Presentation is loading. Please wait.

Presentation is loading. Please wait.

David Brown, MBA Certified Information Systems Security Professional (CISSP) Security Expert (GSE) Critical [Security] Controls Certification (GCCC) Exploit.

Published byMatilda McCormick Modified over 6 years ago

Similar presentations

Presentation on theme: "David Brown, MBA Certified Information Systems Security Professional (CISSP) Security Expert (GSE) Critical [Security] Controls Certification (GCCC) Exploit."— Presentation transcript:

1 David Brown, MBA Certified Information Systems Security Professional (CISSP) Security Expert (GSE) Critical [Security] Controls Certification (GCCC) Exploit Researcher and Advanced Penetration Tester (GXPN) Penetration Tester (GPEN) Network Forensic Analyst (GNFA) Certified Intrusion Analyst (GCIA) Certified Incident Handler (GCIH) Security Essentials (GSEC) CompTIA Security+

2 What’s the Big Deal? FBI warns of dramatic increase in scams [that has already cost corporations billions] Hospitals Held Hostage [by ransomware] New York Times, BBC, and others inadvertently serve up dangerous [ransomware] ads Hackers Have a Savvy [New] Business Plan

3 Ransomware Ransomware is malware that encrypts your files so that you cannot access them, then demands that you pay a ransom for the decryption key. “Ransomware crimes on all U.S. targets are soaring. In just the first three months of 2016, attacks increased tenfold over the total entire previous year, costing victims more than $200 million.” – NBCNews.com Vast majority is unreported

4 What’s Changed? They no longer just want to steal data to sell on the black market… It’s now more profitable to lock you out of your data and hold it for ransom… Sometimes it is a crime of opportunity, settling for anyone who will click a link. Sometimes it is a persistent pursuit of a single target. Do you think your organization could be the next target?

5 Effective Cyber Security
Effective Cyber Security

6 Leveraging the Critical Security Controls for Effective Cyber Security

7 Background Critical Security Controls SANS Center for Internet Security Maps to NIST, PCI, HIPPA, COBIT, etc. “Controls 1 through 5 are essential to success and should be considered among the very first things to be done.” - CIS

8 #1 Inventory Control: What’s On Your Network?
Have a Separate Guest Network Know What’s On Your Network SpiceWorks, PRTG Keep It Patched Tip: Only let your equipment connect to your network

9 #2 Software Control: Lock It Down
Know What Software is on Your Network SpiceWorks, DesktopCentral Keep It Patched Prevent Unauthorized Software with Application Whitelisting Tip: You can start with Directory Whitelisting (Windows Enterprise) Don’t just patch your OS Hackers like easy targets

10 #3 Secure Configurations: Defaults Don’t Cut It
Change all default passwords Use vendor recommended or industry recommended security configurations Center For Internet Security Tip: Run credentialed policy audits with Nessus (free for non-profits) Hardware, OS, 3rd Party

11 #4 Know Your Vulnerabilities
The bad guys are looking for your vulnerabilities, you should be too Rank your vulnerabilities based on (1) ease of attack + (2) severity of vulnerability + (3) value of asset Tip: Make sure your public assets are free of SQL Injection, XSS, Directory Traversal, Remote File Inclusion, etc. Can be overwhelming

12 All users should login as a regular user
#5 Control Your Admins All users should login as a regular user Monitor all admin account activity Use Dual Factor Authentication for Admins and VPN Duo Security Tip: Log collection is the first step towards watching your admin accounts Would you know if someone was trying to use an admin account? Splunk Free Addition

13 Nine steps to move you closer towards a secure cloud nine Talk through some things you can do to increase your security at home and give some insight into some of the things we do for security here at the Fund.

14 1) Enable Automatic Updates
New vulnerabilities are discovered daily and exploited just as quickly as they are discovered. What we’ve seen…

15 Chances are your user account is set up as an admin account.
2) Don’t Be an Admin Chances are your user account is set up as an admin account. It is estimated that this one step alone could disrupt up to 85% of attacks. Admin + malware = complete control

16 3) Anti-Virus Isn’t Dead
Traditional viruses are still widely circulated. We block s on an almost daily basis that contain traditional viruses… Restaurant menu

17 4) Disable Macros Microsoft Office macros are a common way that ransomware is being spread. Open an infected Word Document, it could be game over…

18 5) Remove Plugins Silverlight, Java, and Flash are three of the most widely exploited plugins. Have a vulnerable plugin, visit a website with a malicious ad, it could be game over…

19 6) Offline Backups Backups should be stored somewhere other than your home in case of a fire or other disaster. Online backups are good, but they could be compromised…

20 7) Put a Shield Around Your Apps
Surrounding your apps with an extra layer of protection can often stop attacks in their tracks. EMET MalwareBytes Malwarebytes, EMIT

21 8) Filter Your Internet Filtering your internet is kinda like filtering your water, it can block known bad.

22 9) If it ain't supported by a vendor…
…It ain’t worth a dime Unpatched technology that is connected to the internet is a bad day waiting to happen Windows XP, Server 2003, Android

23 Questions? Read through the critical security controls
Just get started

Download ppt "David Brown, MBA Certified Information Systems Security Professional (CISSP) Security Expert (GSE) Critical [Security] Controls Certification (GCCC) Exploit."

Similar presentations

1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.

1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.
The development of Internet A cow was lost in Jan 14th 2003. If you know where it is, please contact with me. My QQ number is 87881405. QQ is one of the.

The development of Internet A cow was lost in Jan 14th If you know where it is, please contact with me. My QQ number is QQ is one of the.
Network Security and its Impact on Network Continuity.

Network Security and its Impact on Network Continuity.
Oklahoma Chapter Information Systems Security Association Oklahoma Chapter, Tulsa Oklahoma City Chapter, OKC Student Chapter, Okmulgee Oklahoma Chapter,

Oklahoma Chapter Information Systems Security Association Oklahoma Chapter, Tulsa Oklahoma City Chapter, OKC Student Chapter, Okmulgee Oklahoma Chapter,
1 Infrastructure Hardening. 2 Objectives Why hardening infrastructure is important? Hardening Operating Systems, Network and Applications.

1 Infrastructure Hardening. 2 Objectives Why hardening infrastructure is important? Hardening Operating Systems, Network and Applications.
Brett Miller, Medical School Chief IT Security Officer IRBMED Seminar Series April 28, 2015 Data Security.

Brett Miller, Medical School Chief IT Security Officer IRBMED Seminar Series April 28, 2015 Data Security.
Introduction to Information and Computer Science Security Lecture b This material (Comp4_Unit8b) was developed by Oregon Health and Science University,

Introduction to Information and Computer Science Security Lecture b This material (Comp4_Unit8b) was developed by Oregon Health and Science University,
Prepared By, Mahadir Ahmad. StopBadware makes the Web safer through the prevention, mitigation, and remediation of badware websites. partners include.

Prepared By, Mahadir Ahmad. StopBadware makes the Web safer through the prevention, mitigation, and remediation of badware websites. partners include.
IT Security for Users By Matthew Moody.

IT Security for Users By Matthew Moody.
Component 4: Introduction to Information and Computer Science Unit 8: Security Lecture 2 This material was developed by Oregon Health & Science University,

Component 4: Introduction to Information and Computer Science Unit 8: Security Lecture 2 This material was developed by Oregon Health & Science University,
IT security By Tilly Gerlack.

IT security By Tilly Gerlack.
Thomas Levy. Agenda 1.Aims: Reducing Cyber Risk 2.Information Risk Management 3.Secure Configuration 4.Network Security 5.Managing User Access 6.Education.

Thomas Levy. Agenda 1.Aims: Reducing Cyber Risk 2.Information Risk Management 3.Secure Configuration 4.Network Security 5.Managing User Access 6.Education.
Chapter 13 Users, Groups Profiles and Policies. Learning Objectives Understand Windows XP Professional user accounts Understand the different types of.

Chapter 13 Users, Groups Profiles and Policies. Learning Objectives Understand Windows XP Professional user accounts Understand the different types of.
A computer virus is a computer program that can replicate itself and spread from one computer to another. The term virus is also commonly, but erroneously.

A computer virus is a computer program that can replicate itself and spread from one computer to another. The term "virus" is also commonly, but erroneously.
Lecture 19 Page 1 CS 236 Online 16. Account Monitoring and Control Why it’s important: –Inactive accounts are often attacker’s path into your system –Nobody’s.

Lecture 19 Page 1 CS 236 Online 16. Account Monitoring and Control Why it’s important: –Inactive accounts are often attacker’s path into your system –Nobody’s.
Grants Management Training 200 Cyber Security There are two kinds of people in America today: Those who have experienced a cyber-attack and know it, and.

Grants Management Training 200 Cyber Security There are two kinds of people in America today: Those who have experienced a cyber-attack and know it, and.
Information Security In the Corporate World. About Me Graduated from Utica College with a degree in Economic Crime Investigation (ECI) in Spring 2005.

Information Security In the Corporate World. About Me Graduated from Utica College with a degree in Economic Crime Investigation (ECI) in Spring 2005.
Mobile Security By Jenish Jariwala. What is Mobile Security?  Mobile Security is the protection of smartphones, tablets, laptops and other portable computing.

Mobile Security By Jenish Jariwala. What is Mobile Security?  Mobile Security is the protection of smartphones, tablets, laptops and other portable computing.
“Lines of Defense” against Malware.. Prevention: Keep Malware off your computer. Limit Damage: Stop Malware that gets onto your computer from doing any.

“Lines of Defense” against Malware.. Prevention: Keep Malware off your computer. Limit Damage: Stop Malware that gets onto your computer from doing any.
Cyber Security: Today’s Threats and Mitigations Jonathan Homer, Cyber Security Analyst Idaho National Laboratory.

Cyber Security: Today’s Threats and Mitigations Jonathan Homer, Cyber Security Analyst Idaho National Laboratory.

Similar presentations

Ads by Google