SlideShare una empresa de Scribd logo

2016 - Cyber Security for the Public Sector

Descargar como PPTX, PDF
S
Scott Geye
1 de 59
ScottGeye,CISSP,CISA CyberSecurityforthePublicSector
 AboutWhitleyPenn,LLP  WhyisCybersecurityImportant?  2015-2016BreachReports  Vulnerabilities  Exploits  Malware  CybercrimeMarketplaces  Hacktivism  TexasCybersecurityFramework  CybersecurityResources 1 Agenda
Scott Geye – CISSP, CISA Experience • Certified Information Systems Security Professional (CISSP) • Certified Information Systems Auditor (CISA) • 8 years of Information Technology experience focused on networking and information security • Served as an Information Security Analyst for a large university • Participated in the execution of SOC 1 and SOC 2 engagements • Participated in in the execution of SOX 404 engagements and implementations • Performed IT engagements in multiple industries, including technology, manufacturing, public sector, oil and gas, and healthcare • Advised clients regarding process and control improvement to minimize risk • Provided guidance to clients regarding system evaluation and implementation • Perform IT Risk Assessments and Security Audits EDUCATION Masters in Information Technology Service Management University of Dallas Bachelors in Management Information Systems (MIS) University of Texas at Arlington Bio 2
 ServiceAreas: – ITAuditsandConsulting – InternalControlandComplianceReviews – ITandBusinessRiskAssessments – InternalAuditServices – VulnerabilityAssessmentsandNetworkPenetrationTesting – BusinessProcessImprovement – EnterpriseRiskManagementImplementationand Maintenance 3 Whitley Penn,LLP –RiskAdvisory Services
Whyis Cyber SecurityImportant? 4
The unauthorized access, acquisition, use, or disclosure ofsensitiveinformation. WhatisaBreach? 5
There are numerous definitions, but most include data “that allow the identification of a person directly or indirectly” or similar language. Definition ofPersonal Data 6
2015-2016 Information Security Reports 7
Theme#1:Theyearofcollateraldamage Theme#2:Overreachingregulationspushresearchunderground Theme#3:Movingfrompointfixestobroadimpactsolutions Theme#4:Politicalpressuresattempttodecoupleprivacyandsecurityefforts Theme#5:Theindustrydidn’tlearnanythingaboutpatchingin2015 Theme#6:Attackershaveshiftedtheireffortstodirectlyattackapplications Theme#7:Themonetizationofmalware 2015Themes HP Enterprise – 2016 Cyber Risk Report8
Breaches ByIndustry Verizon – 2016 Data Breach Digest 9
Breaches byEnvironment 2016 Trustwave Global Security Report10
TypesofDataBreached 2016 Trustwave Global Security Report 11
Method ofCompromise 2016 Trustwave Global Security Report 12
Method ofDetection 2016 Trustwave Global Security Report13
Duration:Intrusion->Detection->Containment 2016 Trustwave Global Security Report14
Vulnerabilities 15
16
TopPlatforms byVulnerabilities HP Enterprise – 2016 Cyber Risk Report17
Vulnerability Marketplace HP Enterprise – 2016 Cyber Risk Report18
Vulnerability Marketplace HP Enterprise – 2016 Cyber Risk Report19
Vulnerability Marketplace HP Enterprise – 2016 Cyber Risk Report20
Exploits 21
2015–NewExploits HP Enterprise – 2016 Cyber Risk Report22
2015–OldExploits HP Enterprise – 2016 Cyber Risk Report23
NewExploits byPlatform HP Enterprise – 2016 Cyber Risk Report24
NewExploits byFileType HP Enterprise – 2016 Cyber Risk Report25
Abusing APICalls HP Enterprise – 2016 Cyber Risk Report26
Abusing APICalls HP Enterprise – 2016 Cyber Risk Report27
Malware 28
Growth inMalware HP Enterprise – 2016 Cyber Risk Report29
Growth inMalware HP Enterprise – 2016 Cyber Risk Report30
Reporting toExecutives Ponemon Institute – State of Malware Detection & Prevention 31
Cybercrime Marketplace 32
CybercrimeMarketplace 33 Dell SecureWorks – 2016 Underground Hacker Markets
CybercrimeMarketplace 34 Dell SecureWorks – 2016 Underground Hacker Markets
CybercrimeMarketplace Dell SecureWorks – 2016 Underground Hacker Markets 35
CybercrimeMarketplace Dell SecureWorks – 2016 Underground Hacker Markets 36
CybercrimeMarketplace 37
CybercrimeMarketplace Dell SecureWorks – 2016 Underground Hacker Markets 38
Hacktivism 39
Hacktivism 40 Who is Anonymous?
Hacktivism (continued) 41 • City of Denver – Website shutdown after police shooting on 4/12/2016. Members of New World Hackers (NWH), a division of Anonymous, launched a Distributed Denial of Service (DDoS) attack against the City’s website. This attack took the City’s website down for the day. • Cincinnati and Miami Police Departments – Members of these Departments were “Doxed” by Anonymous, and personal details were leaked online. Security Newspaper – Anonymous Shuts Down City of Denver Website….
Hacktivism (continued) Identity Theft Resource Center 42 Missouri Sheriff’s Association In retaliation to the arrest of members of the group Anonymous, hackers breached the association’s website and released personal information on 7,000 officers. 76 other law enforcement agencies were also targeted in the attack.
TexasCybersecurity Framework 43
Texas Cybersecurity Framework Texas Cyber Security Framework 44 Identify – Privacy and Confidentiality – Data Classification – Critical Information Asset Inventory – Enterprise Security Policy, Standards and Guidelines – Control Oversight and Safeguard Assurance – Information Security Risk Management – Security Oversight and Governance – Security Compliance and Regulatory Requirements Management – Cloud Usage and Security – Security Assessment and Authorization / Technology Risk Assessments – External Vendors and Third Party Providers http://www.dir.state.tx.us/security/policy/Pages/framework.aspx
Texas Cybersecurity Framework(continued) Texas Cyber Security Framework45 Protect – Enterprise Architecture, Roadmap & Emerging Technology – Secure System Services, Acquisition and Development – Security Awareness and Training – Privacy Awareness and Training – Cryptography – Secure Configuration Management – Change Management – Contingency Planning – Media – Physical Environmental Protection – Personnel Security – Third-Party Personnel Security – System Configuration Hardening & Patch Management – Access Control – Account Management – Security Systems Management – Network Access and Perimeter Controls – Internet Content Filtering – Data Loss Prevention – Identification & Authentication – Spam Filtering – Portable & Remote Computing – System Communications Protection
Texas Cybersecurity Framework(continued) Texas Cyber Security Framework46 Detect – Malware Protection – Vulnerability Assessment – Security Monitoring and Event Analysis Respond – Cyber-Security Incident Response – Privacy Incident Response Recover – Disaster Recovery Procedures
Cybersecurity Resources 47
Resources forLocal Governments Cyber Guide for Counties 48 Critical Infrastructure Partnership Advisory Council (CIPAC) “A partnership between government and critical infrastructure owners and operators, which provides a forum to engage in a broad spectrum of critical infrastructure protection activities, like the Cross-Sector Cybersecurity Working Group” http://www.dhs.gov/critical-infrastructure-partnership-advisory-council
Resources forLocal Governments (continued) Cyber Guide for Counties49 Information Technology Government Coordinating Council (IT- GCC) “Brings together diverse federal, state, local, and tribal interests to identify and develop collaborative strategies that advance IT critical infrastructure protection. The IT-GCC serves as a counterpart to the IT Sector Coordinating Council (IT-SCC)” http://www.dhs.gov/critical-infrastructure-sector-partnerships
Resources forLocal Governments (continued) Cyber Guide for Counties 50 Multi-State Information Sharing and Analysis Center (MS-ISAC) “A division of the not-for-profit Center for Internet Security, is a collaborative effort based on a strong partnership with the Department of Homeland Security (DHS) and State, Local, Tribal, and Territorial (SLTT) Cybersecurity Engagement program. The MS-ISAC has been designated by DHS as the key resource for cyber threat prevention, protection, response, and recovery for the Nations SLTT governments. Through its state-of-the-art 24/7 Security Operations Center, the MS-ISAC serves as a central resource for situational awareness and incident response for SLTT governments, at no cost to its members.” http://msisac.cisecurity.org/ If you would like to leverage the MS-ISAC for malware analysis, computer forensics, network forensics, incident response, or onsite response, contact the 7x24 Security Operations Center at 1-866-787-4722 or soc@msisac.org
Resources forLocal Governments (continued) Cyber Guide for Counties51 Cyber Resilience Review “Provided by DHS to SLTT governments as a free service and involves a one-day, onsite interview that examines the overall practice, integration and health of an organization’s cybersecurity program.” https://www.us-cert.gov/ccubedvp/self-service-crr
Resources forLocal Governments (continued) Cyber Guide for Counties 52 Exercises “Directly supports state, local, tribal, and territorial cyber exercise, design, development, and execution. Cyber exercises familiarize SLTT cyber stakeholders with the roles, responsibilities, policies, plans, and procedures related to cyber incidents.” CEP@dhs.gov
Resources forLocal Governments (continued) Cyber Guide for Counties 53 National Cybersecurity Communications Integration Center (NCCIC) “A 24x7 cyber monitoring, analysis, incident response, and management center that is the national nexus of cyber and communications incident integration for the federal domain, intelligence networks, law enforcement, the private sector, State, local, tribal, and territorial governments, and international partners.” https://www.us-cert.gov/nccic
Resources forLocal Governments (continued) Cyber Guide for Counties 54 United States Computer Emergency Readiness Team (US-CERT) “Brings advanced network and digital media analysis expertise to bear on malicious activity targeting our nations networks. US-CERT develops timely and actionable information for distribution to federal departments and agencies, state and local governments, private sector organizations, and international partners. In addition, US-CERT operates the National Cybersecurity Protection System (NCPS), which provides intrusion detection and prevention capabilities to covered federal departments and agencies. The US-CERT’s National Cyber Alert System (NCAS) delivers timely and actionable information and threat productions including alerts, bulletins and tips.” https://www.us-cert.gov/
Resources forLocal Governments (continued) Cyber Guide for Counties 55 Trusted Purchasing Alliance “Designed to drive down the price of security products by combining state and local government purchases into bulk buys. The alliance works with public agencies to pinpoint the areas of greatest need, and then negotiates with vendors for discounted pricing. Product choices are vetted by a review board stocked with analysts and security experts.” http://alliance.cisecurity.org/
Resources forLocal Governments (continued) NIST Special Publication 800 Series 56 NIST Special Publications (SP): NIST SP 800 series - Computer Security (December 1990-present): NIST's primary mode of publishing computer/cyber/information security guidelines, recommendations and reference materials. • This framework can provide the “meat” for the Texas Cybersecurity Framework
Questions
References • HPEnterprise–2016CyberRiskReport • 2016TrustwaveGlobalSecurityReport • Verizon2016DataBreachDigest • PonemonInstitute–StateofMalwareDetection&Prevention • DellSecureWorks–2016UndergroundHackerMarkets • SecurityNewspaper–AnonymousShutsDownCityofDenverWebsiteAfterAnother FatalPoliceShooting • IdentityTheftResearchCenter • TexasCybersecurityFramework • NationalAssociationofCounties(“NACo”) CyberGuideforCounties • NationalInstituteofStandardsandTechnology(NIST)SpecialPublication800Series

Recomendados

Cyber Security Landscape and Systems Resiliency – Challenges & Priorities - T...
Cyber Security Landscape and Systems Resiliency – Challenges & Priorities - T...Cyber Security Landscape and Systems Resiliency – Challenges & Priorities - T...
Cyber Security Landscape and Systems Resiliency – Challenges & Priorities - T...Knowledge Group
 
Top Cyber Threat Predictions for 2019
Top Cyber Threat Predictions for 2019Top Cyber Threat Predictions for 2019
Top Cyber Threat Predictions for 2019PECB
 
Outlook Briefing 2016: Cyber Security
Outlook Briefing 2016: Cyber SecurityOutlook Briefing 2016: Cyber Security
Outlook Briefing 2016: Cyber SecurityMastel Indonesia
 
Cyber Security Threats and Data Breaches
Cyber Security Threats and Data BreachesCyber Security Threats and Data Breaches
Cyber Security Threats and Data BreachesBijay Senihang
 
Enterprise Cyber Security 2016
Enterprise Cyber Security 2016Enterprise Cyber Security 2016
Enterprise Cyber Security 2016Supply Chain Coalition
 
The State Of Information and Cyber Security in 2016
The State Of Information and Cyber Security in 2016The State Of Information and Cyber Security in 2016
The State Of Information and Cyber Security in 2016Shannon G., MBA
 
ICION 2016 - Cyber Security Governance
ICION 2016 - Cyber Security GovernanceICION 2016 - Cyber Security Governance
ICION 2016 - Cyber Security GovernanceCharles Lim
 
Joint Presentation - Part 1: The Future Evolution of E-Banking & Cyber Securi...
Joint Presentation - Part 1: The Future Evolution of E-Banking & Cyber Securi...Joint Presentation - Part 1: The Future Evolution of E-Banking & Cyber Securi...
Joint Presentation - Part 1: The Future Evolution of E-Banking & Cyber Securi...Knowledge Group
 

Recomendados

Cyber Security Landscape and Systems Resiliency – Challenges & Priorities - T...
Cyber Security Landscape and Systems Resiliency – Challenges & Priorities - T...Cyber Security Landscape and Systems Resiliency – Challenges & Priorities - T...
Cyber Security Landscape and Systems Resiliency – Challenges & Priorities - T...Knowledge Group
 
Top Cyber Threat Predictions for 2019
Top Cyber Threat Predictions for 2019Top Cyber Threat Predictions for 2019
Top Cyber Threat Predictions for 2019PECB
 
Outlook Briefing 2016: Cyber Security
Outlook Briefing 2016: Cyber SecurityOutlook Briefing 2016: Cyber Security
Outlook Briefing 2016: Cyber SecurityMastel Indonesia
 
Cyber Security Threats and Data Breaches
Cyber Security Threats and Data BreachesCyber Security Threats and Data Breaches
Cyber Security Threats and Data BreachesBijay Senihang
 
Enterprise Cyber Security 2016
Enterprise Cyber Security 2016Enterprise Cyber Security 2016
Enterprise Cyber Security 2016Supply Chain Coalition
 
The State Of Information and Cyber Security in 2016
The State Of Information and Cyber Security in 2016The State Of Information and Cyber Security in 2016
The State Of Information and Cyber Security in 2016Shannon G., MBA
 
ICION 2016 - Cyber Security Governance
ICION 2016 - Cyber Security GovernanceICION 2016 - Cyber Security Governance
ICION 2016 - Cyber Security GovernanceCharles Lim
 
Joint Presentation - Part 1: The Future Evolution of E-Banking & Cyber Securi...
Joint Presentation - Part 1: The Future Evolution of E-Banking & Cyber Securi...Joint Presentation - Part 1: The Future Evolution of E-Banking & Cyber Securi...
Joint Presentation - Part 1: The Future Evolution of E-Banking & Cyber Securi...Knowledge Group
 
Breaking down the cyber security framework closing critical it security gaps
Breaking down the cyber security framework closing critical it security gapsBreaking down the cyber security framework closing critical it security gaps
Breaking down the cyber security framework closing critical it security gapsIBM Security
 
Cybersecurity concepts & Defense best practises
Cybersecurity concepts & Defense best practisesCybersecurity concepts & Defense best practises
Cybersecurity concepts & Defense best practisesWAJAHAT IQBAL
 
Cyber security and demonstration of security tools
Cyber security and demonstration of security toolsCyber security and demonstration of security tools
Cyber security and demonstration of security toolsVicky Fernandes
 
It risk assessment in uae
It risk assessment in uaeIt risk assessment in uae
It risk assessment in uaeRishalHalid1
 
eSentinel webinar with Netpluz & Straits Interactive on Cyber Security & PDPA...
eSentinel webinar with Netpluz & Straits Interactive on Cyber Security & PDPA...eSentinel webinar with Netpluz & Straits Interactive on Cyber Security & PDPA...
eSentinel webinar with Netpluz & Straits Interactive on Cyber Security & PDPA...Netpluz Asia Pte Ltd
 
CSE 2016 Future of Cyber Security by Matthew Rosenquist
CSE 2016 Future of Cyber Security by Matthew RosenquistCSE 2016 Future of Cyber Security by Matthew Rosenquist
CSE 2016 Future of Cyber Security by Matthew RosenquistMatthew Rosenquist
 
Cyber Security 2017 Challenges
Cyber Security 2017 ChallengesCyber Security 2017 Challenges
Cyber Security 2017 ChallengesLeandro Bennaton
 
Cyber Security
Cyber SecurityCyber Security
Cyber Securityrahulbhardwaj312501
 
The Importance of Cybersecurity in 2017
The Importance of Cybersecurity in 2017The Importance of Cybersecurity in 2017
The Importance of Cybersecurity in 2017R-Style Lab
 
Cyber security threats and its solutions
Cyber security threats and its solutionsCyber security threats and its solutions
Cyber security threats and its solutionsmaryrowling
 
Cybersecurity Training
Cybersecurity TrainingCybersecurity Training
Cybersecurity TrainingWindstoneHealth
 
Securing the Cloud
Securing the CloudSecuring the Cloud
Securing the CloudGGV Capital
 
What is Cyber Security - Avantika University
What is Cyber Security - Avantika UniversityWhat is Cyber Security - Avantika University
What is Cyber Security - Avantika UniversityAvantika University
 
2015: The year-ahead-in-cyber-security
2015: The year-ahead-in-cyber-security2015: The year-ahead-in-cyber-security
2015: The year-ahead-in-cyber-securityStephen Cobb
 
Introduction to Cyber Security
Introduction to Cyber SecurityIntroduction to Cyber Security
Introduction to Cyber SecurityStephen Lahanas
 
Cyber Security Predictions 2016
Cyber Security Predictions 2016Cyber Security Predictions 2016
Cyber Security Predictions 2016Quick Heal Technologies Ltd.
 
Global Cyber Security Outlook - Deloitte (Hotel_Digital_Security_Seminar_Sept...
Global Cyber Security Outlook - Deloitte (Hotel_Digital_Security_Seminar_Sept...Global Cyber Security Outlook - Deloitte (Hotel_Digital_Security_Seminar_Sept...
Global Cyber Security Outlook - Deloitte (Hotel_Digital_Security_Seminar_Sept...XEventsHospitality
 
Cyber Security - awareness, vulnerabilities and solutions
Cyber Security - awareness, vulnerabilities and solutionsCyber Security - awareness, vulnerabilities and solutions
Cyber Security - awareness, vulnerabilities and solutionsinLabFIB
 
Cyber security
Cyber securityCyber security
Cyber securityvishakha bhagwat
 
Cybersecurity
CybersecurityCybersecurity
CybersecurityA. Shamel
 
Cyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & RecommendationsCyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & RecommendationsUlf Mattsson
 
Managed Security Operations Centre Alternative - Managed Security Service
Managed Security Operations Centre Alternative - Managed Security Service Managed Security Operations Centre Alternative - Managed Security Service
Managed Security Operations Centre Alternative - Managed Security Service Netpluz Asia Pte Ltd
 

Más contenido relacionado

La actualidad más candente

Breaking down the cyber security framework closing critical it security gaps
Breaking down the cyber security framework closing critical it security gapsBreaking down the cyber security framework closing critical it security gaps
Breaking down the cyber security framework closing critical it security gapsIBM Security
 
Cybersecurity concepts & Defense best practises
Cybersecurity concepts & Defense best practisesCybersecurity concepts & Defense best practises
Cybersecurity concepts & Defense best practisesWAJAHAT IQBAL
 
Cyber security and demonstration of security tools
Cyber security and demonstration of security toolsCyber security and demonstration of security tools
Cyber security and demonstration of security toolsVicky Fernandes
 
It risk assessment in uae
It risk assessment in uaeIt risk assessment in uae
It risk assessment in uaeRishalHalid1
 
eSentinel webinar with Netpluz & Straits Interactive on Cyber Security & PDPA...
eSentinel webinar with Netpluz & Straits Interactive on Cyber Security & PDPA...eSentinel webinar with Netpluz & Straits Interactive on Cyber Security & PDPA...
eSentinel webinar with Netpluz & Straits Interactive on Cyber Security & PDPA...Netpluz Asia Pte Ltd
 
CSE 2016 Future of Cyber Security by Matthew Rosenquist
CSE 2016 Future of Cyber Security by Matthew RosenquistCSE 2016 Future of Cyber Security by Matthew Rosenquist
CSE 2016 Future of Cyber Security by Matthew RosenquistMatthew Rosenquist
 
Cyber Security 2017 Challenges
Cyber Security 2017 ChallengesCyber Security 2017 Challenges
Cyber Security 2017 ChallengesLeandro Bennaton
 
The Importance of Cybersecurity in 2017
The Importance of Cybersecurity in 2017The Importance of Cybersecurity in 2017
The Importance of Cybersecurity in 2017R-Style Lab
 
Cyber security threats and its solutions
Cyber security threats and its solutionsCyber security threats and its solutions
Cyber security threats and its solutionsmaryrowling
 
Securing the Cloud
Securing the CloudSecuring the Cloud
Securing the CloudGGV Capital
 
What is Cyber Security - Avantika University
What is Cyber Security - Avantika UniversityWhat is Cyber Security - Avantika University
What is Cyber Security - Avantika UniversityAvantika University
 
2015: The year-ahead-in-cyber-security
2015: The year-ahead-in-cyber-security2015: The year-ahead-in-cyber-security
2015: The year-ahead-in-cyber-securityStephen Cobb
 
Introduction to Cyber Security
Introduction to Cyber SecurityIntroduction to Cyber Security
Introduction to Cyber SecurityStephen Lahanas
 
Global Cyber Security Outlook - Deloitte (Hotel_Digital_Security_Seminar_Sept...
Global Cyber Security Outlook - Deloitte (Hotel_Digital_Security_Seminar_Sept...Global Cyber Security Outlook - Deloitte (Hotel_Digital_Security_Seminar_Sept...
Global Cyber Security Outlook - Deloitte (Hotel_Digital_Security_Seminar_Sept...XEventsHospitality
 
Cyber Security - awareness, vulnerabilities and solutions
Cyber Security - awareness, vulnerabilities and solutionsCyber Security - awareness, vulnerabilities and solutions
Cyber Security - awareness, vulnerabilities and solutionsinLabFIB
 
Cybersecurity
CybersecurityCybersecurity
CybersecurityA. Shamel
 

La actualidad más candente (20)

Breaking down the cyber security framework closing critical it security gaps
Breaking down the cyber security framework closing critical it security gapsBreaking down the cyber security framework closing critical it security gaps
Breaking down the cyber security framework closing critical it security gaps
 
Cybersecurity concepts & Defense best practises
Cybersecurity concepts & Defense best practisesCybersecurity concepts & Defense best practises
Cybersecurity concepts & Defense best practises
 
Cyber security and demonstration of security tools
Cyber security and demonstration of security toolsCyber security and demonstration of security tools
Cyber security and demonstration of security tools
 
It risk assessment in uae
It risk assessment in uaeIt risk assessment in uae
It risk assessment in uae
 
eSentinel webinar with Netpluz & Straits Interactive on Cyber Security & PDPA...
eSentinel webinar with Netpluz & Straits Interactive on Cyber Security & PDPA...eSentinel webinar with Netpluz & Straits Interactive on Cyber Security & PDPA...
eSentinel webinar with Netpluz & Straits Interactive on Cyber Security & PDPA...
 
CSE 2016 Future of Cyber Security by Matthew Rosenquist
CSE 2016 Future of Cyber Security by Matthew RosenquistCSE 2016 Future of Cyber Security by Matthew Rosenquist
CSE 2016 Future of Cyber Security by Matthew Rosenquist
 
Cyber Security 2017 Challenges
Cyber Security 2017 ChallengesCyber Security 2017 Challenges
Cyber Security 2017 Challenges
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
The Importance of Cybersecurity in 2017
The Importance of Cybersecurity in 2017The Importance of Cybersecurity in 2017
The Importance of Cybersecurity in 2017
 
Cyber security threats and its solutions
Cyber security threats and its solutionsCyber security threats and its solutions
Cyber security threats and its solutions
 
Cybersecurity Training
Cybersecurity TrainingCybersecurity Training
Cybersecurity Training
 
Securing the Cloud
Securing the CloudSecuring the Cloud
Securing the Cloud
 
What is Cyber Security - Avantika University
What is Cyber Security - Avantika UniversityWhat is Cyber Security - Avantika University
What is Cyber Security - Avantika University
 
2015: The year-ahead-in-cyber-security
2015: The year-ahead-in-cyber-security2015: The year-ahead-in-cyber-security
2015: The year-ahead-in-cyber-security
 
Introduction to Cyber Security
Introduction to Cyber SecurityIntroduction to Cyber Security
Introduction to Cyber Security
 
Cyber Security Predictions 2016
Cyber Security Predictions 2016Cyber Security Predictions 2016
Cyber Security Predictions 2016
 
Global Cyber Security Outlook - Deloitte (Hotel_Digital_Security_Seminar_Sept...
Global Cyber Security Outlook - Deloitte (Hotel_Digital_Security_Seminar_Sept...Global Cyber Security Outlook - Deloitte (Hotel_Digital_Security_Seminar_Sept...
Global Cyber Security Outlook - Deloitte (Hotel_Digital_Security_Seminar_Sept...
 
Cyber Security - awareness, vulnerabilities and solutions
Cyber Security - awareness, vulnerabilities and solutionsCyber Security - awareness, vulnerabilities and solutions
Cyber Security - awareness, vulnerabilities and solutions
 
Cyber security
Cyber securityCyber security
Cyber security
 
Cybersecurity
CybersecurityCybersecurity
Cybersecurity
 

Similar a 2016 - Cyber Security for the Public Sector

Cyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & RecommendationsCyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & RecommendationsUlf Mattsson
 
Managed Security Operations Centre Alternative - Managed Security Service
Managed Security Operations Centre Alternative - Managed Security Service Managed Security Operations Centre Alternative - Managed Security Service
Managed Security Operations Centre Alternative - Managed Security Service Netpluz Asia Pte Ltd
 
Securing Fintech: Threats, Challenges & Best Practices
Securing Fintech: Threats, Challenges & Best PracticesSecuring Fintech: Threats, Challenges & Best Practices
Securing Fintech: Threats, Challenges & Best PracticesUlf Mattsson
 
Learning from Verizon 2017 Data Breach Investigations Report – The New Targets
Learning from Verizon 2017 Data Breach Investigations Report – The New TargetsLearning from Verizon 2017 Data Breach Investigations Report – The New Targets
Learning from Verizon 2017 Data Breach Investigations Report – The New TargetsUlf Mattsson
 
IT Security Services
IT Security ServicesIT Security Services
IT Security ServicesOmar Toor
 
Cisco Connect 2018 Malaysia - Risk less, achieve more with proactive security
Cisco Connect 2018 Malaysia - Risk less, achieve more with proactive securityCisco Connect 2018 Malaysia - Risk less, achieve more with proactive security
Cisco Connect 2018 Malaysia - Risk less, achieve more with proactive securityNetworkCollaborators
 
Haystax: Actionable Intelligence Platform
Haystax: Actionable Intelligence PlatformHaystax: Actionable Intelligence Platform
Haystax: Actionable Intelligence PlatformHaystax Technology
 
How can i find my security blind spots ulf mattsson - aug 2016
How can i find my security blind spots ulf mattsson - aug 2016How can i find my security blind spots ulf mattsson - aug 2016
How can i find my security blind spots ulf mattsson - aug 2016Ulf Mattsson
 
Cyber Attack Survival
Cyber Attack SurvivalCyber Attack Survival
Cyber Attack SurvivalSkoda Minotti
 
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...Cristian Garcia G.
 
DETECTE E INVESTIGUE LAS AMENAZAS AVANZADAS
DETECTE E INVESTIGUE LAS AMENAZAS AVANZADAS DETECTE E INVESTIGUE LAS AMENAZAS AVANZADAS
DETECTE E INVESTIGUE LAS AMENAZAS AVANZADAS Cristian Garcia G.
 
CERT Australia Update, by Scott Brown [APNIC 38 / Network Abuse BoF]
CERT Australia Update, by Scott Brown [APNIC 38 / Network Abuse BoF]CERT Australia Update, by Scott Brown [APNIC 38 / Network Abuse BoF]
CERT Australia Update, by Scott Brown [APNIC 38 / Network Abuse BoF]APNIC
 
Cyber Risk Management in 2017 - Challenges & Recommendations
Cyber Risk Management in 2017 - Challenges & RecommendationsCyber Risk Management in 2017 - Challenges & Recommendations
Cyber Risk Management in 2017 - Challenges & RecommendationsUlf Mattsson
 
Cyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdfCyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdfAnil
 
Cyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdfCyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdfAnil
 
2010 Sc World Congress Nyc
2010 Sc World Congress Nyc2010 Sc World Congress Nyc
2010 Sc World Congress NycBob Maley
 

Similar a 2016 - Cyber Security for the Public Sector (20)

Cyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & RecommendationsCyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & Recommendations
 
Managed Security Operations Centre Alternative - Managed Security Service
Managed Security Operations Centre Alternative - Managed Security Service Managed Security Operations Centre Alternative - Managed Security Service
Managed Security Operations Centre Alternative - Managed Security Service
 
Securing Fintech: Threats, Challenges & Best Practices
Securing Fintech: Threats, Challenges & Best PracticesSecuring Fintech: Threats, Challenges & Best Practices
Securing Fintech: Threats, Challenges & Best Practices
 
Learning from Verizon 2017 Data Breach Investigations Report – The New Targets
Learning from Verizon 2017 Data Breach Investigations Report – The New TargetsLearning from Verizon 2017 Data Breach Investigations Report – The New Targets
Learning from Verizon 2017 Data Breach Investigations Report – The New Targets
 
Cyber risks in supply chains
Cyber risks in supply chains Cyber risks in supply chains
Cyber risks in supply chains
 
IT Security Services
IT Security ServicesIT Security Services
IT Security Services
 
Cisco Connect 2018 Malaysia - Risk less, achieve more with proactive security
Cisco Connect 2018 Malaysia - Risk less, achieve more with proactive securityCisco Connect 2018 Malaysia - Risk less, achieve more with proactive security
Cisco Connect 2018 Malaysia - Risk less, achieve more with proactive security
 
Haystax: Actionable Intelligence Platform
Haystax: Actionable Intelligence PlatformHaystax: Actionable Intelligence Platform
Haystax: Actionable Intelligence Platform
 
CCA study group
CCA study groupCCA study group
CCA study group
 
How can i find my security blind spots ulf mattsson - aug 2016
How can i find my security blind spots ulf mattsson - aug 2016How can i find my security blind spots ulf mattsson - aug 2016
How can i find my security blind spots ulf mattsson - aug 2016
 
Cyber Attack Survival
Cyber Attack SurvivalCyber Attack Survival
Cyber Attack Survival
 
Cs cmaster
Cs cmasterCs cmaster
Cs cmaster
 
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
 
ISACA ISSA Presentation
ISACA ISSA PresentationISACA ISSA Presentation
ISACA ISSA Presentation
 
DETECTE E INVESTIGUE LAS AMENAZAS AVANZADAS
DETECTE E INVESTIGUE LAS AMENAZAS AVANZADAS DETECTE E INVESTIGUE LAS AMENAZAS AVANZADAS
DETECTE E INVESTIGUE LAS AMENAZAS AVANZADAS
 
CERT Australia Update, by Scott Brown [APNIC 38 / Network Abuse BoF]
CERT Australia Update, by Scott Brown [APNIC 38 / Network Abuse BoF]CERT Australia Update, by Scott Brown [APNIC 38 / Network Abuse BoF]
CERT Australia Update, by Scott Brown [APNIC 38 / Network Abuse BoF]
 
Cyber Risk Management in 2017 - Challenges & Recommendations
Cyber Risk Management in 2017 - Challenges & RecommendationsCyber Risk Management in 2017 - Challenges & Recommendations
Cyber Risk Management in 2017 - Challenges & Recommendations
 
Cyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdfCyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdf
 
Cyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdfCyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdf
 
2010 Sc World Congress Nyc
2010 Sc World Congress Nyc2010 Sc World Congress Nyc
2010 Sc World Congress Nyc
 

2016 - Cyber Security for the Public Sector

  • 2.  AboutWhitleyPenn,LLP  WhyisCybersecurityImportant?  2015-2016BreachReports  Vulnerabilities  Exploits  Malware  CybercrimeMarketplaces  Hacktivism  TexasCybersecurityFramework  CybersecurityResources 1 Agenda
  • 3. Scott Geye – CISSP, CISA Experience • Certified Information Systems Security Professional (CISSP) • Certified Information Systems Auditor (CISA) • 8 years of Information Technology experience focused on networking and information security • Served as an Information Security Analyst for a large university • Participated in the execution of SOC 1 and SOC 2 engagements • Participated in in the execution of SOX 404 engagements and implementations • Performed IT engagements in multiple industries, including technology, manufacturing, public sector, oil and gas, and healthcare • Advised clients regarding process and control improvement to minimize risk • Provided guidance to clients regarding system evaluation and implementation • Perform IT Risk Assessments and Security Audits EDUCATION Masters in Information Technology Service Management University of Dallas Bachelors in Management Information Systems (MIS) University of Texas at Arlington Bio 2
  • 4.  ServiceAreas: – ITAuditsandConsulting – InternalControlandComplianceReviews – ITandBusinessRiskAssessments – InternalAuditServices – VulnerabilityAssessmentsandNetworkPenetrationTesting – BusinessProcessImprovement – EnterpriseRiskManagementImplementationand Maintenance 3 Whitley Penn,LLP –RiskAdvisory Services
  • 6. The unauthorized access, acquisition, use, or disclosure ofsensitiveinformation. WhatisaBreach? 5
  • 7. There are numerous definitions, but most include data “that allow the identification of a person directly or indirectly” or similar language. Definition ofPersonal Data 6
  • 10. Breaches ByIndustry Verizon – 2016 Data Breach Digest 9
  • 11. Breaches byEnvironment 2016 Trustwave Global Security Report10
  • 13. Method ofCompromise 2016 Trustwave Global Security Report 12
  • 14. Method ofDetection 2016 Trustwave Global Security Report13
  • 17. 16
  • 18. TopPlatforms byVulnerabilities HP Enterprise – 2016 Cyber Risk Report17
  • 19. Vulnerability Marketplace HP Enterprise – 2016 Cyber Risk Report18
  • 20. Vulnerability Marketplace HP Enterprise – 2016 Cyber Risk Report19
  • 21. Vulnerability Marketplace HP Enterprise – 2016 Cyber Risk Report20
  • 23. 2015–NewExploits HP Enterprise – 2016 Cyber Risk Report22
  • 24. 2015–OldExploits HP Enterprise – 2016 Cyber Risk Report23
  • 25. NewExploits byPlatform HP Enterprise – 2016 Cyber Risk Report24
  • 26. NewExploits byFileType HP Enterprise – 2016 Cyber Risk Report25
  • 27. Abusing APICalls HP Enterprise – 2016 Cyber Risk Report26
  • 28. Abusing APICalls HP Enterprise – 2016 Cyber Risk Report27
  • 30. Growth inMalware HP Enterprise – 2016 Cyber Risk Report29
  • 31. Growth inMalware HP Enterprise – 2016 Cyber Risk Report30
  • 32. Reporting toExecutives Ponemon Institute – State of Malware Detection & Prevention 31
  • 34. CybercrimeMarketplace 33 Dell SecureWorks – 2016 Underground Hacker Markets
  • 35. CybercrimeMarketplace 34 Dell SecureWorks – 2016 Underground Hacker Markets
  • 36. CybercrimeMarketplace Dell SecureWorks – 2016 Underground Hacker Markets 35
  • 37. CybercrimeMarketplace Dell SecureWorks – 2016 Underground Hacker Markets 36
  • 39. CybercrimeMarketplace Dell SecureWorks – 2016 Underground Hacker Markets 38
  • 42. Hacktivism (continued) 41 • City of Denver – Website shutdown after police shooting on 4/12/2016. Members of New World Hackers (NWH), a division of Anonymous, launched a Distributed Denial of Service (DDoS) attack against the City’s website. This attack took the City’s website down for the day. • Cincinnati and Miami Police Departments – Members of these Departments were “Doxed” by Anonymous, and personal details were leaked online. Security Newspaper – Anonymous Shuts Down City of Denver Website….
  • 43. Hacktivism (continued) Identity Theft Resource Center 42 Missouri Sheriff’s Association In retaliation to the arrest of members of the group Anonymous, hackers breached the association’s website and released personal information on 7,000 officers. 76 other law enforcement agencies were also targeted in the attack.
  • 45. Texas Cybersecurity Framework Texas Cyber Security Framework 44 Identify – Privacy and Confidentiality – Data Classification – Critical Information Asset Inventory – Enterprise Security Policy, Standards and Guidelines – Control Oversight and Safeguard Assurance – Information Security Risk Management – Security Oversight and Governance – Security Compliance and Regulatory Requirements Management – Cloud Usage and Security – Security Assessment and Authorization / Technology Risk Assessments – External Vendors and Third Party Providers http://www.dir.state.tx.us/security/policy/Pages/framework.aspx
  • 46. Texas Cybersecurity Framework(continued) Texas Cyber Security Framework45 Protect – Enterprise Architecture, Roadmap & Emerging Technology – Secure System Services, Acquisition and Development – Security Awareness and Training – Privacy Awareness and Training – Cryptography – Secure Configuration Management – Change Management – Contingency Planning – Media – Physical Environmental Protection – Personnel Security – Third-Party Personnel Security – System Configuration Hardening & Patch Management – Access Control – Account Management – Security Systems Management – Network Access and Perimeter Controls – Internet Content Filtering – Data Loss Prevention – Identification & Authentication – Spam Filtering – Portable & Remote Computing – System Communications Protection
  • 47. Texas Cybersecurity Framework(continued) Texas Cyber Security Framework46 Detect – Malware Protection – Vulnerability Assessment – Security Monitoring and Event Analysis Respond – Cyber-Security Incident Response – Privacy Incident Response Recover – Disaster Recovery Procedures
  • 49. Resources forLocal Governments Cyber Guide for Counties 48 Critical Infrastructure Partnership Advisory Council (CIPAC) “A partnership between government and critical infrastructure owners and operators, which provides a forum to engage in a broad spectrum of critical infrastructure protection activities, like the Cross-Sector Cybersecurity Working Group” http://www.dhs.gov/critical-infrastructure-partnership-advisory-council
  • 50. Resources forLocal Governments (continued) Cyber Guide for Counties49 Information Technology Government Coordinating Council (IT- GCC) “Brings together diverse federal, state, local, and tribal interests to identify and develop collaborative strategies that advance IT critical infrastructure protection. The IT-GCC serves as a counterpart to the IT Sector Coordinating Council (IT-SCC)” http://www.dhs.gov/critical-infrastructure-sector-partnerships
  • 51. Resources forLocal Governments (continued) Cyber Guide for Counties 50 Multi-State Information Sharing and Analysis Center (MS-ISAC) “A division of the not-for-profit Center for Internet Security, is a collaborative effort based on a strong partnership with the Department of Homeland Security (DHS) and State, Local, Tribal, and Territorial (SLTT) Cybersecurity Engagement program. The MS-ISAC has been designated by DHS as the key resource for cyber threat prevention, protection, response, and recovery for the Nations SLTT governments. Through its state-of-the-art 24/7 Security Operations Center, the MS-ISAC serves as a central resource for situational awareness and incident response for SLTT governments, at no cost to its members.” http://msisac.cisecurity.org/ If you would like to leverage the MS-ISAC for malware analysis, computer forensics, network forensics, incident response, or onsite response, contact the 7x24 Security Operations Center at 1-866-787-4722 or soc@msisac.org
  • 52. Resources forLocal Governments (continued) Cyber Guide for Counties51 Cyber Resilience Review “Provided by DHS to SLTT governments as a free service and involves a one-day, onsite interview that examines the overall practice, integration and health of an organization’s cybersecurity program.” https://www.us-cert.gov/ccubedvp/self-service-crr
  • 53. Resources forLocal Governments (continued) Cyber Guide for Counties 52 Exercises “Directly supports state, local, tribal, and territorial cyber exercise, design, development, and execution. Cyber exercises familiarize SLTT cyber stakeholders with the roles, responsibilities, policies, plans, and procedures related to cyber incidents.” CEP@dhs.gov
  • 54. Resources forLocal Governments (continued) Cyber Guide for Counties 53 National Cybersecurity Communications Integration Center (NCCIC) “A 24x7 cyber monitoring, analysis, incident response, and management center that is the national nexus of cyber and communications incident integration for the federal domain, intelligence networks, law enforcement, the private sector, State, local, tribal, and territorial governments, and international partners.” https://www.us-cert.gov/nccic
  • 55. Resources forLocal Governments (continued) Cyber Guide for Counties 54 United States Computer Emergency Readiness Team (US-CERT) “Brings advanced network and digital media analysis expertise to bear on malicious activity targeting our nations networks. US-CERT develops timely and actionable information for distribution to federal departments and agencies, state and local governments, private sector organizations, and international partners. In addition, US-CERT operates the National Cybersecurity Protection System (NCPS), which provides intrusion detection and prevention capabilities to covered federal departments and agencies. The US-CERT’s National Cyber Alert System (NCAS) delivers timely and actionable information and threat productions including alerts, bulletins and tips.” https://www.us-cert.gov/
  • 56. Resources forLocal Governments (continued) Cyber Guide for Counties 55 Trusted Purchasing Alliance “Designed to drive down the price of security products by combining state and local government purchases into bulk buys. The alliance works with public agencies to pinpoint the areas of greatest need, and then negotiates with vendors for discounted pricing. Product choices are vetted by a review board stocked with analysts and security experts.” http://alliance.cisecurity.org/
  • 57. Resources forLocal Governments (continued) NIST Special Publication 800 Series 56 NIST Special Publications (SP): NIST SP 800 series - Computer Security (December 1990-present): NIST's primary mode of publishing computer/cyber/information security guidelines, recommendations and reference materials. • This framework can provide the “meat” for the Texas Cybersecurity Framework
  • 59. References • HPEnterprise–2016CyberRiskReport • 2016TrustwaveGlobalSecurityReport • Verizon2016DataBreachDigest • PonemonInstitute–StateofMalwareDetection&Prevention • DellSecureWorks–2016UndergroundHackerMarkets • SecurityNewspaper–AnonymousShutsDownCityofDenverWebsiteAfterAnother FatalPoliceShooting • IdentityTheftResearchCenter • TexasCybersecurityFramework • NationalAssociationofCounties(“NACo”) CyberGuideforCounties • NationalInstituteofStandardsandTechnology(NIST)SpecialPublication800Series