Scott Charney Cybercrime and Risk Management PwC.

Slides:

Advertisements

Similar presentations

The Whole/Hole of Security Public (DoD) v. Corporate Carl Bourland US Army Judge Advocate Generals Corps.

Advertisements

CS898T Mobile and Wireless Network Handheld Device Security By Yuan Chen July 25 th, 2005.

Protection of Information Assets I. Joko Dewanto 1.

2 Issues of the information age Computer _______ and mistakes –Preventing computer related waste & mistakes Computer crime –Computer as tool to commit.

McGraw-Hill/Irwin ©2009 The McGraw-Hill Companies, All Rights Reserved CHAPTER 4 ETHICS AND INFORMATION SECURITY Business Driven Information Systems 2e.

1 Telstra in Confidence Managing Security for our Mobile Technology.

Security Controls – What Works

Information Security Policies and Standards

Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.

Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Qualitative.

ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.

Computer Security: Principles and Practice

Controls for Information Security

Stephen S. Yau CSE , Fall Security Strategies.

Payment Card Industry (PCI) Data Security Standard

Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.

Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.

Introduction to Network Defense

Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.

Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.

Securing Information Systems

SEC835 Database and Web application security Information Security Architecture.

Lesson 8-Information Security Process. Overview Introducing information security process. Conducting an assessment. Developing a policy. Implementing.

Kholoud AlSafadi Ethical Issues in Information Systems and the Internet.

Section Seven: Information Systems Security Note: All classified markings contained within this presentation are for training purposes only.

Confidentiality Integrity Accountability Communications Data Hardware Software Next.

BUSINESS B1 Information Security.

1 Figure 1-17: Security Management Security is a Primarily a Management Issue, not a Technology Issue Top-to-Bottom Commitment  Top-management commitment.

Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #6 Forensics Services September 10, 2007.

Asset & Security Management Chapter 9. IT Asset Management (ITAM) Is the process of tracking information about technology assets through the entire asset.

Computer & Network Security

Important acronyms AO = authorizing official ISO = information system owner CA = certification agent.

Chapter 6 of the Executive Guide manual Technology.

Sample Security Model. Security Model Secure: Identity management & Authentication Filtering and Stateful Inspection Encryption and VPN’s Monitor: Intrusion.

April 14, A Watershed Date in HIPAA Privacy Compliance: Where Should You Be in HIPAA Security Compliance and How to Get There… John Parmigiani National.

K E M A, I N C. Ten Steps To Secure Control Systems APPA 2005 Conference Session: Securing SCADA Networks from Cyber Attacks Memphis, TN April 18, 2005.

Information Systems Security Operations Security Domain #9.

© 2001 by Carnegie Mellon University SS5 -1 OCTAVE SM Process 5 Background on Vulnerability Evaluations Software Engineering Institute Carnegie Mellon.

℠ Pryvos ℠ Computer Security and Forensic Services May 27, 2015 Copyright © 2015 Pryvos, Inc. 1.

Note1 (Admi1) Overview of administering security.

The Real Deal With SIM/SEM The Promise of Security Information / Event Management Scott Sidel Sr. Security Manager Computer Sciences Corp.

Federal Information Security Management Act (FISMA) By K. Brenner OCIO Internship Summer 2013.

Cyber Insecurity Under Attack Cyber Security Past, present and future Patricia Titus Chief Information Security Officer Unisys Corporation.

Last Minute Security Compliance - Tips for Those Just Starting 10 th National HIPAA Summit April 7, 2005 Chris Apgar, CISSP – President Apgar &

HP World September 2002 Scott S. Blake, CISSP Vice President, Information Security BindView Corporation Vulnerability Assessment and Action.

McGraw-Hill/Irwin © 2013 The McGraw-Hill Companies, Inc., All Rights Reserved. Chapter 11 Computer Crime and Information Technology Security.

Chap1: Is there a Security Problem in Computing?.

Security and Assurance in IT organization Name: Mai Hoang Nguyen Class: INFO 609 Professor: T. Rohm.

Introduction and Overview of Information Security and Policy By: Hashem Alaidaros 4/10/2015 Lecture 1 IS 332.

INFORMATION SECURITY AWARENESS Whose Job is it Anyway? Ron Freedman Ron Freedman Vice President VCampus Corporation Scott Wright Scott WrightPresident.

Information Security Measures Confidentiality IntegrityAccessibility Information cannot be available or disclosed to unauthorized persons, entities or.

Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.

Chapter 3 Pre-Incident Preparation Spring Incident Response & Computer Forensics.

Safe’n’Sec IT security solutions for enterprises of any size.

INFORMATION SECURITY AND CONTROL. SECURITY: l Deter l Detect l Minimize l Investigate l Recover.

Information Security tools for records managers Frank Rankin.

By: Matt Winkeler.  PCI – Payment Card Industry  DSS – Data Security Standard  PAN – Primary Account Number.

Important acronyms AO = authorizing official ISO = information system owner CA = certification agent.

SemiCorp Inc. Presented by Danu Hunskunatai GGU ID #

By: Mark Reed.  Protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction.

Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 17 – IT Security.

Risk management.

Add video notes to lecture

Security Standard: “reasonable security”

INFORMATION SECURITY The protection of information from accidental or intentional misuse of a persons inside or outside an organization Comp 212 – Computer.

NYBA 2017 Technology, Compliance &

IS4680 Security Auditing for Compliance

IBM GTS Storage Security and Compliance overview.

Chapter # 3 COMPUTER AND INTERNET CRIME

Presentation transcript:

Scott Charney Cybercrime and Risk Management PwC

Understanding Risks: Computer As Target  Confidentiality –The Cuckoo’s Egg  Integrity –Seattle Sentencing –Pac Bell Intrusion  Availability –Morris Worm –Infrastructure Protection –Cascading Effects  Confidentiality –The Cuckoo’s Egg  Integrity –Seattle Sentencing –Pac Bell Intrusion  Availability –Morris Worm –Infrastructure Protection –Cascading Effects 2

PwC 3 Understanding Risks: Computer As Tool  Frauds –Internal: The Airline Scam –External: Phony e-businesses  Distribution Offenses –Copyrighted Software –Inappropriate Material  Frauds –Internal: The Airline Scam –External: Phony e-businesses  Distribution Offenses –Copyrighted Software –Inappropriate Material

PwC 4 Understanding Risks: Computer As Storage Device  Large Volume of Data  Duplicated and Distributed  Recoverable  Large Volume of Data  Duplicated and Distributed  Recoverable

PwC Future - What’s to come? Start with the Charney Theorem + Add anonymity + Add global connectivity + Add critical infrastructures + Add evidentiary issues = Lifetime Employment for Law Enforcement and Computer Security Professionals Start with the Charney Theorem + Add anonymity + Add global connectivity + Add critical infrastructures + Add evidentiary issues = Lifetime Employment for Law Enforcement and Computer Security Professionals 5

PwC And It’s Probably Worse Than We Think...  DoD Controlled Study –Machines Attacked: 38,000 –Machine Penetrated: 24,700 (65%) –Attacks Detected: 988 (4%) –Attacks Reported: 267 (27%)  DoD Controlled Study –Machines Attacked: 38,000 –Machine Penetrated: 24,700 (65%) –Attacks Detected: 988 (4%) –Attacks Reported: 267 (27%) 6

PwC What to Do: Manage Risk -- Implement Comprehensive Security!  Be Prepared To Prevent and Respond to Computer Incidents  Considering Physical, Personnel and Technical Security  Be Prepared To Prevent and Respond to Computer Incidents  Considering Physical, Personnel and Technical Security

PwC Prevention  Identify Assets (Computer Resources and Data)  Assess Internal and External Threats to Those Assets –Insider Threats: employees, contractors, JVs –Outsider Threats: hackers, hackivists, thieves, competitors, terrorists, nation-states  Develop Core Business Policies to Protect Assets –Access Control Policies (watch remote access!) –Retention and destruction policies –Appropriate computer use –Workplace Monitoring?  Educate Users and TEST COMPLIANCE  Identify Assets (Computer Resources and Data)  Assess Internal and External Threats to Those Assets –Insider Threats: employees, contractors, JVs –Outsider Threats: hackers, hackivists, thieves, competitors, terrorists, nation-states  Develop Core Business Policies to Protect Assets –Access Control Policies (watch remote access!) –Retention and destruction policies –Appropriate computer use –Workplace Monitoring?  Educate Users and TEST COMPLIANCE

PwC Prevention  Technical Approaches –Map the Network –Test Existing Security (Attack and Penetration) Application Defaults Bad Configurations - Known Vulnerabilities Password Management –Install Defenses Firewalls IDS and CADS Encryption (VPNS, PKIs)  Technical Approaches –Map the Network –Test Existing Security (Attack and Penetration) Application Defaults Bad Configurations - Known Vulnerabilities Password Management –Install Defenses Firewalls IDS and CADS Encryption (VPNS, PKIs)

PwC Response  Develop response plan –Identify Key Personnel for Response –Identify Response Objectives Remediation vs. Investigation –Institute Response Procedures Audit Trails, Caller-ID Evidence Retention and Preservation Notifications (e.g., internal, downstream, law enforcement, regulatory authorities)  Develop response plan –Identify Key Personnel for Response –Identify Response Objectives Remediation vs. Investigation –Institute Response Procedures Audit Trails, Caller-ID Evidence Retention and Preservation Notifications (e.g., internal, downstream, law enforcement, regulatory authorities)

Cybercrime and Risk Management Scott Charney (202) Scott Charney (202) PwC