SlideShare una empresa de Scribd logo

“Data security prep for the holidays or how not to go dark on black friday

Descargar como PPTX, PDF
Curtis A. Carver Jr.
Curtis A. Carver Jr.
Tecnología
1 de 26
Stealing Christmas Dr. Curtis A. Carver Jr. Vice Chancellor and CIO Board of Regents
Agenda • Policy ATE technology, oh my! • Landscape • What to do now? • Questions, Comments, a Conversation
Necessary Components Policy, awareness, training, and education (ATE), and technology must form the core of your security program. All three are necessary.
Landscape (Policy) • Many policy or policy frameworks are available. – COBIT – ISO 27000 series – ITIL – NIST • Pick one and execute as a first step. • College courses in security policy are available.
Perhaps Not this Policy
Technology • Technology is getting better rapidly. • It is necessary but not sufficient. • Attack vector is shifting away from hacks to social engineering. • Technology is not so good at preventing social engineering.
Recent Example: UGA • 8,500 staff and students • Slow, deliberate social engineering attack • Answers to “secret” questions found on Facebook.
Another Example: South Carolina Governor Nikki Haley, “This is not a good day for South Carolina.” October 27, 2012 3/4ths of state citizens affected. “The cost is also going to be enormous, given that South Carolina may be required to pay for identity theft protection services for anyone who has paid taxes in South Carolina since 1998,”
Landscape • Attacks are increasing. • Attacks are increasingly complex. • Education, training and awareness becoming increasingly important.
Normal versus Abnormal? Three Questions • What is normal for my organization? • What is abnormal? • What do I do if something abnormal occurs?
Awareness, Training, and Education Source: National Institute of Standards and Technology. An Introduction to Computer Security: The NIST Handbook. SP 800-12. http://csrc.nist.gov/publications/nistpubs/800-12/.
Three Examples • Accountability Plus • Carronade • IT SAMI
Accountability Plus Incident Count Issue: In a five month period this year, 23% of helpdesk incidents were computer abuse. This represents a 255% increase over the same period last year Time
Computer Abuse Process • Computer incident occurs What is • Help Desk Notified wrong with this process? • Institution notified • Help Desk Follows Up after 5 days • Help Desk Ticket closed out by Help Desk
Accountability Plus • Actions Taken: – Incidents characterized as high, medium, or low impact. – Processes redefined to escalate resolution of these cases to the President’s boss. – New processes go into effect on 9 April. • Importance to USG Presidents: A telephone call from USG CIO is indicative of four days remaining until the case is forwarded to USG senior leadership. Galileo, GeorgiaBest, GeorgiaFirst, GeorgiaonMyLine, GeorgiaView, GIL, PeachNet
Rest of the Story and Two Years Later… • Rest of the Story: I told the presidents that if I ever call them, their first step should be to fire the institutional CIO. • Two Years Later: – The computer abuse line is linear – not exponential. – I have not called a President…yet. Galileo, GeorgiaBest, GeorgiaFirst, GeorgiaonMyLine, GeorgiaView, GIL, PeachNet
Carronade • Issue: The longer students are at our institution, the more susceptible they are to phishing attacks. • Issue 2: – Death by PowerPoint training version 1 failed. – Death by PowerPoint training version 2 failed.
Carronade Hypothesis • Have the students launch spear phishing attacks against each other in a controlled manner. • Have students remediate other students. • Don’t tell the technical staff when it will happen. • Do it every semester.
Typical Email
Problems with Typical Email
Carronade Results
Two Years Later…
IT-SAMI INSPECTION SHEET Best In BDE Cadet Name Company Year Inspector Name Category ITEM POINTS Best Regiment: 86.13 AD-AWARE INSTALLED? NO, CHECK UPDATES >= 1 WEEK OLD, -30 - 05 Best Company: 95.00 >=3 WEEKS, -10 >= 1 MONTH, - 20 Worst Reg: 75.00 LAST SYSTEM SCAN >= 1 WEEK OLD, - 05 >=3 WEEKS, >= 1 MONTH, -10 - 20 Worst Company: 53.50 SCAN RESULTS For each process -10 For every 20 additional items, -05 DEFRAGEMENT ANALYZE SYSTEM SUGGESTED? YES, -10 ADD/REMOVE PROGRAM LIST WILD TANGENT YES, -10 WEATHER BUG YES, -10 WELL KNOWN FILE SHARING YES, -20/item BROWSER HEALTH SEARCH BAR OTHER THAN GOOGLE YES, -10 VIRUSES DEFENITION FILES >= 1 WEEK OLD, -5 >=3 WEEKS, -10 >= 1 MONTH, - 20 SYSTEM DATA SPACE REMAINING ON C-DRIVE < 20%, -10 MAJORITY OF ACDEMIC DATA STORED ON C-DRIVE YES, -20 4/7/2013 11:26 AM 23
Saturday AM Inspection (IT SAMI) In the hallways, cadets stand inspection of their military equipment. In their rooms, cadets stand inspection of their computers.  4/7/2013 11:26 AM 24
Stealing Christmas • The threat of organized crime and nation states attacking your personal information is real. Grinch is alive and well. • Give your organization the gifts of a strong security policy program, strong technology, and a strong education program. • Think outside the box in educating, training and rewarding your organization.
Questions, Comments, a Conversation Dr. Curtis A. Carver Jr. Vice Chancellor and CIO Board of Regents

Recomendados

Brighttalk learning to cook- network management recipes - final
Brighttalk learning to cook- network management recipes - finalBrighttalk learning to cook- network management recipes - final
Brighttalk learning to cook- network management recipes - final
Andrew White
 
Transform today to innovate for tomorrow
Transform today to innovate for tomorrowTransform today to innovate for tomorrow
Transform today to innovate for tomorrow
Curtis A. Carver Jr.
 
Threat assessment new normal
Threat assessment new normalThreat assessment new normal
Threat assessment new normal
Curtis A. Carver Jr.
 
Pace IT Troubleshooting Theory
Pace IT Troubleshooting TheoryPace IT Troubleshooting Theory
Pace IT Troubleshooting Theory
Pace IT at Edmonds Community College
 
PACE-IT: Network Troubleshooting Methodology
PACE-IT: Network Troubleshooting MethodologyPACE-IT: Network Troubleshooting Methodology
PACE-IT: Network Troubleshooting Methodology
Pace IT at Edmonds Community College
 
Building & Updating an Incident Response Plan - Jason Smith Session - 2018 Ch...
Building & Updating an Incident Response Plan - Jason Smith Session - 2018 Ch...Building & Updating an Incident Response Plan - Jason Smith Session - 2018 Ch...
Building & Updating an Incident Response Plan - Jason Smith Session - 2018 Ch...
Internetwork Engineering (IE)
 
AUDITO TOOLS
AUDITO TOOLSAUDITO TOOLS
AUDITO TOOLS
Rozaliyana Aushuria
 
Partner Alliance Webinar - Sales Tax | Fixed Assets Solutions - An Overview
Partner Alliance Webinar - Sales Tax | Fixed Assets Solutions - An OverviewPartner Alliance Webinar - Sales Tax | Fixed Assets Solutions - An Overview
Partner Alliance Webinar - Sales Tax | Fixed Assets Solutions - An Overview
Net at Work
 

Recomendados

Brighttalk learning to cook- network management recipes - final
Brighttalk learning to cook- network management recipes - finalBrighttalk learning to cook- network management recipes - final
Brighttalk learning to cook- network management recipes - final
Andrew White
 
Transform today to innovate for tomorrow
Transform today to innovate for tomorrowTransform today to innovate for tomorrow
Transform today to innovate for tomorrow
Curtis A. Carver Jr.
 
Threat assessment new normal
Threat assessment new normalThreat assessment new normal
Threat assessment new normal
Curtis A. Carver Jr.
 
Pace IT Troubleshooting Theory
Pace IT Troubleshooting TheoryPace IT Troubleshooting Theory
Pace IT Troubleshooting Theory
Pace IT at Edmonds Community College
 
PACE-IT: Network Troubleshooting Methodology
PACE-IT: Network Troubleshooting MethodologyPACE-IT: Network Troubleshooting Methodology
PACE-IT: Network Troubleshooting Methodology
Pace IT at Edmonds Community College
 
Building & Updating an Incident Response Plan - Jason Smith Session - 2018 Ch...
Building & Updating an Incident Response Plan - Jason Smith Session - 2018 Ch...Building & Updating an Incident Response Plan - Jason Smith Session - 2018 Ch...
Building & Updating an Incident Response Plan - Jason Smith Session - 2018 Ch...
Internetwork Engineering (IE)
 
AUDITO TOOLS
AUDITO TOOLSAUDITO TOOLS
AUDITO TOOLS
Rozaliyana Aushuria
 
Partner Alliance Webinar - Sales Tax | Fixed Assets Solutions - An Overview
Partner Alliance Webinar - Sales Tax | Fixed Assets Solutions - An OverviewPartner Alliance Webinar - Sales Tax | Fixed Assets Solutions - An Overview
Partner Alliance Webinar - Sales Tax | Fixed Assets Solutions - An Overview
Net at Work
 
Sage Fixed Assets Accounting for Sage 100
Sage Fixed Assets Accounting for Sage 100Sage Fixed Assets Accounting for Sage 100
Sage Fixed Assets Accounting for Sage 100
Net at Work
 
Virtual Data : Eliminating the data constraint in Application Development
Virtual Data : Eliminating the data constraint in Application DevelopmentVirtual Data : Eliminating the data constraint in Application Development
Virtual Data : Eliminating the data constraint in Application Development
Kyle Hailey
 
2010 07 BSidesLV Mobilizing The PCI Resistance 1c
2010 07 BSidesLV Mobilizing The PCI Resistance 1c 2010 07 BSidesLV Mobilizing The PCI Resistance 1c
2010 07 BSidesLV Mobilizing The PCI Resistance 1c
Security B-Sides
 
2010 07 BSidesLV Mobilizing The PCI Resistance 1c
2010 07 BSidesLV Mobilizing The PCI Resistance 1c2010 07 BSidesLV Mobilizing The PCI Resistance 1c
2010 07 BSidesLV Mobilizing The PCI Resistance 1c
Gene Kim
 
Cyber security and the mainframe (v1.3)
Cyber security and the mainframe (v1.3)Cyber security and the mainframe (v1.3)
Cyber security and the mainframe (v1.3)
Rui Miguel Feio
 
SRE Topics with Charity Majors and Liz Fong-Jones of Honeycomb
SRE Topics with Charity Majors and Liz Fong-Jones of HoneycombSRE Topics with Charity Majors and Liz Fong-Jones of Honeycomb
SRE Topics with Charity Majors and Liz Fong-Jones of Honeycomb
Daniel Zivkovic
 
If You Are Not Embedding Analytics Into Your Day To Day Processes, You Are Do...
If You Are Not Embedding Analytics Into Your Day To Day Processes, You Are Do...If You Are Not Embedding Analytics Into Your Day To Day Processes, You Are Do...
If You Are Not Embedding Analytics Into Your Day To Day Processes, You Are Do...
Dell World
 
Algorithmic Fairness: A Brief Introduction
Algorithmic Fairness: A Brief IntroductionAlgorithmic Fairness: A Brief Introduction
Algorithmic Fairness: A Brief Introduction
AnthonyMelson
 
Getting Schooled DerbyCon 3.0
Getting Schooled DerbyCon 3.0Getting Schooled DerbyCon 3.0
Getting Schooled DerbyCon 3.0
TonikJDK
 
IS/IS NOT Solving “Unsolvable” Problems
IS/IS NOT Solving “Unsolvable” ProblemsIS/IS NOT Solving “Unsolvable” Problems
IS/IS NOT Solving “Unsolvable” Problems
NUS-ISS
 
Sage FAS for Sage ERP
Sage FAS for Sage ERPSage FAS for Sage ERP
Sage FAS for Sage ERP
RKLeSolutions
 
Is Your Vulnerability Management Program Irrelevant?
Is Your Vulnerability Management Program Irrelevant?Is Your Vulnerability Management Program Irrelevant?
Is Your Vulnerability Management Program Irrelevant?
Skybox Security
 
ISO/IEC 27032 vs. ISO 31000 – How do they help towards Cybersecurity Risk Man...
ISO/IEC 27032 vs. ISO 31000 – How do they help towards Cybersecurity Risk Man...ISO/IEC 27032 vs. ISO 31000 – How do they help towards Cybersecurity Risk Man...
ISO/IEC 27032 vs. ISO 31000 – How do they help towards Cybersecurity Risk Man...
PECB
 
Caveon Webinar - International Testing 11-15-2011
Caveon Webinar - International Testing 11-15-2011Caveon Webinar - International Testing 11-15-2011
Caveon Webinar - International Testing 11-15-2011
Caveon Test Security
 
Eric Ries Lean Startup Presentation For Web 2.0 Expo April 1 2009 A Disciplin...
Eric Ries Lean Startup Presentation For Web 2.0 Expo April 1 2009 A Disciplin...Eric Ries Lean Startup Presentation For Web 2.0 Expo April 1 2009 A Disciplin...
Eric Ries Lean Startup Presentation For Web 2.0 Expo April 1 2009 A Disciplin...
Eric Ries
 
Data Quality Challenges & Solution Approaches in Yahoo!’s Massive Data
Data Quality Challenges & Solution Approaches in Yahoo!’s Massive DataData Quality Challenges & Solution Approaches in Yahoo!’s Massive Data
Data Quality Challenges & Solution Approaches in Yahoo!’s Massive Data
DATAVERSITY
 
IPAS at Penn State
IPAS at Penn StateIPAS at Penn State
IPAS at Penn State
Vince Verbeke
 
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...
Citrin Cooperman
 
Information Assurance Metrics: Practical Steps to Measurement
Information Assurance Metrics: Practical Steps to MeasurementInformation Assurance Metrics: Practical Steps to Measurement
Information Assurance Metrics: Practical Steps to Measurement
EnclaveSecurity
 
Defcon 21-pinto-defending-networks-machine-learning by pseudor00t
Defcon 21-pinto-defending-networks-machine-learning by pseudor00tDefcon 21-pinto-defending-networks-machine-learning by pseudor00t
Defcon 21-pinto-defending-networks-machine-learning by pseudor00t
pseudor00t overflow
 
100 day letter
100 day letter100 day letter
100 day letter
Curtis A. Carver Jr.
 
Cutting Edge Developments from Georgia
Cutting Edge Developments from GeorgiaCutting Edge Developments from Georgia
Cutting Edge Developments from Georgia
Curtis A. Carver Jr.
 

Más contenido relacionado

Similar a “Data security prep for the holidays or how not to go dark on black friday

2010 07 BSidesLV Mobilizing The PCI Resistance 1c
2010 07 BSidesLV Mobilizing The PCI Resistance 1c 2010 07 BSidesLV Mobilizing The PCI Resistance 1c
2010 07 BSidesLV Mobilizing The PCI Resistance 1c
Security B-Sides
 
2010 07 BSidesLV Mobilizing The PCI Resistance 1c
2010 07 BSidesLV Mobilizing The PCI Resistance 1c2010 07 BSidesLV Mobilizing The PCI Resistance 1c
2010 07 BSidesLV Mobilizing The PCI Resistance 1c
Gene Kim
 
If You Are Not Embedding Analytics Into Your Day To Day Processes, You Are Do...
If You Are Not Embedding Analytics Into Your Day To Day Processes, You Are Do...If You Are Not Embedding Analytics Into Your Day To Day Processes, You Are Do...
If You Are Not Embedding Analytics Into Your Day To Day Processes, You Are Do...
Dell World
 
Getting Schooled DerbyCon 3.0
Getting Schooled DerbyCon 3.0Getting Schooled DerbyCon 3.0
Getting Schooled DerbyCon 3.0
TonikJDK
 
ISO/IEC 27032 vs. ISO 31000 – How do they help towards Cybersecurity Risk Man...
ISO/IEC 27032 vs. ISO 31000 – How do they help towards Cybersecurity Risk Man...ISO/IEC 27032 vs. ISO 31000 – How do they help towards Cybersecurity Risk Man...
ISO/IEC 27032 vs. ISO 31000 – How do they help towards Cybersecurity Risk Man...
PECB
 
Eric Ries Lean Startup Presentation For Web 2.0 Expo April 1 2009 A Disciplin...
Eric Ries Lean Startup Presentation For Web 2.0 Expo April 1 2009 A Disciplin...Eric Ries Lean Startup Presentation For Web 2.0 Expo April 1 2009 A Disciplin...
Eric Ries Lean Startup Presentation For Web 2.0 Expo April 1 2009 A Disciplin...
Eric Ries
 
Data Quality Challenges & Solution Approaches in Yahoo!’s Massive Data
Data Quality Challenges & Solution Approaches in Yahoo!’s Massive DataData Quality Challenges & Solution Approaches in Yahoo!’s Massive Data
Data Quality Challenges & Solution Approaches in Yahoo!’s Massive Data
DATAVERSITY
 
IPAS at Penn State
IPAS at Penn StateIPAS at Penn State
IPAS at Penn State
Vince Verbeke
 
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...
Citrin Cooperman
 
Information Assurance Metrics: Practical Steps to Measurement
Information Assurance Metrics: Practical Steps to MeasurementInformation Assurance Metrics: Practical Steps to Measurement
Information Assurance Metrics: Practical Steps to Measurement
EnclaveSecurity
 

Similar a “Data security prep for the holidays or how not to go dark on black friday (20)

Sage Fixed Assets Accounting for Sage 100
Sage Fixed Assets Accounting for Sage 100Sage Fixed Assets Accounting for Sage 100
Sage Fixed Assets Accounting for Sage 100
 
Virtual Data : Eliminating the data constraint in Application Development
Virtual Data : Eliminating the data constraint in Application DevelopmentVirtual Data : Eliminating the data constraint in Application Development
Virtual Data : Eliminating the data constraint in Application Development
 
2010 07 BSidesLV Mobilizing The PCI Resistance 1c
2010 07 BSidesLV Mobilizing The PCI Resistance 1c 2010 07 BSidesLV Mobilizing The PCI Resistance 1c
2010 07 BSidesLV Mobilizing The PCI Resistance 1c
 
2010 07 BSidesLV Mobilizing The PCI Resistance 1c
2010 07 BSidesLV Mobilizing The PCI Resistance 1c2010 07 BSidesLV Mobilizing The PCI Resistance 1c
2010 07 BSidesLV Mobilizing The PCI Resistance 1c
 
Cyber security and the mainframe (v1.3)
Cyber security and the mainframe (v1.3)Cyber security and the mainframe (v1.3)
Cyber security and the mainframe (v1.3)
 
SRE Topics with Charity Majors and Liz Fong-Jones of Honeycomb
SRE Topics with Charity Majors and Liz Fong-Jones of HoneycombSRE Topics with Charity Majors and Liz Fong-Jones of Honeycomb
SRE Topics with Charity Majors and Liz Fong-Jones of Honeycomb
 
If You Are Not Embedding Analytics Into Your Day To Day Processes, You Are Do...
If You Are Not Embedding Analytics Into Your Day To Day Processes, You Are Do...If You Are Not Embedding Analytics Into Your Day To Day Processes, You Are Do...
If You Are Not Embedding Analytics Into Your Day To Day Processes, You Are Do...
 
Algorithmic Fairness: A Brief Introduction
Algorithmic Fairness: A Brief IntroductionAlgorithmic Fairness: A Brief Introduction
Algorithmic Fairness: A Brief Introduction
 
Getting Schooled DerbyCon 3.0
Getting Schooled DerbyCon 3.0Getting Schooled DerbyCon 3.0
Getting Schooled DerbyCon 3.0
 
IS/IS NOT Solving “Unsolvable” Problems
IS/IS NOT Solving “Unsolvable” ProblemsIS/IS NOT Solving “Unsolvable” Problems
IS/IS NOT Solving “Unsolvable” Problems
 
Sage FAS for Sage ERP
Sage FAS for Sage ERPSage FAS for Sage ERP
Sage FAS for Sage ERP
 
Is Your Vulnerability Management Program Irrelevant?
Is Your Vulnerability Management Program Irrelevant?Is Your Vulnerability Management Program Irrelevant?
Is Your Vulnerability Management Program Irrelevant?
 
ISO/IEC 27032 vs. ISO 31000 – How do they help towards Cybersecurity Risk Man...
ISO/IEC 27032 vs. ISO 31000 – How do they help towards Cybersecurity Risk Man...ISO/IEC 27032 vs. ISO 31000 – How do they help towards Cybersecurity Risk Man...
ISO/IEC 27032 vs. ISO 31000 – How do they help towards Cybersecurity Risk Man...
 
Caveon Webinar - International Testing 11-15-2011
Caveon Webinar - International Testing 11-15-2011Caveon Webinar - International Testing 11-15-2011
Caveon Webinar - International Testing 11-15-2011
 
Eric Ries Lean Startup Presentation For Web 2.0 Expo April 1 2009 A Disciplin...
Eric Ries Lean Startup Presentation For Web 2.0 Expo April 1 2009 A Disciplin...Eric Ries Lean Startup Presentation For Web 2.0 Expo April 1 2009 A Disciplin...
Eric Ries Lean Startup Presentation For Web 2.0 Expo April 1 2009 A Disciplin...
 
Data Quality Challenges & Solution Approaches in Yahoo!’s Massive Data
Data Quality Challenges & Solution Approaches in Yahoo!’s Massive DataData Quality Challenges & Solution Approaches in Yahoo!’s Massive Data
Data Quality Challenges & Solution Approaches in Yahoo!’s Massive Data
 
IPAS at Penn State
IPAS at Penn StateIPAS at Penn State
IPAS at Penn State
 
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...
 
Information Assurance Metrics: Practical Steps to Measurement
Information Assurance Metrics: Practical Steps to MeasurementInformation Assurance Metrics: Practical Steps to Measurement
Information Assurance Metrics: Practical Steps to Measurement
 
Defcon 21-pinto-defending-networks-machine-learning by pseudor00t
Defcon 21-pinto-defending-networks-machine-learning by pseudor00tDefcon 21-pinto-defending-networks-machine-learning by pseudor00t
Defcon 21-pinto-defending-networks-machine-learning by pseudor00t
 

Más de Curtis A. Carver Jr.

It innovation in an era of diminshing resourcing
It innovation in an era of diminshing resourcingIt innovation in an era of diminshing resourcing
It innovation in an era of diminshing resourcing
Curtis A. Carver Jr.
 

Más de Curtis A. Carver Jr. (20)

100 day letter
100 day letter100 day letter
100 day letter
 
Cutting Edge Developments from Georgia
Cutting Edge Developments from GeorgiaCutting Edge Developments from Georgia
Cutting Edge Developments from Georgia
 
A wireless roadmap for 250,000 users and growth
A wireless roadmap for 250,000 users and growthA wireless roadmap for 250,000 users and growth
A wireless roadmap for 250,000 users and growth
 
Rock eagle thursday presentation
Rock eagle thursday presentationRock eagle thursday presentation
Rock eagle thursday presentation
 
t Success: An Update to the Georgia Southern IT Community
t Success: An Update to the Georgia Southern IT Communityt Success: An Update to the Georgia Southern IT Community
t Success: An Update to the Georgia Southern IT Community
 
Innovation, agility, and a fight for survival a love storyv2
Innovation, agility, and a fight for survival a love storyv2Innovation, agility, and a fight for survival a love storyv2
Innovation, agility, and a fight for survival a love storyv2
 
Threat Assessment: The New Normal
Threat Assessment: The New NormalThreat Assessment: The New Normal
Threat Assessment: The New Normal
 
Deploying and utilizing statewide private cloud lessons learned
Deploying and utilizing statewide private cloud lessons learnedDeploying and utilizing statewide private cloud lessons learned
Deploying and utilizing statewide private cloud lessons learned
 
Emerging world order
Emerging world orderEmerging world order
Emerging world order
 
Non-Technologist’s Guide to Technology Support of Adult Learners
Non-Technologist’s Guide to Technology Support of Adult LearnersNon-Technologist’s Guide to Technology Support of Adult Learners
Non-Technologist’s Guide to Technology Support of Adult Learners
 
Windows of Opportunity in Hallways of Distractions: the race between threats,...
Windows of Opportunity in Hallways of Distractions: the race between threats,...Windows of Opportunity in Hallways of Distractions: the race between threats,...
Windows of Opportunity in Hallways of Distractions: the race between threats,...
 
Four important trends in it and security implications
Four important trends in it and security implicationsFour important trends in it and security implications
Four important trends in it and security implications
 
Mentoring Presentation to Athens Clarke County
Mentoring Presentation to Athens Clarke CountyMentoring Presentation to Athens Clarke County
Mentoring Presentation to Athens Clarke County
 
Thoughts on information to support decision making
Thoughts on information to support decision makingThoughts on information to support decision making
Thoughts on information to support decision making
 
System level innovation
System level innovationSystem level innovation
System level innovation
 
It innovation in an era of diminshing resourcing
It innovation in an era of diminshing resourcingIt innovation in an era of diminshing resourcing
It innovation in an era of diminshing resourcing
 
Four important trends in 20 minutes
Four important trends in 20 minutesFour important trends in 20 minutes
Four important trends in 20 minutes
 
Bring your own device to your local state
Bring your own device to your local stateBring your own device to your local state
Bring your own device to your local state
 
Playing the long game changing security culture in usg
Playing the long game changing security culture in usgPlaying the long game changing security culture in usg
Playing the long game changing security culture in usg
 
Galileo at a Crossroads
Galileo at a CrossroadsGalileo at a Crossroads
Galileo at a Crossroads
 

Último

A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 

Último (20)

Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 

“Data security prep for the holidays or how not to go dark on black friday

  • 1. Stealing Christmas Dr. Curtis A. Carver Jr. Vice Chancellor and CIO Board of Regents
  • 2. Agenda • Policy ATE technology, oh my! • Landscape • What to do now? • Questions, Comments, a Conversation
  • 3. Necessary Components Policy, awareness, training, and education (ATE), and technology must form the core of your security program. All three are necessary.
  • 4. Landscape (Policy) • Many policy or policy frameworks are available. – COBIT – ISO 27000 series – ITIL – NIST • Pick one and execute as a first step. • College courses in security policy are available.
  • 6. Technology • Technology is getting better rapidly. • It is necessary but not sufficient. • Attack vector is shifting away from hacks to social engineering. • Technology is not so good at preventing social engineering.
  • 7. Recent Example: UGA • 8,500 staff and students • Slow, deliberate social engineering attack • Answers to “secret” questions found on Facebook.
  • 8. Another Example: South Carolina Governor Nikki Haley, “This is not a good day for South Carolina.” October 27, 2012 3/4ths of state citizens affected. “The cost is also going to be enormous, given that South Carolina may be required to pay for identity theft protection services for anyone who has paid taxes in South Carolina since 1998,”
  • 9. Landscape • Attacks are increasing. • Attacks are increasingly complex. • Education, training and awareness becoming increasingly important.
  • 10. Normal versus Abnormal? Three Questions • What is normal for my organization? • What is abnormal? • What do I do if something abnormal occurs?
  • 11. Awareness, Training, and Education Source: National Institute of Standards and Technology. An Introduction to Computer Security: The NIST Handbook. SP 800-12. http://csrc.nist.gov/publications/nistpubs/800-12/.
  • 12. Three Examples • Accountability Plus • Carronade • IT SAMI
  • 13. Accountability Plus Incident Count Issue: In a five month period this year, 23% of helpdesk incidents were computer abuse. This represents a 255% increase over the same period last year Time
  • 14. Computer Abuse Process • Computer incident occurs What is • Help Desk Notified wrong with this process? • Institution notified • Help Desk Follows Up after 5 days • Help Desk Ticket closed out by Help Desk
  • 15. Accountability Plus • Actions Taken: – Incidents characterized as high, medium, or low impact. – Processes redefined to escalate resolution of these cases to the President’s boss. – New processes go into effect on 9 April. • Importance to USG Presidents: A telephone call from USG CIO is indicative of four days remaining until the case is forwarded to USG senior leadership. Galileo, GeorgiaBest, GeorgiaFirst, GeorgiaonMyLine, GeorgiaView, GIL, PeachNet
  • 16. Rest of the Story and Two Years Later… • Rest of the Story: I told the presidents that if I ever call them, their first step should be to fire the institutional CIO. • Two Years Later: – The computer abuse line is linear – not exponential. – I have not called a President…yet. Galileo, GeorgiaBest, GeorgiaFirst, GeorgiaonMyLine, GeorgiaView, GIL, PeachNet
  • 17. Carronade • Issue: The longer students are at our institution, the more susceptible they are to phishing attacks. • Issue 2: – Death by PowerPoint training version 1 failed. – Death by PowerPoint training version 2 failed.
  • 18. Carronade Hypothesis • Have the students launch spear phishing attacks against each other in a controlled manner. • Have students remediate other students. • Don’t tell the technical staff when it will happen. • Do it every semester.
  • 23. IT-SAMI INSPECTION SHEET Best In BDE Cadet Name Company Year Inspector Name Category ITEM POINTS Best Regiment: 86.13 AD-AWARE INSTALLED? NO, CHECK UPDATES >= 1 WEEK OLD, -30 - 05 Best Company: 95.00 >=3 WEEKS, -10 >= 1 MONTH, - 20 Worst Reg: 75.00 LAST SYSTEM SCAN >= 1 WEEK OLD, - 05 >=3 WEEKS, >= 1 MONTH, -10 - 20 Worst Company: 53.50 SCAN RESULTS For each process -10 For every 20 additional items, -05 DEFRAGEMENT ANALYZE SYSTEM SUGGESTED? YES, -10 ADD/REMOVE PROGRAM LIST WILD TANGENT YES, -10 WEATHER BUG YES, -10 WELL KNOWN FILE SHARING YES, -20/item BROWSER HEALTH SEARCH BAR OTHER THAN GOOGLE YES, -10 VIRUSES DEFENITION FILES >= 1 WEEK OLD, -5 >=3 WEEKS, -10 >= 1 MONTH, - 20 SYSTEM DATA SPACE REMAINING ON C-DRIVE < 20%, -10 MAJORITY OF ACDEMIC DATA STORED ON C-DRIVE YES, -20 4/7/2013 11:26 AM 23
  • 24. Saturday AM Inspection (IT SAMI) In the hallways, cadets stand inspection of their military equipment. In their rooms, cadets stand inspection of their computers.  4/7/2013 11:26 AM 24
  • 25. Stealing Christmas • The threat of organized crime and nation states attacking your personal information is real. Grinch is alive and well. • Give your organization the gifts of a strong security policy program, strong technology, and a strong education program. • Think outside the box in educating, training and rewarding your organization.
  • 26. Questions, Comments, a Conversation Dr. Curtis A. Carver Jr. Vice Chancellor and CIO Board of Regents

Notas del editor

  1. Lots of good examples of policy available.Technology is good and rapidly improving.ATE is the weakest component in my opinion.
  2. Stephen Cobb