1. El Camino Cyber security

2. Where we started – may, 2016 Aging eol firewall/vpn
No spf/dmarc/dkim implementation
Aging eol switches
No waf
Aging eol server & workstation o.s. versions
No dns protection
No internal security procedures
Aging and underperforming gateway
No dedicated security person

3. Where we started – may, 2016 Out of date motd & web privacy statement
No formal employee cyber security training program
Only one administrative policy (out of date)
No endpoint malware protection
No security website or newsletter
No firm understanding of cyber insurance coverage
No penetration testing
No focus on ferpa/pci/ca compliance
No vulnerability testing

4. Where we are now - 2019 Hired CISO per plan-net Cisco internal waf
New Cisco 9000 firewall w/ vpn
Cisco umbrella dns
New switches – more being replaced
internal procedures for spam/phishing mitigation, ransomware, & formal breach response plan
Servers upgraded to newer os
Workstations being upgraded to win10
Upgraded to barracuda 600 & cloud
spf/dmarc/dkim implementation

5. Where we are now - 2019 KnowB4 phishing simulator & training
12 new administrative policies & 2 new board policies
Malwarebytes & Cisco amp endpoints
Complete understanding of cyber insurance coverage documented in breach-response plan
Cyber security website & monthly newsletter
penetration testing performed
focus on ferpa/pci/gdpr compliance
vulnerability testing via tenable/nessus
New motd & web privacy statement

6. Where we are now - 2019 Splunk (log aggregation)
Involvement in technology committee & aims committee
Re-wrote info security section in new technology master plan
Representation at chancellor’s office events
Created 5 year cybersecurity strategic plan
Represented el camino at the 2018 mcafee cybersecurity leadership & innovation awards
Involvement in fbi-infragard, isaca, issa
FBI infragard daily intel briefings to ecc- pd
Represented el camino at the 2019 cio ones to watch awards
DHS cybersecurity intel briefings to its

7. Where we need to be – 2020 & beyond
New policies approved by board
Look at logz.io (elk stack)
Implement 2FA (at least its)
Finalize & implement br/dr plan
Another pen test
Look at spirion
Threat-hunting s/w (Reveal-X)
Completion of data governance project (Vladimir)
Checkpoint sandblast now appliance
Address scada vulnerabilities
HP printer security

8. Current trending threats
Cryptojacking (cryptomining)
File-less malware (powerghost)
Software Subversion – malware in opensource s/w
Attacks to cryptocurrency eco-system
Large-scale DNS attacks
Q has seen a 967% increase so far on 100gbps+ attacks!!!

9. Current trending defenses
Threat emulation s/w (verodin, attackIQ, darklight, etc.)
IAM moving to the cloud
Authentication through mobile devices will explode (2FA)
The public will look beyond compliance for real trust
FedEx (notPetya) & Equifax (data breach)

10. Where we need to be – 2020 & beyond
fff

11. Questions. https://www. elcamino