El Camino Cyber security

Where we started – may, 2016 Aging eol firewall/vpn No spf/dmarc/dkim implementation Aging eol switches No waf Aging eol server & workstation o.s. versions No dns protection No internal security procedures Aging and underperforming email gateway No dedicated security person

Where we started – may, 2016 Out of date motd & web privacy statement No formal employee cyber security training program Only one administrative policy (out of date) No endpoint malware protection No security website or newsletter No firm understanding of cyber insurance coverage No penetration testing No focus on ferpa/pci/ca compliance No vulnerability testing

Where we are now - 2019 Hired CISO per plan-net Cisco internal waf New Cisco 9000 firewall w/ vpn Cisco umbrella dns New switches – more being replaced internal procedures for spam/phishing mitigation, ransomware, & formal breach response plan Servers upgraded to newer os Workstations being upgraded to win10 Upgraded to barracuda 600 & cloud spf/dmarc/dkim implementation

Where we are now - 2019 KnowB4 phishing simulator & training 12 new administrative policies & 2 new board policies Malwarebytes & Cisco amp endpoints Complete understanding of cyber insurance coverage documented in breach-response plan Cyber security website & monthly newsletter penetration testing performed focus on ferpa/pci/gdpr compliance vulnerability testing via tenable/nessus New motd & web privacy statement

Where we are now - 2019 Splunk (log aggregation) Involvement in technology committee & aims committee Re-wrote info security section in new technology master plan Representation at chancellor’s office events Created 5 year cybersecurity strategic plan Represented el camino at the 2018 mcafee cybersecurity leadership & innovation awards Involvement in fbi-infragard, isaca, issa FBI infragard daily intel briefings to ecc- pd Represented el camino at the 2019 cio ones to watch awards DHS cybersecurity intel briefings to its

Where we need to be – 2020 & beyond New policies approved by board Look at logz.io (elk stack) Implement 2FA (at least its) Finalize & implement br/dr plan Another pen test Look at spirion Threat-hunting s/w (Reveal-X) Completion of data governance project (Vladimir) Checkpoint sandblast now appliance Address scada vulnerabilities HP printer security

Current trending threats Cryptojacking (cryptomining) File-less malware (powerghost) Software Subversion – malware in opensource s/w Attacks to cryptocurrency eco-system Large-scale DNS attacks Q1 2019 has seen a 967% increase so far on 100gbps+ attacks!!!

Current trending defenses Threat emulation s/w (verodin, attackIQ, darklight, etc.) IAM moving to the cloud Authentication through mobile devices will explode (2FA) The public will look beyond compliance for real trust FedEx (notPetya) & Equifax (data breach)

Where we need to be – 2020 & beyond fff

Questions. https://www. elcamino