Presentation is loading. Please wait.

Presentation is loading. Please wait.

Public Facilities and Cyber Security

Similar presentations


Presentation on theme: "Public Facilities and Cyber Security"— Presentation transcript:

1 Public Facilities and Cyber Security
Mike Hamilton 28 September 2018

2 Critical Infrastructure

3 On Terrorism DHS is your SSA No sector-specific plan apart from NIPP
DHS will evaluate your physical security for free CSA program, local resource

4 Free services from the Department of Homeland Security

5 Public Sector Facilities
Operate as a business with back operation IT Conduct financial transactions Are subject to some regulatory requirements Operate cameras, access card readers, and likely mobile devices House records that may meet the state's definition of data breach, if disclosed Provide connectivity services for attendees May facilitate communication with law enforcement May act as emergency shelter in a disaster

6 Three Categories of Bad Outcomes
Records disclosure Theft of funds or information Critical service disruption

7 Extra For Public Facilities
Surveillance/Compromise of Attendees “Evil Twin” attack

8 Financial Impacts Records Breach: $200/record
Theft: $75K-$1.2M in our region, multiple millions elsewhere Disruption: Loss of business continuity or operating capacity, loss of life for critical services

9 Bonus Bummers FTC: Deceptive Trade Practices
Claims of Executive Negligence Class-Action Suits

10 Threat Actors Unsophisticated criminals of opportunity Insiders
Hacktivists Organized crime Nation-States Terrorists Hybrids

11 Threat Actors Unsophisticated criminals of opportunity Insiders
Hacktivists Organized crime Nation-States Terrorists Hybrids

12 Threat Actors Unsophisticated criminals of opportunity Insiders
Hacktivists Organized crime Nation-States Terrorists Hybrids

13 Threat Actors Unsophisticated criminals of opportunity Insiders
Hacktivists Organized crime Nation-States Terrorists Hybrids

14 Threat Actors Unsophisticated criminals of opportunity Insiders
Hacktivists Organized crime Nation-States Terrorists Hybrids

15 Threat Actors Unsophisticated criminals of opportunity Insiders
Hacktivists Organized crime Nation-States Terrorists Hybrids

16 Threat Actors Unsophisticated criminals of opportunity Insiders
Hacktivists Organized crime Nation-States Terrorists Hybrids

17 Preventive Controls Threat Actors are Good at Defeating These
Firewall – exists to poke holes in the network URL filtering – only as good as the reputation list security – also reputation and signature-based Intrusion Prevention System – automatic blocking can have unintended effects Anti-virus / end point security – about 30% effective User training – best use of limited funding, but not perfect Threat Actors are Good at Defeating These

18 Detective Controls Intrusion detection system
Log aggregation and review Active Directory / Domain Controller Critical / valuable servers DNS traffic Security Information and Event Management Managed Detection and Response

19 How Malware Works Victim hits bad website, opens bad attachment, inserts bad USB drive Small binary drops, due to vulnerability exploit or user admin privileges Binary beacons out to command and control network Actual payload drops, to: Send SPAM Install a backdoor Monitor keystrokes Seek out and steal data or records Encrypt and extort Etc. Can be broad, unspecific attack or highly targeted

20 What We’ve Covered So Far
An inventory of critical information technology assets An analysis of outcomes we’d like to avoid The estimated cost of those outcomes A review of regulatory requirements we must meet A review of the capabilities and motivations of threat actors that are likely to exploit our vulnerabilities An examination of possible controls to deploy

21 What’s Left Identifying your vulnerabilities
Estimating how likely each can be exploited Selecting the appropriate controls Budgeting Procurement Deployment Operation and Maintenance

22 How do I know what’s required, reasonable and achievable?
Key Questions How likely is it, than any of those threat actors have the capability, motivation, and opportunity to create a bad outcome? What controls are necessary, appropriate, and affordable to reduce that risk? What are the regulatory responsibilities? How do I know what’s required, reasonable and achievable?

23 Figuring That Out The NIST Cybersecurity Framework

24 Our stuff keeps your stuff from becoming their stuff
The IT Security news blast:


Download ppt "Public Facilities and Cyber Security"

Similar presentations


Ads by Google