Presentation is loading. Please wait.

Presentation is loading. Please wait.

The Difficult Road To Cybersecurity Steve Katz, CISSP Security Risk Solutions 631-692-5175 Steve Katz, CISSP Security.

Published byImogene Henry Modified over 8 years ago

Similar presentations

Presentation on theme: "The Difficult Road To Cybersecurity Steve Katz, CISSP Security Risk Solutions 631-692-5175 Steve Katz, CISSP Security."— Presentation transcript:

1 The Difficult Road To Cybersecurity Steve Katz, CISSP Security Risk Solutions 631-692-5175 stevekatz@securityrisksolutions.org Steve Katz, CISSP Security Risk Solutions 631-692-5175 stevekatz@securityrisksolutions.org

2 Mission  To prevent, detect and respond to acts that could impact the ability of a company to provide essential services.  To maintain public/customer confidence in a company’s ability to ensure the confidentiality, integrity and availability of information and services.  To enable a company to pursue business opportunities while meeting security and privacy commitments.  To create a culture where security is an integral part of the business governance process.  To prevent, detect and respond to acts that could impact the ability of a company to provide essential services.  To maintain public/customer confidence in a company’s ability to ensure the confidentiality, integrity and availability of information and services.  To enable a company to pursue business opportunities while meeting security and privacy commitments.  To create a culture where security is an integral part of the business governance process.

3 Key Drivers  The Need to Deliver Trust to Customers, Partners and Staff  Legal/Regulatory  ISO17799/ISF/BITS/COSO/COBIT Security Standards  Company Policy, Standards and Practices  Internal Audit Practices and Procedures  The Need to Deliver Trust to Customers, Partners and Staff  Legal/Regulatory  ISO17799/ISF/BITS/COSO/COBIT Security Standards  Company Policy, Standards and Practices  Internal Audit Practices and Procedures

4 Operating Assumptions  All companies are targets  All technology is vulnerable to intrusion  Web commerce systems are the windows to the company  Internet based Malware is a prevalent reality  What is secure today, won’t be tomorrow  Ongoing assessment is mandatory  Security is a Journey NOT a Destination  Metrics – If You Can’t Measure It, You Can’t Manage It!  All companies are targets  All technology is vulnerable to intrusion  Web commerce systems are the windows to the company  Internet based Malware is a prevalent reality  What is secure today, won’t be tomorrow  Ongoing assessment is mandatory  Security is a Journey NOT a Destination  Metrics – If You Can’t Measure It, You Can’t Manage It!

5 Some Top Concerns  Not Having An Effective Vulnerability/Patch Management Process.  Not Using Vulnerability Assessment and IDS/IPS Tools.  Not Analyzing Source Code.  Not Having Effective End Point Security.  Not Having Effective Application Level Security.  Having Improperly Secured Remote Access.  Unprotected Laptop Computers Being Stolen.  Ineffective Security For Web Services.  Not Having An Effective Vulnerability/Patch Management Process.  Not Using Vulnerability Assessment and IDS/IPS Tools.  Not Analyzing Source Code.  Not Having Effective End Point Security.  Not Having Effective Application Level Security.  Having Improperly Secured Remote Access.  Unprotected Laptop Computers Being Stolen.  Ineffective Security For Web Services.

6 Some Top Concerns  Having Improperly Configured Firewalls & Servers.  Not Having Effective Security Over Stored and Transmitted Data.  Using Non-secured E-Mail for Restricted/Private Information.  Not “Pen-Testing” Internet Based Applications.  Not Analyzing Security Event Logs  Not Changing/Deleting Entitlements after Changes in Job or Employment Status.  Not Effectively Communicating with Business Management and the Board.  Having Improperly Configured Firewalls & Servers.  Not Having Effective Security Over Stored and Transmitted Data.  Using Non-secured E-Mail for Restricted/Private Information.  Not “Pen-Testing” Internet Based Applications.  Not Analyzing Security Event Logs  Not Changing/Deleting Entitlements after Changes in Job or Employment Status.  Not Effectively Communicating with Business Management and the Board.

7 Classification of Threat First Generation  Spread via email, or sharing files, disks, etc.  Examples would be the common viruses of the 80s/90s.  Remedy: Human action and anti-virus programs  Spread via email, or sharing files, disks, etc.  Examples would be the common viruses of the 80s/90s.  Remedy: Human action and anti-virus programs

8 Classification of Threat Second Generation  Threat: usually self propagating worms.  Leverage known vulnerabilities.  Mostly non-destructive.  Remedy: Identify the vulnerability and fix ASAP.  Threat: usually self propagating worms.  Leverage known vulnerabilities.  Mostly non-destructive.  Remedy: Identify the vulnerability and fix ASAP.

9 Classification of Threat Third Generation  Leverage known and unknown vulnerabilities where patches may not be available.  May be targeted attacks.  May hide behind encryption.  Attacks aimed at obtaining information, including phishing/pharming.  Remedy: Automated vulnerability management tools and processes.  Leverage known and unknown vulnerabilities where patches may not be available.  May be targeted attacks.  May hide behind encryption.  Attacks aimed at obtaining information, including phishing/pharming.  Remedy: Automated vulnerability management tools and processes.

10 2005 Symantec Report Based on 24,000 Sensors in 180 Companies  Increasing use of sophisticated, Worms, Trojans, and Bots sold to the highest bidder.  Information Theft is on the rise: 74% of code submitted could steal information.  Almost 11,000 new Malware programs identified in first half of 2005; up 48% over 2004.  Increase in number of Phishing attacks.  Average time from disclosing an exploit to a working attack: 6 days.  Average time between exploit and patch release: 54 Days  Biggest Threat: worms, trojans, viruses and bots.  Number of attacks is decreasing - severity of attacks is increasing.  Increasing use of sophisticated, Worms, Trojans, and Bots sold to the highest bidder.  Information Theft is on the rise: 74% of code submitted could steal information.  Almost 11,000 new Malware programs identified in first half of 2005; up 48% over 2004.  Increase in number of Phishing attacks.  Average time from disclosing an exploit to a working attack: 6 days.  Average time between exploit and patch release: 54 Days  Biggest Threat: worms, trojans, viruses and bots.  Number of attacks is decreasing - severity of attacks is increasing.

11 Vulnerability-to-Exploit Window Vulnerability Discovered Vendor Notified Patch Release Last System Patched

12 2005 CSI/FBI Security Survey  700 Respondents vs. 494 in 2004  Causes of Financial Loss  Viruses42.8M  Unauthorized Access31.2M  Theft of Information30.9M  DOS 7.3M  700 Respondents vs. 494 in 2004  Causes of Financial Loss  Viruses42.8M  Unauthorized Access31.2M  Theft of Information30.9M  DOS 7.3M

13 2005 CSI/FBI Security Survey  Security Technology Used  Firewalls 97%  Antivirus 96%  IDS 72%  Server Based ACLs 70%  Encrypting Data in Transit 68%  Encrypted Files 46%  Password Tokens 42%  Biometrics 15%  Security Technology Used  Firewalls 97%  Antivirus 96%  IDS 72%  Server Based ACLs 70%  Encrypting Data in Transit 68%  Encrypted Files 46%  Password Tokens 42%  Biometrics 15%

14 Need To Look At Additional Tools  Risk, Vulnerability & Remediation Management  Vulnerability Assessments & Threat Alerts  Impact Assessment  Patch Validation & Distribution  Anti-phishing/anti-pharming tools  Identity & Access Management  End Point Security Products  Event Log Analyzers  Network Security Intelligence  Source Code Analysis  Web Services/XML Security Tools  Risk, Vulnerability & Remediation Management  Vulnerability Assessments & Threat Alerts  Impact Assessment  Patch Validation & Distribution  Anti-phishing/anti-pharming tools  Identity & Access Management  End Point Security Products  Event Log Analyzers  Network Security Intelligence  Source Code Analysis  Web Services/XML Security Tools

15 People-WhoProcess-WhatTechnology-How Prevention Awareness Programs Security Training Policy & Standards Trust Permit Risk Acceptance Anti-Virus ID & Access Management App. Code Review Detection Security Report Violation Logs Event Logs IDS Report Analysis Violation Analysis Tools IDS Event Log Analysis Tools Investigation & Forensics Cyber Security Investigators SIRT Data Mirroring/Forensics Tools Recovery & Reconstitution Verification & Validation Metrics Pen Testing War Games Assessment Tools Remediation Verification App. Code Analysis Security & Risk Framework

16 Thank You

Download ppt "The Difficult Road To Cybersecurity Steve Katz, CISSP Security Risk Solutions 631-692-5175 Steve Katz, CISSP Security."

Similar presentations

Copyright © 2014 American Water Works Association Water Sector Approach to Process Control System Security.

Copyright © 2014 American Water Works Association Water Sector Approach to Process Control System Security.
HIPAA: FEDERAL REGULATIONS REGARDING PATIENT SECURITY.

HIPAA: FEDERAL REGULATIONS REGARDING PATIENT SECURITY.
7 Effective Habits when using the Internet Philip O’Kane 1.

7 Effective Habits when using the Internet Philip O’Kane 1.
Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.

Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.
AmadeusCybersecurity: the essentials12 th November 2014 Alex van Someren Family Office Forum 12 th November 2014, Zurich Cybersecurity: the essentials.

AmadeusCybersecurity: the essentials12 th November 2014 Alex van Someren Family Office Forum 12 th November 2014, Zurich Cybersecurity: the essentials.
E-Commerce Security Issues. General E-Business Security Issues Any E-Business needs to be concerned about network security. The Internet is a “ public.

E-Commerce Security Issues. General E-Business Security Issues Any E-Business needs to be concerned about network security. The Internet is a “ public.
Preventing Good People From Doing Bad Things Best Practices for Cloud Security Brian Anderson Chief Marketing Officer & Author of “Preventing Good People.

Preventing Good People From Doing Bad Things Best Practices for Cloud Security Brian Anderson Chief Marketing Officer & Author of “Preventing Good People.
The Ecommerce Security Environment For most law-abiding citizens, the internet holds the promise of a global marketplace, providing access to people and.

The Ecommerce Security Environment For most law-abiding citizens, the internet holds the promise of a global marketplace, providing access to people and.
1 Telstra in Confidence Managing Security for our Mobile Technology.

1 Telstra in Confidence Managing Security for our Mobile Technology.
Blended Threats and Layered Defenses Security Protection in Today’s Environment Marshall Taylor

Blended Threats and Layered Defenses Security Protection in Today’s Environment Marshall Taylor
Security Controls – What Works

Security Controls – What Works
Information Security Policies and Standards

Information Security Policies and Standards
Security+ Guide to Network Security Fundamentals

Security+ Guide to Network Security Fundamentals
Lecture 10 Security and Control.

Lecture 10 Security and Control.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Qualitative.

Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Qualitative.
Global Information Security Issues According to the E&Y Global Survey, Managers Say the Right Thing… –90% of 1400 companies surveyed in 66 countries say.

Global Information Security Issues According to the E&Y Global Survey, Managers Say the Right Thing… –90% of 1400 companies surveyed in 66 countries say.
Contact Center Security Strategies Grant Sainsbury Practice Director, Dimension Data.

Contact Center Security Strategies Grant Sainsbury Practice Director, Dimension Data.

Similar presentations

Ads by Google