Presentation is loading. Please wait.

Presentation is loading. Please wait.

Welcome HITRUST 2014 Conference April 22, 2014. The Evolving Information Security Organization – Challenges and Successes Jason Taule, Chief Security.

Similar presentations


Presentation on theme: "Welcome HITRUST 2014 Conference April 22, 2014. The Evolving Information Security Organization – Challenges and Successes Jason Taule, Chief Security."— Presentation transcript:

1 Welcome HITRUST 2014 Conference April 22, 2014

2 The Evolving Information Security Organization – Challenges and Successes Jason Taule, Chief Security and Privacy Officer, FEi Systems (Moderator) Robert Booker, Vice President and Chief Information Security Officer, UnitedHealth Group Erick Rudiak, Information Security Officer, Express Scripts Roy Mellinger, Vice President, IT Security and Chief Information Security Officer, WellPoint Omar Khawaja, Vice President and Chief Information Security Officer, Highmark

3

4

5

6

7

8

9

10

11

12

13

14

15

16 Chief Information Security Office HITRUST 2014 Conference The Evolving Information Security Organization Challenges and Successes Tuesday – April 22, 2014 Roy R. Mellinger, CISSP – ISSAP, ISSMP, CIM Vice President, IT Security Chief Information Security Officer

17 17 The Evolving Information Security Organization Enterprise Risk Management Security Viewed as a Business Enabler Translating Business Needs into Security Requirements Translating Security Requirements into Technical Security Controls Operating Technical Security Controls RiskOperational Compliance Security Threat Management IT Compliance IT Risk Enterprise Risk Fighting Fires Containing Anticipating Fires Preventing Fires

18 18 The Evolving Information Security Organization CYBER THREAT MANAGEMENT  24x7 Security Operations Center (SOC)  End to End DLP (Data Loss Prevention) Strategy  Tracking of Malware Threats and Coding Techniques  Effective Firewalls, IDS / IPS Strategy Implementations  Effective Security and Event Log Management & Monitoring  Robust Safeguarding Polices, Programs and Processes

19 19 The Evolving Information Security Organization Hacking Now  Automated / Sophisticated Malware  Hactivism – Freedom of Speech, Statements to Influence Change, Sway Public Opinion and Publicize Views  Criminal – Drug Cartels, Domestic and Foreign Organized Crime for Identity Theft and Financial Fraud  Espionage – IP, Business Intelligence, Technology, Military / Political Secrets  Terrorism – Sabotage, Disruption and Destruction  Nation-State – Intelligence Gathering, Disruptive Tactics, Clandestine Ops, Misinformation, Warfare Strategies, and Infrastructure Destruction  Individual or Computer Clubs/ Groups  Manual efforts with Social Engineering ­ Success = Badge Of Honor ­ Personal Monetary Gain or to pay for / fund hacking activity Hacking Then  War Protesting and Civil Disobedience  Anti-Establishment Rhetoric  Social Rebels and Misfits FRINGEMAINSTREAM YEARS

20 20 The Evolving Information Security Organization Initial compromise — spear phishing via , planting malware on a target website or social engineering. Establish Foothold — plant administrative software and create back doors to allow for stealth access. Escalate Privileges — use exploits and password cracking tools to gain privileges on victim computer and network. Internal Reconnaissance — collect info on network and trust relationships. Move Laterally — expand control to other workstations and servers. Harvest data. Maintain Presence — ensure continued control over access channels and credentials acquired in previous steps. Complete Mission — exfiltrate stolen data from victim's network.

21 21 The Evolving Information Security Organization Cyber Threat Management Conventional ApproachParadigm Shift: Cyber Threat Management Controls CoverageProtect ALL information assetsProtect your MOST IMPORTANT assets (Crown Jewels) based on risk assessments Controls FocusPreventive Controls (anti-virus, firewalls, intrusion prevention, etc.) Detective Controls (monitoring, behavioral logic, data analytics) PerspectivePerimeter BasedData Centric Goal of LoggingCompliance ReportingThreat Detection Security Incident Management Piecemeal – Find and neutralize malware or infected nodes BIG PICTURE – Find and dissect attack patterns to understand threat Threat ManagementCollect information on MalwareDevelop a deep understanding of attackers targets and modus operandi related to YOUR org’s network and information assets Success Defined By:No attackers get into the networkAttackers sometimes get in; BUT are detected as early as possible and impact is minimized

22 Omar Khawaja April 23, 2014 The Evolving Information Security Organization – Challenges and Successes

23 23 Who is Highmark?

24 Risk is increasing Our information is increasing in value… More data (EMRs) More collaboration (ACOs) More regulation (FTC) Our weaknesses are increasing… More suppliers (Cloud) More complexity (ACA) Opportunities to attack are increasing… More access (consumer portals) More motivated attackers Becoming increasingly difficult to secure Multiple Compliance Requirements Evolving Compliance Requirements Unclear Compliance Requirements Less visibility Less control (Assets Vulnerabilities Threats) Controls X X -

25 Security org needs to evolve From… Explaining the “what” Growing the security org Creating more security processes Telling them what to do Protecting everything equally Measuring what matters to security org To… Explaining the "why" Growing security in the org Making security part of more processes Assisting them with their job Differentiated controls Reporting on what matters to audience

26 Questions?


Download ppt "Welcome HITRUST 2014 Conference April 22, 2014. The Evolving Information Security Organization – Challenges and Successes Jason Taule, Chief Security."

Similar presentations


Ads by Google