Presentation is loading. Please wait.

Presentation is loading. Please wait.

September 20, 2016 How to Defend Your Organization from a Cyber Breach LTC Tim Bloechl (U.S. Army, Ret.) Director, Cyber Security Business.

Published byJeffrey Cook Modified over 8 years ago

Similar presentations

Presentation on theme: "September 20, 2016 How to Defend Your Organization from a Cyber Breach LTC Tim Bloechl (U.S. Army, Ret.) Director, Cyber Security Business."— Presentation transcript:

1 www.CyberDx.com September 20, 2016 How to Defend Your Organization from a Cyber Breach LTC Tim Bloechl (U.S. Army, Ret.) Director, Cyber Security Business

2 Simple Checklist

3 Who Handles Your IT and Cyber Security? 2

4 3 Who Manages Your Cybersecurity? Source: The Talent Shortage in Cybersecurity [INFOGRAPHIC] Steve Bova January 11, 2016

5

6 5 Acceptable Use

7

8 7 What You May Use ….

9 8... What Your IT Lead Would Love

10 9 Admin Access

11 10 What You Don’t Want

12 11

13 12 Way Back When …

14 13 Not So Long Ago … Legacy Operating Systems Operating Systems & Applications: The Older They Are, The Harder They Are to Secure

15 14 Security Updates

16 15 In the Past…..

17 16 …Today: Firewalls

18 What To Buy & Why? 17

19 18 Healthcare Virus Checking …

20 19 …Cyber Malware & Virus Scanners

21 20 In The Recent Past…

22 21 …Today: System Logs How Many Days are System and Applications Logs Maintained? Who Checks Them? How Often? Do They Use Automated Tools? Do They Know What Information Logs Reveal?

23 22 Data Backups

24 23 Use The Cloud?

25 24Encryption

26 25Wireless

27 26 In the Recent Past …

28 27 … Today: Finding Advanced Persistent Threats (APT)

29 28 Dealing With Computer Peripherals

30 29 Today’s Electronic Medical World

31 30 Incident Response Plan

32 0715Q007b31 Our Cyber Services Solutions DETERPROTECT DETECT RESPOND RECOVER QNET Platform REVIEW & REPEAT  Policy Development  Phishing Awareness Assessments  Cyber Security Training  Network Architecture Mapping  Logical Device Location  Malicious Traffic Detection  Patch Verification  PCI Audit  Vulnerability Assessment  Penetration Test  Incident Response  Forensics Analysis  COOP Execution  Implement Disaster Recovery Scheduled or Continuous 16+ Years Cyber Security Services Support for the Largest and Most Sensitive Networks in the World Example: Assessed over 25 US Army hospitals and health clinics for overall security of devices and sensitive data supporting HIPAA compliance

33 32 Internal Assessment Life Cycle Device and Port Interrogation Vulnerability Assessment Network Penetration Testing Remediation Passive Network Traffic Analysis Using port scanning utilities, identify devices and ports to determine the protocol and services utilized Monitoring the network traffic to determine the topology, identify critical systems, and discover rouge devices Using vulnerability assessment tools, analyze network devices to identify weaknesses which could lead to system compromise Utilizing real-world attack methods, attempt to gain access to network systems and devices (external & internal (insider threat). CyberDx Analysts will analyze the data and provide a comprehensive vulnerability report including specific remediation recommendations. Our report provides a context based assessment of the actual risk. Using CyberDx’s VA, perform remediation steps to better secure the network; Quantum can assist as requested with additional services In-Progress Reports (as required) Out-Brief Written Report & CD In-Brief Social Engineering Tests (aka: Phishing) (Optional) Data Analysis and Reporting

34   Are security updates researched and applied weekly?   Is an anti-virus product installed on all systems and is it configured to update regularly?   Are any systems using an Operating system that is past the vendors End of Life?   Do all systems log security events for a minimum of 30 days?   Have all systems been secured so that default configurations are not in use? (Vendor passwords, insecure login portals, etc.)   Do all accounts require a password of at least 8 characters and does complexity require a combination of: upper and lower case letters, numbers, and special characters?   Are passwords required to be changed at least every sixty (60) days?   Is each system configured to display a warning banner notifying users that the system is restricted to authorized use only?   Is sensitive customer data encrypted?   Have all non-secure/unneeded protocols/services been disabled?   Are all system clocks synchronized to allow logs to be easily compared?   Has a firewall been installed and configured to only allow required traffic?   Is critical data backed-up daily and protected from physical damage? 33 Executive Spot-Check List

35   Are administrative level accounts only issued to employees that require elevated privileges to perform their duties?   Is electronic access to sensitive data restricted to authorized personnel?   Has two-factor authentication been implemented?   Do wireless devices use current encryption (WPA2) standards to protect network traffic?   Are cyber security assessments (vulnerability scans, penetration test) performed against internal systems at least monthly?   Are external cyber security assessments (vulnerability scans, penetration test) performed against all internet facing systems at least quarterly   Is Cyber Security training presented to employees at least annually?   Has an emergency contact list for Cyber Security personnel been created?   Has a contact list for all 3rd party service providers been created?   Are hardcopies above contact lists available? (Printed copies are critical if the network or systems are down)   Has a Cyber Incident Response Plan been created and have all employees read it?   Has an Acceptable Use Policy been created, and have all users read it? 34 Executive Spot-Check List (Cont.)

36 BOTTOMLINE WE STRIVE TO HELP OUR CUSTOMERS AVOID THIS!

37 www.CyberDx.com Contact Us Tim Bloechl Director, Cyber Security Business tbloechl@quantum-intl.com Skype: bloechlt +1-360-799-3437 / +1-425-330-0129

Download ppt "September 20, 2016 How to Defend Your Organization from a Cyber Breach LTC Tim Bloechl (U.S. Army, Ret.) Director, Cyber Security Business."

Similar presentations

INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.

INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.
1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.

1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.
NERC Security Requirements – What Vendors Should Provide James W. Sample, CISSP, CISM Manager of Information Security California ISO.

NERC Security Requirements – What Vendors Should Provide James W. Sample, CISSP, CISM Manager of Information Security California ISO.
Security Controls – What Works

Security Controls – What Works
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Qualitative.

Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Qualitative.
Computer Security: Principles and Practice

Computer Security: Principles and Practice
Stephen S. Yau CSE 465-591, Fall 2006 1 Security Strategies.

Stephen S. Yau CSE , Fall Security Strategies.
Network security policy: best practices

Network security policy: best practices
NUAGA May 22, 2014.  IT Specialist, Utah Department of Technology Services (DTS)  Assigned to Department of Alcoholic Beverage Control  PCI Professional.

NUAGA May 22,  IT Specialist, Utah Department of Technology Services (DTS)  Assigned to Department of Alcoholic Beverage Control  PCI Professional.
Lesson 8-Information Security Process. Overview Introducing information security process. Conducting an assessment. Developing a policy. Implementing.

Lesson 8-Information Security Process. Overview Introducing information security process. Conducting an assessment. Developing a policy. Implementing.
Information Security Update CTC 18 March 2015 Julianne Tolson.

Information Security Update CTC 18 March 2015 Julianne Tolson.
Security Baseline. Definition A preliminary assessment of a newly implemented system Serves as a starting point to measure changes in configurations and.

Security Baseline. Definition A preliminary assessment of a newly implemented system Serves as a starting point to measure changes in configurations and.
Thomas Levy. Agenda 1.Aims: Reducing Cyber Risk 2.Information Risk Management 3.Secure Configuration 4.Network Security 5.Managing User Access 6.Education.

Thomas Levy. Agenda 1.Aims: Reducing Cyber Risk 2.Information Risk Management 3.Secure Configuration 4.Network Security 5.Managing User Access 6.Education.
Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.

Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.
Chapter 6 of the Executive Guide manual Technology.

Chapter 6 of the Executive Guide manual Technology.
 INADEQUATE SECURITY POLICIES ›Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA.

 INADEQUATE SECURITY POLICIES ›Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA.
GSHRM Conference Cyber Security Education Shri Cockroft, CISO Piedmont Healthcare, Inc. September 21, 2015.

GSHRM Conference Cyber Security Education Shri Cockroft, CISO Piedmont Healthcare, Inc. September 21, 2015.
Lesson 9-Information Security Best Practices. Overview Understanding administrative security. Security project plans. Understanding technical security.

Lesson 9-Information Security Best Practices. Overview Understanding administrative security. Security project plans. Understanding technical security.
Ali Pabrai, CISSP, CSCS ecfirst, chairman & ceo Preparing for a HIPAA Security Audit.

Ali Pabrai, CISSP, CSCS ecfirst, chairman & ceo Preparing for a HIPAA Security Audit.
HIPAA Compliance Case Study: Establishing and Implementing a Program to Audit HIPAA Compliance Drew Hunt Network Security Analyst Valley Medical Center.

HIPAA Compliance Case Study: Establishing and Implementing a Program to Audit HIPAA Compliance Drew Hunt Network Security Analyst Valley Medical Center.

Similar presentations

Ads by Google