Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cybersecurity - What’s Next? June 2017

Published byRichard Edwards Modified over 6 years ago

Similar presentations

Presentation on theme: "Cybersecurity - What’s Next? June 2017"— Presentation transcript:

1 Cybersecurity - What’s Next? June 2017

2 Complacency – Your Worst Enemy

3 Technology & Infrastructure: Data Breaches
Source: Verizon 2017 Data Breaches Investigation Report

4 Types of Threat Bus hacking & remote control Website penetration
Network intrusion Physical building intrusion Ransomware DOS & DDOS Weak password policy Lack of multi factor authentication Bots Printers Insider threats Social engineering

5 Technology & Infrastructure
Key Concerns Protect Assets Endpoint Security Web Application Vulnerability Password Protection PCI/PII HIPAA Recognize External Threats Ransomware and espionage Physical theft/POS device attacks Compromise of assets (vehicles)

6 Technology & Infrastructure: Vehicle Hacking
“Security By Obscurity” No Longer Applies CAN-Bus Vulnerability Open J1939 standards “Risk Points”: Brakes, Powertrain, GPS Hacking Activities Packet Snooping, Data Collection, Packet Injection Vulnerability Mitigation Securing the Vehicle CAN Bus Network Segregation & Isolation Intrusion Detection Tools Message Verification & Authentication Passwords On All Externally Facing Devices Vendor Review & Due Diligence Source: University of Michigan Transportation Research Institute

7 What is your level of maturity on information security?

8 Development Of A Security Strategy
Determine acceptable levels of risk against how much investment is needed to meet business goals. Emerging Trends Could Do Should Do Must Do Risk-Based Decisions to Achieve Business Goals Proactive management Protection of Business Assets Baseline protection Compliance & Regulatory

9 One Option: SAMM Approach
SAMM: Software Assurance Maturity Model SAMM defines four critical Business Functions. Each Business Function is a category of activities related to software development. For each Business Function, SAMM defines three Security Practices. Each Security Practice is an area of security-related activities that build assurance for the related Business Function. Overall, there are twelve Security Practices that are the independent silos for improvement that map underneath the Business Functions of software development.

10 Another Option: CESG Approach

11 CESG - 10 Steps to Cyber Security
User Education and Awareness Produce user security policies covering acceptable and secure use of the organisation’s systems Establish a staff training programme Maintain user awareness of the cyber risks Headline Activities Status Simplified policies defined working through approvals 1 # Lack of budget Cyber risk survey carried out & s sent to users Home and Mobile Working Develop a mobile working policy and train staff to adhere to it Apply the secure baseline build to all devices Protect data both in transit and at rest 2 Secure Configuration Apply security patches and ensure that the secure configuration of all ICT system is maintained Create a system inventory and define a baseline build for all ICT devices 3 Removable Media Controls Produce a policy to control all access to removable media Limit media types and use Scan all media for malware before importing onto the corporate system 4 Managing User Privileges Establish account management processes and limit the number of privileged accounts Limit user privileges and monitor user activity Control access to activity and audit logs 5 Policy defined & awaiting HR sign off and distribution In Place Servers OK PCs to be controlled by AV software Policies need enforcing In place Green does not mean we are comfortable with security in that area but shows management and focus is in place

12 CESG - 10 Steps to Cyber Security
Incident Management Establish an incident response and disaster recovery capability Produce and test incident management plans Provide specialist training to the incident management team Report criminal incidents to law enforcement Headline Activities Status DR Yes / Incident response NO 6 # Plans in place and testing underway IT Training given but no wider In Place Monitoring Establish monitoring strategy and produce supporting policies Continuously monitor all ICT systems and networks Analyse logs for unusual activity that could indicate an attack 7 Malware Protection Produce relevant policy and establish anti malware defences that are applicable and relevant to all business areas Scan for malware across the organisation 8 Network Security Protect your networks against external and internal attack Manage the network perimeter Filter out unauthorised access and malicious content Monitor and test security controls 9 Defining and communicating your Board’s Information Risk Management Regime is central to your organisation’s overall cyber security strategy. CESG recommend you review this regime – together with the nine associated security areas described below in order to protect your business against the majority of cyber threats 10 Monitoring in place, policies under way Product being reviewed in US AV in place and active monitoring be done Monitoring in place Managed by 3rd party Green does not mean we are comfortable with security in that area but shows management and focus is in place

13 Priorities For Transportation Cybersecurity
Standards, Policies and Procedures Develop, formalize and document policies and procedures in protecting against threats and improving resilience to such incidents. Information System Technology & Infrastructure Ensure the capability, maintenance, serviceability and interoperability of the organization’s physical and virtual infrastructure. Awareness, Training & Education: Focus on developing a general culture of awareness on cybersecurity Testing the awareness and maturity Risk Management Integrate security into the organization’s risk management strategy from the very top to align with the organization’s strategy, mission and goals. Source: “Cybersecurity Considerations for Public Transit” , American Public Transportation Association

14 Questions?

Download ppt "Cybersecurity - What’s Next? June 2017"

Similar presentations

Security Controls – What Works

Security Controls – What Works
Security+ Guide to Network Security Fundamentals

Security+ Guide to Network Security Fundamentals
© BT PLC 2005 ‘Risk-based’ Approach to Managing Infrastructure a ‘Commercial Prospective’ Malcolm Page BT UK AFCEA Lisbon 2005.

© BT PLC 2005 ‘Risk-based’ Approach to Managing Infrastructure a ‘Commercial Prospective’ Malcolm Page BT UK AFCEA Lisbon 2005.
©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering.

©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering.
The Way Ahead for Information Systems Security: What You Don’t Know Can Hurt You Christopher Baum Research Vice President Global Government NYSCIO Conference.

The Way Ahead for Information Systems Security: What You Don’t Know Can Hurt You Christopher Baum Research Vice President Global Government NYSCIO Conference.
Computer Security: Principles and Practice

Computer Security: Principles and Practice
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Security Policies and Implementation Issues.

© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Security Policies and Implementation Issues.
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.

Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
Session 3 – Information Security Policies

Session 3 – Information Security Policies
Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.

Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.
University of Missouri System 1 Security – Defending your Customers from Themselves StateNets Annual Meeting February, 2004.

University of Missouri System 1 Security – Defending your Customers from Themselves StateNets Annual Meeting February, 2004.
Website Hardening HUIT IT Security | Sep 30 2011.

Website Hardening HUIT IT Security | Sep
1 Managed Security. 2 Managed Security provides a comprehensive suite of security services to manage and protect your network assets –Managed Firewall.

1 Managed Security. 2 Managed Security provides a comprehensive suite of security services to manage and protect your network assets –Managed Firewall.
SEC835 Database and Web application security Information Security Architecture.

SEC835 Database and Web application security Information Security Architecture.
Information Security Issues at Casinos and eGaming

Information Security Issues at Casinos and eGaming
Network Security Policy Anna Nash MBA 737. Agenda Overview Goals Components Success Factors Common Barriers Importance Questions.

Network Security Policy Anna Nash MBA 737. Agenda Overview Goals Components Success Factors Common Barriers Importance Questions.
HIPAA COMPLIANCE WITH DELL

HIPAA COMPLIANCE WITH DELL
Security Baseline. Definition A preliminary assessment of a newly implemented system Serves as a starting point to measure changes in configurations and.

Security Baseline. Definition A preliminary assessment of a newly implemented system Serves as a starting point to measure changes in configurations and.
E-Security: 10 Steps to Protect Your School’s Network NEN – the education network.

E-Security: 10 Steps to Protect Your School’s Network NEN – the education network.
Dell Connected Security Solutions Simplify & unify.

Dell Connected Security Solutions Simplify & unify.

Similar presentations

Ads by Google