Presentation is loading. Please wait.

Presentation is loading. Please wait.

OHIO GAS ASSOCIATION SECURITY AND THREAT INTELLIGENCE MARCH 2018

Published byTyler Underwood Modified over 5 years ago

Similar presentations

Presentation on theme: "OHIO GAS ASSOCIATION SECURITY AND THREAT INTELLIGENCE MARCH 2018"— Presentation transcript:

1 OHIO GAS ASSOCIATION SECURITY AND THREAT INTELLIGENCE MARCH 2018
Lisa Wallace Technical Director Twitter

2 ABOUT MSI Lisa Wallace Founded in 1992 Security Services
Threat Intelligence Innovation Services Lisa Wallace eDiscovery Digital Forensics Incident Response

3 RECENT CAMPAIGNS & RESEARCH ISSUES
In 2016, ICS-CERT Incident Response Team responded to 290 incidents Spear phishing = 26% of these attacks Malware disguised as ICS/SCADA software Bluetooth vulnerabilities – Recent uptick in “plug and play” tools for compromise

4 RANSOMWARE Peyta/NotPeyta WannaCry
Primary immediate threat for ICS, Healthcare systems, any perceived “high value” targets Worldwide – not US-centric LBWL incapacitated for a month

5 REMEDIATION AND PROTECTION
Less than 10% of ransom payments result in unlock If you suspect anything, PULL THE PLUG! Segment – even corporate networks Backups, backups – keyword, inaccessible Protect your most valuable intellectual capital!

6 DARKNET INDICATORS AlphaBay and Hansa shutdown
Fragmentation of markets Nation state affiliated groups Hactivists Organized crime The endgame shifting from access to data!

7 LET’S GET PHYSICAL Cameras –Evaluate
Defaults – First thing out of the box! Drones – Strategy? Brute force alive and well Remote site challenges

8 BACK TO THE BASICS Accurate inventory challenges
Default configurations & authentication is everywhere Plain text protocols abound, making small access -> HUGE Many organizations pay little attention to relevant intellectual property & focus on control Insider threats

9 YOUR MOST VALUABLE RESOURCE
TRAINING – Widgets can’t replace people Corporate culture Practice – Phishing exercises Tabletop exercises Security in life

10 QUESTIONS? Lisa Wallace lwallace@microsolved.com
Twitter Stateofsecurity.com Microsolved.com

11 QUESTIONS? Lisa Wallace lwallace@microsolved.com
Twitter Stateofsecurity.com Microsolved.com

Download ppt "OHIO GAS ASSOCIATION SECURITY AND THREAT INTELLIGENCE MARCH 2018"

Similar presentations

Mercury Payment Systems Dan Osby Director, Technical Services Technical Lead, Incident Response

Mercury Payment Systems Dan Osby Director, Technical Services Technical Lead, Incident Response
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Incident Response From the Ground Up Ellen Young and Adam Goldstein Dartmouth College NERCOMP March 11, 2008.

Incident Response From the Ground Up Ellen Young and Adam Goldstein Dartmouth College NERCOMP March 11, 2008.
Oklahoma Chapter Information Systems Security Association Oklahoma Chapter, Tulsa Oklahoma City Chapter, OKC Student Chapter, Okmulgee Oklahoma Chapter,

Oklahoma Chapter Information Systems Security Association Oklahoma Chapter, Tulsa Oklahoma City Chapter, OKC Student Chapter, Okmulgee Oklahoma Chapter,
People Who Change the World Need the Tools to Do it! Holly Ross, Executive Director Security Matters It’s not about the network.

People Who Change the World Need the Tools to Do it! Holly Ross, Executive Director Security Matters It’s not about the network.
1-1 Managing Information Technology. 1-2 Information ●What information do businesses keep and use? ●What information have you been exposed to today?

1-1 Managing Information Technology. 1-2 Information ●What information do businesses keep and use? ●What information have you been exposed to today?
Can your team outwit, outplay and outlast your opponents to be the ultimate CyberSurvivor?

Can your team outwit, outplay and outlast your opponents to be the ultimate CyberSurvivor?
Class 8 The State of Cybercrime Today- Threads & Solutions.

Class 8 The State of Cybercrime Today- Threads & Solutions.
GSHRM Conference Cyber Security Education Shri Cockroft, CISO Piedmont Healthcare, Inc. September 21, 2015.

GSHRM Conference Cyber Security Education Shri Cockroft, CISO Piedmont Healthcare, Inc. September 21, 2015.
℠ Pryvos ℠ Computer Security and Forensic Services May 27, 2015 Copyright © 2015 Pryvos, Inc. 1.

℠ Pryvos ℠ Computer Security and Forensic Services May 27, 2015 Copyright © 2015 Pryvos, Inc. 1.
Cyber Insecurity Under Attack Cyber Security Past, present and future Patricia Titus Chief Information Security Officer Unisys Corporation.

Cyber Insecurity Under Attack Cyber Security Past, present and future Patricia Titus Chief Information Security Officer Unisys Corporation.
Michael Saucier - OSIsoft Cliff Reeves - Microsoft Your Portal to Performance An Introduction to the RtPM Platform Copyright c 2004 OSIsoft Inc. All rights.

Michael Saucier - OSIsoft Cliff Reeves - Microsoft Your Portal to Performance An Introduction to the RtPM Platform Copyright c 2004 OSIsoft Inc. All rights.
Friday 22nd April 2016 DS Chris Greatorex SEROCU

Friday 22nd April 2016 DS Chris Greatorex SEROCU
Cyber Security – The Changing Landscape Erick Weber Department of Public Works Khaled Tawfik Cyber Security.

Cyber Security – The Changing Landscape Erick Weber Department of Public Works Khaled Tawfik Cyber Security.
Strengthen Your County’s Security Posture Cyber Incident Scenario Joe Frohlich State of Montana – Enterprise Security Manager.

Strengthen Your County’s Security Posture Cyber Incident Scenario Joe Frohlich State of Montana – Enterprise Security Manager.
Cyber Security – Client View Peter Gibbons | Head of Cyber Security, Group Business Services Suppliers’ Summer Conference 15/07/2015.

Cyber Security – Client View Peter Gibbons | Head of Cyber Security, Group Business Services Suppliers’ Summer Conference 15/07/2015.
Douglas DiJulio Director – Enterprise Operations Application Support Cyber Security.

Douglas DiJulio Director – Enterprise Operations Application Support Cyber Security.
Understanding Threat Models for Embedded Devices Jake Edge LWN.net Embedded Linux Conference Europe October 28, 2010.

Understanding Threat Models for Embedded Devices Jake Edge LWN.net Embedded Linux Conference Europe October 28, 2010.
Tripwire Threat Intelligence Integrations. 2 Threat Landscape by the Numbers Over 390K malicious programs are found every day AV-Test.org On day 0, only.

Tripwire Threat Intelligence Integrations. 2 Threat Landscape by the Numbers Over 390K malicious programs are found every day AV-Test.org On day 0, only.
Presented by: Mike Gerdes Director, Information Security Center of Expertise Cybersecurity State of the Union.

Presented by: Mike Gerdes Director, Information Security Center of Expertise Cybersecurity State of the Union.

Similar presentations

Ads by Google