Oklahoma Chapter Information Systems Security Association Oklahoma Chapter, Tulsa Oklahoma City Chapter, OKC Student Chapter, Okmulgee Oklahoma Chapter, Tulsa Oklahoma City Chapter, OKC Student Chapter, Okmulgee

Oklahoma Chapter What is ISSA ? A not-for-profit international organization of information security professionals Local chapter for Tulsa’s cyber security and data protection professionals and students Educational forums, publications, peer interaction opportunities Free exchange of information security techniques, approaches and problem solving Education outreach to local security programs Frequent newsletters and podcasts A not-for-profit international organization of information security professionals Local chapter for Tulsa’s cyber security and data protection professionals and students Educational forums, publications, peer interaction opportunities Free exchange of information security techniques, approaches and problem solving Education outreach to local security programs Frequent newsletters and podcasts 2

Oklahoma Chapter ISSA Oklahoma Chapter in Tulsa Local Tulsa meetings: –Monthly meetings to network and exchange ideas held second Monday of each month –We support local tech events like TechFest and TechJunction –Participation in and sponsorship of regional security events:  Information Warfare Summit, October in OKC  BSidesOK, coming to Tulsa in April! Visit for more details Local Tulsa meetings: –Monthly meetings to network and exchange ideas held second Monday of each month –We support local tech events like TechFest and TechJunction –Participation in and sponsorship of regional security events:  Information Warfare Summit, October in OKC  BSidesOK, coming to Tulsa in April! Visit for more details 3

Oklahoma Chapter See Clearly Through the Fog of War How to better prepare for a cyber attack, respond effectively, and recovery completely. Michael Haney President, ISSA Oklahoma How to better prepare for a cyber attack, respond effectively, and recovery completely. Michael Haney President, ISSA Oklahoma

Oklahoma Chapter Michael Haney  Over 15 years as an infosec professional  11 years as information security consultant:  1 year as Walmart Stores Digital Forensics Lab QM  SANS Institute Mentor  CISSP, GSEC, GCIA, GCIH, GCFA, and former PCI QSA  Currently full-time Ph.D. student at TU:  Over 15 years as an infosec professional  11 years as information security consultant:  1 year as Walmart Stores Digital Forensics Lab QM  SANS Institute Mentor  CISSP, GSEC, GCIA, GCIH, GCFA, and former PCI QSA  Currently full-time Ph.D. student at TU:

BE PREPARED 6

Oklahoma Chapter Be Prepared Quality Information Security Policies –Disaster Recovery Plan –Incident Response Plan –Communications Plan(s) Awareness, Training, and Education –Appropriate for the Appropriate Level –Everyone should know the policy Outside Assistance: –Know who to call –Know when to call Exercises –Table Top Exercises –Fire Drills –Lessons Learned Quality Information Security Policies –Disaster Recovery Plan –Incident Response Plan –Communications Plan(s) Awareness, Training, and Education –Appropriate for the Appropriate Level –Everyone should know the policy Outside Assistance: –Know who to call –Know when to call Exercises –Table Top Exercises –Fire Drills –Lessons Learned

BE PREPARED 8

VULNERABILITY INTELLIGENCE 9

Oklahoma Chapter Vulnerability Intelligence Inventory Management Configuration Management Patch Management Log Management Secure Code Reviews Vulnerability Scanning and Remediation Lifecycle Penetration Testing –Trusted Security Vendor –White Box and Black Box Testing Inventory Management Configuration Management Patch Management Log Management Secure Code Reviews Vulnerability Scanning and Remediation Lifecycle Penetration Testing –Trusted Security Vendor –White Box and Black Box Testing

11 VULNERABILITY INTELLIGENCE

THREAT INTELLIGENCE 12

Oklahoma Chapter Threat Intelligence Malware Outbreaks (Rogue Actors and Criminals) Targeted Attacks (Enemy Nations and Terrorists) Insider Threats, Negligent Users, Social Engineers Know the Stages of Attack and Compromise Well-tuned Intrusion Detection Systems HONEYPOTS! Time to Go Hunting –Know the threats –Know your vulnerabilities –Don’t Wait for Alerts Malware Outbreaks (Rogue Actors and Criminals) Targeted Attacks (Enemy Nations and Terrorists) Insider Threats, Negligent Users, Social Engineers Know the Stages of Attack and Compromise Well-tuned Intrusion Detection Systems HONEYPOTS! Time to Go Hunting –Know the threats –Know your vulnerabilities –Don’t Wait for Alerts

14 THREAT INTELLIGENCE

COLLECTIVE INTELLIGENCE 15

Oklahoma Chapter Collective Intelligence Publicly Available Information Sources: –Internet Storm Center: isc.sans.edu –SANS NewsBytes –The Hacker News, Krebs On Security –Lots of good blogs out there (and some bad ones, too) Vendors: –Verizon Data Breach Investigations Report –Mandiant APT1 and IOC –Symantec Deep Insight Organizations: –FS-ISAC, ES-ISAC, MS-ISAC, REN-ISAC, etc. –CERT/CC, US-CERT, ICS-CERT –ISSA, InfraGard PEERS! READ, LEARN, and SHARE! Publicly Available Information Sources: –Internet Storm Center: isc.sans.edu –SANS NewsBytes –The Hacker News, Krebs On Security –Lots of good blogs out there (and some bad ones, too) Vendors: –Verizon Data Breach Investigations Report –Mandiant APT1 and IOC –Symantec Deep Insight Organizations: –FS-ISAC, ES-ISAC, MS-ISAC, REN-ISAC, etc. –CERT/CC, US-CERT, ICS-CERT –ISSA, InfraGard PEERS! READ, LEARN, and SHARE!

17 COLLECTIVE INTELLIGENCE

18 PRIVACY

Oklahoma Chapter Privacy Know the Law Know the Policies and Culture Share information, but do so securely Be cautious of increasing liability and risk Do the Right Thing Know the Law Know the Policies and Culture Share information, but do so securely Be cautious of increasing liability and risk Do the Right Thing

20 PRIVACY

21 COLLECTIVE INTELLIGENCE

22 THREAT INTELLIGENCE

23 VULNERABILITY INTELLIGENCE

BE PREPARED 24

Oklahoma Chapter Thanks and Good Luck!