Post on 18-Jan-2016
South Wales Cyber Security Cluster
www.southwalescyber.net
A networking group with a purpose
MembershipOpen to anyone with aninterest in Cyber Security
FREEto join
Meetings held every 3rd Tuesday of the month 2pm – 4pm
Clwstwr Seiberddiogelwch De Cymru
• National Cyber Security Strategy
• Wales – UK Hub for Cyber Security
• Formed & led by Welsh businesses
• Communicating Cyber Initiatives
• Developing Cyber Skills in Wales
• Growing Welsh Cyber Companies
South Wales Cyber Security Cluster
www.southwalescyber.net
Clwstwr Seiberddiogelwch De Cymru
PenetrationTesting
ask a hacker to attempt to get at that “risky” datato see what vulnerabilities
exist at a point-in-time
SecurityMonitoring
set up ongoing monitoringto check if that “risky” datais threatened or becomes vulnerable through-time
RiskAssessment
what information or data, if it got into the wrong hands,
would put you at risk from reputational or financial loss
The shaded area where the 3 circles meet is where every other cyber security product or service sits How do you know which of these might be right for you unless you have done the 3 “must do’s” first?
The 3 “must do’s” of Cyber Security…Compliance
South Wales Cyber Security Cluster
Clwstwr Seiberddiogelwch De Cymru
What you need to know about Cyber Risk Assessments…
www.southwalescyber.net
RiskAssessment
what information or data, if it got into the wrong hands,
would put you at risk from reputational or financial loss• Assessing the risk to your data – think CIA
• Not all data is equal – Cutlery or Jewellery
• Understanding the risk is real
• Determining your risk appetite
Likelihood Impact Response
ThreatsThreat Sources
Balance of Probability
ConfidentialityIntegrity Availability
AcceptAvoid
Mitigate
Once the Cyber Risk Assessment is completed it’s time to test it…
South Wales Cyber Security Cluster
Clwstwr Seiberddiogelwch De Cymru
www.southwalescyber.net
PenetrationTesting
ask a hacker to attempt to get at that “risky” datato see what vulnerabilities
exist at a point-in-time• Vulnerability Assessment
• Penetration Test – “go on, hit me!”
• Setting the scope - Cutlery or Jewellery
• White Hat, Grey Hat, Black Hat
Footprinting Scanning Attack
It’s amazing what you can find
on the web
Activeor
Passive
When do you stop?
What you need to know about Penetration Testing…
This is a “point in time” check, what about checking continuously through time…
South Wales Cyber Security Cluster
Clwstwr Seiberddiogelwch De Cymru
SecurityMonitoring
set up ongoing monitoringto check if that “risky” datais threatened or becomes vulnerable through-time
Know what “risky” data you are trying to protect (Risk Assessment), know what vulnerabilities exist (Pen Test)Monitor the data types that will tell you the Cause, Event and Effect of threats to those vulnerabilities
What you need to know about Security Monitoring…
Cause Event Effect
Who did it?When did it happen?Where did it happen?
What happened?How many times?What changed?
Effect on infrastructure?Effect on users?
Effect on business?
SIEM or Log Management Configuration, Asset, Flow, File Performance & Availability
• Monitoring is based on Data Type
• Relational databases can’t handle disparate data
• This is why IT teams buy multiple systems
• But… which systems do you need?
www.southwalescyber.net
South Wales Cyber Security Cluster
Clwstwr Seiberddiogelwch De Cymru
What you need to know about other cyber security products or services…
www.southwalescyber.net
• Consulting
• Security Services
• Security Hardware
• Security Software
• Secure Infrastructure
• Governance Risk & Compliance
• Cyber Essentials Certification
5 “essential” aspects
Block 80% of threats