligence – Pun IntendedBuilding Human Intelligence – Pun Intended
Building Human Intelligence – Pun Intended
EnergySec
 
What CIOs Need To Tell Their Boards About Cyber Security
What CIOs Need To Tell Their Boards About Cyber SecurityWhat CIOs Need To Tell Their Boards About Cyber Security
What CIOs Need To Tell Their Boards About Cyber Security
Karyl Scott
 
Tech Demo: Take the Ransom Out of Ransomware
Tech Demo: Take the Ransom Out of RansomwareTech Demo: Take the Ransom Out of Ransomware
Tech Demo: Take the Ransom Out of Ransomware
marketingunitrends
 
Your cyber security webinar
Your cyber security webinarYour cyber security webinar
Your cyber security webinar
Intergen
 
Proactive incident response
Proactive incident responseProactive incident response
Proactive incident response
Brian Honan
 
Cylance Ransomware-Remediation & Prevention Consulting Data-sheet
Cylance Ransomware-Remediation & Prevention Consulting Data-sheetCylance Ransomware-Remediation & Prevention Consulting Data-sheet
Cylance Ransomware-Remediation & Prevention Consulting Data-sheet
Innovation Network Technologies: InNet
 
The insider versus external threat
The insider versus external threatThe insider versus external threat
The insider versus external threat
zhihaochen
 
Ponemon Report: Cyber Security Incident Response: Are we as prepared as we th...
Ponemon Report: Cyber Security Incident Response: Are we as prepared as we th...Ponemon Report: Cyber Security Incident Response: Are we as prepared as we th...
Ponemon Report: Cyber Security Incident Response: Are we as prepared as we th...
Lancope, Inc.
 
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...
Citrin Cooperman
 
Mitigating Risk from Cyber Security Attacks
Mitigating Risk from Cyber Security AttacksMitigating Risk from Cyber Security Attacks
Mitigating Risk from Cyber Security AttacksTripwire
 
SDR101-presentation-distro
SDR101-presentation-distroSDR101-presentation-distro
SDR101-presentation-distroMike Saunders
 
SDR 101 - NDSU CyberSecurity 2017
SDR 101 - NDSU CyberSecurity 2017SDR 101 - NDSU CyberSecurity 2017
SDR 101 - NDSU CyberSecurity 2017
Mike Saunders
 

More Related Content

What's hot

Bob West - Educating the Board of Directors
Bob West - Educating the Board of DirectorsBob West - Educating the Board of Directors
Bob West - Educating the Board of Directors
centralohioissa
 
Cyber security do your part be the resistance
Cyber security do your part be the resistanceCyber security do your part be the resistance
Cyber security do your part be the resistance
Paul-Charife Allen
 
Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...
Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...
Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...
Shawn Tuma
 
Tripwire Energy Working Group Session w/Dale Peterson
Tripwire Energy Working Group Session w/Dale PetersonTripwire Energy Working Group Session w/Dale Peterson
Tripwire Energy Working Group Session w/Dale Peterson
Tripwire
 
How to Establish a Cyber Security Readiness Program
How to Establish a Cyber Security Readiness ProgramHow to Establish a Cyber Security Readiness Program
How to Establish a Cyber Security Readiness Program
Matt Moneypenny
 
Unintentional Insider Threat featuring Dr. Eric Cole
Unintentional Insider Threat featuring Dr. Eric ColeUnintentional Insider Threat featuring Dr. Eric Cole
Unintentional Insider Threat featuring Dr. Eric Cole
David Mai, MBA
 
Security Program Guidance and Establishing a Culture of Security
Security Program Guidance and Establishing a Culture of SecuritySecurity Program Guidance and Establishing a Culture of Security
Security Program Guidance and Establishing a Culture of Security
Doug Copley
 
Not-For-Profit Cybersecurity and Privacy Disrupters During COVID-19
Not-For-Profit Cybersecurity and Privacy Disrupters During COVID-19Not-For-Profit Cybersecurity and Privacy Disrupters During COVID-19
Not-For-Profit Cybersecurity and Privacy Disrupters During COVID-19
Citrin Cooperman
 
How To Handle Cybersecurity Risk PowerPoint Presentation Slides
How To Handle Cybersecurity Risk PowerPoint Presentation SlidesHow To Handle Cybersecurity Risk PowerPoint Presentation Slides
How To Handle Cybersecurity Risk PowerPoint Presentation Slides
SlideTeam
 
Incident Response: How To Prepare
Incident Response: How To PrepareIncident Response: How To Prepare
Incident Response: How To Prepare
Resilient Systems
 
Building Human Intelligence – Pun Intended
Building Human Intelligence – Pun IntendedBuilding Human Intelligence – Pun Intended
Building Human Intelligence – Pun Intended
EnergySec
 
What CIOs Need To Tell Their Boards About Cyber Security
What CIOs Need To Tell Their Boards About Cyber SecurityWhat CIOs Need To Tell Their Boards About Cyber Security
What CIOs Need To Tell Their Boards About Cyber Security
Karyl Scott
 
Tech Demo: Take the Ransom Out of Ransomware
Tech Demo: Take the Ransom Out of RansomwareTech Demo: Take the Ransom Out of Ransomware
Tech Demo: Take the Ransom Out of Ransomware
marketingunitrends
 
Your cyber security webinar
Your cyber security webinarYour cyber security webinar
Your cyber security webinar
Intergen
 
Proactive incident response
Proactive incident responseProactive incident response
Proactive incident response
Brian Honan
 
Cylance Ransomware-Remediation & Prevention Consulting Data-sheet
Cylance Ransomware-Remediation & Prevention Consulting Data-sheetCylance Ransomware-Remediation & Prevention Consulting Data-sheet
Cylance Ransomware-Remediation & Prevention Consulting Data-sheet
Innovation Network Technologies: InNet
 
The insider versus external threat
The insider versus external threatThe insider versus external threat
The insider versus external threat
zhihaochen
 
Ponemon Report: Cyber Security Incident Response: Are we as prepared as we th...
Ponemon Report: Cyber Security Incident Response: Are we as prepared as we th...Ponemon Report: Cyber Security Incident Response: Are we as prepared as we th...
Ponemon Report: Cyber Security Incident Response: Are we as prepared as we th...
Lancope, Inc.
 
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...
Citrin Cooperman
 
Mitigating Risk from Cyber Security Attacks
Mitigating Risk from Cyber Security AttacksMitigating Risk from Cyber Security Attacks
Mitigating Risk from Cyber Security AttacksTripwire
 

What's hot (20)

Bob West - Educating the Board of Directors
Bob West - Educating the Board of DirectorsBob West - Educating the Board of Directors
Bob West - Educating the Board of Directors
 
Cyber security do your part be the resistance
Cyber security do your part be the resistanceCyber security do your part be the resistance
Cyber security do your part be the resistance
 
Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...
Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...
Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...
 
Tripwire Energy Working Group Session w/Dale Peterson
Tripwire Energy Working Group Session w/Dale PetersonTripwire Energy Working Group Session w/Dale Peterson
Tripwire Energy Working Group Session w/Dale Peterson
 
How to Establish a Cyber Security Readiness Program
How to Establish a Cyber Security Readiness ProgramHow to Establish a Cyber Security Readiness Program
How to Establish a Cyber Security Readiness Program
 
Unintentional Insider Threat featuring Dr. Eric Cole
Unintentional Insider Threat featuring Dr. Eric ColeUnintentional Insider Threat featuring Dr. Eric Cole
Unintentional Insider Threat featuring Dr. Eric Cole
 
Security Program Guidance and Establishing a Culture of Security
Security Program Guidance and Establishing a Culture of SecuritySecurity Program Guidance and Establishing a Culture of Security
Security Program Guidance and Establishing a Culture of Security
 
Not-For-Profit Cybersecurity and Privacy Disrupters During COVID-19
Not-For-Profit Cybersecurity and Privacy Disrupters During COVID-19Not-For-Profit Cybersecurity and Privacy Disrupters During COVID-19
Not-For-Profit Cybersecurity and Privacy Disrupters During COVID-19
 
How To Handle Cybersecurity Risk PowerPoint Presentation Slides
How To Handle Cybersecurity Risk PowerPoint Presentation SlidesHow To Handle Cybersecurity Risk PowerPoint Presentation Slides
How To Handle Cybersecurity Risk PowerPoint Presentation Slides
 
Incident Response: How To Prepare
Incident Response: How To PrepareIncident Response: How To Prepare
Incident Response: How To Prepare
 
Building Human Intelligence – Pun Intended
Building Human Intelligence – Pun IntendedBuilding Human Intelligence – Pun Intended
Building Human Intelligence – Pun Intended
 
What CIOs Need To Tell Their Boards About Cyber Security
What CIOs Need To Tell Their Boards About Cyber SecurityWhat CIOs Need To Tell Their Boards About Cyber Security
What CIOs Need To Tell Their Boards About Cyber Security
 
Tech Demo: Take the Ransom Out of Ransomware
Tech Demo: Take the Ransom Out of RansomwareTech Demo: Take the Ransom Out of Ransomware
Tech Demo: Take the Ransom Out of Ransomware
 
Your cyber security webinar
Your cyber security webinarYour cyber security webinar
Your cyber security webinar
 
Proactive incident response
Proactive incident responseProactive incident response
Proactive incident response
 
Cylance Ransomware-Remediation & Prevention Consulting Data-sheet
Cylance Ransomware-Remediation & Prevention Consulting Data-sheetCylance Ransomware-Remediation & Prevention Consulting Data-sheet
Cylance Ransomware-Remediation & Prevention Consulting Data-sheet
 
The insider versus external threat
The insider versus external threatThe insider versus external threat
The insider versus external threat
 
Ponemon Report: Cyber Security Incident Response: Are we as prepared as we th...
Ponemon Report: Cyber Security Incident Response: Are we as prepared as we th...Ponemon Report: Cyber Security Incident Response: Are we as prepared as we th...
Ponemon Report: Cyber Security Incident Response: Are we as prepared as we th...
 
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...
 
Mitigating Risk from Cyber Security Attacks
Mitigating Risk from Cyber Security AttacksMitigating Risk from Cyber Security Attacks
Mitigating Risk from Cyber Security Attacks
 

Viewers also liked

SDR101-presentation-distro
SDR101-presentation-distroSDR101-presentation-distro
SDR101-presentation-distroMike Saunders
 
SDR 101 - NDSU CyberSecurity 2017
SDR 101 - NDSU CyberSecurity 2017SDR 101 - NDSU CyberSecurity 2017
SDR 101 - NDSU CyberSecurity 2017
Mike Saunders
 
Effect of cold rolling on low cycle fatigue behavior
Effect of cold rolling on low cycle fatigue behaviorEffect of cold rolling on low cycle fatigue behavior
Effect of cold rolling on low cycle fatigue behavior
eSAT Publishing House
 
present perfect orf "is/are"
present perfect orf "is/are"present perfect orf "is/are"
present perfect orf "is/are"
Deyvi Noe Salguero Galdamez
 
June 1 2015 'prescription for life'
June 1 2015 'prescription for life'June 1 2015 'prescription for life'
June 1 2015 'prescription for life'
Gary Thompson
 
Local Food Presentation
Local Food PresentationLocal Food Presentation
Local Food Presentation
aris rizal arafah
 
Learners’ needs, proposals and necessary features for a LMS.
Learners’ needs, proposals and necessary features for a LMS.Learners’ needs, proposals and necessary features for a LMS.
Learners’ needs, proposals and necessary features for a LMS.
Grundtvig Multilateral Project Quality in Blended Learning
 
Glossary
GlossaryGlossary
Glossary
14150892
 
Fatih Kalaycı
Fatih KalaycıFatih Kalaycı
Fatih Kalaycı
Fatih Kalaycı
 
technology and us
technology and ustechnology and us
technology and us
jerrilynhernandez
 
Jooq java object oriented querying
Jooq java object oriented queryingJooq java object oriented querying
Jooq java object oriented querying
eSAT Publishing House
 
Speakers of ISIDD 2016
Speakers of ISIDD 2016Speakers of ISIDD 2016
Speakers of ISIDD 2016
Bishwjit Ghoshal
 
Simeon world-2100
Simeon world-2100Simeon world-2100
Simeon world-2100
simeonprasanth
 
Chương 5
Chương 5Chương 5
Chương 5
Nguyễn Thái
 
Research regarding calculation of the tensile forces
Research regarding calculation of the tensile forcesResearch regarding calculation of the tensile forces
Research regarding calculation of the tensile forces
eSAT Publishing House
 
Sofware libre guardar melll
Sofware libre guardar melllSofware libre guardar melll
Sofware libre guardar melll
Maria Lugo Lozano
 
Worksheets
WorksheetsWorksheets
Worksheets
Abel Sports Management
 
Designing and installation of low cost optimized wind monitoring system
Designing and installation of low cost optimized wind monitoring systemDesigning and installation of low cost optimized wind monitoring system
Designing and installation of low cost optimized wind monitoring system
eSAT Publishing House
 
Citizen journalism-Maapsi
Citizen journalism-MaapsiCitizen journalism-Maapsi
Citizen journalism-MaapsiSumit Banik
 

Viewers also liked (20)

SDR101-presentation-distro
SDR101-presentation-distroSDR101-presentation-distro
SDR101-presentation-distro
 
SDR 101 - NDSU CyberSecurity 2017
SDR 101 - NDSU CyberSecurity 2017SDR 101 - NDSU CyberSecurity 2017
SDR 101 - NDSU CyberSecurity 2017
 
La constituccion informatica 2
La constituccion informatica 2La constituccion informatica 2
La constituccion informatica 2
 
Effect of cold rolling on low cycle fatigue behavior
Effect of cold rolling on low cycle fatigue behaviorEffect of cold rolling on low cycle fatigue behavior
Effect of cold rolling on low cycle fatigue behavior
 
present perfect orf "is/are"
present perfect orf "is/are"present perfect orf "is/are"
present perfect orf "is/are"
 
June 1 2015 'prescription for life'
June 1 2015 'prescription for life'June 1 2015 'prescription for life'
June 1 2015 'prescription for life'
 
Local Food Presentation
Local Food PresentationLocal Food Presentation
Local Food Presentation
 
Learners’ needs, proposals and necessary features for a LMS.
Learners’ needs, proposals and necessary features for a LMS.Learners’ needs, proposals and necessary features for a LMS.
Learners’ needs, proposals and necessary features for a LMS.
 
Glossary
GlossaryGlossary
Glossary
 
Fatih Kalaycı
Fatih KalaycıFatih Kalaycı
Fatih Kalaycı
 
technology and us
technology and ustechnology and us
technology and us
 
Jooq java object oriented querying
Jooq java object oriented queryingJooq java object oriented querying
Jooq java object oriented querying
 
Speakers of ISIDD 2016
Speakers of ISIDD 2016Speakers of ISIDD 2016
Speakers of ISIDD 2016
 
Simeon world-2100
Simeon world-2100Simeon world-2100
Simeon world-2100
 
Chương 5
Chương 5Chương 5
Chương 5
 
Research regarding calculation of the tensile forces
Research regarding calculation of the tensile forcesResearch regarding calculation of the tensile forces
Research regarding calculation of the tensile forces
 
Sofware libre guardar melll
Sofware libre guardar melllSofware libre guardar melll
Sofware libre guardar melll
 
Worksheets
WorksheetsWorksheets
Worksheets
 
Designing and installation of low cost optimized wind monitoring system
Designing and installation of low cost optimized wind monitoring systemDesigning and installation of low cost optimized wind monitoring system
Designing and installation of low cost optimized wind monitoring system
 
Citizen journalism-Maapsi
Citizen journalism-MaapsiCitizen journalism-Maapsi
Citizen journalism-Maapsi
 

Similar to You will be breached

Safeguarding Your Business: Understanding, Preventing, and Responding to Data...
Safeguarding Your Business: Understanding, Preventing, and Responding to Data...Safeguarding Your Business: Understanding, Preventing, and Responding to Data...
Safeguarding Your Business: Understanding, Preventing, and Responding to Data...
cyberprosocial
 
Cyber Security for the Small Business Experience
Cyber Security for the Small Business ExperienceCyber Security for the Small Business Experience
Cyber Security for the Small Business Experience
National Retail Federation
 
Before the Breach: Using threat intelligence to stop attackers in their tracks
Before the Breach: Using threat intelligence to stop attackers in their tracksBefore the Breach: Using threat intelligence to stop attackers in their tracks
Before the Breach: Using threat intelligence to stop attackers in their tracks
- Mark - Fullbright
 
Netwealth educational webinar: Peace of mind in a digital world
Netwealth educational webinar: Peace of mind in a digital worldNetwealth educational webinar: Peace of mind in a digital world
Netwealth educational webinar: Peace of mind in a digital world
netwealthInvest
 
Cybersecurity risk assessments help organizations identify.pdf
Cybersecurity risk assessments help organizations identify.pdfCybersecurity risk assessments help organizations identify.pdf
Cybersecurity risk assessments help organizations identify.pdf
TheWalkerGroup1
 
Insider Threats_ Top Four Ways to Protect Enterprises - ITSecurityWire.pdf
Insider Threats_ Top Four Ways to Protect Enterprises - ITSecurityWire.pdfInsider Threats_ Top Four Ways to Protect Enterprises - ITSecurityWire.pdf
Insider Threats_ Top Four Ways to Protect Enterprises - ITSecurityWire.pdf
Enterprise Insider
 
Convergence innovative integration of security
Convergence innovative integration of securityConvergence innovative integration of security
Convergence innovative integration of securityciso_insights
 
Foley-Cybersecurity-White-Paper_3.9.15
Foley-Cybersecurity-White-Paper_3.9.15Foley-Cybersecurity-White-Paper_3.9.15
Foley-Cybersecurity-White-Paper_3.9.15James Fisher
 
The Ultimate Guide to Protecting Your Business from Cyber Attacks by Greg Pie...
The Ultimate Guide to Protecting Your Business from Cyber Attacks by Greg Pie...The Ultimate Guide to Protecting Your Business from Cyber Attacks by Greg Pie...
The Ultimate Guide to Protecting Your Business from Cyber Attacks by Greg Pie...
Greg Pierson
 
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdfFor Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
JustinBrown267905
 
The Small Business Cyber Security Best Practice Guide
The Small Business Cyber Security Best Practice GuideThe Small Business Cyber Security Best Practice Guide
The Small Business Cyber Security Best Practice Guide
Inspiring Women
 
Gp2 Public Policy Assign8 644 Sp10
Gp2 Public Policy Assign8 644 Sp10Gp2 Public Policy Assign8 644 Sp10
Gp2 Public Policy Assign8 644 Sp10Deepa Devadas
 
Enterprise security management II
Enterprise security management IIEnterprise security management II
Enterprise security management II
zapp0
 
The Top Cybersecurity Threats Frightening Small Businesses Today
The Top Cybersecurity Threats Frightening Small Businesses TodayThe Top Cybersecurity Threats Frightening Small Businesses Today
The Top Cybersecurity Threats Frightening Small Businesses Today
PC Doctors NET
 
Copy of The Ongoing Threat of Ransomware on Small to Medium-Si
Copy of The Ongoing Threat of Ransomware on Small to Medium-SiCopy of The Ongoing Threat of Ransomware on Small to Medium-Si
Copy of The Ongoing Threat of Ransomware on Small to Medium-Si
AlleneMcclendon878
 
Aon Ransomware Response and Mitigation Strategies
Aon Ransomware Response and Mitigation StrategiesAon Ransomware Response and Mitigation Strategies
Aon Ransomware Response and Mitigation Strategies
CSNP
 
To Be Great Enterprise Risk Managers, CISOs Need to Be Great Collaborators
To Be Great Enterprise Risk Managers, CISOs Need to Be Great CollaboratorsTo Be Great Enterprise Risk Managers, CISOs Need to Be Great Collaborators
To Be Great Enterprise Risk Managers, CISOs Need to Be Great Collaborators
Elizabeth Dimit
 
DeltaV Security - Don’t Let Your Business Be Caught Without It
DeltaV Security - Don’t Let Your Business Be Caught Without ItDeltaV Security - Don’t Let Your Business Be Caught Without It
DeltaV Security - Don’t Let Your Business Be Caught Without It
Emerson Exchange
 

Similar to You will be breached (20)

YBB-NW-distribution
YBB-NW-distributionYBB-NW-distribution
YBB-NW-distribution
 
Safeguarding Your Business: Understanding, Preventing, and Responding to Data...
Safeguarding Your Business: Understanding, Preventing, and Responding to Data...Safeguarding Your Business: Understanding, Preventing, and Responding to Data...
Safeguarding Your Business: Understanding, Preventing, and Responding to Data...
 
Cyber Security for the Small Business Experience
Cyber Security for the Small Business ExperienceCyber Security for the Small Business Experience
Cyber Security for the Small Business Experience
 
Before the Breach: Using threat intelligence to stop attackers in their tracks
Before the Breach: Using threat intelligence to stop attackers in their tracksBefore the Breach: Using threat intelligence to stop attackers in their tracks
Before the Breach: Using threat intelligence to stop attackers in their tracks
 
BEA Presentation
BEA PresentationBEA Presentation
BEA Presentation
 
Netwealth educational webinar: Peace of mind in a digital world
Netwealth educational webinar: Peace of mind in a digital worldNetwealth educational webinar: Peace of mind in a digital world
Netwealth educational webinar: Peace of mind in a digital world
 
Cybersecurity risk assessments help organizations identify.pdf
Cybersecurity risk assessments help organizations identify.pdfCybersecurity risk assessments help organizations identify.pdf
Cybersecurity risk assessments help organizations identify.pdf
 
Insider Threats_ Top Four Ways to Protect Enterprises - ITSecurityWire.pdf
Insider Threats_ Top Four Ways to Protect Enterprises - ITSecurityWire.pdfInsider Threats_ Top Four Ways to Protect Enterprises - ITSecurityWire.pdf
Insider Threats_ Top Four Ways to Protect Enterprises - ITSecurityWire.pdf
 
Convergence innovative integration of security
Convergence innovative integration of securityConvergence innovative integration of security
Convergence innovative integration of security
 
Foley-Cybersecurity-White-Paper_3.9.15
Foley-Cybersecurity-White-Paper_3.9.15Foley-Cybersecurity-White-Paper_3.9.15
Foley-Cybersecurity-White-Paper_3.9.15
 
The Ultimate Guide to Protecting Your Business from Cyber Attacks by Greg Pie...
The Ultimate Guide to Protecting Your Business from Cyber Attacks by Greg Pie...The Ultimate Guide to Protecting Your Business from Cyber Attacks by Greg Pie...
The Ultimate Guide to Protecting Your Business from Cyber Attacks by Greg Pie...
 
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdfFor Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
 
The Small Business Cyber Security Best Practice Guide
The Small Business Cyber Security Best Practice GuideThe Small Business Cyber Security Best Practice Guide
The Small Business Cyber Security Best Practice Guide
 
Gp2 Public Policy Assign8 644 Sp10
Gp2 Public Policy Assign8 644 Sp10Gp2 Public Policy Assign8 644 Sp10
Gp2 Public Policy Assign8 644 Sp10
 
Enterprise security management II
Enterprise security management IIEnterprise security management II
Enterprise security management II
 
The Top Cybersecurity Threats Frightening Small Businesses Today
The Top Cybersecurity Threats Frightening Small Businesses TodayThe Top Cybersecurity Threats Frightening Small Businesses Today
The Top Cybersecurity Threats Frightening Small Businesses Today
 
Copy of The Ongoing Threat of Ransomware on Small to Medium-Si
Copy of The Ongoing Threat of Ransomware on Small to Medium-SiCopy of The Ongoing Threat of Ransomware on Small to Medium-Si
Copy of The Ongoing Threat of Ransomware on Small to Medium-Si
 
Aon Ransomware Response and Mitigation Strategies
Aon Ransomware Response and Mitigation StrategiesAon Ransomware Response and Mitigation Strategies
Aon Ransomware Response and Mitigation Strategies
 
To Be Great Enterprise Risk Managers, CISOs Need to Be Great Collaborators
To Be Great Enterprise Risk Managers, CISOs Need to Be Great CollaboratorsTo Be Great Enterprise Risk Managers, CISOs Need to Be Great Collaborators
To Be Great Enterprise Risk Managers, CISOs Need to Be Great Collaborators
 
DeltaV Security - Don’t Let Your Business Be Caught Without It
DeltaV Security - Don’t Let Your Business Be Caught Without ItDeltaV Security - Don’t Let Your Business Be Caught Without It
DeltaV Security - Don’t Let Your Business Be Caught Without It
 

More from Mike Saunders

I Want My EIP - Buffer Overflow 101
I Want My EIP - Buffer Overflow 101I Want My EIP - Buffer Overflow 101
I Want My EIP - Buffer Overflow 101
Mike Saunders
 
BSidesMSP 2017 - SDR101 workshop
BSidesMSP 2017 - SDR101 workshopBSidesMSP 2017 - SDR101 workshop
BSidesMSP 2017 - SDR101 workshop
Mike Saunders
 
InsiderThreat-2016NDITS
InsiderThreat-2016NDITSInsiderThreat-2016NDITS
InsiderThreat-2016NDITSMike Saunders
 
Detecting-Preventing-Insider-Threat
Detecting-Preventing-Insider-ThreatDetecting-Preventing-Insider-Threat
Detecting-Preventing-Insider-ThreatMike Saunders
 
DetectingSpearPhishingAttacks
DetectingSpearPhishingAttacksDetectingSpearPhishingAttacks
DetectingSpearPhishingAttacksMike Saunders
 
Is Your Data Literally Walking Out the Door?
Is Your Data Literally Walking Out the Door?Is Your Data Literally Walking Out the Door?
Is Your Data Literally Walking Out the Door?
Mike Saunders
 
Is Your Data Literally Walking Out the Door-presentation
Is Your Data Literally Walking Out the Door-presentationIs Your Data Literally Walking Out the Door-presentation
Is Your Data Literally Walking Out the Door-presentationMike Saunders
 
Problems with parameters b sides-msp
Problems with parameters b sides-mspProblems with parameters b sides-msp
Problems with parameters b sides-msp
Mike Saunders
 

More from Mike Saunders (8)

I Want My EIP - Buffer Overflow 101
I Want My EIP - Buffer Overflow 101I Want My EIP - Buffer Overflow 101
I Want My EIP - Buffer Overflow 101
 
BSidesMSP 2017 - SDR101 workshop
BSidesMSP 2017 - SDR101 workshopBSidesMSP 2017 - SDR101 workshop
BSidesMSP 2017 - SDR101 workshop
 
InsiderThreat-2016NDITS
InsiderThreat-2016NDITSInsiderThreat-2016NDITS
InsiderThreat-2016NDITS
 
Detecting-Preventing-Insider-Threat
Detecting-Preventing-Insider-ThreatDetecting-Preventing-Insider-Threat
Detecting-Preventing-Insider-Threat
 
DetectingSpearPhishingAttacks
DetectingSpearPhishingAttacksDetectingSpearPhishingAttacks
DetectingSpearPhishingAttacks
 
Is Your Data Literally Walking Out the Door?
Is Your Data Literally Walking Out the Door?Is Your Data Literally Walking Out the Door?
Is Your Data Literally Walking Out the Door?
 
Is Your Data Literally Walking Out the Door-presentation
Is Your Data Literally Walking Out the Door-presentationIs Your Data Literally Walking Out the Door-presentation
Is Your Data Literally Walking Out the Door-presentation
 
Problems with parameters b sides-msp
Problems with parameters b sides-mspProblems with parameters b sides-msp
Problems with parameters b sides-msp
 

Recently uploaded

Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
Elena Simperl
 
Search and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical FuturesSearch and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical Futures
Bhaskar Mitra
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
Product School
 
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Product School
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
Sri Ambati
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
Alan Dix
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Thierry Lestable
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
Elena Simperl
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
RTTS
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
BookNet Canada
 
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
UiPathCommunity
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
Prayukth K V
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
Kari Kakkonen
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
DianaGray10
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance
 
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsTo Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
Paul Groth
 
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
Product School
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
Guy Korland
 

Recently uploaded (20)

Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
 
Search and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical FuturesSearch and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical Futures
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
 
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
 
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
 
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsTo Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
 
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
 

You will be breached

  • 1. Are you prepared? What is your response plan? Mike Saunders – CISSP, GCIH, GPEN
  • 2. Agenda  Definition of a breach  Background statistics on breaches  What a breach may look like  Preparing your response plan  Putting your plan into action  Links to resources
  • 3. Key Assumptions  Small to medium-sized business (SMB)  25 – 500 employees  Few IT resources, few or none dedicated to IT security
  • 4. What Is a Breach?  Breach means an intrusion into a computer system, i.e. hacking or exposure of sensitive data  Causes of a breach:  crimes of opportunity  targeted attacks  viruses  web-delivered malware  malicious insiders  unintentional disclosures
  • 5. Breach Statistics  55% of SMBs surveyed were breached in the last year, 53% more than once – Ponemon Institute  Verizon 2012 DBIR found 71.5% of incidents studied were in organizations of less than 100 employees  Up from 63% in 2011  2011 Symantec ISTR found 28% of targeted attacks were against companies with less than 500 employees
  • 6. Costs of a Breach  Average cost of reported breach: $5.5 million  Average cost per stolen record: $194  Symantec ISTR  Fines  Possible jail terms under HIPAA  Loss of customer and business partner confidence
  • 7. How Do I Know I’ve Been Breached? www.digitaltrends.com
  • 12. Overt  Defaced website  Unauthorized bank transfers
  • 15. Overt  Defaced website  Unauthorized bank transfers  Destruction of data  Data held hostage – “ransomware”
  • 17. Overt  Defaced website  Unauthorized bank transfers  Destruction of data  Data held hostage – “ransomware”  Notification from outside entity
  • 18. Covert  System slowness  Abnormal log entries  Strange notifications when visiting a website  Helpdesk may notice a pattern
  • 21. No obvious indicators  There may not be an obvious indicator of a breach  Detect through well-developed security intelligence program  66% of breaches went undiscovered for several months or longer  Verizon 2013 DBIR
  • 22. Benefits of Adequate Preparation  Economic  Stop ongoing loss of data or business interruption  Reduce time to resolution after incident is discovered  Public Relations  PR plan helps reassure customers to prevent loss of confidence  Legal  Demonstrates due diligence
  • 23. Preparation: Getting Started  Get management support!  Define your incident handling team members  Not just IT! IT, Security, Legal, HR, PR, Management, external IT vendor  Designate an incident leader. This person needs to be calm under fire
  • 24. Preparation: Basics  Policies  Strong policies help enforce compliance and define roles and responsibilities  Incident Handling policies provide legal authority to investigate, “sniff” network traffic, monitor activities  Procedures  Clear, thorough, tested procedures help reduce confusion when tensions are high  Checklists  Notification procedures – legal, PR, law enforcement
  • 25. Preparation: Communications  Define a communications plan  Email and phone may be down or compromised; make sure you have cell numbers  Identify alternate contacts  Don’t forget to include IT vendor, network provider, etc.  Test your calling tree at least annually  Keep paper copies and keep them up to date
  • 26. Preparation: Testing and Practice  Perform incident handling tabletop exercises  When problems are identified, be sure to update procedures
  • 27. Execution  Document all steps in a notebook  Helps to have one person working, another keeping notes  Measure twice, cut once… First, do no harm…  In other words, don’t be too hasty  Step back to see the forest for the trees
  • 28. Mistakes Happen  Success does not consist in never making mistakes, but in never making the same one a second time. – George Bernard Shaw
  • 29. Lessons Learned  Be sure to hold a lessons learned session after breach  Hold within two weeks  Identify what failed and why  Implement fixes and update documentation
  • 30. Resources  Local law enforcement, including FBI  Professional Security Organizations  ISSA  https://sites.google.com/site/northdakotaissa/  InfraGard  http://infragard-nd.org  SANS Reading Room  http://www.sans.org/reading_room/  SANS Incident Handling Forms  http://www.sans.org/score/incidentforms/
  • 31. Summary  All sizes of organizations are being attacked  Vast majority of attacks are from outsiders – 92%  Verizon 2013 DBIR  Hacking constitutes the majority of attacks – 52%  Verizon 2013 DBIR  Incident response plans are key to recovery and limiting liability  There is a vast array of resources available to help you build your plan
  • 32. Resources  An Incident Handling Process for Small and Medium Businesses  http://www.sans.org/reading_room/whitepapers/incident/incident- handling-process-small-medium-businesses_1791  Creating a Computer Security Incident Response Team (CSIRT)  http://www.cert.org/csirts/Creating-A-CSIRT.html  NIST SP800-61 Rev. 2: Computer Security Incident Handling Guide  http://crsc.nist.gov/publications/nistpubs/800-61rev2/SP800- 61rev2.pdf  Corporate Incident Response – Why You Can’t Afford to Ignore It  http://www.mcafee.com/us/resources/white-papers/foundstone/wp- corp-incident-response.pdf
  • 33. References  Ponemon Institute Survey for Hartford Steam Boiler  http://www.hsbwhistlestop.com/agents/express/2013/02/hsbSurvey.ph p  Verizon 2013 Data Breach Investigations Report  http://www.verizonenterprise.com/DBIR/2013/  Verizon 2012 Data Breach Investigations Report  http://www.verizonenterprise.com/resources/reports/rp_data-breach- investigations-report-2012_en_xg.pdf  Symantec 2011 Internet Security Threat Report  http://www.symantec.com/content/en/us/enterprise/other_resources/ b-istr_main_report_2011_21239364.en-us.pdf
  • 34. Contact Me  msaunders.sec@gmail.com  @hardwaterhacker  http://hardwatersec.blogspot.com/