Presentation is loading. Please wait.

Presentation is loading. Please wait.

JAMIE S. HERMAN, C|CISO, CISM, CISSP MANAGER OF INFORMATION SECURITY ROPES & GRAY LLP.

Published byAnnabel Jennings Modified over 8 years ago

Similar presentations

Presentation on theme: "JAMIE S. HERMAN, C|CISO, CISM, CISSP MANAGER OF INFORMATION SECURITY ROPES & GRAY LLP."— Presentation transcript:

1 JAMIE S. HERMAN, C|CISO, CISM, CISSP MANAGER OF INFORMATION SECURITY ROPES & GRAY LLP

2  50% - attacks on companies with fewer than 2500 employees  1719 – Average number of attacks per 1000 users  80 – FBI estimates more than 80 major US law firms were compromised in 2011  Exponential growth – 6x more malicious links (2012)

3

4  Software that interferes with normal operation of your computer  Generally executes without your knowledge or consent  Can damage or disable your computer, or steal firm information  Includes viruses, trojans, works, and spyware

5  Phishing campaign  Social Engineering  Unencrypted Media  Elevated privileges  Malicious websites

6

7

8

9 Perception…

10  Critical aspect of Information Security  Client/Matter intake  How can you protect what you don’t know?  Many flavors (government, industry, business model)  Role Based Access Control (RBAC)  Need to know  Data Vaults

11  Visibility  Data Leak Prevention (DLP)  Reporting  Client protection and retention  Compliance and competitive advantage

12 Hot Topics  Secure file sharing  Email encryption  Removable Media Encryption  Social media/personal email access  Mobile devices (BYOD)

13

14

15  http://www.darkreading.com http://www.darkreading.com  http://www.infosecisland.com http://www.infosecisland.com  http://www.threatpost.com http://www.threatpost.com  http://www.krebsonsecurity.com http://www.krebsonsecurity.com  http://www.dhs.gov/dhs-daily-open-source-infrastructure-report http://www.dhs.gov/dhs-daily-open-source-infrastructure-report  http://www.us-cert.gov/ncas/current-activity http://www.us-cert.gov/ncas/current-activity  https://isc.sans.edu/ https://isc.sans.edu/  https://isc.sans.edu/reportfakecall.html https://isc.sans.edu/reportfakecall.html

16 Remember Security is Everyone's responsibility! Sec-U-R-IT-y………You Are It!

17

Download ppt "JAMIE S. HERMAN, C|CISO, CISM, CISSP MANAGER OF INFORMATION SECURITY ROPES & GRAY LLP."

Similar presentations

POSSIBLE THREATS TO DATA

POSSIBLE THREATS TO DATA
Online Safety. Introduction The Internet is a very public place Need to be cautious Minimize your personal risk while online Exposure to: viruses, worms,

Online Safety. Introduction The Internet is a very public place Need to be cautious Minimize your personal risk while online Exposure to: viruses, worms,
Data Leak Prevention: Safeguarding Corporate Information in a world of vanishing perimeters Kostas Papadatos MSc InfoSec, CISSP, ISO 27001 Lead Auditor,

Data Leak Prevention: Safeguarding Corporate Information in a world of vanishing perimeters Kostas Papadatos MSc InfoSec, CISSP, ISO Lead Auditor,
Chapter 4 McGraw-Hill/Irwin Copyright © 2011 by The McGraw-Hill Companies, Inc. All rights reserved. Ethics and Information Security.

Chapter 4 McGraw-Hill/Irwin Copyright © 2011 by The McGraw-Hill Companies, Inc. All rights reserved. Ethics and Information Security.
UT Wing Civil Air Patrol. Objective Identify network and cyber vulnerabilities and mitigations Social Media/Metadata/Exfil data MITM Attacks Malware Social.

UT Wing Civil Air Patrol. Objective Identify network and cyber vulnerabilities and mitigations Social Media/Metadata/Exfil data MITM Attacks Malware Social.
Chapter 8 Chapter 8 Digital Defense: Securing Your Data and Privacy

Chapter 8 Chapter 8 Digital Defense: Securing Your Data and Privacy
Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.

Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
Malicious Attacks By: Albert, Alex, Andon, Ben, Robert.

Malicious Attacks By: Albert, Alex, Andon, Ben, Robert.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Cyber Security - Threats James Clement Network Specialist ETS: Communications & Network Services

Cyber Security - Threats James Clement Network Specialist ETS: Communications & Network Services
What Are Malicious Attacks? Malicious Attacks are any intentional attempts that can compromise the state of your computer. Including but not limited to:

What Are Malicious Attacks? Malicious Attacks are any intentional attempts that can compromise the state of your computer. Including but not limited to:
Malicious Attacks By: Albert, Alex, Andon, Ben, Robert.

Malicious Attacks By: Albert, Alex, Andon, Ben, Robert.
Internet Security PA Turnpike Commission. Internet Security Practices, rule #1: Be distrustful when using the Internet!

Internet Security PA Turnpike Commission. Internet Security Practices, rule #1: Be distrustful when using the Internet!
Internet Safety for Students Malicious Programs By: Mr. Bradshaw Scott City R-1 Schools.

Internet Safety for Students Malicious Programs By: Mr. Bradshaw Scott City R-1 Schools.
Keeping Data Safe Revision Summer 2013. How many ways can data be lost? Start a list… Physical Loss or Corruption of data Accidental or Deliberate Unauthorised.

Keeping Data Safe Revision Summer How many ways can data be lost? Start a list… Physical Loss or Corruption of data Accidental or Deliberate Unauthorised.
Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.

Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.
Quiz Review.

Quiz Review.
Threats to I.T Internet security By Cameron Mundy.

Threats to I.T Internet security By Cameron Mundy.
Information Security Information Technology and Computing Services Information Technology and Computing Services

Information Security Information Technology and Computing Services Information Technology and Computing Services
Issues Raised by ICT.

Issues Raised by ICT.

Similar presentations

Ads by Google