POWERED BY: #NPPROTGC KEYNOTE Two Perspectives for Cybersecurity Best Practices Jane LeClair, Phd Chief Operating Officer National Cybersecurity Institute (NCI) at Excelsior College Lisa Lori Partner Klehr, Harrison, Harvey, Branzburg LLP

POWERED BY: Dr. Jane LeClair Chief Operating Officer National Cybersecurity Institute at Excelsior College The Challenges of Cybersecurity #NPPROTGC

POWERED BY: A Connected World #NPPROTGC

Malicious Intent 4

POWERED BY:  Cyber crime costs the global economy $1 trillion annually  Merchants lose $190 billion to credit card fraud annually  Banks lose $11 billion in ATM fraud annually  Identify theft costs Americans $37 billion annually  Over 70 million people in the US were cyber victims last year Financial Losses Staggering Losses #NPPROTGC

POWERED BY: Well Known Breaches #NPPROTGC

POWERED BY: Hackers Attack Everywhere  Banks  Defense contractors  Learning institutions  Medical facilities  Government agencies  The White House  And….Non-profit organizations Cyber Breaches Are Everywhere #NPPROTGC

POWERED BY: Hackers are seeking data from any source they can obtain it Personally Identifiable Information (PII) Data is ‘mined’ and used for further intrusions Information is leveraged to gain higher access DATA!! What Are They After? #NPPROTGC

POWERED BY: Defined as “actions by a nation state to penetrate another nation’s computers or networks for the purposes of causing damage or disruption” (Clarke and Knake, 2010) Goal of gaining access to many of America’s digital infrastructures Cyber Warfare But More Than That... #NPPROTGC

POWERED BY: Computer virus Network worms Sophisticated malware Targeted attacks, mobile attacks, espionage, cyber warfare Higher Level of Sophistication So What’s Changing #NPPROTGC

POWERED BY: Attacks are rising Vulnerability increased through the backdoor Increased costs when systems down Increased access to clients, partners, donors, contractors, etc. Gateway How That Impacts You #NPPROTGC

POWERED BY: Ability and Desire to secure systems make you unique Generally centralized management Limited specialized cyber staff Relaxed culture often has limited formal cyber policies Large numbers do not have formal cyber security plan Large numbers do not have a formal internet security policy Often ignore cyber due to day-to-day operations Competing with large organizations, intel groups, military, government for workforce Challenges Organizational Structure #NPPROTGC

POWERED BY: Often ignorant of extent of security threats May feel it’s a given….why worry….flawed perceptions Not concerned about internal threats Don’t have expertise to develop and implement plans/policies Often feel that a data breach would have no effect on them Large numbers of owners/operator are responsible personally Forced to depend on advice from vendors/consultants Physical/Cyber security not made a priority Challenges Organizational Structure #NPPROTGC

POWERED BY: Increased basic attacks and more sophisticated Focus of attacks has been easily exploitable weaknesses Trojans used to lurk within and be a watering hole Attackers play on low knowledge level, limited resources, inexperience in design configuration and implementation of controls such as passwords, updated security settings, patch management, phishing Threats What You Are Facing #NPPROTGC

POWERED BY: Realization Awareness Preparation What You Can Do #NPPROTGC

POWERED BY: All digital systems are vulnerable It isn’t a matter of IF, but WHEN you will be attacked Work to reduce your chances of a cyber breach Realization #NPPROTGC

POWERED BY: Realizing Your Vulnerability #NPPROTGC

POWERED BY: Reduce your risk Increase awareness Educate and train your employees Awareness #NPPROTGC

POWERED BY: Sophisticated Malware Impact of Internet of Things Bring Your Own Devices Expanded Black Market Increased Website Hijacking Cyber Threats #NPPROTGC

POWERED BY: Cybersecurity is a People Problem  Wired communication pathway between the digital network and the Internet  Wireless communication pathway between the digital network and the Internet  Connection (authorized and unauthorized) of portable digital media and computing devices to the digital network  Physical access (authorized and unauthorized) to the digital network (insider threat)  Hardware/software supply chain (equipment from a supplier) #NPPROTGC

POWERED BY: Integrating the Domains Ensure the right technology, configuration maintenance and integration Ensure policies/ procedures are in place to define scope, application, use and exceptions Ensure awareness, acceptance and tech personnel required #NPPROTGC

POWERED BY:  Social engineering is the #1 method of initiating a breach  ALL of us house personally identifiable information  If you don’t have the expertise… hire it!  You can build better ‘mousetraps’  Pay attention to Cloud security  Be aware of your supply chain Cyber Focus #NPPROTGC

POWERED BY:  Install an Intrusion Detection System (IDS)  Appoint and train a cybersecurity response team  Develop a cybersecurity disaster and recovery plan Prepare for the Inevitable Prepare #NPPROTGC

POWERED BY:  Key steps to reduce the pain of a data breach  Legal issues after a data breach  What to tell the media, customers, vendors  How to reduce the chances of a future attack Disaster Recovery #NPPROTGC

POWERED BY:  Assemble internal team  Perform initial internal investigation  Document who and how it was discovered and what might have been stolen  Contact law enforcement  Hire specialists  Prepare for media coverage, social media Key Steps After a Data Breach #NPPROTGC

POWERED BY:  Communicate with your customers  Perform in-depth investigation  Continue in-depth documentation  Implement fixes  Validate the fixes  Enhance overall cybersecurity measures Key Steps After a Data Breach #NPPROTGC

POWERED BY:  Document the potential scope of the attack  What parts of the network were attacked?  What data may have been stolen?  How was the attack identified? Documentation #NPPROTGC

POWERED BY:  Evidence Preservation View your system as a physical crime scene. Evidence must be protected and an initial investigation conducted quickly and with as little contamination as possible. Retain system, application, database, and network device logs and avoid making changes to the system suspected of being compromised before data is preserved. Investigation #NPPROTGC

POWERED BY:  Forensic Data Collection Consult an expert to assist you in acquiring a forensic image of the hard drive and the live memory of the systems suspected of being compromised Follow the proper chain of custody procedures. The more details you can save, the better chance there is to identify the criminals. Investigation #NPPROTGC

POWERED BY:  Expect Lawsuits  Determine Notification Requirements  Be prepared to share breach documentation  Determine what outside help needed Legal Issues After a Data Breach #NPPROTGC

POWERED BY:  Implement stronger security measures. It can happen to you again How to Reduce Chances of a Future Attack #NPPROTGC

POWERED BY:  Conduct employee awareness training: Each person needs to be cautious Do role-playing with phishing examples Practice social engineering tricks so your people can identify someone trying to do it How to Reduce Chances of a Future Attack #NPPROTGC

POWERED BY: Create a list of key people to involve for your response to an attack:  Management: Senior officers or owners  IT: Employee or outsourced key contact  Financial: Employee or outside bookkeeper  Marketing/PR: Communications to customers, vendors, partners as well as media responses and press releases Response Planning #NPPROTGC

POWERED BY:  Human Resources: Communications to employees and how to handle questions from customers or the media.  Telecommunications: How to communicate with staff, vendors and customers if work-provided phones and system are compromised. Response Planning #NPPROTGC

POWERED BY:  Web and Security  Cyber Law Requirements  Social Media  Data Storage  End/Host Security  Mobile Security  Wireless Security  Cloud Security  Disaster Recovery and Business Continuity Planning  Senior Management Responsibility Cyber Education and Training Requirements #NPPROTGC

POWERED BY:  Know your risk from a Technical and Human standpoint  Know how your information is used and stored  Ensure TOTAL integrity  Implement Robust password policies  Have a Disaster/Recovery plan  Ensure encryption on all devices  Scan s and files to prevent introduction of viruses  Keep Patch management updated  Ensure employee education  Have and update policies  Improve cyber culture within the organization  Consider Cyber Insurance Recommendations and Best Practices #NPPROTGC

POWERED BY: Best Practices Plan Ahead  Assess assets, risks, resources  Build policies  Choose controls  Deploy controls  Educate executives, employees, vendors  Continually assess, audit and test #NPPROTGC

POWERED BY:  There will be an increase in cyber attacks  Small organizations will continue to be gateways  Increased interconnection of organizations and clients  Growing need to develop a cyber culture Future Trends #NPPROTGC

POWERED BY: National Cybersecurity Institute The National Cybersecurity Institute (NCI) at Excelsior College is an academic, research and training center located in Washington, D.C. Its mission is to assist government, industry, military, and academic sectors meet our cyber security challenges, with a particular focus on shaping the cyber security workforce. #NPPROTGC

POWERED BY:  Provide training on security awareness  Professional development training for cyber professionals  Support research / publications conducted by leading cyber security experts  Facilitate workshops to educate stakeholders on important dimensions of cyber security  Present webinars to widely disseminate cutting edge policy and research  Help you develop your cyber plan, risk assessment, incident response and training National Cybersecurity Institute #NPPROTGC

POWERED BY: Dr. Jane LeClair Chief Operating Officer National Cybersecurity Institute 2000 M St NW Suite 500 Washington, D.C. Questions? #NPPROTGC