Presentation is loading. Please wait.

Presentation is loading. Please wait.

Understanding the First Line of Defense in Cyber Security

Published byAustin Scott Modified over 6 years ago

Similar presentations

Presentation on theme: "Understanding the First Line of Defense in Cyber Security"— Presentation transcript:

1 Understanding the First Line of Defense in Cyber Security
Troy Wilkinson, CISSP CEO – Axiom Cyber Solutions

2 Just being connected to the internet makes any company interesting to cyber criminals.
Any company connected to the internet is a resource that can be exploited by criminals because of the data it holds. Phil Huggins, VP of Security Science - Stroz Friedberg

3 Emerging Threats Phishing Ransomware
Distributed Denial of Service (DDoS) Attacks Internet of Things (IoT) Intellectual Property Theft State Sponsored Cyber Espionage

4 Emerging Threats

5 Emerging Threats – Ransomware
In 2016 there was a 6000% spike in Ransomware Attacks December IBM Security

6 WannaCry Leveraged a Microsoft Vulnerability
Patch was released in March but many organizations hadn’t updated yet. 200,000 infected computers in 1 week $4 Billion in damages so far.

7 Emerging Threats – Ransomware
Hollywood Presbyterian Medical Center in Southern California acknowledged paying a $17,000 ransom in February 2016 to regain control of its systems after an attack after two-weeks of having critical systems offline. “You have just 7 days to send us the Bitcoin or we will remove your private keys and it’s impossible to recover your files.” Leaders of the L.A. Community College decided to pay the $28,000 ransom.

8 Ransomware Delivery Mechanisms

9 Ransomware Prevention is a Layered Approach
Backup technology is crucial to protecting critical data. On site, off site, and hybrid cloud solutions. Endpoint protection. Antivirus / Antimalware Endpoint Detection and Response (white list / black list) Network Monitoring and SIEM The enterprise immune system. Behavioral analytics and correlation. Next Generation Firewall with layered integration. Looking for ransomware communication protocols. Behaviors, Heuristics, Signatures, Rules, Protocols, etc.

10 Case Study: Private Education Facility
School hit with ransomware that locked down systems Good Backups - 8 hour data recovery efforts Post Incident Analysis Parents learned of incident due to downtime Reputational Damage Current infrastructure did not protect against ransomware Installed ransomware endpoint and edge protection

11 Emerging Threats: Sophisticated Phishing Schemes

12 Today’s phishing schemes have a much higher success rate.

13 More targeted, more sophistication, more success.
Very few, if any spelling errors. Highly targeted. Generally an assistant or administrator. Sense of urgency. Repercussions if not handled quickly. Looks and feels legitimate. Hackers have canvassed the situation carefully to coincide with real world events.

14 Phishing prevention. Educate employees, train them, test them.
Software and cloud services companies. Use updated anti-spam filters for the company . Use blacklist technology to block URLs (links)

15 Case Study: Casino/Hotel Hacked
Malware introduced onto Hotel payment kiosks compromising credit card information. (Segmentation) POS taken offline temporarily. Casino/Hotel payment operations impacted. Implemented Network Monitoring.

16 Case Study: Investment Firm
Investment Firm was cut off from bank after suspicious activity was detected originating from their network MSSP brought in for analysis Discovered out-of-date antivirus solutions (freeware) Discovered edge protection was outdated and not patched Employee had been phished, opening up a direct link to hackers command & control network Solution Implemented Managed Edge Protection Updated & Managed Endpoint Protection

17 Emerging Threats: IoT

18 What is the IoT, and why should I care?
Smart, connected devices in homes, businesses and cars. Everything from lightbulbs, access doors, printers, CCTV, RFID cards and so on. Present unique challenges to security and BC/DR. Typically can’t protect with traditional means. (Agentless) Can be the entry point for access to your business. Security was a second thought in the design phase. (go to market)

19 Devices Everywhere! Gartner research estimates there were 6.8 billion IoT devices online in 2016 and climbing to 20 billion by 2020. IoT is the new battlefield for cybersecurity. Hackers are racing to find zero days while security professionals are racing to patch against them. There is no security standard for development.

20 Boundaries disappear, everything is connected.

21 IoT Security Requires Multi-tiered Approach
Assume out of the box, the device is not secure. If there is a way to change default username and/or password, change it. (sometimes there isn’t) Keep an accurate inventory of all devices on your network. Through software tools, constantly scan for new devices. A constantly updated NGFW is required to prevent hackers leveraging IoT vulnerabilities to gain access to your network. The enterprise immune system. Network monitoring and behavioral analysis to detect IoT compromises early.

22 Case Study: University Attacked
5000 IoT devices at an unnamed University turned against itself in DDoS attack Connected coffee machines and soda vending machines launched a DNS amplification attack against the University’s infrastructure. It took weeks to identify and begin remediation. Students were complaining about slow network speeds which lead to the discovery.

23 Cyber Attack Response Preparation Monitor & Detect & Analyze
Containment/Eradication & Recovery Post Incident Analysis/Documentation

24 Cybersecurity Fundamentals
Endpoint Protection – Updated, Monitored, Managed Edge Protection – Updated, Monitored, Managed Network Monitoring Backup, Backup, Backup Redundancy – Eliminating Single Points of Failure

25 In Conclusion In today’s world, cyber security is a crucial part of any business. We must understand the importance of annual assessments and following good cyber guidelines. We must understand the consequences of failing to respect the threat posed by hackers and attackers. Even the largest businesses can be forced out of business after a cyber attack. (Target was forced to pay $291M in a settlement for breach) We must at least implement the fundamentals in a “best effort” to stop intrusions and data breaches.

26 Troy Wilkinson Axiom Cyber Solutions LinkedIn: Troy Wilkinson, CISSP

Download ppt "Understanding the First Line of Defense in Cyber Security"

Similar presentations

UNDERSTANDING THE RISKS & CHALLENGES OF Cyber Security DAVID NIMMO InDepth IT Solutions DAVID HIGGINS WatchGuard NEIL PARKER BridgePoint Group A BridgePoint.

UNDERSTANDING THE RISKS & CHALLENGES OF Cyber Security DAVID NIMMO InDepth IT Solutions DAVID HIGGINS WatchGuard NEIL PARKER BridgePoint Group A BridgePoint.
Phishing scams Phishing is the fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal.

Phishing scams Phishing is the fraudulent practice of sending s purporting to be from reputable companies in order to induce individuals to reveal.
Connected Security Your best defense against advanced threats Anne Aarness – Intel Security.

Connected Security Your best defense against advanced threats Anne Aarness – Intel Security.
©2015 HEAT Software. All rights reserved. Proprietary & Confidential. Ransomware: How to Avoid Extortion Matthew Walker – VP Northern Europe.

©2015 HEAT Software. All rights reserved. Proprietary & Confidential. Ransomware: How to Avoid Extortion Matthew Walker – VP Northern Europe.
Security Mindset Lesson Introduction Why is cyber security important?

Security Mindset Lesson Introduction Why is cyber security important?
Palindrome Technologies all rights reserved © 2016 – PG: Palindrome Technologies all rights reserved © 2016 – PG: 1 Peter Thermos President & CTO Tel:

Palindrome Technologies all rights reserved © 2016 – PG: Palindrome Technologies all rights reserved © 2016 – PG: 1 Peter Thermos President & CTO Tel:
Cyber Security – Client View Peter Gibbons | Head of Cyber Security, Group Business Services Suppliers’ Summer Conference 15/07/2015.

Cyber Security – Client View Peter Gibbons | Head of Cyber Security, Group Business Services Suppliers’ Summer Conference 15/07/2015.
PROTECTING YOUR DATA THREATS TO YOUR DATA SECURITY.

PROTECTING YOUR DATA THREATS TO YOUR DATA SECURITY.
UNIT V Security Management of Information Technology.

UNIT V Security Management of Information Technology.
Presented by Martin Šimek Ransomware, Internet of Things and Botnets vs. Control.

Presented by Martin Šimek Ransomware, Internet of Things and Botnets vs. Control.
November 14, 2016 bit.ly/nercomp_defendingyourdata16

November 14, 2016 bit.ly/nercomp_defendingyourdata16
Presented by: SBS CyberSecurity © SBS CyberSecurity, LLC

Presented by: SBS CyberSecurity © SBS CyberSecurity, LLC
AP CSP: Cybercrime.

AP CSP: Cybercrime.
Proactive Incident Response

Proactive Incident Response
2017 Security Predictions from FortiGuard Labs

2017 Security Predictions from FortiGuard Labs
Advanced Endpoint Security Data Connectors-Charlotte January 2016

Advanced Endpoint Security Data Connectors-Charlotte January 2016
Securing Information Systems

Securing Information Systems
Increasing Information and Data Security in Today’s Cybersecurity World 2017 Conference Review 6/6/2017.

Increasing Information and Data Security in Today’s Cybersecurity World 2017 Conference Review 6/6/2017.
Your Partner for Superior Cybersecurity

Your Partner for Superior Cybersecurity
Industrial Control System Cybersecurity

Industrial Control System Cybersecurity

Similar presentations

Ads by Google