SlideShare ist ein Scribd-Unternehmen logo

Today's Cyber Challenges: Methodology to Secure Your Business

J
JoAnna Cheshire

Presented at InnoTech Oklahoma 2017. All rights reserved.

Technologie
1 von 41
Downloaden Sie, um offline zu lesen
Today’s  Cyber  Challenges         Methodology  to  Secure  Your  Business Joe  Leonard,  CISO   CISM,  CISA,  CRISC,  CISSP,  CEH October  5,  2017 FUTURE.  BUILT.
Agenda q Introduction q Today’s  Cyber  Challenges q Attack  Vectors q Disruption  Technology q Business  Challenges q Security  Framework q Security  Tools q Insider  Stories q Summary
Introduction
Introduction • Presidio  Chief  Information  Security  Officer • Over  11  years  at  Presidio • 39  Years  in  Security • Organizations – US  Army  (Electronic  Warfare) – EDS    (Cellular  Communications) – BBN  Planet/GTE  Internetworking  (ISP) – Digex  (Network/Web  Hosting) – Northrop  Grumman  (Consulting) – Presidio  (Consulting) • Certifications – CISM,  CISA,  CRISC,  CISSP,  CEH,  CCSK
Todays’  Goal • Pass  along  knowledge  from  many  engagements • Pass  along  some  ideas  that  can  help  you • Pass  long  some  best  practices   • Pass  along  some  common  mistakes  and  pitfalls • Promise  no  sales  pitch • No  FUD  to  discuss  security • Open  discussion  about  security
Today’s  Cyber  Challenges Methodology  to  Secure  Your  Business • Today’s  cybersecurity  landscape  has  many  challenges. There  are  many   attack  vectors  and  the  frequency  of  the  attacks  are  increasing. How  do   we  protect  our  organizations  from  these  attacks? Do  we  have  the   resources,  the  budget  or  the  knowledge  to  defend  against  these   attacks? • During  this  session  we  will  talk  about  a  methodology  for  protecting  your   organization’s  critical  data  which  includes  security  strategy,  compliance   requirements,  continuous  testing,  architecture  challenges,  incident   response  and  monitoring. This  session  will  discuss  today’s   cybersecurity  challenges  and  how  this  methodology  will  help  you  protect   your  organization.
Today’s  Cyber  Challenges
Attack  Vectors  Changing
Attack  Vectors  Changing Attack  vectors  need  to  be  evaluated Cyber   Weapon s 1  Tbps  DDoS France  -­ OVH
Security  in  the  News Security  and  Exchange  Commission Exploited  Vulnerability  -­ Electronic   Data  Gathering,  Analysis,  and   Retrieval  (EDGAR) Data  can  be  used  for  insider  trading Exploited  Apache  Struts  Flaw Impact  – 145  million  people
And  the  Winner  is 3  Billion  Records  Compromised
Security  Awareness  – Changing  Culture
Disruption  Technology
Disruption  Technology
Business  Challenges
Poll  Question • What  are  your  top  Cyber  Security  challenges?
Business  Challenges
Security  Framework
Security  Framework Comprehensive  security  framework   that  address  todays  changing  cyber   threat  landscape. Benefits: • Strategy  aligned  with  business   goals  and  risk • Continuous  Risk  Management   lifecycle  approach • Governance  (Security  Framework) • Architecture  Roadmap • Managed  Services • Incident  Response  Program • Executive  level  KPIs Business Intelligence (Customer) Strategy Incident  Response   Governance Managed  Security  Services Architecture  Consulting   Security  Analysis Baseline Reporting Roadmap
Baseline Business Intelligence (Customer) Strategy Baseline Roadmap B Q2 Q3 Q4 Continuous-Testing-&-Remediation Services: • Yearly  Baseline  Risk  Assessment • Quarterly  Remediation  Testing • Compliance   • HIPAA,  PCI,  FISMA  and   FERPA • Penetration  Testing Benefits: • Improve  Executive  Visibility • Improve  Security  Posture • Develop  Roadmap • Detect  and  Manage  Risks • Meet  Compliance  Requirements • Reduce  Costs
Poll  Question • How  frequently  do  you  test  your  systems?
When? • Yearly baseline   • Quarterly review  and  remediation  testing • Compliance  -­ HIPAA,  PCI,  GDPR and  FISMA   • Penetration  Testing • NIST  800-­53  R4,  NIST  800-­171,  CIS  Controls  20 • Validation  of  new  controls Benefits • Improve  security  posture • Detect  and  manage  risks • Meet  compliance  requirements • Reduce  costs Internal  Assessment Physical  Security Penetration  Testing Wireless  Infrastructure External  Assessment Social  Engineering Web  Applications Device  Hardening Remote  Access Governance Executive   Summary Report Vulnerability Register Detailed Risk  Report Baseline  Testing
Intelligence   Gathering External Internal Attacks Command  &   Control Analysis   Cleanup   Presentation Scope • Intelligence  Gathering • External  /  Internal  Attacks • Command  &  Control  (C&C) • Analysis  /  Lessons  Learned • Improved  Incident  Response • Replicate  Real  World  Attacks • Increase  Security  Awareness Deliverables • Executive  Summary • Detailed  Red  Team  Analysis  (ROE) • Onsite  After  Action  Review Red  Team
Security  Analysis Services: • Malware  file  based  analysis • Traffic  Analysis • PCAP  Analysis • IDS/IPS • Passive  Vulnerability  Assessment   • Passive  Module  (Tap  /Span) • Reporting Benefits: • Identify  Indicators  of  Compromise   (IOC) • Identify  Targeted  Attacks • Identify  traffic  anomaly • Identify  attackers Business Intelligence (Customer) Strategy Security  Analysis Baseline Roadmap
Architecture  Consulting Services: • Security  Architecture • Firewall  Analysis • Device  Hardening • Active  Directory  Analysis • PKI  Assessments Benefits: • Architecture  aligned  to  Business   Goals • Develop  High-­Level  Designs • Layered  Security  Architecture • Network  Segmentation • Roadmap  Development   • Improve  Security  Posture Business Intelligence (Customer) Strategy Architecture  Consulting   Security  Analysis Baseline Roadmap
Governance Services: • NIST  Cyber  Security  Framework • NIST  800-­53 • NIST  800-­171  (CUI) • FISMA • ISO  27001 • CIS  Controls  20 Benefits: • Risk  Management  Viewpoint • Improve  Risk  Posture • Operation  Preparedness • Regulatory  Compliance • Investment  Validation • Resource  Prioritization Business Intelligence (Customer) StrategyGovernance Architecture  Consulting   Security  Analysis Baseline Roadmap
Governance  Frameworks
Managed  Security  Services Services: • 24  x  7  x  365  coverage • Advanced  Security  Managed   Platform • Detection,  analysis,  response,   escalation  and  mitigation • Security  event  correlation • Threat  Intelligence • Service  Device  Management • Reporting Benefits: • Comprehensive  platform • Governance  &  Compliance • Service  Device  Management   Business Intelligence (Customer) StrategyGovernance Managed  Security  Services Architecture  Consulting   Security  Analysis Baseline Roadmap
Incident  Response  – Emergency  and  Retainer Services: • Subscription  services • Incident  coordination,   containment  and  investigation • Log,  host  and  network  forensics • Creation  of  IR  processes • Remediation  planning • Threat  &  Incident  Reporting • Table  Top  Exercises Benefits: • Organization  understands  role • Security  readiness  for  attack • Incident  containment • Central  communication  point • Reduce  brand  damage Business Intelligence (Customer) Strategy Incident  Response   Governance Managed  Security  Services Architecture  Consulting   Security  Analysis Baseline Roadmap
Poll  Question • Does  your  organization  have  an  incident   response  team?
Reporting Services: • KPI • Risk  Management • Vulnerability  Management Benefits: • Dynamic  Risk  Score • Improved  Risk  Visibility • Improved  Vulnerability   Tracking • Yearly  and  Quarterly   Comparison  Improvements Business Intelligence (Customer) Strategy Incident  Response   Governance Managed  Security  Services Architecture  Consulting   Security  Analysis Baseline Reporting Roadmap
Security  Tools
Scanning  Tools • Tenable  Nessus • Burp  Suite  Pro • LUCY  (Social   Engineering) • Nmap • Metasploit • Mimikatz • Responder • BloodHound Direct  Action  Kit RFID  Harvester • When  victim  is  within  a   few  feet,  their  RFID   badge  information  is   grabbed. • System  can  then  clone   the  badge  for  use  by   security  consultant. Physical  Security • Lack  of  door  plates  on   critical  ingress  doors  can   allow  access  with  kit   tools • Improperly  installed  locks   can  lead  to  easy  bypass Wireless  Testing • Wi-­Fi  Pineapple • Evil  Twin  Attacks  on   open  wireless  networks • Cracking  pre-­shared   keys  with  high-­power   Amazon  GPU  cluster Commercial  / Open  Source  tools • Shrum  Tool • Shove  Knife  Tool • Plastic  shims • Lock  pick  tools • USB  Key  logger • Video  Cable  Display   Mirror • Hinge-­mount  door  catch Security  Tools
Insider  Stories What  could  go  wrong?
Insider  Stories • Impersonation • Phishing • Spear  Phishing • Media  Drop • Red  Team
Story  1 Impersonate  Support  Team 36 1 2 • I’m  here  to  help  with  a  problem  on   the  computer. • Coincidence  -­ another  business   system  is  down. • Receptionist  provides  the  outage   information,  branch  manager  and   direct  number.     • Information  sent  to  attacker  2. • A  remote  attacker  2  calls  the   branch  manager  from  a  spoofed   number  for  the  real  support  team. • Wanted  to  let  you  know  we’re   coming  to  look  at  the  system. 1 • Receptionist  is  notified  to  escort   the  support  team  to  the  system. • Attacker  1  is  escorted  to  the   business  system. • Gathered  photos  of  alarm   systems/wiring  diagrams.    Had   access  to  financial  servers  and   15,000  loan  applications.
Story  2 Impersonate  Executive 37 • Complete  IT  Survey • Success  75-­80%  credentials • Admins  responded • Employees  are  afraid  to   question  authority  
Story  3  – Multi-­tier  Attacks • <  20  minutes  on-­site – 1  inserted  USB – Server  room  compromised – 7  sets  of  credentials  compromised – 12  sets  of  spear  phishing – Full  VPN  Access – Full  email  access • Attacks – Reconnaissance  (badge) – Phishing – Tailgate – USB – Human  Error
Story  4 Red  Team • GOAL  – Gain  access  to  pharmaceutical  price   list – 1st  night  – dumpster  diving  – price  lists  found – 2nd night  – building  reconnaissance  – door  locks  vulnerable – Gained  access  – knitting  hook  picked  door  lock  (loiding) – Badge  ID  System  left  out  in  open  – guessed  easy  password – Created  admin  account  and  badges – Deleted  forced  entry  alerts  from  camera  and  door  security   system – Used  newly  created  badges  to  access  environment – Installed  keystroke  loggers  on  keyboards – Gained  domain  admin  privileges – Gained  full  admin  access  to  pharmaceutical  server
Summary q Introduction q Today’s  Cyber  Challenges q Attack  Vectors q Disruption  Technology q Business  Challenges q Security  Framework q Security  Tools q Insider  Stories q Summary
Thank  you Joe  Leonard jleonard@presidio.com

Empfohlen

Cyber Security in the market place: HP CTO Day
Cyber Security in the market place: HP CTO DayCyber Security in the market place: HP CTO Day
Cyber Security in the market place: HP CTO DaySymantec
 
Reducing Attack Surface in Budget Constrained Environments
Reducing Attack Surface in Budget Constrained EnvironmentsReducing Attack Surface in Budget Constrained Environments
Reducing Attack Surface in Budget Constrained EnvironmentsDenim Group
 
Cybersecurity: Challenges, Initiatives, and Best Practices
Cybersecurity: Challenges, Initiatives, and Best PracticesCybersecurity: Challenges, Initiatives, and Best Practices
Cybersecurity: Challenges, Initiatives, and Best PracticesJohn Gilligan
 
Cyber Security in The Cloud
Cyber Security in The CloudCyber Security in The Cloud
Cyber Security in The CloudPECB
 
IBM Security Services Overview
IBM Security Services OverviewIBM Security Services Overview
IBM Security Services OverviewCasey Lucas
 
Chapter 1 Presentation
Chapter 1 PresentationChapter 1 Presentation
Chapter 1 PresentationAmy McMullin
 
Rothke Computer Forensics Show 2010 Deployment Strategies For Effective E...
Rothke Computer Forensics Show 2010 Deployment Strategies For Effective E...Rothke Computer Forensics Show 2010 Deployment Strategies For Effective E...
Rothke Computer Forensics Show 2010 Deployment Strategies For Effective E...Ben Rothke
 
How to Build a Successful Cybersecurity Program?
How to Build a Successful Cybersecurity Program?How to Build a Successful Cybersecurity Program?
How to Build a Successful Cybersecurity Program?PECB
 

Empfohlen

Cyber Security in the market place: HP CTO Day
Cyber Security in the market place: HP CTO DayCyber Security in the market place: HP CTO Day
Cyber Security in the market place: HP CTO DaySymantec
 
Reducing Attack Surface in Budget Constrained Environments
Reducing Attack Surface in Budget Constrained EnvironmentsReducing Attack Surface in Budget Constrained Environments
Reducing Attack Surface in Budget Constrained EnvironmentsDenim Group
 
Cybersecurity: Challenges, Initiatives, and Best Practices
Cybersecurity: Challenges, Initiatives, and Best PracticesCybersecurity: Challenges, Initiatives, and Best Practices
Cybersecurity: Challenges, Initiatives, and Best PracticesJohn Gilligan
 
Cyber Security in The Cloud
Cyber Security in The CloudCyber Security in The Cloud
Cyber Security in The CloudPECB
 
IBM Security Services Overview
IBM Security Services OverviewIBM Security Services Overview
IBM Security Services OverviewCasey Lucas
 
Chapter 1 Presentation
Chapter 1 PresentationChapter 1 Presentation
Chapter 1 PresentationAmy McMullin
 
Rothke Computer Forensics Show 2010 Deployment Strategies For Effective E...
Rothke Computer Forensics Show 2010 Deployment Strategies For Effective E...Rothke Computer Forensics Show 2010 Deployment Strategies For Effective E...
Rothke Computer Forensics Show 2010 Deployment Strategies For Effective E...Ben Rothke
 
How to Build a Successful Cybersecurity Program?
How to Build a Successful Cybersecurity Program?How to Build a Successful Cybersecurity Program?
How to Build a Successful Cybersecurity Program?PECB
 
Intro to Security
Intro to SecurityIntro to Security
Intro to Securityprimeteacher32
 
NTXISSACSC2 - The Evolving DMZ by John Fehan
NTXISSACSC2 - The Evolving DMZ by John FehanNTXISSACSC2 - The Evolving DMZ by John Fehan
NTXISSACSC2 - The Evolving DMZ by John FehanNorth Texas Chapter of the ISSA
 
Ch01
Ch01Ch01
Ch01Alitta Aisyawati
 
You've Been Breached: How To Mitigate The Incident
You've Been Breached: How To Mitigate The IncidentYou've Been Breached: How To Mitigate The Incident
You've Been Breached: How To Mitigate The IncidentResilient Systems
 
Application Security Done Right
Application Security Done RightApplication Security Done Right
Application Security Done Rightpvanwoud
 
Chapter 9 PowerPoint
Chapter 9 PowerPointChapter 9 PowerPoint
Chapter 9 PowerPointAmy McMullin
 
NTXISSACSC2 - Information Security Opportunity: Embracing Big Data with Peopl...
NTXISSACSC2 - Information Security Opportunity: Embracing Big Data with Peopl...NTXISSACSC2 - Information Security Opportunity: Embracing Big Data with Peopl...
NTXISSACSC2 - Information Security Opportunity: Embracing Big Data with Peopl...North Texas Chapter of the ISSA
 
199 baseline security
199 baseline security199 baseline security
199 baseline securityDarrin Jackson
 
The Benefits of Having Nerds On Site Monitoring Your Technology
The Benefits of Having Nerds On Site Monitoring Your TechnologyThe Benefits of Having Nerds On Site Monitoring Your Technology
The Benefits of Having Nerds On Site Monitoring Your TechnologyKevin Lloyd
 
Vulnerability Management – Opportunities and Challenges!
Vulnerability Management – Opportunities and Challenges!Vulnerability Management – Opportunities and Challenges!
Vulnerability Management – Opportunities and Challenges!Outpost24
 
What's New In CompTIA Security+ - Course Technology Computing Conference
What's New In CompTIA Security+ - Course Technology Computing ConferenceWhat's New In CompTIA Security+ - Course Technology Computing Conference
What's New In CompTIA Security+ - Course Technology Computing ConferenceCengage Learning
 
Active Directory in ICS: Lessons Learned From The Field
Active Directory in ICS: Lessons Learned From The FieldActive Directory in ICS: Lessons Learned From The Field
Active Directory in ICS: Lessons Learned From The FieldDigital Bond
 
Cyber Security Strategies and Approaches
Cyber Security Strategies and ApproachesCyber Security Strategies and Approaches
Cyber Security Strategies and Approachesvngundi
 
Design and Evaluation of [vSoC]: Virtualised Security Operations Centre
Design and Evaluation of [vSoC]: Virtualised Security Operations Centre Design and Evaluation of [vSoC]: Virtualised Security Operations Centre
Design and Evaluation of [vSoC]: Virtualised Security Operations Centre Napier University
 
DTS Services
DTS ServicesDTS Services
DTS ServicesDavid A. Le Roy
 
Incident Response: Don't Mess It Up, Here's How To Get It Right
Incident Response: Don't Mess It Up, Here's How To Get It RightIncident Response: Don't Mess It Up, Here's How To Get It Right
Incident Response: Don't Mess It Up, Here's How To Get It RightResilient Systems
 
Incident response
Incident responseIncident response
Incident responseAnshul Gupta
 
Process Whitelisting and Resource Access Control For ICS Computers, Kuniyasu ...
Process Whitelisting and Resource Access Control For ICS Computers, Kuniyasu ...Process Whitelisting and Resource Access Control For ICS Computers, Kuniyasu ...
Process Whitelisting and Resource Access Control For ICS Computers, Kuniyasu ...Digital Bond
 
Next-Generation SIEM: Delivered from the Cloud
Next-Generation SIEM: Delivered from the Cloud Next-Generation SIEM: Delivered from the Cloud
Next-Generation SIEM: Delivered from the Cloud Alert Logic
 
Chapter 13
Chapter 13Chapter 13
Chapter 13Amy McMullin
 
TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...
TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...
TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...SaraPia5
 
Starting your Career in Information Security
Starting your Career in Information SecurityStarting your Career in Information Security
Starting your Career in Information SecurityAhmed Sayed-
 

Weitere ähnliche Inhalte

Was ist angesagt?

You've Been Breached: How To Mitigate The Incident
You've Been Breached: How To Mitigate The IncidentYou've Been Breached: How To Mitigate The Incident
You've Been Breached: How To Mitigate The IncidentResilient Systems
 
Application Security Done Right
Application Security Done RightApplication Security Done Right
Application Security Done Rightpvanwoud
 
Chapter 9 PowerPoint
Chapter 9 PowerPointChapter 9 PowerPoint
Chapter 9 PowerPointAmy McMullin
 
NTXISSACSC2 - Information Security Opportunity: Embracing Big Data with Peopl...
NTXISSACSC2 - Information Security Opportunity: Embracing Big Data with Peopl...NTXISSACSC2 - Information Security Opportunity: Embracing Big Data with Peopl...
NTXISSACSC2 - Information Security Opportunity: Embracing Big Data with Peopl...North Texas Chapter of the ISSA
 
The Benefits of Having Nerds On Site Monitoring Your Technology
The Benefits of Having Nerds On Site Monitoring Your TechnologyThe Benefits of Having Nerds On Site Monitoring Your Technology
The Benefits of Having Nerds On Site Monitoring Your TechnologyKevin Lloyd
 
Vulnerability Management – Opportunities and Challenges!
Vulnerability Management – Opportunities and Challenges!Vulnerability Management – Opportunities and Challenges!
Vulnerability Management – Opportunities and Challenges!Outpost24
 
What's New In CompTIA Security+ - Course Technology Computing Conference
What's New In CompTIA Security+ - Course Technology Computing ConferenceWhat's New In CompTIA Security+ - Course Technology Computing Conference
What's New In CompTIA Security+ - Course Technology Computing ConferenceCengage Learning
 
Active Directory in ICS: Lessons Learned From The Field
Active Directory in ICS: Lessons Learned From The FieldActive Directory in ICS: Lessons Learned From The Field
Active Directory in ICS: Lessons Learned From The FieldDigital Bond
 
Cyber Security Strategies and Approaches
Cyber Security Strategies and ApproachesCyber Security Strategies and Approaches
Cyber Security Strategies and Approachesvngundi
 
Design and Evaluation of [vSoC]: Virtualised Security Operations Centre
Design and Evaluation of [vSoC]: Virtualised Security Operations Centre Design and Evaluation of [vSoC]: Virtualised Security Operations Centre
Design and Evaluation of [vSoC]: Virtualised Security Operations Centre Napier University
 
Incident Response: Don't Mess It Up, Here's How To Get It Right
Incident Response: Don't Mess It Up, Here's How To Get It RightIncident Response: Don't Mess It Up, Here's How To Get It Right
Incident Response: Don't Mess It Up, Here's How To Get It RightResilient Systems
 
Process Whitelisting and Resource Access Control For ICS Computers, Kuniyasu ...
Process Whitelisting and Resource Access Control For ICS Computers, Kuniyasu ...Process Whitelisting and Resource Access Control For ICS Computers, Kuniyasu ...
Process Whitelisting and Resource Access Control For ICS Computers, Kuniyasu ...Digital Bond
 
Next-Generation SIEM: Delivered from the Cloud
Next-Generation SIEM: Delivered from the Cloud Next-Generation SIEM: Delivered from the Cloud
Next-Generation SIEM: Delivered from the Cloud Alert Logic
 

Was ist angesagt? (20)

Intro to Security
Intro to SecurityIntro to Security
Intro to Security
 
NTXISSACSC2 - The Evolving DMZ by John Fehan
NTXISSACSC2 - The Evolving DMZ by John FehanNTXISSACSC2 - The Evolving DMZ by John Fehan
NTXISSACSC2 - The Evolving DMZ by John Fehan
 
Ch01
Ch01Ch01
Ch01
 
You've Been Breached: How To Mitigate The Incident
You've Been Breached: How To Mitigate The IncidentYou've Been Breached: How To Mitigate The Incident
You've Been Breached: How To Mitigate The Incident
 
Application Security Done Right
Application Security Done RightApplication Security Done Right
Application Security Done Right
 
Chapter 9 PowerPoint
Chapter 9 PowerPointChapter 9 PowerPoint
Chapter 9 PowerPoint
 
NTXISSACSC2 - Information Security Opportunity: Embracing Big Data with Peopl...
NTXISSACSC2 - Information Security Opportunity: Embracing Big Data with Peopl...NTXISSACSC2 - Information Security Opportunity: Embracing Big Data with Peopl...
NTXISSACSC2 - Information Security Opportunity: Embracing Big Data with Peopl...
 
199 baseline security
199 baseline security199 baseline security
199 baseline security
 
The Benefits of Having Nerds On Site Monitoring Your Technology
The Benefits of Having Nerds On Site Monitoring Your TechnologyThe Benefits of Having Nerds On Site Monitoring Your Technology
The Benefits of Having Nerds On Site Monitoring Your Technology
 
Vulnerability Management – Opportunities and Challenges!
Vulnerability Management – Opportunities and Challenges!Vulnerability Management – Opportunities and Challenges!
Vulnerability Management – Opportunities and Challenges!
 
What's New In CompTIA Security+ - Course Technology Computing Conference
What's New In CompTIA Security+ - Course Technology Computing ConferenceWhat's New In CompTIA Security+ - Course Technology Computing Conference
What's New In CompTIA Security+ - Course Technology Computing Conference
 
Active Directory in ICS: Lessons Learned From The Field
Active Directory in ICS: Lessons Learned From The FieldActive Directory in ICS: Lessons Learned From The Field
Active Directory in ICS: Lessons Learned From The Field
 
Cyber Security Strategies and Approaches
Cyber Security Strategies and ApproachesCyber Security Strategies and Approaches
Cyber Security Strategies and Approaches
 
Design and Evaluation of [vSoC]: Virtualised Security Operations Centre
Design and Evaluation of [vSoC]: Virtualised Security Operations Centre Design and Evaluation of [vSoC]: Virtualised Security Operations Centre
Design and Evaluation of [vSoC]: Virtualised Security Operations Centre
 
DTS Services
DTS ServicesDTS Services
DTS Services
 
Incident Response: Don't Mess It Up, Here's How To Get It Right
Incident Response: Don't Mess It Up, Here's How To Get It RightIncident Response: Don't Mess It Up, Here's How To Get It Right
Incident Response: Don't Mess It Up, Here's How To Get It Right
 
Incident response
Incident responseIncident response
Incident response
 
Process Whitelisting and Resource Access Control For ICS Computers, Kuniyasu ...
Process Whitelisting and Resource Access Control For ICS Computers, Kuniyasu ...Process Whitelisting and Resource Access Control For ICS Computers, Kuniyasu ...
Process Whitelisting and Resource Access Control For ICS Computers, Kuniyasu ...
 
Next-Generation SIEM: Delivered from the Cloud
Next-Generation SIEM: Delivered from the Cloud Next-Generation SIEM: Delivered from the Cloud
Next-Generation SIEM: Delivered from the Cloud
 
Chapter 13
Chapter 13Chapter 13
Chapter 13
 

Ähnlich wie Today's Cyber Challenges: Methodology to Secure Your Business

TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...
TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...
TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...SaraPia5
 
Starting your Career in Information Security
Starting your Career in Information SecurityStarting your Career in Information Security
Starting your Career in Information SecurityAhmed Sayed-
 
Colorado-Society-of-CPAs-Cybersecurity-Presentation-v3_Feb8.pptx
Colorado-Society-of-CPAs-Cybersecurity-Presentation-v3_Feb8.pptxColorado-Society-of-CPAs-Cybersecurity-Presentation-v3_Feb8.pptx
Colorado-Society-of-CPAs-Cybersecurity-Presentation-v3_Feb8.pptxAkramAlqadasi1
 
Penetration testing & Ethical Hacking
Penetration testing & Ethical HackingPenetration testing & Ethical Hacking
Penetration testing & Ethical HackingS.E. CTS CERT-GOV-MD
 
Cybersecurity Frameworks and You: The Perfect Match
Cybersecurity Frameworks and You: The Perfect MatchCybersecurity Frameworks and You: The Perfect Match
Cybersecurity Frameworks and You: The Perfect MatchMcKonly & Asbury, LLP
 
Ooredoo%20Security%20Managed%20Services
Ooredoo%20Security%20Managed%20ServicesOoredoo%20Security%20Managed%20Services
Ooredoo%20Security%20Managed%20ServicesMuhammad Mudassar
 
Les Assises 2015 - Why people are the most important aspect of IT security?
Les Assises 2015 - Why people are the most important aspect of IT security?Les Assises 2015 - Why people are the most important aspect of IT security?
Les Assises 2015 - Why people are the most important aspect of IT security?BalaBit
 
Effective Security Monitoring for IBM i: What You Need to Know
Effective Security Monitoring for IBM i: What You Need to KnowEffective Security Monitoring for IBM i: What You Need to Know
Effective Security Monitoring for IBM i: What You Need to KnowPrecisely
 
IBM i Security: Identifying the Events That Matter Most
IBM i Security: Identifying the Events That Matter MostIBM i Security: Identifying the Events That Matter Most
IBM i Security: Identifying the Events That Matter MostPrecisely
 
Your cyber security webinar
Your cyber security webinarYour cyber security webinar
Your cyber security webinarIntergen
 
ComResource Business Solutions
ComResource Business SolutionsComResource Business Solutions
ComResource Business SolutionsAnthony Dials
 
Moving to the Cloud: A Security and Hosting Introduction
Moving to the Cloud: A Security and Hosting IntroductionMoving to the Cloud: A Security and Hosting Introduction
Moving to the Cloud: A Security and Hosting IntroductionBlackbaud
 
Cyberteq - Cyber Security for Telecom.pdf
Cyberteq - Cyber Security for Telecom.pdfCyberteq - Cyber Security for Telecom.pdf
Cyberteq - Cyber Security for Telecom.pdfssuser8717cc
 
Your cyber security webinar
Your cyber security webinarYour cyber security webinar
Your cyber security webinarEmpired
 
RMS Security Breakfast
RMS Security BreakfastRMS Security Breakfast
RMS Security BreakfastRackspace
 
Taking the Pulse of IBM i Security for 2020
Taking the Pulse of IBM i Security for 2020Taking the Pulse of IBM i Security for 2020
Taking the Pulse of IBM i Security for 2020Precisely
 
cybersecurity analyst.pptx
cybersecurity analyst.pptxcybersecurity analyst.pptx
cybersecurity analyst.pptxBoni Yeamin
 
ComResource Agency Solutions
ComResource Agency SolutionsComResource Agency Solutions
ComResource Agency SolutionsAnthony Dials
 

Ähnlich wie Today's Cyber Challenges: Methodology to Secure Your Business (20)

TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...
TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...
TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...
 
Starting your Career in Information Security
Starting your Career in Information SecurityStarting your Career in Information Security
Starting your Career in Information Security
 
Colorado-Society-of-CPAs-Cybersecurity-Presentation-v3_Feb8.pptx
Colorado-Society-of-CPAs-Cybersecurity-Presentation-v3_Feb8.pptxColorado-Society-of-CPAs-Cybersecurity-Presentation-v3_Feb8.pptx
Colorado-Society-of-CPAs-Cybersecurity-Presentation-v3_Feb8.pptx
 
Penetration testing & Ethical Hacking
Penetration testing & Ethical HackingPenetration testing & Ethical Hacking
Penetration testing & Ethical Hacking
 
Cybersecurity Frameworks and You: The Perfect Match
Cybersecurity Frameworks and You: The Perfect MatchCybersecurity Frameworks and You: The Perfect Match
Cybersecurity Frameworks and You: The Perfect Match
 
Ooredoo%20Security%20Managed%20Services
Ooredoo%20Security%20Managed%20ServicesOoredoo%20Security%20Managed%20Services
Ooredoo%20Security%20Managed%20Services
 
Les Assises 2015 - Why people are the most important aspect of IT security?
Les Assises 2015 - Why people are the most important aspect of IT security?Les Assises 2015 - Why people are the most important aspect of IT security?
Les Assises 2015 - Why people are the most important aspect of IT security?
 
Effective Security Monitoring for IBM i: What You Need to Know
Effective Security Monitoring for IBM i: What You Need to KnowEffective Security Monitoring for IBM i: What You Need to Know
Effective Security Monitoring for IBM i: What You Need to Know
 
IBM i Security: Identifying the Events That Matter Most
IBM i Security: Identifying the Events That Matter MostIBM i Security: Identifying the Events That Matter Most
IBM i Security: Identifying the Events That Matter Most
 
Your cyber security webinar
Your cyber security webinarYour cyber security webinar
Your cyber security webinar
 
ComResource Business Solutions
ComResource Business SolutionsComResource Business Solutions
ComResource Business Solutions
 
Moving to the Cloud: A Security and Hosting Introduction
Moving to the Cloud: A Security and Hosting IntroductionMoving to the Cloud: A Security and Hosting Introduction
Moving to the Cloud: A Security and Hosting Introduction
 
Grc tao.4
Grc tao.4Grc tao.4
Grc tao.4
 
CRI Cyber Board Briefing
CRI Cyber Board Briefing CRI Cyber Board Briefing
CRI Cyber Board Briefing
 
Cyberteq - Cyber Security for Telecom.pdf
Cyberteq - Cyber Security for Telecom.pdfCyberteq - Cyber Security for Telecom.pdf
Cyberteq - Cyber Security for Telecom.pdf
 
Your cyber security webinar
Your cyber security webinarYour cyber security webinar
Your cyber security webinar
 
RMS Security Breakfast
RMS Security BreakfastRMS Security Breakfast
RMS Security Breakfast
 
Taking the Pulse of IBM i Security for 2020
Taking the Pulse of IBM i Security for 2020Taking the Pulse of IBM i Security for 2020
Taking the Pulse of IBM i Security for 2020
 
cybersecurity analyst.pptx
cybersecurity analyst.pptxcybersecurity analyst.pptx
cybersecurity analyst.pptx
 
ComResource Agency Solutions
ComResource Agency SolutionsComResource Agency Solutions
ComResource Agency Solutions
 

Mehr von JoAnna Cheshire

The SharePoint Migration Playbook
The SharePoint Migration PlaybookThe SharePoint Migration Playbook
The SharePoint Migration PlaybookJoAnna Cheshire
 
Introduction to SharePoint Framework
Introduction to SharePoint FrameworkIntroduction to SharePoint Framework
Introduction to SharePoint FrameworkJoAnna Cheshire
 
PowerShell + SharePoint Online - An Admin's Guide
PowerShell + SharePoint Online - An Admin's GuidePowerShell + SharePoint Online - An Admin's Guide
PowerShell + SharePoint Online - An Admin's GuideJoAnna Cheshire
 
Artificial Intelligence & Machine Learning - A CIOs Perspective
Artificial Intelligence & Machine Learning - A CIOs PerspectiveArtificial Intelligence & Machine Learning - A CIOs Perspective
Artificial Intelligence & Machine Learning - A CIOs PerspectiveJoAnna Cheshire
 
Modernizing Data Management
Modernizing Data Management Modernizing Data Management
Modernizing Data Management JoAnna Cheshire
 
Microsoft and Enterprise Search
Microsoft and Enterprise Search Microsoft and Enterprise Search
Microsoft and Enterprise Search JoAnna Cheshire
 
Introduction to Microsoft Teams and Office 365 groups
Introduction to Microsoft Teams and Office 365 groupsIntroduction to Microsoft Teams and Office 365 groups
Introduction to Microsoft Teams and Office 365 groupsJoAnna Cheshire
 
Cybersecurity crisis management a prep guide
Cybersecurity crisis management a prep guideCybersecurity crisis management a prep guide
Cybersecurity crisis management a prep guideJoAnna Cheshire
 
Accelerate your business with flow
Accelerate your business with flowAccelerate your business with flow
Accelerate your business with flowJoAnna Cheshire
 
Building applications for your business using power apps and flow
Building applications for your business using power apps and flowBuilding applications for your business using power apps and flow
Building applications for your business using power apps and flowJoAnna Cheshire
 
The Decomposition Dilemma
The Decomposition DilemmaThe Decomposition Dilemma
The Decomposition DilemmaJoAnna Cheshire
 
Defending against Ransomware and what you can do about it
Defending against Ransomware and what you can do about itDefending against Ransomware and what you can do about it
Defending against Ransomware and what you can do about itJoAnna Cheshire
 
The New Convergence of Data; the Next Strategic Business Advantage
The New Convergence of Data; the Next Strategic Business AdvantageThe New Convergence of Data; the Next Strategic Business Advantage
The New Convergence of Data; the Next Strategic Business AdvantageJoAnna Cheshire
 
Healthcare - An Identity Thief's SuperStore
Healthcare - An Identity Thief's SuperStoreHealthcare - An Identity Thief's SuperStore
Healthcare - An Identity Thief's SuperStoreJoAnna Cheshire
 
Microservices Architectural Maturity Matrix, Token Based Authority, API Gatew...
Microservices Architectural Maturity Matrix, Token Based Authority, API Gatew...Microservices Architectural Maturity Matrix, Token Based Authority, API Gatew...
Microservices Architectural Maturity Matrix, Token Based Authority, API Gatew...JoAnna Cheshire
 
Define Yourself! Crafting a Wonder Woman's Brand
Define Yourself! Crafting a Wonder Woman's BrandDefine Yourself! Crafting a Wonder Woman's Brand
Define Yourself! Crafting a Wonder Woman's BrandJoAnna Cheshire
 
A UX first approach to Office 365 migrations
A UX first approach to Office 365 migrationsA UX first approach to Office 365 migrations
A UX first approach to Office 365 migrationsJoAnna Cheshire
 

Mehr von JoAnna Cheshire (20)

The Future of Work
The Future of WorkThe Future of Work
The Future of Work
 
Catching the Next Train
Catching the Next TrainCatching the Next Train
Catching the Next Train
 
The SharePoint Migration Playbook
The SharePoint Migration PlaybookThe SharePoint Migration Playbook
The SharePoint Migration Playbook
 
Introduction to SharePoint Framework
Introduction to SharePoint FrameworkIntroduction to SharePoint Framework
Introduction to SharePoint Framework
 
PowerShell + SharePoint Online - An Admin's Guide
PowerShell + SharePoint Online - An Admin's GuidePowerShell + SharePoint Online - An Admin's Guide
PowerShell + SharePoint Online - An Admin's Guide
 
Artificial Intelligence & Machine Learning - A CIOs Perspective
Artificial Intelligence & Machine Learning - A CIOs PerspectiveArtificial Intelligence & Machine Learning - A CIOs Perspective
Artificial Intelligence & Machine Learning - A CIOs Perspective
 
Modernizing Data Management
Modernizing Data Management Modernizing Data Management
Modernizing Data Management
 
Microsoft and Enterprise Search
Microsoft and Enterprise Search Microsoft and Enterprise Search
Microsoft and Enterprise Search
 
Introduction to Microsoft Teams and Office 365 groups
Introduction to Microsoft Teams and Office 365 groupsIntroduction to Microsoft Teams and Office 365 groups
Introduction to Microsoft Teams and Office 365 groups
 
Cybersecurity crisis management a prep guide
Cybersecurity crisis management a prep guideCybersecurity crisis management a prep guide
Cybersecurity crisis management a prep guide
 
Accelerate your business with flow
Accelerate your business with flowAccelerate your business with flow
Accelerate your business with flow
 
Building applications for your business using power apps and flow
Building applications for your business using power apps and flowBuilding applications for your business using power apps and flow
Building applications for your business using power apps and flow
 
The Decomposition Dilemma
The Decomposition DilemmaThe Decomposition Dilemma
The Decomposition Dilemma
 
Not "If" but "When"
Not "If" but "When"Not "If" but "When"
Not "If" but "When"
 
Defending against Ransomware and what you can do about it
Defending against Ransomware and what you can do about itDefending against Ransomware and what you can do about it
Defending against Ransomware and what you can do about it
 
The New Convergence of Data; the Next Strategic Business Advantage
The New Convergence of Data; the Next Strategic Business AdvantageThe New Convergence of Data; the Next Strategic Business Advantage
The New Convergence of Data; the Next Strategic Business Advantage
 
Healthcare - An Identity Thief's SuperStore
Healthcare - An Identity Thief's SuperStoreHealthcare - An Identity Thief's SuperStore
Healthcare - An Identity Thief's SuperStore
 
Microservices Architectural Maturity Matrix, Token Based Authority, API Gatew...
Microservices Architectural Maturity Matrix, Token Based Authority, API Gatew...Microservices Architectural Maturity Matrix, Token Based Authority, API Gatew...
Microservices Architectural Maturity Matrix, Token Based Authority, API Gatew...
 
Define Yourself! Crafting a Wonder Woman's Brand
Define Yourself! Crafting a Wonder Woman's BrandDefine Yourself! Crafting a Wonder Woman's Brand
Define Yourself! Crafting a Wonder Woman's Brand
 
A UX first approach to Office 365 migrations
A UX first approach to Office 365 migrationsA UX first approach to Office 365 migrations
A UX first approach to Office 365 migrations
 

Kürzlich hochgeladen

Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 

Kürzlich hochgeladen (20)

Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 

Today's Cyber Challenges: Methodology to Secure Your Business

  • 1. Today’s  Cyber  Challenges         Methodology  to  Secure  Your  Business Joe  Leonard,  CISO   CISM,  CISA,  CRISC,  CISSP,  CEH October  5,  2017 FUTURE.  BUILT.
  • 2. Agenda q Introduction q Today’s  Cyber  Challenges q Attack  Vectors q Disruption  Technology q Business  Challenges q Security  Framework q Security  Tools q Insider  Stories q Summary
  • 4. Introduction • Presidio  Chief  Information  Security  Officer • Over  11  years  at  Presidio • 39  Years  in  Security • Organizations – US  Army  (Electronic  Warfare) – EDS    (Cellular  Communications) – BBN  Planet/GTE  Internetworking  (ISP) – Digex  (Network/Web  Hosting) – Northrop  Grumman  (Consulting) – Presidio  (Consulting) • Certifications – CISM,  CISA,  CRISC,  CISSP,  CEH,  CCSK
  • 5. Todays’  Goal • Pass  along  knowledge  from  many  engagements • Pass  along  some  ideas  that  can  help  you • Pass  long  some  best  practices   • Pass  along  some  common  mistakes  and  pitfalls • Promise  no  sales  pitch • No  FUD  to  discuss  security • Open  discussion  about  security
  • 6. Today’s  Cyber  Challenges Methodology  to  Secure  Your  Business • Today’s  cybersecurity  landscape  has  many  challenges. There  are  many   attack  vectors  and  the  frequency  of  the  attacks  are  increasing. How  do   we  protect  our  organizations  from  these  attacks? Do  we  have  the   resources,  the  budget  or  the  knowledge  to  defend  against  these   attacks? • During  this  session  we  will  talk  about  a  methodology  for  protecting  your   organization’s  critical  data  which  includes  security  strategy,  compliance   requirements,  continuous  testing,  architecture  challenges,  incident   response  and  monitoring. This  session  will  discuss  today’s   cybersecurity  challenges  and  how  this  methodology  will  help  you  protect   your  organization.
  • 9. Attack  Vectors  Changing Attack  vectors  need  to  be  evaluated Cyber   Weapon s 1  Tbps  DDoS France  -­ OVH
  • 10. Security  in  the  News Security  and  Exchange  Commission Exploited  Vulnerability  -­ Electronic   Data  Gathering,  Analysis,  and   Retrieval  (EDGAR) Data  can  be  used  for  insider  trading Exploited  Apache  Struts  Flaw Impact  – 145  million  people
  • 11. And  the  Winner  is 3  Billion  Records  Compromised
  • 12. Security  Awareness  – Changing  Culture
  • 16. Poll  Question • What  are  your  top  Cyber  Security  challenges?
  • 19. Security  Framework Comprehensive  security  framework   that  address  todays  changing  cyber   threat  landscape. Benefits: • Strategy  aligned  with  business   goals  and  risk • Continuous  Risk  Management   lifecycle  approach • Governance  (Security  Framework) • Architecture  Roadmap • Managed  Services • Incident  Response  Program • Executive  level  KPIs Business Intelligence (Customer) Strategy Incident  Response   Governance Managed  Security  Services Architecture  Consulting   Security  Analysis Baseline Reporting Roadmap
  • 20. Baseline Business Intelligence (Customer) Strategy Baseline Roadmap B Q2 Q3 Q4 Continuous-Testing-&-Remediation Services: • Yearly  Baseline  Risk  Assessment • Quarterly  Remediation  Testing • Compliance   • HIPAA,  PCI,  FISMA  and   FERPA • Penetration  Testing Benefits: • Improve  Executive  Visibility • Improve  Security  Posture • Develop  Roadmap • Detect  and  Manage  Risks • Meet  Compliance  Requirements • Reduce  Costs
  • 21. Poll  Question • How  frequently  do  you  test  your  systems?
  • 22. When? • Yearly baseline   • Quarterly review  and  remediation  testing • Compliance  -­ HIPAA,  PCI,  GDPR and  FISMA   • Penetration  Testing • NIST  800-­53  R4,  NIST  800-­171,  CIS  Controls  20 • Validation  of  new  controls Benefits • Improve  security  posture • Detect  and  manage  risks • Meet  compliance  requirements • Reduce  costs Internal  Assessment Physical  Security Penetration  Testing Wireless  Infrastructure External  Assessment Social  Engineering Web  Applications Device  Hardening Remote  Access Governance Executive   Summary Report Vulnerability Register Detailed Risk  Report Baseline  Testing
  • 23. Intelligence   Gathering External Internal Attacks Command  &   Control Analysis   Cleanup   Presentation Scope • Intelligence  Gathering • External  /  Internal  Attacks • Command  &  Control  (C&C) • Analysis  /  Lessons  Learned • Improved  Incident  Response • Replicate  Real  World  Attacks • Increase  Security  Awareness Deliverables • Executive  Summary • Detailed  Red  Team  Analysis  (ROE) • Onsite  After  Action  Review Red  Team
  • 24. Security  Analysis Services: • Malware  file  based  analysis • Traffic  Analysis • PCAP  Analysis • IDS/IPS • Passive  Vulnerability  Assessment   • Passive  Module  (Tap  /Span) • Reporting Benefits: • Identify  Indicators  of  Compromise   (IOC) • Identify  Targeted  Attacks • Identify  traffic  anomaly • Identify  attackers Business Intelligence (Customer) Strategy Security  Analysis Baseline Roadmap
  • 25. Architecture  Consulting Services: • Security  Architecture • Firewall  Analysis • Device  Hardening • Active  Directory  Analysis • PKI  Assessments Benefits: • Architecture  aligned  to  Business   Goals • Develop  High-­Level  Designs • Layered  Security  Architecture • Network  Segmentation • Roadmap  Development   • Improve  Security  Posture Business Intelligence (Customer) Strategy Architecture  Consulting   Security  Analysis Baseline Roadmap
  • 26. Governance Services: • NIST  Cyber  Security  Framework • NIST  800-­53 • NIST  800-­171  (CUI) • FISMA • ISO  27001 • CIS  Controls  20 Benefits: • Risk  Management  Viewpoint • Improve  Risk  Posture • Operation  Preparedness • Regulatory  Compliance • Investment  Validation • Resource  Prioritization Business Intelligence (Customer) StrategyGovernance Architecture  Consulting   Security  Analysis Baseline Roadmap
  • 28. Managed  Security  Services Services: • 24  x  7  x  365  coverage • Advanced  Security  Managed   Platform • Detection,  analysis,  response,   escalation  and  mitigation • Security  event  correlation • Threat  Intelligence • Service  Device  Management • Reporting Benefits: • Comprehensive  platform • Governance  &  Compliance • Service  Device  Management   Business Intelligence (Customer) StrategyGovernance Managed  Security  Services Architecture  Consulting   Security  Analysis Baseline Roadmap
  • 29. Incident  Response  – Emergency  and  Retainer Services: • Subscription  services • Incident  coordination,   containment  and  investigation • Log,  host  and  network  forensics • Creation  of  IR  processes • Remediation  planning • Threat  &  Incident  Reporting • Table  Top  Exercises Benefits: • Organization  understands  role • Security  readiness  for  attack • Incident  containment • Central  communication  point • Reduce  brand  damage Business Intelligence (Customer) Strategy Incident  Response   Governance Managed  Security  Services Architecture  Consulting   Security  Analysis Baseline Roadmap
  • 30. Poll  Question • Does  your  organization  have  an  incident   response  team?
  • 31. Reporting Services: • KPI • Risk  Management • Vulnerability  Management Benefits: • Dynamic  Risk  Score • Improved  Risk  Visibility • Improved  Vulnerability   Tracking • Yearly  and  Quarterly   Comparison  Improvements Business Intelligence (Customer) Strategy Incident  Response   Governance Managed  Security  Services Architecture  Consulting   Security  Analysis Baseline Reporting Roadmap
  • 33. Scanning  Tools • Tenable  Nessus • Burp  Suite  Pro • LUCY  (Social   Engineering) • Nmap • Metasploit • Mimikatz • Responder • BloodHound Direct  Action  Kit RFID  Harvester • When  victim  is  within  a   few  feet,  their  RFID   badge  information  is   grabbed. • System  can  then  clone   the  badge  for  use  by   security  consultant. Physical  Security • Lack  of  door  plates  on   critical  ingress  doors  can   allow  access  with  kit   tools • Improperly  installed  locks   can  lead  to  easy  bypass Wireless  Testing • Wi-­Fi  Pineapple • Evil  Twin  Attacks  on   open  wireless  networks • Cracking  pre-­shared   keys  with  high-­power   Amazon  GPU  cluster Commercial  / Open  Source  tools • Shrum  Tool • Shove  Knife  Tool • Plastic  shims • Lock  pick  tools • USB  Key  logger • Video  Cable  Display   Mirror • Hinge-­mount  door  catch Security  Tools
  • 35. Insider  Stories • Impersonation • Phishing • Spear  Phishing • Media  Drop • Red  Team
  • 36. Story  1 Impersonate  Support  Team 36 1 2 • I’m  here  to  help  with  a  problem  on   the  computer. • Coincidence  -­ another  business   system  is  down. • Receptionist  provides  the  outage   information,  branch  manager  and   direct  number.     • Information  sent  to  attacker  2. • A  remote  attacker  2  calls  the   branch  manager  from  a  spoofed   number  for  the  real  support  team. • Wanted  to  let  you  know  we’re   coming  to  look  at  the  system. 1 • Receptionist  is  notified  to  escort   the  support  team  to  the  system. • Attacker  1  is  escorted  to  the   business  system. • Gathered  photos  of  alarm   systems/wiring  diagrams.    Had   access  to  financial  servers  and   15,000  loan  applications.
  • 37. Story  2 Impersonate  Executive 37 • Complete  IT  Survey • Success  75-­80%  credentials • Admins  responded • Employees  are  afraid  to   question  authority  
  • 38. Story  3  – Multi-­tier  Attacks • <  20  minutes  on-­site – 1  inserted  USB – Server  room  compromised – 7  sets  of  credentials  compromised – 12  sets  of  spear  phishing – Full  VPN  Access – Full  email  access • Attacks – Reconnaissance  (badge) – Phishing – Tailgate – USB – Human  Error
  • 39. Story  4 Red  Team • GOAL  – Gain  access  to  pharmaceutical  price   list – 1st  night  – dumpster  diving  – price  lists  found – 2nd night  – building  reconnaissance  – door  locks  vulnerable – Gained  access  – knitting  hook  picked  door  lock  (loiding) – Badge  ID  System  left  out  in  open  – guessed  easy  password – Created  admin  account  and  badges – Deleted  forced  entry  alerts  from  camera  and  door  security   system – Used  newly  created  badges  to  access  environment – Installed  keystroke  loggers  on  keyboards – Gained  domain  admin  privileges – Gained  full  admin  access  to  pharmaceutical  server
  • 40. Summary q Introduction q Today’s  Cyber  Challenges q Attack  Vectors q Disruption  Technology q Business  Challenges q Security  Framework q Security  Tools q Insider  Stories q Summary