Post on 23-Jan-2018
Cyber Security
How do I Know When I am Doing Enough?
• 2014 and 15 were “epic years” for data breaches
• Hackers spent an average of 205 days in victims’ systems before being detected or noticed
• 59% of employees steal proprietary corporate data when they quit or are fired.
• Every 4 Seconds, new malware is Hitting your Network
• 43% of all companies experienced a data breach
• 48% of Cybersecurity breaches occur due to lack of awareness
• As many as 75% of breaches go undiscovered for months
What’s the Big Deal?
Security and National Objectives
Cyber Crime
Yahoo Account Hack
Ransomware & Online Extortion
Cyber Crime
Cyber Crime-as-a-Service
The Insider Threat (People)
59% of employees steal proprietary corporate data when they quit or are
fired
End users continue to be the first layer of defense & weakness
The possibility of a cyber-crook disrupting your business or remotely taking control of your systems
to make unauthorized changes or steal sensitive data is greater now than ever before.
Who can afford it?
• Have a Security Plan and Policies and Procedures
• Secure Sensitive or Proprietary Data
• Eliminate unnecessary data and devices
• Ensure essential controls are implemented and regularly audited
• Change default credentials / Avoid “shared” or “re-used” credentials
• Use antivirus and update software consistently
• Audit user accounts
• Restrict and monitor privileged users
• Monitor and filter outbound network traffic
• Implement application testing and code reviews
• Monitor and consolidate/correlate event logs
• Define ‘suspicious’ and ‘anomalous’ (then look for it)
• Increase overall security awareness
• Create an incident response and crisis/communications plan
• Conduct and participate in cyber exercises
• Secure Business Partner Connections and Third Party Services
• Place an emphasis on risk awareness and “cyber resiliency”
Cyber Hygiene / Best Practices
• Centralized Security Services
• Common Architecture/Toolsets
• Centralized analytics and event
management
• Risk Awareness / Assessment
• Data Loss Detection/Prevention
• DDOS Attack Mitigation
• Incident Response and Containment
• Multi-Factor Authentication
• Crisis Communications / Breach Plans
48
Key Protective Measures
Cloud Security & Emerging Technology Security
Applications & Data Security
Endpoint & Mobile Security
Network & Gateway Security
Threat & Vulnerability Management
Security Monitoring & Operations
Pol
icie
s
Pro
cess
es
Pro
cedu
res
Ser
vice
Too
ls
Peo
ple
Service Data
Infrastructure
Environment
Mapping Services to the Business
Cloud Security & Emerging Technology Security
Applications & Data Security
Endpoint & Mobile Security
Network & Gateway Security
Threat & Vulnerability Management
Security Monitoring & Operations
Pol
icie
s
Pro
cess
es
Pro
cedu
res
Ser
vice
Too
ls
Peo
ple
Service Data
Infrastructure
Environment
Mapping Services to the Business
Emails blocked as spam or malicious by our
Enterprise Email Filtering service
Service Data
Mapping Services to the Business
541,944
88,200
89,454,268,248
7,716,436
1,214,849,029
Attacks blocked by our Host Intrusion Prevention
Service (HIPS)
Attacks blocked by our Enterprise Network
Intrusion Prevention Service (NIPS)
Connections blocked by the Enterprise Firewall
service
Attacks on our Internet facing web applications
blocked by the Web Application Firewall service
Emails blocked as spam or malicious by our
Enterprise Email Filtering service
18,180 Viruses caught/quarantined/cleaned by the
Enterprise AntiVirus service
Over the past 12 months:
Service Data
Mapping Services to the Business
• What percentage of all commonwealth incoming email was blocked as spam or malicious by our enterprise email filtering service?
• a) 17%
• b) 46%
• c) 79%
• d) 91% 91%Only 9% of all incoming email was actually considered
legitimate business related traffic.
Without the service, every employee of the commonwealth would receive roughly 50SPAM emails every day.
Mapping Services to the Business
Annual Return on Security Investment in
AntiSpam Services
$38,978,690 Risk Exposure
X
96.3% risk mitigated after
service implementation ((
$616,562
service cost
$616,562
service cost
= -
ROSI = 6000%
?
Security ROI to the Business
The Airport Comparison
Opportunities