A policy Making Model for Cybersecurity (thesis presentation in Persian)
Cybersecurity Presentation 6-11-15
-
Upload
turner-and-associates-inc -
Category
Documents
-
view
437 -
download
0
Transcript of Cybersecurity Presentation 6-11-15
![Page 1: Cybersecurity Presentation 6-11-15](https://reader036.fdocuments.us/reader036/viewer/2022070509/589cbacd1a28ab8b018b4761/html5/thumbnails/1.jpg)
1IT advisory
Cyber Security – Why I Should (or Shouldn’t) be Worried
Rodney MurrayDouglas Jambor
![Page 2: Cybersecurity Presentation 6-11-15](https://reader036.fdocuments.us/reader036/viewer/2022070509/589cbacd1a28ab8b018b4761/html5/thumbnails/2.jpg)
2IT advisory
Agenda
Brief Look at Current Data Breach Trends
Security Incidents – What are we seeing?
Common Scenarios
Benefits of a Security Assessment
![Page 3: Cybersecurity Presentation 6-11-15](https://reader036.fdocuments.us/reader036/viewer/2022070509/589cbacd1a28ab8b018b4761/html5/thumbnails/3.jpg)
3IT advisory
Firm Overview
![Page 4: Cybersecurity Presentation 6-11-15](https://reader036.fdocuments.us/reader036/viewer/2022070509/589cbacd1a28ab8b018b4761/html5/thumbnails/4.jpg)
4IT advisory
Data Breach Trends
![Page 5: Cybersecurity Presentation 6-11-15](https://reader036.fdocuments.us/reader036/viewer/2022070509/589cbacd1a28ab8b018b4761/html5/thumbnails/5.jpg)
5IT advisory
Recent Statistics
2009 2010 2011 2012 2013 20140
200
400
600
800
1000
1200
1400
1600
1800
728 8291099
16621531
1264
Source: http://datalossdb.org/statistics
![Page 6: Cybersecurity Presentation 6-11-15](https://reader036.fdocuments.us/reader036/viewer/2022070509/589cbacd1a28ab8b018b4761/html5/thumbnails/6.jpg)
6IT advisory
Recent Statistics
Financial
Govt. & Public Sector
Education
Retail
Healthcare
6%
8%
10%
11%
37%
Top 5 Sectors Breached by Number of Incidents
Source: 2015 Symantec Internet Threat Report
![Page 7: Cybersecurity Presentation 6-11-15](https://reader036.fdocuments.us/reader036/viewer/2022070509/589cbacd1a28ab8b018b4761/html5/thumbnails/7.jpg)
7IT advisory
Recent Statistics
Industrial
Retail
Communications
Financial
Pharmaceuticals
Education
Health
$155
$165
$179
$215
$220
$300
$363
Breach Cost Per Capita 2014
Source: Ponemon Institute 2015 Cost of Data Breach Study
![Page 8: Cybersecurity Presentation 6-11-15](https://reader036.fdocuments.us/reader036/viewer/2022070509/589cbacd1a28ab8b018b4761/html5/thumbnails/8.jpg)
8IT advisory
Recent Statistics
Average Time to Identify a Breach206 days
Source: 2015 Verizon Data Breach Report
Ransomware
113%
![Page 9: Cybersecurity Presentation 6-11-15](https://reader036.fdocuments.us/reader036/viewer/2022070509/589cbacd1a28ab8b018b4761/html5/thumbnails/9.jpg)
9IT advisory
Recent Statistics
Breach Root Causes 2015
Malicious or Criminal AttackSystem GlitchHuman Error
Source: Ponemon Institute 2015 Cost of Data Breach Study
47%
25%
29%
![Page 10: Cybersecurity Presentation 6-11-15](https://reader036.fdocuments.us/reader036/viewer/2022070509/589cbacd1a28ab8b018b4761/html5/thumbnails/10.jpg)
10IT advisory
Recent Statistics
Source: Hackmageddon.com
Cyber Espionage11%
Hack-tivisim
22%
Cyber Crime67%
![Page 11: Cybersecurity Presentation 6-11-15](https://reader036.fdocuments.us/reader036/viewer/2022070509/589cbacd1a28ab8b018b4761/html5/thumbnails/11.jpg)
11IT advisory
Recent Statistics
Source: Health and Human Services
Improper Disposal5%
Hacking/IT Incident7%
Loss14%
Theft51%
Unknown 3%
Unauthorized Access20%
Types of Breaches 500+
![Page 12: Cybersecurity Presentation 6-11-15](https://reader036.fdocuments.us/reader036/viewer/2022070509/589cbacd1a28ab8b018b4761/html5/thumbnails/12.jpg)
12IT advisory
Recent Statistics
Source: http://datalossdb.org/statistics
![Page 13: Cybersecurity Presentation 6-11-15](https://reader036.fdocuments.us/reader036/viewer/2022070509/589cbacd1a28ab8b018b4761/html5/thumbnails/13.jpg)
13IT advisory
Recent Statistics
Source: http://datalossdb.org/statistics
![Page 14: Cybersecurity Presentation 6-11-15](https://reader036.fdocuments.us/reader036/viewer/2022070509/589cbacd1a28ab8b018b4761/html5/thumbnails/14.jpg)
14IT advisory
Recent Statistics
Source: http://datalossdb.org/statistics
![Page 15: Cybersecurity Presentation 6-11-15](https://reader036.fdocuments.us/reader036/viewer/2022070509/589cbacd1a28ab8b018b4761/html5/thumbnails/15.jpg)
15IT advisory
Recent Known Breaches
Target MichaelsNeiman Marcus AOLExperianPF Chang’sHumana – AtlantaJP Morgan ChaseHome Depot Jimmy John’sAnthem Federal Gov’t
SC Department of RevenueNC Department of Transportation
![Page 16: Cybersecurity Presentation 6-11-15](https://reader036.fdocuments.us/reader036/viewer/2022070509/589cbacd1a28ab8b018b4761/html5/thumbnails/16.jpg)
16IT advisory
Additional Breach Examples
www.privacyrights.org
Insurance Vendor inadvertent file access UnknownCapital Management Undetected hack accessed databases 800Insurance Forms sent to DOL posted to public site UnknownCredit Union File published on website 39,000Investment Management
COBRA database accessed Unknown
NASDAQ Malware installed between 11/08 & 10/10
Unknown
Bank Malware on employees computer 115,775Bank Data not redacted for court records 146,000Bank Backup tapes missing during transport Unknown
![Page 17: Cybersecurity Presentation 6-11-15](https://reader036.fdocuments.us/reader036/viewer/2022070509/589cbacd1a28ab8b018b4761/html5/thumbnails/17.jpg)
17IT advisory
Data Mobility
2 of 5 employees download work files to personal devices
2 of 5 employees plan to use old company data in new jobs
56% of employees do not believe it is a crime to use a competitor’s trade secrets
68% say their company does not take steps to deter data leakage
- Symantec study
![Page 18: Cybersecurity Presentation 6-11-15](https://reader036.fdocuments.us/reader036/viewer/2022070509/589cbacd1a28ab8b018b4761/html5/thumbnails/18.jpg)
18IT advisory
Increasing Compliance Demands
Financial Institutions / Public CompaniesGramm-Leach-BlileyPCI – Credit and debit card dataHIPAA – healthcare / patient dataFISMA - Federal Government ContractorsLarge / public customer requirementsService Organization Controls ReportingIndividual state requirements
![Page 19: Cybersecurity Presentation 6-11-15](https://reader036.fdocuments.us/reader036/viewer/2022070509/589cbacd1a28ab8b018b4761/html5/thumbnails/19.jpg)
19IT advisory
What can I do?
Question – If someone was trying to breach your systems today …
WHO WOULD BE THE FIRST TO NOTICE IT?
Determined by People, Process, Technology in place
Reducing risk will require investment … Skillsets / resources Software / hardware solutions Third party relationships for monitoring
![Page 20: Cybersecurity Presentation 6-11-15](https://reader036.fdocuments.us/reader036/viewer/2022070509/589cbacd1a28ab8b018b4761/html5/thumbnails/20.jpg)
20IT advisory
Unanticipated Costs
Investigation Costs
Regulatory / Industry Fines or Penalties
Remediation / Infrastructure Change Costs
Brand Damage
![Page 21: Cybersecurity Presentation 6-11-15](https://reader036.fdocuments.us/reader036/viewer/2022070509/589cbacd1a28ab8b018b4761/html5/thumbnails/21.jpg)
21IT advisory
Security IncidentsWhat are we seeing?
![Page 22: Cybersecurity Presentation 6-11-15](https://reader036.fdocuments.us/reader036/viewer/2022070509/589cbacd1a28ab8b018b4761/html5/thumbnails/22.jpg)
22IT advisory
76% of network intrusions exploited weak or stolen credentials
40% incorporated malware 35% involved physical attacks 29% leveraged social tactics 13% resulted from privilege misuse and
abuse- Symantec study
Cybercrime Lifecycle
![Page 23: Cybersecurity Presentation 6-11-15](https://reader036.fdocuments.us/reader036/viewer/2022070509/589cbacd1a28ab8b018b4761/html5/thumbnails/23.jpg)
23IT advisory
Greed
Cybercrime Lifecycle
![Page 24: Cybersecurity Presentation 6-11-15](https://reader036.fdocuments.us/reader036/viewer/2022070509/589cbacd1a28ab8b018b4761/html5/thumbnails/24.jpg)
24IT advisory
Victim Identification Sea of opportunity = 1 out of every 7 people
have data worth targeting 1 Billion targets worldwide
Infiltration Using the low hanging fruit exploit methods Not burning Zero-days exploits
Cybercrime Lifecycle
![Page 25: Cybersecurity Presentation 6-11-15](https://reader036.fdocuments.us/reader036/viewer/2022070509/589cbacd1a28ab8b018b4761/html5/thumbnails/25.jpg)
25IT advisory
Propagation In the past, we saw hackers grabbing the databases
or flat files and leaving Now, we see hackers latching on data sources and
persisting
Aggregation Exploit a server or workstation in a Business’ internal
network This device become an aggregation point for data
collection
Cybercrime Lifecycle
![Page 26: Cybersecurity Presentation 6-11-15](https://reader036.fdocuments.us/reader036/viewer/2022070509/589cbacd1a28ab8b018b4761/html5/thumbnails/26.jpg)
26IT advisory
Data Exfiltration Using advance techniques to exfiltrate data
Encryption
Buyer Identification Web forums
Sometimes up 10,000 users
Liquidate the data and collect the cash
Cybercrime Lifecycle
![Page 27: Cybersecurity Presentation 6-11-15](https://reader036.fdocuments.us/reader036/viewer/2022070509/589cbacd1a28ab8b018b4761/html5/thumbnails/27.jpg)
27IT advisory
Recycling The organization reinvests their $$$
Recycle tools and techniques learned
Re-implement these tools, techniques and lessons learned against the next victim
Cybercrime Lifecycle
![Page 28: Cybersecurity Presentation 6-11-15](https://reader036.fdocuments.us/reader036/viewer/2022070509/589cbacd1a28ab8b018b4761/html5/thumbnails/28.jpg)
28IT advisory
Data Exfiltration Complete
![Page 29: Cybersecurity Presentation 6-11-15](https://reader036.fdocuments.us/reader036/viewer/2022070509/589cbacd1a28ab8b018b4761/html5/thumbnails/29.jpg)
29IT advisory
Hackers View of Your Network
![Page 30: Cybersecurity Presentation 6-11-15](https://reader036.fdocuments.us/reader036/viewer/2022070509/589cbacd1a28ab8b018b4761/html5/thumbnails/30.jpg)
30IT advisory
Hackers View of Your Network
![Page 31: Cybersecurity Presentation 6-11-15](https://reader036.fdocuments.us/reader036/viewer/2022070509/589cbacd1a28ab8b018b4761/html5/thumbnails/31.jpg)
31IT advisory
Hackers View of Your Network
![Page 32: Cybersecurity Presentation 6-11-15](https://reader036.fdocuments.us/reader036/viewer/2022070509/589cbacd1a28ab8b018b4761/html5/thumbnails/32.jpg)
32IT advisory
Hackers View of Your Network
![Page 33: Cybersecurity Presentation 6-11-15](https://reader036.fdocuments.us/reader036/viewer/2022070509/589cbacd1a28ab8b018b4761/html5/thumbnails/33.jpg)
33IT advisory
Hackers View of Your Network
![Page 34: Cybersecurity Presentation 6-11-15](https://reader036.fdocuments.us/reader036/viewer/2022070509/589cbacd1a28ab8b018b4761/html5/thumbnails/34.jpg)
34IT advisory
Hackers View of Your Network
![Page 35: Cybersecurity Presentation 6-11-15](https://reader036.fdocuments.us/reader036/viewer/2022070509/589cbacd1a28ab8b018b4761/html5/thumbnails/35.jpg)
35IT advisory
Hackers View of Your Network
![Page 36: Cybersecurity Presentation 6-11-15](https://reader036.fdocuments.us/reader036/viewer/2022070509/589cbacd1a28ab8b018b4761/html5/thumbnails/36.jpg)
36IT advisory
Hackers View of Your Network
![Page 37: Cybersecurity Presentation 6-11-15](https://reader036.fdocuments.us/reader036/viewer/2022070509/589cbacd1a28ab8b018b4761/html5/thumbnails/37.jpg)
37IT advisory
Hackers View of Your Network
![Page 38: Cybersecurity Presentation 6-11-15](https://reader036.fdocuments.us/reader036/viewer/2022070509/589cbacd1a28ab8b018b4761/html5/thumbnails/38.jpg)
38IT advisory
Game, Set, Match
![Page 39: Cybersecurity Presentation 6-11-15](https://reader036.fdocuments.us/reader036/viewer/2022070509/589cbacd1a28ab8b018b4761/html5/thumbnails/39.jpg)
39IT advisory
Common Scenarios
![Page 40: Cybersecurity Presentation 6-11-15](https://reader036.fdocuments.us/reader036/viewer/2022070509/589cbacd1a28ab8b018b4761/html5/thumbnails/40.jpg)
40IT advisory
Common Scenario
Sluggish Internet Strange messages / prompts Minor file / folder changes and additions User / system ID changes and additions Notification from employees’ banks of
suspicious Web logon attempts
![Page 41: Cybersecurity Presentation 6-11-15](https://reader036.fdocuments.us/reader036/viewer/2022070509/589cbacd1a28ab8b018b4761/html5/thumbnails/41.jpg)
41IT advisory
Common Scenario
Multiple file transfer / receipt methods
Weak remote access controls
Limited / part-time internal IT resources
No proactive monitoring – relying on standard Malware/AV products
![Page 42: Cybersecurity Presentation 6-11-15](https://reader036.fdocuments.us/reader036/viewer/2022070509/589cbacd1a28ab8b018b4761/html5/thumbnails/42.jpg)
42IT advisory
Common Scenario
Use of small third party company for IT support – NO SECURITY FOCUS!
Outdated software patches / virus signatures
Low level of employee / customer awareness
![Page 43: Cybersecurity Presentation 6-11-15](https://reader036.fdocuments.us/reader036/viewer/2022070509/589cbacd1a28ab8b018b4761/html5/thumbnails/43.jpg)
43IT advisory
Common Scenario
Visitors / non-employees not challenged when onsite
Data on printers?
Workstations?
Other common vulnerabilities?
![Page 44: Cybersecurity Presentation 6-11-15](https://reader036.fdocuments.us/reader036/viewer/2022070509/589cbacd1a28ab8b018b4761/html5/thumbnails/44.jpg)
44IT advisory
Common Results
Nuisance viruses
Key logger on individual machines
Botnet sending data outside of the network
Malware
Ransomware
![Page 45: Cybersecurity Presentation 6-11-15](https://reader036.fdocuments.us/reader036/viewer/2022070509/589cbacd1a28ab8b018b4761/html5/thumbnails/45.jpg)
45IT advisory
Benefits of a Security Assessment
![Page 46: Cybersecurity Presentation 6-11-15](https://reader036.fdocuments.us/reader036/viewer/2022070509/589cbacd1a28ab8b018b4761/html5/thumbnails/46.jpg)
46IT advisory
Information Protection Life Cycle
![Page 47: Cybersecurity Presentation 6-11-15](https://reader036.fdocuments.us/reader036/viewer/2022070509/589cbacd1a28ab8b018b4761/html5/thumbnails/47.jpg)
47IT advisory
Data Security and Privacy
![Page 48: Cybersecurity Presentation 6-11-15](https://reader036.fdocuments.us/reader036/viewer/2022070509/589cbacd1a28ab8b018b4761/html5/thumbnails/48.jpg)
48IT advisory
Questions