Presentation is loading. Please wait.

Presentation is loading. Please wait.

Welcome HITRUST 2014 Conference April 22, 2014. The Evolving Information Security Organization – Challenges and Successes Jason Taule, Chief Security.

Published byHunter Rymer Modified over 9 years ago

Similar presentations

Presentation on theme: "Welcome HITRUST 2014 Conference April 22, 2014. The Evolving Information Security Organization – Challenges and Successes Jason Taule, Chief Security."— Presentation transcript:

1 Welcome HITRUST 2014 Conference April 22, 2014

2 The Evolving Information Security Organization – Challenges and Successes Jason Taule, Chief Security and Privacy Officer, FEi Systems (Moderator) Robert Booker, Vice President and Chief Information Security Officer, UnitedHealth Group Erick Rudiak, Information Security Officer, Express Scripts Roy Mellinger, Vice President, IT Security and Chief Information Security Officer, WellPoint Omar Khawaja, Vice President and Chief Information Security Officer, Highmark

3

4

5

6

7

8

9

10

11

12

13

14

15

16 Chief Information Security Office HITRUST 2014 Conference The Evolving Information Security Organization Challenges and Successes Tuesday – April 22, 2014 Roy R. Mellinger, CISSP – ISSAP, ISSMP, CIM Vice President, IT Security Chief Information Security Officer

17 17 The Evolving Information Security Organization Enterprise Risk Management Security Viewed as a Business Enabler Translating Business Needs into Security Requirements Translating Security Requirements into Technical Security Controls Operating Technical Security Controls RiskOperational Compliance Security Threat Management IT Compliance IT Risk Enterprise Risk Fighting Fires Containing Anticipating Fires Preventing Fires

18 18 The Evolving Information Security Organization CYBER THREAT MANAGEMENT  24x7 Security Operations Center (SOC)  End to End DLP (Data Loss Prevention) Strategy  Tracking of Malware Threats and Coding Techniques  Effective Firewalls, IDS / IPS Strategy Implementations  Effective Security and Event Log Management & Monitoring  Robust Safeguarding Polices, Programs and Processes

19 19 The Evolving Information Security Organization Hacking Now  Automated / Sophisticated Malware  Hactivism – Freedom of Speech, Statements to Influence Change, Sway Public Opinion and Publicize Views  Criminal – Drug Cartels, Domestic and Foreign Organized Crime for Identity Theft and Financial Fraud  Espionage – IP, Business Intelligence, Technology, Military / Political Secrets  Terrorism – Sabotage, Disruption and Destruction  Nation-State – Intelligence Gathering, Disruptive Tactics, Clandestine Ops, Misinformation, Warfare Strategies, and Infrastructure Destruction  Individual or Computer Clubs/ Groups  Manual efforts with Social Engineering ­ Success = Badge Of Honor ­ Personal Monetary Gain or to pay for / fund hacking activity Hacking Then  War Protesting and Civil Disobedience  Anti-Establishment Rhetoric  Social Rebels and Misfits FRINGEMAINSTREAM........... 30 YEARS.......

20 20 The Evolving Information Security Organization Initial compromise — spear phishing via email, planting malware on a target website or social engineering. Establish Foothold — plant administrative software and create back doors to allow for stealth access. Escalate Privileges — use exploits and password cracking tools to gain privileges on victim computer and network. Internal Reconnaissance — collect info on network and trust relationships. Move Laterally — expand control to other workstations and servers. Harvest data. Maintain Presence — ensure continued control over access channels and credentials acquired in previous steps. Complete Mission — exfiltrate stolen data from victim's network.

21 21 The Evolving Information Security Organization Cyber Threat Management Conventional ApproachParadigm Shift: Cyber Threat Management Controls CoverageProtect ALL information assetsProtect your MOST IMPORTANT assets (Crown Jewels) based on risk assessments Controls FocusPreventive Controls (anti-virus, firewalls, intrusion prevention, etc.) Detective Controls (monitoring, behavioral logic, data analytics) PerspectivePerimeter BasedData Centric Goal of LoggingCompliance ReportingThreat Detection Security Incident Management Piecemeal – Find and neutralize malware or infected nodes BIG PICTURE – Find and dissect attack patterns to understand threat Threat ManagementCollect information on MalwareDevelop a deep understanding of attackers targets and modus operandi related to YOUR org’s network and information assets Success Defined By:No attackers get into the networkAttackers sometimes get in; BUT are detected as early as possible and impact is minimized

22 Omar Khawaja April 23, 2014 The Evolving Information Security Organization – Challenges and Successes

23 23 Who is Highmark?

24 Risk is increasing Our information is increasing in value… More data (EMRs) More collaboration (ACOs) More regulation (FTC) Our weaknesses are increasing… More suppliers (Cloud) More complexity (ACA) Opportunities to attack are increasing… More access (consumer portals) More motivated attackers Becoming increasingly difficult to secure Multiple Compliance Requirements Evolving Compliance Requirements Unclear Compliance Requirements Less visibility Less control (Assets Vulnerabilities Threats) Controls X X -

25 Security org needs to evolve From… Explaining the “what” Growing the security org Creating more security processes Telling them what to do Protecting everything equally Measuring what matters to security org To… Explaining the "why" Growing security in the org Making security part of more processes Assisting them with their job Differentiated controls Reporting on what matters to audience

26 Questions?

Download ppt "Welcome HITRUST 2014 Conference April 22, 2014. The Evolving Information Security Organization – Challenges and Successes Jason Taule, Chief Security."

Similar presentations

Cyber Crime and Technology

Cyber Crime and Technology
David Cronkright Chuck Dudinetz Paul Jones Corporate Auditing The Dow Chemical Company February 16, 2012 Auditing Protection of Intellectual Property.

David Cronkright Chuck Dudinetz Paul Jones Corporate Auditing The Dow Chemical Company February 16, 2012 Auditing Protection of Intellectual Property.
Women in Technology 2009 Mary Henthorn. Security Prevent loss, theft, or inappropriate access Privacy Ensure freedom from intrusion or disturbance Security.

Women in Technology 2009 Mary Henthorn. Security Prevent loss, theft, or inappropriate access Privacy Ensure freedom from intrusion or disturbance Security.
1© Copyright 2011 EMC Corporation. All rights reserved. Anatomy of an Attack.

1© Copyright 2011 EMC Corporation. All rights reserved. Anatomy of an Attack.
UNCLASSIFIED Cybercrime: The Australian Experience Australian Cybercrime Online Reporting Network (ACORN) Conference Assistant Commissioner Tim Morris.

UNCLASSIFIED Cybercrime: The Australian Experience Australian Cybercrime Online Reporting Network (ACORN) Conference Assistant Commissioner Tim Morris.
1© Copyright 2014 EMC Corporation. All rights reserved. Securing the Cloud Gintaras Pelenis Field Technologist RSA, the Security Division of EMC

1© Copyright 2014 EMC Corporation. All rights reserved. Securing the Cloud Gintaras Pelenis Field Technologist RSA, the Security Division of EMC
Possible Threats To Data. Objectives To understand: Types of threats Importance of security Preventative and remedial actions Personal safety This will.

Possible Threats To Data. Objectives To understand: Types of threats Importance of security Preventative and remedial actions Personal safety This will.
DoD and Cyber-Terrorism Eric Fritch CPSC 620. What is cyber-terrorism? The premeditated, politically motivated attack against information, computer systems,

DoD and Cyber-Terrorism Eric Fritch CPSC 620. What is cyber-terrorism? "The premeditated, politically motivated attack against information, computer systems,
Ch.5 It Security, Crime, Compliance, and Continuity

Ch.5 It Security, Crime, Compliance, and Continuity
A Covenant University Presentation By Favour Femi-Oyewole, BSc, MSc (Computer Science), MSc (Information Security) Certified COBIT 5 Assessor /Certified.

A Covenant University Presentation By Favour Femi-Oyewole, BSc, MSc (Computer Science), MSc (Information Security) Certified COBIT 5 Assessor /Certified.
Emerging Trends: Cyber Threats Bryan Sheppard Cyber Security Defense Center.

Emerging Trends: Cyber Threats Bryan Sheppard Cyber Security Defense Center.
Information Warfare Theory of Information Warfare

Information Warfare Theory of Information Warfare
1 Telstra in Confidence Managing Security for our Mobile Technology.

1 Telstra in Confidence Managing Security for our Mobile Technology.
Cyber Resilience Simon Onyons Financial Stability – Resilience Team.

Cyber Resilience Simon Onyons Financial Stability – Resilience Team.
1. 2 A High Tech Crime Investigation Lessons learned by the National High Tech Crime Center Hans Oude Alink, project leader NHTCC November 2005.

1. 2 A High Tech Crime Investigation Lessons learned by the National High Tech Crime Center Hans Oude Alink, project leader NHTCC November 2005.
Reliability and Security. Security How big a problem is security? Perfect security is unattainable Security in the context of a socio- technical system.

Reliability and Security. Security How big a problem is security? Perfect security is unattainable Security in the context of a socio- technical system.
© 2014 Level 3 Communications, LLC. All Rights Reserved. Proprietary and Confidential. Polycom event Security Briefing 12/03/14 Level 3 Managed Security.

© 2014 Level 3 Communications, LLC. All Rights Reserved. Proprietary and Confidential. Polycom event Security Briefing 12/03/14 Level 3 Managed Security.
Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.

Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.
Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec

Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec
Website Hardening HUIT IT Security | Sep 30 2011.

Website Hardening HUIT IT Security | Sep

Similar presentations

Ads by Google