SlideShare ist ein Scribd-Unternehmen logo

You will be breached

Mike Saunders
Mike Saunders

Your organization will be breached. It's a matter of when, not if. How you respond may be the difference between recovering and closing your doors. This talk is designed to help small businesses or businesses with small IT organizations to develop a viable incident response program. Presented at the 2013 ND IT Symposium on 5/1/2013.

Technologie
1 von 35
Downloaden Sie, um offline zu lesen
Are you prepared? What is your response plan? Mike Saunders – CISSP, GCIH, GPEN
Agenda  Definition of a breach  Background statistics on breaches  What a breach may look like  Preparing your response plan  Putting your plan into action  Links to resources
Key Assumptions  Small to medium-sized business (SMB)  25 – 500 employees  Few IT resources, few or none dedicated to IT security
What Is a Breach?  Breach means an intrusion into a computer system, i.e. hacking or exposure of sensitive data  Causes of a breach:  crimes of opportunity  targeted attacks  viruses  web-delivered malware  malicious insiders  unintentional disclosures
Breach Statistics  55% of SMBs surveyed were breached in the last year, 53% more than once – Ponemon Institute  Verizon 2012 DBIR found 71.5% of incidents studied were in organizations of less than 100 employees  Up from 63% in 2011  2011 Symantec ISTR found 28% of targeted attacks were against companies with less than 500 employees
Costs of a Breach  Average cost of reported breach: $5.5 million  Average cost per stolen record: $194  Symantec ISTR  Fines  Possible jail terms under HIPAA  Loss of customer and business partner confidence
How Do I Know I’ve Been Breached? www.digitaltrends.com
Overt  Defaced website
Defaced Websites bundlr.com
Defaced Websites sunbeltblog.blogspot.com
Defaced Websites news.cnet.com
Overt  Defaced website  Unauthorized bank transfers
Unauthorized wire transfer krebsonsecurity.com
Compromised PayPal Account yadiwibowo30.blogspot.com
Overt  Defaced website  Unauthorized bank transfers  Destruction of data  Data held hostage – “ransomware”
Image of Ransomware arstechnica.com
Overt  Defaced website  Unauthorized bank transfers  Destruction of data  Data held hostage – “ransomware”  Notification from outside entity
Covert  System slowness  Abnormal log entries  Strange notifications when visiting a website  Helpdesk may notice a pattern
Malicious Java Applet www.cso.com.au
Fake AntiVirus Notification blog.unmaskparasites.com
No obvious indicators  There may not be an obvious indicator of a breach  Detect through well-developed security intelligence program  66% of breaches went undiscovered for several months or longer  Verizon 2013 DBIR
Benefits of Adequate Preparation  Economic  Stop ongoing loss of data or business interruption  Reduce time to resolution after incident is discovered  Public Relations  PR plan helps reassure customers to prevent loss of confidence  Legal  Demonstrates due diligence
Preparation: Getting Started  Get management support!  Define your incident handling team members  Not just IT! IT, Security, Legal, HR, PR, Management, external IT vendor  Designate an incident leader. This person needs to be calm under fire
Preparation: Basics  Policies  Strong policies help enforce compliance and define roles and responsibilities  Incident Handling policies provide legal authority to investigate, “sniff” network traffic, monitor activities  Procedures  Clear, thorough, tested procedures help reduce confusion when tensions are high  Checklists  Notification procedures – legal, PR, law enforcement
Preparation: Communications  Define a communications plan  Email and phone may be down or compromised; make sure you have cell numbers  Identify alternate contacts  Don’t forget to include IT vendor, network provider, etc.  Test your calling tree at least annually  Keep paper copies and keep them up to date
Preparation: Testing and Practice  Perform incident handling tabletop exercises  When problems are identified, be sure to update procedures
Execution  Document all steps in a notebook  Helps to have one person working, another keeping notes  Measure twice, cut once… First, do no harm…  In other words, don’t be too hasty  Step back to see the forest for the trees
Mistakes Happen  Success does not consist in never making mistakes, but in never making the same one a second time. – George Bernard Shaw
Lessons Learned  Be sure to hold a lessons learned session after breach  Hold within two weeks  Identify what failed and why  Implement fixes and update documentation
Resources  Local law enforcement, including FBI  Professional Security Organizations  ISSA  https://sites.google.com/site/northdakotaissa/  InfraGard  http://infragard-nd.org  SANS Reading Room  http://www.sans.org/reading_room/  SANS Incident Handling Forms  http://www.sans.org/score/incidentforms/
Summary  All sizes of organizations are being attacked  Vast majority of attacks are from outsiders – 92%  Verizon 2013 DBIR  Hacking constitutes the majority of attacks – 52%  Verizon 2013 DBIR  Incident response plans are key to recovery and limiting liability  There is a vast array of resources available to help you build your plan
Resources  An Incident Handling Process for Small and Medium Businesses  http://www.sans.org/reading_room/whitepapers/incident/incident- handling-process-small-medium-businesses_1791  Creating a Computer Security Incident Response Team (CSIRT)  http://www.cert.org/csirts/Creating-A-CSIRT.html  NIST SP800-61 Rev. 2: Computer Security Incident Handling Guide  http://crsc.nist.gov/publications/nistpubs/800-61rev2/SP800- 61rev2.pdf  Corporate Incident Response – Why You Can’t Afford to Ignore It  http://www.mcafee.com/us/resources/white-papers/foundstone/wp- corp-incident-response.pdf
References  Ponemon Institute Survey for Hartford Steam Boiler  http://www.hsbwhistlestop.com/agents/express/2013/02/hsbSurvey.ph p  Verizon 2013 Data Breach Investigations Report  http://www.verizonenterprise.com/DBIR/2013/  Verizon 2012 Data Breach Investigations Report  http://www.verizonenterprise.com/resources/reports/rp_data-breach- investigations-report-2012_en_xg.pdf  Symantec 2011 Internet Security Threat Report  http://www.symantec.com/content/en/us/enterprise/other_resources/ b-istr_main_report_2011_21239364.en-us.pdf
Contact Me  msaunders.sec@gmail.com  @hardwaterhacker  http://hardwatersec.blogspot.com/
Questions?

Empfohlen

Craft Your Cyber Incident Response Plan (Before It's Too Late)
Craft Your Cyber Incident Response Plan (Before It's Too Late)Craft Your Cyber Incident Response Plan (Before It's Too Late)
Craft Your Cyber Incident Response Plan (Before It's Too Late)Resilient Systems
 
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial InstitutionsCybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial InstitutionsShawn Tuma
 
SFScon 21 - Matteo Falsetti - Cybersecurity Management in the Supply Chain
SFScon 21 - Matteo Falsetti - Cybersecurity Management in the Supply ChainSFScon 21 - Matteo Falsetti - Cybersecurity Management in the Supply Chain
SFScon 21 - Matteo Falsetti - Cybersecurity Management in the Supply ChainSouth Tyrol Free Software Conference
 
You Will Be Breached
You Will Be BreachedYou Will Be Breached
You Will Be BreachedMike Saunders
 
Data Driven Risk Assessment
Data Driven Risk AssessmentData Driven Risk Assessment
Data Driven Risk AssessmentResolver Inc.
 
Window of Compromise
Window of CompromiseWindow of Compromise
Window of CompromiseSecurityMetrics
 
FireEye Cyber Defense Summit 2016 Now What - Before & After The Breach
FireEye Cyber Defense Summit 2016 Now What - Before & After The BreachFireEye Cyber Defense Summit 2016 Now What - Before & After The Breach
FireEye Cyber Defense Summit 2016 Now What - Before & After The BreachFireEye, Inc.
 
Making Threat Modeling Useful To Software Development
Making Threat Modeling Useful To Software DevelopmentMaking Threat Modeling Useful To Software Development
Making Threat Modeling Useful To Software DevelopmentConSanFrancisco123
 

Empfohlen

Craft Your Cyber Incident Response Plan (Before It's Too Late)
Craft Your Cyber Incident Response Plan (Before It's Too Late)Craft Your Cyber Incident Response Plan (Before It's Too Late)
Craft Your Cyber Incident Response Plan (Before It's Too Late)Resilient Systems
 
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial InstitutionsCybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial InstitutionsShawn Tuma
 
SFScon 21 - Matteo Falsetti - Cybersecurity Management in the Supply Chain
SFScon 21 - Matteo Falsetti - Cybersecurity Management in the Supply ChainSFScon 21 - Matteo Falsetti - Cybersecurity Management in the Supply Chain
SFScon 21 - Matteo Falsetti - Cybersecurity Management in the Supply ChainSouth Tyrol Free Software Conference
 
You Will Be Breached
You Will Be BreachedYou Will Be Breached
You Will Be BreachedMike Saunders
 
Data Driven Risk Assessment
Data Driven Risk AssessmentData Driven Risk Assessment
Data Driven Risk AssessmentResolver Inc.
 
Window of Compromise
Window of CompromiseWindow of Compromise
Window of CompromiseSecurityMetrics
 
FireEye Cyber Defense Summit 2016 Now What - Before & After The Breach
FireEye Cyber Defense Summit 2016 Now What - Before & After The BreachFireEye Cyber Defense Summit 2016 Now What - Before & After The Breach
FireEye Cyber Defense Summit 2016 Now What - Before & After The BreachFireEye, Inc.
 
Making Threat Modeling Useful To Software Development
Making Threat Modeling Useful To Software DevelopmentMaking Threat Modeling Useful To Software Development
Making Threat Modeling Useful To Software DevelopmentConSanFrancisco123
 
Bob West - Educating the Board of Directors
Bob West - Educating the Board of DirectorsBob West - Educating the Board of Directors
Bob West - Educating the Board of Directorscentralohioissa
 
Cyber security do your part be the resistance
Cyber security do your part be the resistanceCyber security do your part be the resistance
Cyber security do your part be the resistancePaul-Charife Allen
 
Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...
Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...
Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...Shawn Tuma
 
Tripwire Energy Working Group Session w/Dale Peterson
Tripwire Energy Working Group Session w/Dale PetersonTripwire Energy Working Group Session w/Dale Peterson
Tripwire Energy Working Group Session w/Dale PetersonTripwire
 
How to Establish a Cyber Security Readiness Program
How to Establish a Cyber Security Readiness ProgramHow to Establish a Cyber Security Readiness Program
How to Establish a Cyber Security Readiness ProgramMatt Moneypenny
 
Unintentional Insider Threat featuring Dr. Eric Cole
Unintentional Insider Threat featuring Dr. Eric ColeUnintentional Insider Threat featuring Dr. Eric Cole
Unintentional Insider Threat featuring Dr. Eric ColeDavid Mai, MBA
 
Security Program Guidance and Establishing a Culture of Security
Security Program Guidance and Establishing a Culture of SecuritySecurity Program Guidance and Establishing a Culture of Security
Security Program Guidance and Establishing a Culture of SecurityDoug Copley
 
Not-For-Profit Cybersecurity and Privacy Disrupters During COVID-19
Not-For-Profit Cybersecurity and Privacy Disrupters During COVID-19Not-For-Profit Cybersecurity and Privacy Disrupters During COVID-19
Not-For-Profit Cybersecurity and Privacy Disrupters During COVID-19Citrin Cooperman
 
How To Handle Cybersecurity Risk PowerPoint Presentation Slides
How To Handle Cybersecurity Risk PowerPoint Presentation SlidesHow To Handle Cybersecurity Risk PowerPoint Presentation Slides
How To Handle Cybersecurity Risk PowerPoint Presentation SlidesSlideTeam
 
Incident Response: How To Prepare
Incident Response: How To PrepareIncident Response: How To Prepare
Incident Response: How To PrepareResilient Systems
 
Building Human Intelligence – Pun Intended
Building Human Intelligence – Pun IntendedBuilding Human Intelligence – Pun Intended
Building Human Intelligence – Pun IntendedEnergySec
 
What CIOs Need To Tell Their Boards About Cyber Security
What CIOs Need To Tell Their Boards About Cyber SecurityWhat CIOs Need To Tell Their Boards About Cyber Security
What CIOs Need To Tell Their Boards About Cyber SecurityKaryl Scott
 
Tech Demo: Take the Ransom Out of Ransomware
Tech Demo: Take the Ransom Out of RansomwareTech Demo: Take the Ransom Out of Ransomware
Tech Demo: Take the Ransom Out of Ransomwaremarketingunitrends
 
Your cyber security webinar
Your cyber security webinarYour cyber security webinar
Your cyber security webinarIntergen
 
Proactive incident response
Proactive incident responseProactive incident response
Proactive incident responseBrian Honan
 
Cylance Ransomware-Remediation & Prevention Consulting Data-sheet
Cylance Ransomware-Remediation & Prevention Consulting Data-sheetCylance Ransomware-Remediation & Prevention Consulting Data-sheet
Cylance Ransomware-Remediation & Prevention Consulting Data-sheetInnovation Network Technologies: InNet
 
The insider versus external threat
The insider versus external threatThe insider versus external threat
The insider versus external threatzhihaochen
 
Ponemon Report: Cyber Security Incident Response: Are we as prepared as we th...
Ponemon Report: Cyber Security Incident Response: Are we as prepared as we th...Ponemon Report: Cyber Security Incident Response: Are we as prepared as we th...
Ponemon Report: Cyber Security Incident Response: Are we as prepared as we th...Lancope, Inc.
 
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...Citrin Cooperman
 
Mitigating Risk from Cyber Security Attacks
Mitigating Risk from Cyber Security AttacksMitigating Risk from Cyber Security Attacks
Mitigating Risk from Cyber Security AttacksTripwire
 
SDR101-presentation-distro
SDR101-presentation-distroSDR101-presentation-distro
SDR101-presentation-distroMike Saunders
 
SDR 101 - NDSU CyberSecurity 2017
SDR 101 - NDSU CyberSecurity 2017SDR 101 - NDSU CyberSecurity 2017
SDR 101 - NDSU CyberSecurity 2017Mike Saunders
 

Weitere ähnliche Inhalte

Was ist angesagt?

Bob West - Educating the Board of Directors
Bob West - Educating the Board of DirectorsBob West - Educating the Board of Directors
Bob West - Educating the Board of Directorscentralohioissa
 
Cyber security do your part be the resistance
Cyber security do your part be the resistanceCyber security do your part be the resistance
Cyber security do your part be the resistancePaul-Charife Allen
 
Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...
Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...
Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...Shawn Tuma
 
Tripwire Energy Working Group Session w/Dale Peterson
Tripwire Energy Working Group Session w/Dale PetersonTripwire Energy Working Group Session w/Dale Peterson
Tripwire Energy Working Group Session w/Dale PetersonTripwire
 
How to Establish a Cyber Security Readiness Program
How to Establish a Cyber Security Readiness ProgramHow to Establish a Cyber Security Readiness Program
How to Establish a Cyber Security Readiness ProgramMatt Moneypenny
 
Unintentional Insider Threat featuring Dr. Eric Cole
Unintentional Insider Threat featuring Dr. Eric ColeUnintentional Insider Threat featuring Dr. Eric Cole
Unintentional Insider Threat featuring Dr. Eric ColeDavid Mai, MBA
 
Security Program Guidance and Establishing a Culture of Security
Security Program Guidance and Establishing a Culture of SecuritySecurity Program Guidance and Establishing a Culture of Security
Security Program Guidance and Establishing a Culture of SecurityDoug Copley
 
Not-For-Profit Cybersecurity and Privacy Disrupters During COVID-19
Not-For-Profit Cybersecurity and Privacy Disrupters During COVID-19Not-For-Profit Cybersecurity and Privacy Disrupters During COVID-19
Not-For-Profit Cybersecurity and Privacy Disrupters During COVID-19Citrin Cooperman
 
How To Handle Cybersecurity Risk PowerPoint Presentation Slides
How To Handle Cybersecurity Risk PowerPoint Presentation SlidesHow To Handle Cybersecurity Risk PowerPoint Presentation Slides
How To Handle Cybersecurity Risk PowerPoint Presentation SlidesSlideTeam
 
Incident Response: How To Prepare
Incident Response: How To PrepareIncident Response: How To Prepare
Incident Response: How To PrepareResilient Systems
 
Building Human Intelligence – Pun Intended
Building Human Intelligence – Pun IntendedBuilding Human Intelligence – Pun Intended
Building Human Intelligence – Pun IntendedEnergySec
 
What CIOs Need To Tell Their Boards About Cyber Security
What CIOs Need To Tell Their Boards About Cyber SecurityWhat CIOs Need To Tell Their Boards About Cyber Security
What CIOs Need To Tell Their Boards About Cyber SecurityKaryl Scott
 
Tech Demo: Take the Ransom Out of Ransomware
Tech Demo: Take the Ransom Out of RansomwareTech Demo: Take the Ransom Out of Ransomware
Tech Demo: Take the Ransom Out of Ransomwaremarketingunitrends
 
Your cyber security webinar
Your cyber security webinarYour cyber security webinar
Your cyber security webinarIntergen
 
Proactive incident response
Proactive incident responseProactive incident response
Proactive incident responseBrian Honan
 
The insider versus external threat
The insider versus external threatThe insider versus external threat
The insider versus external threatzhihaochen
 
Ponemon Report: Cyber Security Incident Response: Are we as prepared as we th...
Ponemon Report: Cyber Security Incident Response: Are we as prepared as we th...Ponemon Report: Cyber Security Incident Response: Are we as prepared as we th...
Ponemon Report: Cyber Security Incident Response: Are we as prepared as we th...Lancope, Inc.
 
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...Citrin Cooperman
 
Mitigating Risk from Cyber Security Attacks
Mitigating Risk from Cyber Security AttacksMitigating Risk from Cyber Security Attacks
Mitigating Risk from Cyber Security AttacksTripwire
 

Was ist angesagt? (20)

Bob West - Educating the Board of Directors
Bob West - Educating the Board of DirectorsBob West - Educating the Board of Directors
Bob West - Educating the Board of Directors
 
Cyber security do your part be the resistance
Cyber security do your part be the resistanceCyber security do your part be the resistance
Cyber security do your part be the resistance
 
Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...
Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...
Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...
 
Tripwire Energy Working Group Session w/Dale Peterson
Tripwire Energy Working Group Session w/Dale PetersonTripwire Energy Working Group Session w/Dale Peterson
Tripwire Energy Working Group Session w/Dale Peterson
 
How to Establish a Cyber Security Readiness Program
How to Establish a Cyber Security Readiness ProgramHow to Establish a Cyber Security Readiness Program
How to Establish a Cyber Security Readiness Program
 
Unintentional Insider Threat featuring Dr. Eric Cole
Unintentional Insider Threat featuring Dr. Eric ColeUnintentional Insider Threat featuring Dr. Eric Cole
Unintentional Insider Threat featuring Dr. Eric Cole
 
Security Program Guidance and Establishing a Culture of Security
Security Program Guidance and Establishing a Culture of SecuritySecurity Program Guidance and Establishing a Culture of Security
Security Program Guidance and Establishing a Culture of Security
 
Not-For-Profit Cybersecurity and Privacy Disrupters During COVID-19
Not-For-Profit Cybersecurity and Privacy Disrupters During COVID-19Not-For-Profit Cybersecurity and Privacy Disrupters During COVID-19
Not-For-Profit Cybersecurity and Privacy Disrupters During COVID-19
 
How To Handle Cybersecurity Risk PowerPoint Presentation Slides
How To Handle Cybersecurity Risk PowerPoint Presentation SlidesHow To Handle Cybersecurity Risk PowerPoint Presentation Slides
How To Handle Cybersecurity Risk PowerPoint Presentation Slides
 
Incident Response: How To Prepare
Incident Response: How To PrepareIncident Response: How To Prepare
Incident Response: How To Prepare
 
Building Human Intelligence – Pun Intended
Building Human Intelligence – Pun IntendedBuilding Human Intelligence – Pun Intended
Building Human Intelligence – Pun Intended
 
What CIOs Need To Tell Their Boards About Cyber Security
What CIOs Need To Tell Their Boards About Cyber SecurityWhat CIOs Need To Tell Their Boards About Cyber Security
What CIOs Need To Tell Their Boards About Cyber Security
 
Tech Demo: Take the Ransom Out of Ransomware
Tech Demo: Take the Ransom Out of RansomwareTech Demo: Take the Ransom Out of Ransomware
Tech Demo: Take the Ransom Out of Ransomware
 
Your cyber security webinar
Your cyber security webinarYour cyber security webinar
Your cyber security webinar
 
Proactive incident response
Proactive incident responseProactive incident response
Proactive incident response
 
Cylance Ransomware-Remediation & Prevention Consulting Data-sheet
Cylance Ransomware-Remediation & Prevention Consulting Data-sheetCylance Ransomware-Remediation & Prevention Consulting Data-sheet
Cylance Ransomware-Remediation & Prevention Consulting Data-sheet
 
The insider versus external threat
The insider versus external threatThe insider versus external threat
The insider versus external threat
 
Ponemon Report: Cyber Security Incident Response: Are we as prepared as we th...
Ponemon Report: Cyber Security Incident Response: Are we as prepared as we th...Ponemon Report: Cyber Security Incident Response: Are we as prepared as we th...
Ponemon Report: Cyber Security Incident Response: Are we as prepared as we th...
 
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...
 
Mitigating Risk from Cyber Security Attacks
Mitigating Risk from Cyber Security AttacksMitigating Risk from Cyber Security Attacks
Mitigating Risk from Cyber Security Attacks
 

Andere mochten auch

SDR101-presentation-distro
SDR101-presentation-distroSDR101-presentation-distro
SDR101-presentation-distroMike Saunders
 
SDR 101 - NDSU CyberSecurity 2017
SDR 101 - NDSU CyberSecurity 2017SDR 101 - NDSU CyberSecurity 2017
SDR 101 - NDSU CyberSecurity 2017Mike Saunders
 
Effect of cold rolling on low cycle fatigue behavior
Effect of cold rolling on low cycle fatigue behaviorEffect of cold rolling on low cycle fatigue behavior
Effect of cold rolling on low cycle fatigue behavioreSAT Publishing House
 
June 1 2015 'prescription for life'
June 1 2015 'prescription for life'June 1 2015 'prescription for life'
June 1 2015 'prescription for life'Gary Thompson
 
Research regarding calculation of the tensile forces
Research regarding calculation of the tensile forcesResearch regarding calculation of the tensile forces
Research regarding calculation of the tensile forceseSAT Publishing House
 
Designing and installation of low cost optimized wind monitoring system
Designing and installation of low cost optimized wind monitoring systemDesigning and installation of low cost optimized wind monitoring system
Designing and installation of low cost optimized wind monitoring systemeSAT Publishing House
 
Citizen journalism-Maapsi
Citizen journalism-MaapsiCitizen journalism-Maapsi
Citizen journalism-MaapsiSumit Banik
 

Andere mochten auch (20)

SDR101-presentation-distro
SDR101-presentation-distroSDR101-presentation-distro
SDR101-presentation-distro
 
SDR 101 - NDSU CyberSecurity 2017
SDR 101 - NDSU CyberSecurity 2017SDR 101 - NDSU CyberSecurity 2017
SDR 101 - NDSU CyberSecurity 2017
 
La constituccion informatica 2
La constituccion informatica 2La constituccion informatica 2
La constituccion informatica 2
 
Effect of cold rolling on low cycle fatigue behavior
Effect of cold rolling on low cycle fatigue behaviorEffect of cold rolling on low cycle fatigue behavior
Effect of cold rolling on low cycle fatigue behavior
 
present perfect orf "is/are"
present perfect orf "is/are"present perfect orf "is/are"
present perfect orf "is/are"
 
June 1 2015 'prescription for life'
June 1 2015 'prescription for life'June 1 2015 'prescription for life'
June 1 2015 'prescription for life'
 
Local Food Presentation
Local Food PresentationLocal Food Presentation
Local Food Presentation
 
Learners’ needs, proposals and necessary features for a LMS.
Learners’ needs, proposals and necessary features for a LMS.Learners’ needs, proposals and necessary features for a LMS.
Learners’ needs, proposals and necessary features for a LMS.
 
Glossary
GlossaryGlossary
Glossary
 
Fatih Kalaycı
Fatih KalaycıFatih Kalaycı
Fatih Kalaycı
 
technology and us
technology and ustechnology and us
technology and us
 
Jooq java object oriented querying
Jooq java object oriented queryingJooq java object oriented querying
Jooq java object oriented querying
 
Speakers of ISIDD 2016
Speakers of ISIDD 2016Speakers of ISIDD 2016
Speakers of ISIDD 2016
 
Simeon world-2100
Simeon world-2100Simeon world-2100
Simeon world-2100
 
Chương 5
Chương 5Chương 5
Chương 5
 
Research regarding calculation of the tensile forces
Research regarding calculation of the tensile forcesResearch regarding calculation of the tensile forces
Research regarding calculation of the tensile forces
 
Sofware libre guardar melll
Sofware libre guardar melllSofware libre guardar melll
Sofware libre guardar melll
 
Worksheets
WorksheetsWorksheets
Worksheets
 
Designing and installation of low cost optimized wind monitoring system
Designing and installation of low cost optimized wind monitoring systemDesigning and installation of low cost optimized wind monitoring system
Designing and installation of low cost optimized wind monitoring system
 
Citizen journalism-Maapsi
Citizen journalism-MaapsiCitizen journalism-Maapsi
Citizen journalism-Maapsi
 

Ähnlich wie You will be breached

Safeguarding Your Business: Understanding, Preventing, and Responding to Data...
Safeguarding Your Business: Understanding, Preventing, and Responding to Data...Safeguarding Your Business: Understanding, Preventing, and Responding to Data...
Safeguarding Your Business: Understanding, Preventing, and Responding to Data...cyberprosocial
 
Cyber Security for the Small Business Experience
Cyber Security for the Small Business ExperienceCyber Security for the Small Business Experience
Cyber Security for the Small Business ExperienceNational Retail Federation
 
Before the Breach: Using threat intelligence to stop attackers in their tracks
Before the Breach: Using threat intelligence to stop attackers in their tracksBefore the Breach: Using threat intelligence to stop attackers in their tracks
Before the Breach: Using threat intelligence to stop attackers in their tracks- Mark - Fullbright
 
Netwealth educational webinar: Peace of mind in a digital world
Netwealth educational webinar: Peace of mind in a digital worldNetwealth educational webinar: Peace of mind in a digital world
Netwealth educational webinar: Peace of mind in a digital worldnetwealthInvest
 
Cybersecurity risk assessments help organizations identify.pdf
Cybersecurity risk assessments help organizations identify.pdfCybersecurity risk assessments help organizations identify.pdf
Cybersecurity risk assessments help organizations identify.pdfTheWalkerGroup1
 
Insider Threats_ Top Four Ways to Protect Enterprises - ITSecurityWire.pdf
Insider Threats_ Top Four Ways to Protect Enterprises - ITSecurityWire.pdfInsider Threats_ Top Four Ways to Protect Enterprises - ITSecurityWire.pdf
Insider Threats_ Top Four Ways to Protect Enterprises - ITSecurityWire.pdfEnterprise Insider
 
Convergence innovative integration of security
Convergence innovative integration of securityConvergence innovative integration of security
Convergence innovative integration of securityciso_insights
 
Foley-Cybersecurity-White-Paper_3.9.15
Foley-Cybersecurity-White-Paper_3.9.15Foley-Cybersecurity-White-Paper_3.9.15
Foley-Cybersecurity-White-Paper_3.9.15James Fisher
 
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdfFor Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdfJustinBrown267905
 
The Small Business Cyber Security Best Practice Guide
The Small Business Cyber Security Best Practice GuideThe Small Business Cyber Security Best Practice Guide
The Small Business Cyber Security Best Practice GuideInspiring Women
 
Gp2 Public Policy Assign8 644 Sp10
Gp2 Public Policy Assign8 644 Sp10Gp2 Public Policy Assign8 644 Sp10
Gp2 Public Policy Assign8 644 Sp10Deepa Devadas
 
Enterprise security management II
Enterprise security management IIEnterprise security management II
Enterprise security management IIzapp0
 
The Top Cybersecurity Threats Frightening Small Businesses Today
The Top Cybersecurity Threats Frightening Small Businesses TodayThe Top Cybersecurity Threats Frightening Small Businesses Today
The Top Cybersecurity Threats Frightening Small Businesses TodayPC Doctors NET
 
Copy of The Ongoing Threat of Ransomware on Small to Medium-Si
Copy of The Ongoing Threat of Ransomware on Small to Medium-SiCopy of The Ongoing Threat of Ransomware on Small to Medium-Si
Copy of The Ongoing Threat of Ransomware on Small to Medium-SiAlleneMcclendon878
 
Aon Ransomware Response and Mitigation Strategies
Aon Ransomware Response and Mitigation StrategiesAon Ransomware Response and Mitigation Strategies
Aon Ransomware Response and Mitigation StrategiesCSNP
 
To Be Great Enterprise Risk Managers, CISOs Need to Be Great Collaborators
To Be Great Enterprise Risk Managers, CISOs Need to Be Great CollaboratorsTo Be Great Enterprise Risk Managers, CISOs Need to Be Great Collaborators
To Be Great Enterprise Risk Managers, CISOs Need to Be Great CollaboratorsElizabeth Dimit
 
DeltaV Security - Don’t Let Your Business Be Caught Without It
DeltaV Security - Don’t Let Your Business Be Caught Without ItDeltaV Security - Don’t Let Your Business Be Caught Without It
DeltaV Security - Don’t Let Your Business Be Caught Without ItEmerson Exchange
 
Audit and Compliance BDR Knowledge Training
Audit and Compliance BDR Knowledge TrainingAudit and Compliance BDR Knowledge Training
Audit and Compliance BDR Knowledge TrainingTory Quinton
 

Ähnlich wie You will be breached (20)

YBB-NW-distribution
YBB-NW-distributionYBB-NW-distribution
YBB-NW-distribution
 
Safeguarding Your Business: Understanding, Preventing, and Responding to Data...
Safeguarding Your Business: Understanding, Preventing, and Responding to Data...Safeguarding Your Business: Understanding, Preventing, and Responding to Data...
Safeguarding Your Business: Understanding, Preventing, and Responding to Data...
 
Cyber Security for the Small Business Experience
Cyber Security for the Small Business ExperienceCyber Security for the Small Business Experience
Cyber Security for the Small Business Experience
 
Before the Breach: Using threat intelligence to stop attackers in their tracks
Before the Breach: Using threat intelligence to stop attackers in their tracksBefore the Breach: Using threat intelligence to stop attackers in their tracks
Before the Breach: Using threat intelligence to stop attackers in their tracks
 
BEA Presentation
BEA PresentationBEA Presentation
BEA Presentation
 
Netwealth educational webinar: Peace of mind in a digital world
Netwealth educational webinar: Peace of mind in a digital worldNetwealth educational webinar: Peace of mind in a digital world
Netwealth educational webinar: Peace of mind in a digital world
 
Cybersecurity risk assessments help organizations identify.pdf
Cybersecurity risk assessments help organizations identify.pdfCybersecurity risk assessments help organizations identify.pdf
Cybersecurity risk assessments help organizations identify.pdf
 
Insider Threats_ Top Four Ways to Protect Enterprises - ITSecurityWire.pdf
Insider Threats_ Top Four Ways to Protect Enterprises - ITSecurityWire.pdfInsider Threats_ Top Four Ways to Protect Enterprises - ITSecurityWire.pdf
Insider Threats_ Top Four Ways to Protect Enterprises - ITSecurityWire.pdf
 
Convergence innovative integration of security
Convergence innovative integration of securityConvergence innovative integration of security
Convergence innovative integration of security
 
Foley-Cybersecurity-White-Paper_3.9.15
Foley-Cybersecurity-White-Paper_3.9.15Foley-Cybersecurity-White-Paper_3.9.15
Foley-Cybersecurity-White-Paper_3.9.15
 
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdfFor Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
 
The Small Business Cyber Security Best Practice Guide
The Small Business Cyber Security Best Practice GuideThe Small Business Cyber Security Best Practice Guide
The Small Business Cyber Security Best Practice Guide
 
Gp2 Public Policy Assign8 644 Sp10
Gp2 Public Policy Assign8 644 Sp10Gp2 Public Policy Assign8 644 Sp10
Gp2 Public Policy Assign8 644 Sp10
 
Enterprise security management II
Enterprise security management IIEnterprise security management II
Enterprise security management II
 
The Top Cybersecurity Threats Frightening Small Businesses Today
The Top Cybersecurity Threats Frightening Small Businesses TodayThe Top Cybersecurity Threats Frightening Small Businesses Today
The Top Cybersecurity Threats Frightening Small Businesses Today
 
Copy of The Ongoing Threat of Ransomware on Small to Medium-Si
Copy of The Ongoing Threat of Ransomware on Small to Medium-SiCopy of The Ongoing Threat of Ransomware on Small to Medium-Si
Copy of The Ongoing Threat of Ransomware on Small to Medium-Si
 
Aon Ransomware Response and Mitigation Strategies
Aon Ransomware Response and Mitigation StrategiesAon Ransomware Response and Mitigation Strategies
Aon Ransomware Response and Mitigation Strategies
 
To Be Great Enterprise Risk Managers, CISOs Need to Be Great Collaborators
To Be Great Enterprise Risk Managers, CISOs Need to Be Great CollaboratorsTo Be Great Enterprise Risk Managers, CISOs Need to Be Great Collaborators
To Be Great Enterprise Risk Managers, CISOs Need to Be Great Collaborators
 
DeltaV Security - Don’t Let Your Business Be Caught Without It
DeltaV Security - Don’t Let Your Business Be Caught Without ItDeltaV Security - Don’t Let Your Business Be Caught Without It
DeltaV Security - Don’t Let Your Business Be Caught Without It
 
Audit and Compliance BDR Knowledge Training
Audit and Compliance BDR Knowledge TrainingAudit and Compliance BDR Knowledge Training
Audit and Compliance BDR Knowledge Training
 

Mehr von Mike Saunders

I Want My EIP - Buffer Overflow 101
I Want My EIP - Buffer Overflow 101I Want My EIP - Buffer Overflow 101
I Want My EIP - Buffer Overflow 101Mike Saunders
 
BSidesMSP 2017 - SDR101 workshop
BSidesMSP 2017 - SDR101 workshopBSidesMSP 2017 - SDR101 workshop
BSidesMSP 2017 - SDR101 workshopMike Saunders
 
InsiderThreat-2016NDITS
InsiderThreat-2016NDITSInsiderThreat-2016NDITS
InsiderThreat-2016NDITSMike Saunders
 
Detecting-Preventing-Insider-Threat
Detecting-Preventing-Insider-ThreatDetecting-Preventing-Insider-Threat
Detecting-Preventing-Insider-ThreatMike Saunders
 
DetectingSpearPhishingAttacks
DetectingSpearPhishingAttacksDetectingSpearPhishingAttacks
DetectingSpearPhishingAttacksMike Saunders
 
Is Your Data Literally Walking Out the Door?
Is Your Data Literally Walking Out the Door?Is Your Data Literally Walking Out the Door?
Is Your Data Literally Walking Out the Door?Mike Saunders
 
Is Your Data Literally Walking Out the Door-presentation
Is Your Data Literally Walking Out the Door-presentationIs Your Data Literally Walking Out the Door-presentation
Is Your Data Literally Walking Out the Door-presentationMike Saunders
 
Problems with parameters b sides-msp
Problems with parameters b sides-mspProblems with parameters b sides-msp
Problems with parameters b sides-mspMike Saunders
 

Mehr von Mike Saunders (8)

I Want My EIP - Buffer Overflow 101
I Want My EIP - Buffer Overflow 101I Want My EIP - Buffer Overflow 101
I Want My EIP - Buffer Overflow 101
 
BSidesMSP 2017 - SDR101 workshop
BSidesMSP 2017 - SDR101 workshopBSidesMSP 2017 - SDR101 workshop
BSidesMSP 2017 - SDR101 workshop
 
InsiderThreat-2016NDITS
InsiderThreat-2016NDITSInsiderThreat-2016NDITS
InsiderThreat-2016NDITS
 
Detecting-Preventing-Insider-Threat
Detecting-Preventing-Insider-ThreatDetecting-Preventing-Insider-Threat
Detecting-Preventing-Insider-Threat
 
DetectingSpearPhishingAttacks
DetectingSpearPhishingAttacksDetectingSpearPhishingAttacks
DetectingSpearPhishingAttacks
 
Is Your Data Literally Walking Out the Door?
Is Your Data Literally Walking Out the Door?Is Your Data Literally Walking Out the Door?
Is Your Data Literally Walking Out the Door?
 
Is Your Data Literally Walking Out the Door-presentation
Is Your Data Literally Walking Out the Door-presentationIs Your Data Literally Walking Out the Door-presentation
Is Your Data Literally Walking Out the Door-presentation
 
Problems with parameters b sides-msp
Problems with parameters b sides-mspProblems with parameters b sides-msp
Problems with parameters b sides-msp
 

Kürzlich hochgeladen

Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demoHarshalMandlekar2
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityIES VE
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rick Flair
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality AssuranceInflectra
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterMydbops
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfNeo4j
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfIngrid Airi González
 
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...AliaaTarek5
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Farhan Tariq
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesThousandEyes
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentPim van der Noll
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Mark Goldstein
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 

Kürzlich hochgeladen (20)

Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demo
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a reality
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL Router
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdf
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdf
 
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 

You will be breached

  • 1. Are you prepared? What is your response plan? Mike Saunders – CISSP, GCIH, GPEN
  • 2. Agenda  Definition of a breach  Background statistics on breaches  What a breach may look like  Preparing your response plan  Putting your plan into action  Links to resources
  • 3. Key Assumptions  Small to medium-sized business (SMB)  25 – 500 employees  Few IT resources, few or none dedicated to IT security
  • 4. What Is a Breach?  Breach means an intrusion into a computer system, i.e. hacking or exposure of sensitive data  Causes of a breach:  crimes of opportunity  targeted attacks  viruses  web-delivered malware  malicious insiders  unintentional disclosures
  • 5. Breach Statistics  55% of SMBs surveyed were breached in the last year, 53% more than once – Ponemon Institute  Verizon 2012 DBIR found 71.5% of incidents studied were in organizations of less than 100 employees  Up from 63% in 2011  2011 Symantec ISTR found 28% of targeted attacks were against companies with less than 500 employees
  • 6. Costs of a Breach  Average cost of reported breach: $5.5 million  Average cost per stolen record: $194  Symantec ISTR  Fines  Possible jail terms under HIPAA  Loss of customer and business partner confidence
  • 7. How Do I Know I’ve Been Breached? www.digitaltrends.com
  • 12. Overt  Defaced website  Unauthorized bank transfers
  • 15. Overt  Defaced website  Unauthorized bank transfers  Destruction of data  Data held hostage – “ransomware”
  • 17. Overt  Defaced website  Unauthorized bank transfers  Destruction of data  Data held hostage – “ransomware”  Notification from outside entity
  • 18. Covert  System slowness  Abnormal log entries  Strange notifications when visiting a website  Helpdesk may notice a pattern
  • 21. No obvious indicators  There may not be an obvious indicator of a breach  Detect through well-developed security intelligence program  66% of breaches went undiscovered for several months or longer  Verizon 2013 DBIR
  • 22. Benefits of Adequate Preparation  Economic  Stop ongoing loss of data or business interruption  Reduce time to resolution after incident is discovered  Public Relations  PR plan helps reassure customers to prevent loss of confidence  Legal  Demonstrates due diligence
  • 23. Preparation: Getting Started  Get management support!  Define your incident handling team members  Not just IT! IT, Security, Legal, HR, PR, Management, external IT vendor  Designate an incident leader. This person needs to be calm under fire
  • 24. Preparation: Basics  Policies  Strong policies help enforce compliance and define roles and responsibilities  Incident Handling policies provide legal authority to investigate, “sniff” network traffic, monitor activities  Procedures  Clear, thorough, tested procedures help reduce confusion when tensions are high  Checklists  Notification procedures – legal, PR, law enforcement
  • 25. Preparation: Communications  Define a communications plan  Email and phone may be down or compromised; make sure you have cell numbers  Identify alternate contacts  Don’t forget to include IT vendor, network provider, etc.  Test your calling tree at least annually  Keep paper copies and keep them up to date
  • 26. Preparation: Testing and Practice  Perform incident handling tabletop exercises  When problems are identified, be sure to update procedures
  • 27. Execution  Document all steps in a notebook  Helps to have one person working, another keeping notes  Measure twice, cut once… First, do no harm…  In other words, don’t be too hasty  Step back to see the forest for the trees
  • 28. Mistakes Happen  Success does not consist in never making mistakes, but in never making the same one a second time. – George Bernard Shaw
  • 29. Lessons Learned  Be sure to hold a lessons learned session after breach  Hold within two weeks  Identify what failed and why  Implement fixes and update documentation
  • 30. Resources  Local law enforcement, including FBI  Professional Security Organizations  ISSA  https://sites.google.com/site/northdakotaissa/  InfraGard  http://infragard-nd.org  SANS Reading Room  http://www.sans.org/reading_room/  SANS Incident Handling Forms  http://www.sans.org/score/incidentforms/
  • 31. Summary  All sizes of organizations are being attacked  Vast majority of attacks are from outsiders – 92%  Verizon 2013 DBIR  Hacking constitutes the majority of attacks – 52%  Verizon 2013 DBIR  Incident response plans are key to recovery and limiting liability  There is a vast array of resources available to help you build your plan
  • 32. Resources  An Incident Handling Process for Small and Medium Businesses  http://www.sans.org/reading_room/whitepapers/incident/incident- handling-process-small-medium-businesses_1791  Creating a Computer Security Incident Response Team (CSIRT)  http://www.cert.org/csirts/Creating-A-CSIRT.html  NIST SP800-61 Rev. 2: Computer Security Incident Handling Guide  http://crsc.nist.gov/publications/nistpubs/800-61rev2/SP800- 61rev2.pdf  Corporate Incident Response – Why You Can’t Afford to Ignore It  http://www.mcafee.com/us/resources/white-papers/foundstone/wp- corp-incident-response.pdf
  • 33. References  Ponemon Institute Survey for Hartford Steam Boiler  http://www.hsbwhistlestop.com/agents/express/2013/02/hsbSurvey.ph p  Verizon 2013 Data Breach Investigations Report  http://www.verizonenterprise.com/DBIR/2013/  Verizon 2012 Data Breach Investigations Report  http://www.verizonenterprise.com/resources/reports/rp_data-breach- investigations-report-2012_en_xg.pdf  Symantec 2011 Internet Security Threat Report  http://www.symantec.com/content/en/us/enterprise/other_resources/ b-istr_main_report_2011_21239364.en-us.pdf
  • 34. Contact Me  msaunders.sec@gmail.com  @hardwaterhacker  http://hardwatersec.blogspot.com/