Presentation is loading. Please wait.

Presentation is loading. Please wait.

Being Proactive and Less Reactive in Security Operations and Cyber Attack Response Christina Raftery, MCSE, CISSP FBI Los Angeles Field Office.

Published byEzekiel Broughton Modified over 10 years ago

Similar presentations

Presentation on theme: "Being Proactive and Less Reactive in Security Operations and Cyber Attack Response Christina Raftery, MCSE, CISSP FBI Los Angeles Field Office."— Presentation transcript:

1 Being Proactive and Less Reactive in Security Operations and Cyber Attack Response Christina Raftery, MCSE, CISSP FBI Los Angeles Field Office

2 Learning Points Creating and Maintaining a Security Policy Baseline. The Importance of Security Preparedness and Response Techniques. Overall Structure and Education of the Security Operations Center.

3 Break Down: Security Policy Customize for your organization Do not borrow from elsewhere Create a policy to enable accountability It has to have teeth Easy to comprehend Security Operations Staff and Policy Allow staff to provide input to policy Creates an full understanding and becomes a product staff is passionate about

4 Break Down: Preparedness Impossible to prevent so be prepared Not just another plan! How do you document and store your plan? How do you truly test your plan and why spend the time and resources?

5 Break Down: Security Operations Structure Distribute Resources Create a lab environment Encourage creativity Use the lab to educate Keep Politics Out! Top heavy Keep senior management apprised of situations but do not give them too much information and ensure you speak their language (no jargon).

6 Break Down: Security Operations Structure Security Operations Center Staff Educate personnel Pay the price to either educate or pay the salary for the best of the best Create an environment conducive to threat awareness Communicate with your peers, other organizations, federal partners, academia, etc Learn what your up against

7 Viruses and Malware Today What are we up against? Industrial and Military espionage Foreign governments Criminal organizations Malware Evolved Undermine security measures Disables Anti-virus Connects from within your network to remote command and control servers Malware Design Cognizant of digital forensics techniques Encode and conceal network traffic Minimize traces left on file system

8 Response Techniques Containment Simple right? You want to contain without hindering any potential investigation Preservation To understand the attack malware forensics must be deployed Forensic Examination Pay for the tools Preservation of volatile data and logs Dynamic Processes Most likely, no two responses will be the same

9 Conclusion Policy and Preparedness Personnel and Structure Tools and Techniques Q&A Thank you Christina Raftery, MCSE, CISSP FBI Los Angeles Field Office

Download ppt "Being Proactive and Less Reactive in Security Operations and Cyber Attack Response Christina Raftery, MCSE, CISSP FBI Los Angeles Field Office."

Similar presentations

ETHICAL HACKING A LICENCE TO HACK

ETHICAL HACKING A LICENCE TO HACK
Network Instruments Troubleshooting Techniques. What to look for in network monitoring solutions… Key Elements Real Time Statistics Visual Network Traffic.

Network Instruments Troubleshooting Techniques. What to look for in network monitoring solutions… Key Elements Real Time Statistics Visual Network Traffic.
1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.

1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.
2 Language of Computer Crime Investigation

2 Language of Computer Crime Investigation
ETrust End to End Security Management Bernd Dultinger Sales Manager South CEE & Turkey.

ETrust End to End Security Management Bernd Dultinger Sales Manager South CEE & Turkey.
Defence in Depth: What’s Next? Kent Schramm Head, Cyber Security.

Defence in Depth: What’s Next? Kent Schramm Head, Cyber Security.
Mod H-1 Examples of Computer Crimes. Mod H-2 Stuxnet.

Mod H-1 Examples of Computer Crimes. Mod H-2 Stuxnet.
CERT ® System and Network Security Practices Presented by Julia H. Allen at the NCISSE 2001: 5th National Colloquium for Information Systems Security Education,

CERT ® System and Network Security Practices Presented by Julia H. Allen at the NCISSE 2001: 5th National Colloquium for Information Systems Security Education,
Chapter 17 Controls and Security Measures

Chapter 17 Controls and Security Measures
ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.

ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.
Www.axis.com Axis Intelligent Video Intelligence where you need it.

Axis Intelligent Video Intelligence where you need it.
Kaspersky Open Space Security: Release 2 World-class security solution for your business.

Kaspersky Open Space Security: Release 2 World-class security solution for your business.
Customized solutions. Keep It Secure Contents  Protection objectives  Endpoint and server software  Protection.

Customized solutions. Keep It Secure Contents  Protection objectives  Endpoint and server software  Protection.
Module 8: Implementing Administrative Templates and Audit Policy.

Module 8: Implementing Administrative Templates and Audit Policy.
University of Missouri System 1 Security – Defending your Customers from Themselves StateNets Annual Meeting February, 2004.

University of Missouri System 1 Security – Defending your Customers from Themselves StateNets Annual Meeting February, 2004.
PCM2U Presentation by Paul A Cook IT SERVICES. PCM2U Our History  Our team has been providing complete development and networking solutions for over.

PCM2U Presentation by Paul A Cook IT SERVICES. PCM2U Our History  Our team has been providing complete development and networking solutions for over.
The Difficult Road To Cybersecurity Steve Katz, CISSP Security Risk Solutions 631-692-5175 Steve Katz, CISSP Security.

The Difficult Road To Cybersecurity Steve Katz, CISSP Security Risk Solutions Steve Katz, CISSP Security.
Norman SecureSurf Protect your users when surfing the Internet.

Norman SecureSurf Protect your users when surfing the Internet.
Oklahoma Chapter Information Systems Security Association Oklahoma Chapter, Tulsa Oklahoma City Chapter, OKC Student Chapter, Okmulgee Oklahoma Chapter,

Oklahoma Chapter Information Systems Security Association Oklahoma Chapter, Tulsa Oklahoma City Chapter, OKC Student Chapter, Okmulgee Oklahoma Chapter,
E-business Security Dana Vasiloaica Institute of Technology Sligo 22 April 2006.

E-business Security Dana Vasiloaica Institute of Technology Sligo 22 April 2006.

Similar presentations

Ads by Google