SlideShare ist ein Scribd-Unternehmen logo

“Data security prep for the holidays or how not to go dark on black friday

Als PPTX, PDF herunterladen
Curtis A. Carver Jr.
Curtis A. Carver Jr.
Technologie
1 von 26
Stealing Christmas Dr. Curtis A. Carver Jr. Vice Chancellor and CIO Board of Regents
Agenda • Policy ATE technology, oh my! • Landscape • What to do now? • Questions, Comments, a Conversation
Necessary Components Policy, awareness, training, and education (ATE), and technology must form the core of your security program. All three are necessary.
Landscape (Policy) • Many policy or policy frameworks are available. – COBIT – ISO 27000 series – ITIL – NIST • Pick one and execute as a first step. • College courses in security policy are available.
Perhaps Not this Policy
Technology • Technology is getting better rapidly. • It is necessary but not sufficient. • Attack vector is shifting away from hacks to social engineering. • Technology is not so good at preventing social engineering.
Recent Example: UGA • 8,500 staff and students • Slow, deliberate social engineering attack • Answers to “secret” questions found on Facebook.
Another Example: South Carolina Governor Nikki Haley, “This is not a good day for South Carolina.” October 27, 2012 3/4ths of state citizens affected. “The cost is also going to be enormous, given that South Carolina may be required to pay for identity theft protection services for anyone who has paid taxes in South Carolina since 1998,”
Landscape • Attacks are increasing. • Attacks are increasingly complex. • Education, training and awareness becoming increasingly important.
Normal versus Abnormal? Three Questions • What is normal for my organization? • What is abnormal? • What do I do if something abnormal occurs?
Awareness, Training, and Education Source: National Institute of Standards and Technology. An Introduction to Computer Security: The NIST Handbook. SP 800-12. http://csrc.nist.gov/publications/nistpubs/800-12/.
Three Examples • Accountability Plus • Carronade • IT SAMI
Accountability Plus Incident Count Issue: In a five month period this year, 23% of helpdesk incidents were computer abuse. This represents a 255% increase over the same period last year Time
Computer Abuse Process • Computer incident occurs What is • Help Desk Notified wrong with this process? • Institution notified • Help Desk Follows Up after 5 days • Help Desk Ticket closed out by Help Desk
Accountability Plus • Actions Taken: – Incidents characterized as high, medium, or low impact. – Processes redefined to escalate resolution of these cases to the President’s boss. – New processes go into effect on 9 April. • Importance to USG Presidents: A telephone call from USG CIO is indicative of four days remaining until the case is forwarded to USG senior leadership. Galileo, GeorgiaBest, GeorgiaFirst, GeorgiaonMyLine, GeorgiaView, GIL, PeachNet
Rest of the Story and Two Years Later… • Rest of the Story: I told the presidents that if I ever call them, their first step should be to fire the institutional CIO. • Two Years Later: – The computer abuse line is linear – not exponential. – I have not called a President…yet. Galileo, GeorgiaBest, GeorgiaFirst, GeorgiaonMyLine, GeorgiaView, GIL, PeachNet
Carronade • Issue: The longer students are at our institution, the more susceptible they are to phishing attacks. • Issue 2: – Death by PowerPoint training version 1 failed. – Death by PowerPoint training version 2 failed.
Carronade Hypothesis • Have the students launch spear phishing attacks against each other in a controlled manner. • Have students remediate other students. • Don’t tell the technical staff when it will happen. • Do it every semester.
Typical Email
Problems with Typical Email
Carronade Results
Two Years Later…
IT-SAMI INSPECTION SHEET Best In BDE Cadet Name Company Year Inspector Name Category ITEM POINTS Best Regiment: 86.13 AD-AWARE INSTALLED? NO, CHECK UPDATES >= 1 WEEK OLD, -30 - 05 Best Company: 95.00 >=3 WEEKS, -10 >= 1 MONTH, - 20 Worst Reg: 75.00 LAST SYSTEM SCAN >= 1 WEEK OLD, - 05 >=3 WEEKS, >= 1 MONTH, -10 - 20 Worst Company: 53.50 SCAN RESULTS For each process -10 For every 20 additional items, -05 DEFRAGEMENT ANALYZE SYSTEM SUGGESTED? YES, -10 ADD/REMOVE PROGRAM LIST WILD TANGENT YES, -10 WEATHER BUG YES, -10 WELL KNOWN FILE SHARING YES, -20/item BROWSER HEALTH SEARCH BAR OTHER THAN GOOGLE YES, -10 VIRUSES DEFENITION FILES >= 1 WEEK OLD, -5 >=3 WEEKS, -10 >= 1 MONTH, - 20 SYSTEM DATA SPACE REMAINING ON C-DRIVE < 20%, -10 MAJORITY OF ACDEMIC DATA STORED ON C-DRIVE YES, -20 4/7/2013 11:26 AM 23
Saturday AM Inspection (IT SAMI) In the hallways, cadets stand inspection of their military equipment. In their rooms, cadets stand inspection of their computers.  4/7/2013 11:26 AM 24
Stealing Christmas • The threat of organized crime and nation states attacking your personal information is real. Grinch is alive and well. • Give your organization the gifts of a strong security policy program, strong technology, and a strong education program. • Think outside the box in educating, training and rewarding your organization.
Questions, Comments, a Conversation Dr. Curtis A. Carver Jr. Vice Chancellor and CIO Board of Regents

Empfohlen

Brighttalk learning to cook- network management recipes - final
Brighttalk learning to cook- network management recipes - finalBrighttalk learning to cook- network management recipes - final
Brighttalk learning to cook- network management recipes - finalAndrew White
 
Transform today to innovate for tomorrow
Transform today to innovate for tomorrowTransform today to innovate for tomorrow
Transform today to innovate for tomorrowCurtis A. Carver Jr.
 
Threat assessment new normal
Threat assessment new normalThreat assessment new normal
Threat assessment new normalCurtis A. Carver Jr.
 
Pace IT Troubleshooting Theory
Pace IT Troubleshooting TheoryPace IT Troubleshooting Theory
Pace IT Troubleshooting TheoryPace IT at Edmonds Community College
 
PACE-IT: Network Troubleshooting Methodology
PACE-IT: Network Troubleshooting MethodologyPACE-IT: Network Troubleshooting Methodology
PACE-IT: Network Troubleshooting MethodologyPace IT at Edmonds Community College
 
Building & Updating an Incident Response Plan - Jason Smith Session - 2018 Ch...
Building & Updating an Incident Response Plan - Jason Smith Session - 2018 Ch...Building & Updating an Incident Response Plan - Jason Smith Session - 2018 Ch...
Building & Updating an Incident Response Plan - Jason Smith Session - 2018 Ch...Internetwork Engineering (IE)
 
AUDITO TOOLS
AUDITO TOOLSAUDITO TOOLS
AUDITO TOOLSRozaliyana Aushuria
 
Partner Alliance Webinar - Sales Tax | Fixed Assets Solutions - An Overview
Partner Alliance Webinar - Sales Tax | Fixed Assets Solutions - An OverviewPartner Alliance Webinar - Sales Tax | Fixed Assets Solutions - An Overview
Partner Alliance Webinar - Sales Tax | Fixed Assets Solutions - An OverviewNet at Work
 

Empfohlen

Brighttalk learning to cook- network management recipes - final
Brighttalk learning to cook- network management recipes - finalBrighttalk learning to cook- network management recipes - final
Brighttalk learning to cook- network management recipes - finalAndrew White
 
Transform today to innovate for tomorrow
Transform today to innovate for tomorrowTransform today to innovate for tomorrow
Transform today to innovate for tomorrowCurtis A. Carver Jr.
 
Threat assessment new normal
Threat assessment new normalThreat assessment new normal
Threat assessment new normalCurtis A. Carver Jr.
 
Pace IT Troubleshooting Theory
Pace IT Troubleshooting TheoryPace IT Troubleshooting Theory
Pace IT Troubleshooting TheoryPace IT at Edmonds Community College
 
PACE-IT: Network Troubleshooting Methodology
PACE-IT: Network Troubleshooting MethodologyPACE-IT: Network Troubleshooting Methodology
PACE-IT: Network Troubleshooting MethodologyPace IT at Edmonds Community College
 
Building & Updating an Incident Response Plan - Jason Smith Session - 2018 Ch...
Building & Updating an Incident Response Plan - Jason Smith Session - 2018 Ch...Building & Updating an Incident Response Plan - Jason Smith Session - 2018 Ch...
Building & Updating an Incident Response Plan - Jason Smith Session - 2018 Ch...Internetwork Engineering (IE)
 
AUDITO TOOLS
AUDITO TOOLSAUDITO TOOLS
AUDITO TOOLSRozaliyana Aushuria
 
Partner Alliance Webinar - Sales Tax | Fixed Assets Solutions - An Overview
Partner Alliance Webinar - Sales Tax | Fixed Assets Solutions - An OverviewPartner Alliance Webinar - Sales Tax | Fixed Assets Solutions - An Overview
Partner Alliance Webinar - Sales Tax | Fixed Assets Solutions - An OverviewNet at Work
 
Sage Fixed Assets Accounting for Sage 100
Sage Fixed Assets Accounting for Sage 100Sage Fixed Assets Accounting for Sage 100
Sage Fixed Assets Accounting for Sage 100Net at Work
 
Virtual Data : Eliminating the data constraint in Application Development
Virtual Data : Eliminating the data constraint in Application DevelopmentVirtual Data : Eliminating the data constraint in Application Development
Virtual Data : Eliminating the data constraint in Application DevelopmentKyle Hailey
 
2010 07 BSidesLV Mobilizing The PCI Resistance 1c
2010 07 BSidesLV Mobilizing The PCI Resistance 1c 2010 07 BSidesLV Mobilizing The PCI Resistance 1c
2010 07 BSidesLV Mobilizing The PCI Resistance 1c Security B-Sides
 
2010 07 BSidesLV Mobilizing The PCI Resistance 1c
2010 07 BSidesLV Mobilizing The PCI Resistance 1c2010 07 BSidesLV Mobilizing The PCI Resistance 1c
2010 07 BSidesLV Mobilizing The PCI Resistance 1cGene Kim
 
Cyber security and the mainframe (v1.3)
Cyber security and the mainframe (v1.3)Cyber security and the mainframe (v1.3)
Cyber security and the mainframe (v1.3)Rui Miguel Feio
 
SRE Topics with Charity Majors and Liz Fong-Jones of Honeycomb
SRE Topics with Charity Majors and Liz Fong-Jones of HoneycombSRE Topics with Charity Majors and Liz Fong-Jones of Honeycomb
SRE Topics with Charity Majors and Liz Fong-Jones of HoneycombDaniel Zivkovic
 
If You Are Not Embedding Analytics Into Your Day To Day Processes, You Are Do...
If You Are Not Embedding Analytics Into Your Day To Day Processes, You Are Do...If You Are Not Embedding Analytics Into Your Day To Day Processes, You Are Do...
If You Are Not Embedding Analytics Into Your Day To Day Processes, You Are Do...Dell World
 
Algorithmic Fairness: A Brief Introduction
Algorithmic Fairness: A Brief IntroductionAlgorithmic Fairness: A Brief Introduction
Algorithmic Fairness: A Brief IntroductionAnthonyMelson
 
Getting Schooled DerbyCon 3.0
Getting Schooled DerbyCon 3.0Getting Schooled DerbyCon 3.0
Getting Schooled DerbyCon 3.0TonikJDK
 
IS/IS NOT Solving “Unsolvable” Problems
IS/IS NOT Solving “Unsolvable” ProblemsIS/IS NOT Solving “Unsolvable” Problems
IS/IS NOT Solving “Unsolvable” ProblemsNUS-ISS
 
Sage FAS for Sage ERP
Sage FAS for Sage ERPSage FAS for Sage ERP
Sage FAS for Sage ERPRKLeSolutions
 
Is Your Vulnerability Management Program Irrelevant?
Is Your Vulnerability Management Program Irrelevant?Is Your Vulnerability Management Program Irrelevant?
Is Your Vulnerability Management Program Irrelevant?Skybox Security
 
ISO/IEC 27032 vs. ISO 31000 – How do they help towards Cybersecurity Risk Man...
ISO/IEC 27032 vs. ISO 31000 – How do they help towards Cybersecurity Risk Man...ISO/IEC 27032 vs. ISO 31000 – How do they help towards Cybersecurity Risk Man...
ISO/IEC 27032 vs. ISO 31000 – How do they help towards Cybersecurity Risk Man...PECB
 
Caveon Webinar - International Testing 11-15-2011
Caveon Webinar - International Testing 11-15-2011Caveon Webinar - International Testing 11-15-2011
Caveon Webinar - International Testing 11-15-2011Caveon Test Security
 
Eric Ries Lean Startup Presentation For Web 2.0 Expo April 1 2009 A Disciplin...
Eric Ries Lean Startup Presentation For Web 2.0 Expo April 1 2009 A Disciplin...Eric Ries Lean Startup Presentation For Web 2.0 Expo April 1 2009 A Disciplin...
Eric Ries Lean Startup Presentation For Web 2.0 Expo April 1 2009 A Disciplin...Eric Ries
 
Data Quality Challenges & Solution Approaches in Yahoo!’s Massive Data
Data Quality Challenges & Solution Approaches in Yahoo!’s Massive DataData Quality Challenges & Solution Approaches in Yahoo!’s Massive Data
Data Quality Challenges & Solution Approaches in Yahoo!’s Massive DataDATAVERSITY
 
IPAS at Penn State
IPAS at Penn StateIPAS at Penn State
IPAS at Penn StateVince Verbeke
 
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...Citrin Cooperman
 
Information Assurance Metrics: Practical Steps to Measurement
Information Assurance Metrics: Practical Steps to MeasurementInformation Assurance Metrics: Practical Steps to Measurement
Information Assurance Metrics: Practical Steps to MeasurementEnclaveSecurity
 
Defcon 21-pinto-defending-networks-machine-learning by pseudor00t
Defcon 21-pinto-defending-networks-machine-learning by pseudor00tDefcon 21-pinto-defending-networks-machine-learning by pseudor00t
Defcon 21-pinto-defending-networks-machine-learning by pseudor00tpseudor00t overflow
 
100 day letter
100 day letter100 day letter
100 day letterCurtis A. Carver Jr.
 
Cutting Edge Developments from Georgia
Cutting Edge Developments from GeorgiaCutting Edge Developments from Georgia
Cutting Edge Developments from GeorgiaCurtis A. Carver Jr.
 

Weitere ähnliche Inhalte

Ähnlich wie “Data security prep for the holidays or how not to go dark on black friday

Sage Fixed Assets Accounting for Sage 100
Sage Fixed Assets Accounting for Sage 100Sage Fixed Assets Accounting for Sage 100
Sage Fixed Assets Accounting for Sage 100Net at Work
 
Virtual Data : Eliminating the data constraint in Application Development
Virtual Data : Eliminating the data constraint in Application DevelopmentVirtual Data : Eliminating the data constraint in Application Development
Virtual Data : Eliminating the data constraint in Application DevelopmentKyle Hailey
 
2010 07 BSidesLV Mobilizing The PCI Resistance 1c
2010 07 BSidesLV Mobilizing The PCI Resistance 1c 2010 07 BSidesLV Mobilizing The PCI Resistance 1c
2010 07 BSidesLV Mobilizing The PCI Resistance 1c Security B-Sides
 
2010 07 BSidesLV Mobilizing The PCI Resistance 1c
2010 07 BSidesLV Mobilizing The PCI Resistance 1c2010 07 BSidesLV Mobilizing The PCI Resistance 1c
2010 07 BSidesLV Mobilizing The PCI Resistance 1cGene Kim
 
Cyber security and the mainframe (v1.3)
Cyber security and the mainframe (v1.3)Cyber security and the mainframe (v1.3)
Cyber security and the mainframe (v1.3)Rui Miguel Feio
 
SRE Topics with Charity Majors and Liz Fong-Jones of Honeycomb
SRE Topics with Charity Majors and Liz Fong-Jones of HoneycombSRE Topics with Charity Majors and Liz Fong-Jones of Honeycomb
SRE Topics with Charity Majors and Liz Fong-Jones of HoneycombDaniel Zivkovic
 
If You Are Not Embedding Analytics Into Your Day To Day Processes, You Are Do...
If You Are Not Embedding Analytics Into Your Day To Day Processes, You Are Do...If You Are Not Embedding Analytics Into Your Day To Day Processes, You Are Do...
If You Are Not Embedding Analytics Into Your Day To Day Processes, You Are Do...Dell World
 
Algorithmic Fairness: A Brief Introduction
Algorithmic Fairness: A Brief IntroductionAlgorithmic Fairness: A Brief Introduction
Algorithmic Fairness: A Brief IntroductionAnthonyMelson
 
Getting Schooled DerbyCon 3.0
Getting Schooled DerbyCon 3.0Getting Schooled DerbyCon 3.0
Getting Schooled DerbyCon 3.0TonikJDK
 
IS/IS NOT Solving “Unsolvable” Problems
IS/IS NOT Solving “Unsolvable” ProblemsIS/IS NOT Solving “Unsolvable” Problems
IS/IS NOT Solving “Unsolvable” ProblemsNUS-ISS
 
Sage FAS for Sage ERP
Sage FAS for Sage ERPSage FAS for Sage ERP
Sage FAS for Sage ERPRKLeSolutions
 
Is Your Vulnerability Management Program Irrelevant?
Is Your Vulnerability Management Program Irrelevant?Is Your Vulnerability Management Program Irrelevant?
Is Your Vulnerability Management Program Irrelevant?Skybox Security
 
ISO/IEC 27032 vs. ISO 31000 – How do they help towards Cybersecurity Risk Man...
ISO/IEC 27032 vs. ISO 31000 – How do they help towards Cybersecurity Risk Man...ISO/IEC 27032 vs. ISO 31000 – How do they help towards Cybersecurity Risk Man...
ISO/IEC 27032 vs. ISO 31000 – How do they help towards Cybersecurity Risk Man...PECB
 
Caveon Webinar - International Testing 11-15-2011
Caveon Webinar - International Testing 11-15-2011Caveon Webinar - International Testing 11-15-2011
Caveon Webinar - International Testing 11-15-2011Caveon Test Security
 
Eric Ries Lean Startup Presentation For Web 2.0 Expo April 1 2009 A Disciplin...
Eric Ries Lean Startup Presentation For Web 2.0 Expo April 1 2009 A Disciplin...Eric Ries Lean Startup Presentation For Web 2.0 Expo April 1 2009 A Disciplin...
Eric Ries Lean Startup Presentation For Web 2.0 Expo April 1 2009 A Disciplin...Eric Ries
 
Data Quality Challenges & Solution Approaches in Yahoo!’s Massive Data
Data Quality Challenges & Solution Approaches in Yahoo!’s Massive DataData Quality Challenges & Solution Approaches in Yahoo!’s Massive Data
Data Quality Challenges & Solution Approaches in Yahoo!’s Massive DataDATAVERSITY
 
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...Citrin Cooperman
 
Information Assurance Metrics: Practical Steps to Measurement
Information Assurance Metrics: Practical Steps to MeasurementInformation Assurance Metrics: Practical Steps to Measurement
Information Assurance Metrics: Practical Steps to MeasurementEnclaveSecurity
 
Defcon 21-pinto-defending-networks-machine-learning by pseudor00t
Defcon 21-pinto-defending-networks-machine-learning by pseudor00tDefcon 21-pinto-defending-networks-machine-learning by pseudor00t
Defcon 21-pinto-defending-networks-machine-learning by pseudor00tpseudor00t overflow
 

Ähnlich wie “Data security prep for the holidays or how not to go dark on black friday (20)

Sage Fixed Assets Accounting for Sage 100
Sage Fixed Assets Accounting for Sage 100Sage Fixed Assets Accounting for Sage 100
Sage Fixed Assets Accounting for Sage 100
 
Virtual Data : Eliminating the data constraint in Application Development
Virtual Data : Eliminating the data constraint in Application DevelopmentVirtual Data : Eliminating the data constraint in Application Development
Virtual Data : Eliminating the data constraint in Application Development
 
2010 07 BSidesLV Mobilizing The PCI Resistance 1c
2010 07 BSidesLV Mobilizing The PCI Resistance 1c 2010 07 BSidesLV Mobilizing The PCI Resistance 1c
2010 07 BSidesLV Mobilizing The PCI Resistance 1c
 
2010 07 BSidesLV Mobilizing The PCI Resistance 1c
2010 07 BSidesLV Mobilizing The PCI Resistance 1c2010 07 BSidesLV Mobilizing The PCI Resistance 1c
2010 07 BSidesLV Mobilizing The PCI Resistance 1c
 
Cyber security and the mainframe (v1.3)
Cyber security and the mainframe (v1.3)Cyber security and the mainframe (v1.3)
Cyber security and the mainframe (v1.3)
 
SRE Topics with Charity Majors and Liz Fong-Jones of Honeycomb
SRE Topics with Charity Majors and Liz Fong-Jones of HoneycombSRE Topics with Charity Majors and Liz Fong-Jones of Honeycomb
SRE Topics with Charity Majors and Liz Fong-Jones of Honeycomb
 
If You Are Not Embedding Analytics Into Your Day To Day Processes, You Are Do...
If You Are Not Embedding Analytics Into Your Day To Day Processes, You Are Do...If You Are Not Embedding Analytics Into Your Day To Day Processes, You Are Do...
If You Are Not Embedding Analytics Into Your Day To Day Processes, You Are Do...
 
Algorithmic Fairness: A Brief Introduction
Algorithmic Fairness: A Brief IntroductionAlgorithmic Fairness: A Brief Introduction
Algorithmic Fairness: A Brief Introduction
 
Getting Schooled DerbyCon 3.0
Getting Schooled DerbyCon 3.0Getting Schooled DerbyCon 3.0
Getting Schooled DerbyCon 3.0
 
IS/IS NOT Solving “Unsolvable” Problems
IS/IS NOT Solving “Unsolvable” ProblemsIS/IS NOT Solving “Unsolvable” Problems
IS/IS NOT Solving “Unsolvable” Problems
 
Sage FAS for Sage ERP
Sage FAS for Sage ERPSage FAS for Sage ERP
Sage FAS for Sage ERP
 
Is Your Vulnerability Management Program Irrelevant?
Is Your Vulnerability Management Program Irrelevant?Is Your Vulnerability Management Program Irrelevant?
Is Your Vulnerability Management Program Irrelevant?
 
ISO/IEC 27032 vs. ISO 31000 – How do they help towards Cybersecurity Risk Man...
ISO/IEC 27032 vs. ISO 31000 – How do they help towards Cybersecurity Risk Man...ISO/IEC 27032 vs. ISO 31000 – How do they help towards Cybersecurity Risk Man...
ISO/IEC 27032 vs. ISO 31000 – How do they help towards Cybersecurity Risk Man...
 
Caveon Webinar - International Testing 11-15-2011
Caveon Webinar - International Testing 11-15-2011Caveon Webinar - International Testing 11-15-2011
Caveon Webinar - International Testing 11-15-2011
 
Eric Ries Lean Startup Presentation For Web 2.0 Expo April 1 2009 A Disciplin...
Eric Ries Lean Startup Presentation For Web 2.0 Expo April 1 2009 A Disciplin...Eric Ries Lean Startup Presentation For Web 2.0 Expo April 1 2009 A Disciplin...
Eric Ries Lean Startup Presentation For Web 2.0 Expo April 1 2009 A Disciplin...
 
Data Quality Challenges & Solution Approaches in Yahoo!’s Massive Data
Data Quality Challenges & Solution Approaches in Yahoo!’s Massive DataData Quality Challenges & Solution Approaches in Yahoo!’s Massive Data
Data Quality Challenges & Solution Approaches in Yahoo!’s Massive Data
 
IPAS at Penn State
IPAS at Penn StateIPAS at Penn State
IPAS at Penn State
 
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...
 
Information Assurance Metrics: Practical Steps to Measurement
Information Assurance Metrics: Practical Steps to MeasurementInformation Assurance Metrics: Practical Steps to Measurement
Information Assurance Metrics: Practical Steps to Measurement
 
Defcon 21-pinto-defending-networks-machine-learning by pseudor00t
Defcon 21-pinto-defending-networks-machine-learning by pseudor00tDefcon 21-pinto-defending-networks-machine-learning by pseudor00t
Defcon 21-pinto-defending-networks-machine-learning by pseudor00t
 

Mehr von Curtis A. Carver Jr.

Cutting Edge Developments from Georgia
Cutting Edge Developments from GeorgiaCutting Edge Developments from Georgia
Cutting Edge Developments from GeorgiaCurtis A. Carver Jr.
 
A wireless roadmap for 250,000 users and growth
A wireless roadmap for 250,000 users and growthA wireless roadmap for 250,000 users and growth
A wireless roadmap for 250,000 users and growthCurtis A. Carver Jr.
 
t Success: An Update to the Georgia Southern IT Community
t Success: An Update to the Georgia Southern IT Communityt Success: An Update to the Georgia Southern IT Community
t Success: An Update to the Georgia Southern IT CommunityCurtis A. Carver Jr.
 
Innovation, agility, and a fight for survival a love storyv2
Innovation, agility, and a fight for survival a love storyv2Innovation, agility, and a fight for survival a love storyv2
Innovation, agility, and a fight for survival a love storyv2Curtis A. Carver Jr.
 
Deploying and utilizing statewide private cloud lessons learned
Deploying and utilizing statewide private cloud lessons learnedDeploying and utilizing statewide private cloud lessons learned
Deploying and utilizing statewide private cloud lessons learnedCurtis A. Carver Jr.
 
Non-Technologist’s Guide to Technology Support of Adult Learners
Non-Technologist’s Guide to Technology Support of Adult LearnersNon-Technologist’s Guide to Technology Support of Adult Learners
Non-Technologist’s Guide to Technology Support of Adult LearnersCurtis A. Carver Jr.
 
Windows of Opportunity in Hallways of Distractions: the race between threats,...
Windows of Opportunity in Hallways of Distractions: the race between threats,...Windows of Opportunity in Hallways of Distractions: the race between threats,...
Windows of Opportunity in Hallways of Distractions: the race between threats,...Curtis A. Carver Jr.
 
Four important trends in it and security implications
Four important trends in it and security implicationsFour important trends in it and security implications
Four important trends in it and security implicationsCurtis A. Carver Jr.
 
Mentoring Presentation to Athens Clarke County
Mentoring Presentation to Athens Clarke CountyMentoring Presentation to Athens Clarke County
Mentoring Presentation to Athens Clarke CountyCurtis A. Carver Jr.
 
Thoughts on information to support decision making
Thoughts on information to support decision makingThoughts on information to support decision making
Thoughts on information to support decision makingCurtis A. Carver Jr.
 
It innovation in an era of diminshing resourcing
It innovation in an era of diminshing resourcingIt innovation in an era of diminshing resourcing
It innovation in an era of diminshing resourcingCurtis A. Carver Jr.
 
Four important trends in 20 minutes
Four important trends in 20 minutesFour important trends in 20 minutes
Four important trends in 20 minutesCurtis A. Carver Jr.
 
Bring your own device to your local state
Bring your own device to your local stateBring your own device to your local state
Bring your own device to your local stateCurtis A. Carver Jr.
 
Playing the long game changing security culture in usg
Playing the long game changing security culture in usgPlaying the long game changing security culture in usg
Playing the long game changing security culture in usgCurtis A. Carver Jr.
 

Mehr von Curtis A. Carver Jr. (20)

100 day letter
100 day letter100 day letter
100 day letter
 
Cutting Edge Developments from Georgia
Cutting Edge Developments from GeorgiaCutting Edge Developments from Georgia
Cutting Edge Developments from Georgia
 
A wireless roadmap for 250,000 users and growth
A wireless roadmap for 250,000 users and growthA wireless roadmap for 250,000 users and growth
A wireless roadmap for 250,000 users and growth
 
Rock eagle thursday presentation
Rock eagle thursday presentationRock eagle thursday presentation
Rock eagle thursday presentation
 
t Success: An Update to the Georgia Southern IT Community
t Success: An Update to the Georgia Southern IT Communityt Success: An Update to the Georgia Southern IT Community
t Success: An Update to the Georgia Southern IT Community
 
Innovation, agility, and a fight for survival a love storyv2
Innovation, agility, and a fight for survival a love storyv2Innovation, agility, and a fight for survival a love storyv2
Innovation, agility, and a fight for survival a love storyv2
 
Threat Assessment: The New Normal
Threat Assessment: The New NormalThreat Assessment: The New Normal
Threat Assessment: The New Normal
 
Deploying and utilizing statewide private cloud lessons learned
Deploying and utilizing statewide private cloud lessons learnedDeploying and utilizing statewide private cloud lessons learned
Deploying and utilizing statewide private cloud lessons learned
 
Emerging world order
Emerging world orderEmerging world order
Emerging world order
 
Non-Technologist’s Guide to Technology Support of Adult Learners
Non-Technologist’s Guide to Technology Support of Adult LearnersNon-Technologist’s Guide to Technology Support of Adult Learners
Non-Technologist’s Guide to Technology Support of Adult Learners
 
Windows of Opportunity in Hallways of Distractions: the race between threats,...
Windows of Opportunity in Hallways of Distractions: the race between threats,...Windows of Opportunity in Hallways of Distractions: the race between threats,...
Windows of Opportunity in Hallways of Distractions: the race between threats,...
 
Four important trends in it and security implications
Four important trends in it and security implicationsFour important trends in it and security implications
Four important trends in it and security implications
 
Mentoring Presentation to Athens Clarke County
Mentoring Presentation to Athens Clarke CountyMentoring Presentation to Athens Clarke County
Mentoring Presentation to Athens Clarke County
 
Thoughts on information to support decision making
Thoughts on information to support decision makingThoughts on information to support decision making
Thoughts on information to support decision making
 
System level innovation
System level innovationSystem level innovation
System level innovation
 
It innovation in an era of diminshing resourcing
It innovation in an era of diminshing resourcingIt innovation in an era of diminshing resourcing
It innovation in an era of diminshing resourcing
 
Four important trends in 20 minutes
Four important trends in 20 minutesFour important trends in 20 minutes
Four important trends in 20 minutes
 
Bring your own device to your local state
Bring your own device to your local stateBring your own device to your local state
Bring your own device to your local state
 
Playing the long game changing security culture in usg
Playing the long game changing security culture in usgPlaying the long game changing security culture in usg
Playing the long game changing security culture in usg
 
Galileo at a Crossroads
Galileo at a CrossroadsGalileo at a Crossroads
Galileo at a Crossroads
 

Kürzlich hochgeladen

Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
The Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfThe Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfSeasiaInfotech2
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Wonjun Hwang
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 

Kürzlich hochgeladen (20)

Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
The Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfThe Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdf
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 

“Data security prep for the holidays or how not to go dark on black friday

  • 1. Stealing Christmas Dr. Curtis A. Carver Jr. Vice Chancellor and CIO Board of Regents
  • 2. Agenda • Policy ATE technology, oh my! • Landscape • What to do now? • Questions, Comments, a Conversation
  • 3. Necessary Components Policy, awareness, training, and education (ATE), and technology must form the core of your security program. All three are necessary.
  • 4. Landscape (Policy) • Many policy or policy frameworks are available. – COBIT – ISO 27000 series – ITIL – NIST • Pick one and execute as a first step. • College courses in security policy are available.
  • 6. Technology • Technology is getting better rapidly. • It is necessary but not sufficient. • Attack vector is shifting away from hacks to social engineering. • Technology is not so good at preventing social engineering.
  • 7. Recent Example: UGA • 8,500 staff and students • Slow, deliberate social engineering attack • Answers to “secret” questions found on Facebook.
  • 8. Another Example: South Carolina Governor Nikki Haley, “This is not a good day for South Carolina.” October 27, 2012 3/4ths of state citizens affected. “The cost is also going to be enormous, given that South Carolina may be required to pay for identity theft protection services for anyone who has paid taxes in South Carolina since 1998,”
  • 9. Landscape • Attacks are increasing. • Attacks are increasingly complex. • Education, training and awareness becoming increasingly important.
  • 10. Normal versus Abnormal? Three Questions • What is normal for my organization? • What is abnormal? • What do I do if something abnormal occurs?
  • 11. Awareness, Training, and Education Source: National Institute of Standards and Technology. An Introduction to Computer Security: The NIST Handbook. SP 800-12. http://csrc.nist.gov/publications/nistpubs/800-12/.
  • 12. Three Examples • Accountability Plus • Carronade • IT SAMI
  • 13. Accountability Plus Incident Count Issue: In a five month period this year, 23% of helpdesk incidents were computer abuse. This represents a 255% increase over the same period last year Time
  • 14. Computer Abuse Process • Computer incident occurs What is • Help Desk Notified wrong with this process? • Institution notified • Help Desk Follows Up after 5 days • Help Desk Ticket closed out by Help Desk
  • 15. Accountability Plus • Actions Taken: – Incidents characterized as high, medium, or low impact. – Processes redefined to escalate resolution of these cases to the President’s boss. – New processes go into effect on 9 April. • Importance to USG Presidents: A telephone call from USG CIO is indicative of four days remaining until the case is forwarded to USG senior leadership. Galileo, GeorgiaBest, GeorgiaFirst, GeorgiaonMyLine, GeorgiaView, GIL, PeachNet
  • 16. Rest of the Story and Two Years Later… • Rest of the Story: I told the presidents that if I ever call them, their first step should be to fire the institutional CIO. • Two Years Later: – The computer abuse line is linear – not exponential. – I have not called a President…yet. Galileo, GeorgiaBest, GeorgiaFirst, GeorgiaonMyLine, GeorgiaView, GIL, PeachNet
  • 17. Carronade • Issue: The longer students are at our institution, the more susceptible they are to phishing attacks. • Issue 2: – Death by PowerPoint training version 1 failed. – Death by PowerPoint training version 2 failed.
  • 18. Carronade Hypothesis • Have the students launch spear phishing attacks against each other in a controlled manner. • Have students remediate other students. • Don’t tell the technical staff when it will happen. • Do it every semester.
  • 23. IT-SAMI INSPECTION SHEET Best In BDE Cadet Name Company Year Inspector Name Category ITEM POINTS Best Regiment: 86.13 AD-AWARE INSTALLED? NO, CHECK UPDATES >= 1 WEEK OLD, -30 - 05 Best Company: 95.00 >=3 WEEKS, -10 >= 1 MONTH, - 20 Worst Reg: 75.00 LAST SYSTEM SCAN >= 1 WEEK OLD, - 05 >=3 WEEKS, >= 1 MONTH, -10 - 20 Worst Company: 53.50 SCAN RESULTS For each process -10 For every 20 additional items, -05 DEFRAGEMENT ANALYZE SYSTEM SUGGESTED? YES, -10 ADD/REMOVE PROGRAM LIST WILD TANGENT YES, -10 WEATHER BUG YES, -10 WELL KNOWN FILE SHARING YES, -20/item BROWSER HEALTH SEARCH BAR OTHER THAN GOOGLE YES, -10 VIRUSES DEFENITION FILES >= 1 WEEK OLD, -5 >=3 WEEKS, -10 >= 1 MONTH, - 20 SYSTEM DATA SPACE REMAINING ON C-DRIVE < 20%, -10 MAJORITY OF ACDEMIC DATA STORED ON C-DRIVE YES, -20 4/7/2013 11:26 AM 23
  • 24. Saturday AM Inspection (IT SAMI) In the hallways, cadets stand inspection of their military equipment. In their rooms, cadets stand inspection of their computers.  4/7/2013 11:26 AM 24
  • 25. Stealing Christmas • The threat of organized crime and nation states attacking your personal information is real. Grinch is alive and well. • Give your organization the gifts of a strong security policy program, strong technology, and a strong education program. • Think outside the box in educating, training and rewarding your organization.
  • 26. Questions, Comments, a Conversation Dr. Curtis A. Carver Jr. Vice Chancellor and CIO Board of Regents

Hinweis der Redaktion

  1. Lots of good examples of policy available.Technology is good and rapidly improving.ATE is the weakest component in my opinion.
  2. Stephen Cobb