Download presentation
Presentation is loading. Please wait.
Published byAldous Cole Modified over 9 years ago
1
Did You Hear That Alarm? The impacts of hitting the information security snooze button
2
Case Study: 1.Procurement representative receives an email 2.Workstation security alerts are generated 3.Malware detection alerts are generated on a production server 4.Large increase in network connections to a domain in another country 5.Federal authorities notify company about data being sold on black market
3
Anatomy of an Attack Spear phishing attack targets employee Recipient interacts with the malicious email content Exploit payload installs on workstation Compromised workstation sets up command and control and acts as pivot point Attacker traverses network and compromises production servers Full data compromise and exfiltration
4
How Did This Happen?: Security Training? Effective controls and patching? Event monitoring and response?
5
Threat Sources: National Governments Terrorists Industrial Spies Organizational Crime Groups Hactivists Insider Threat Source: Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) Do not worry about the “why”
6
Industry Threat Data *Data taken from the Verizon 2014 Data Breach Investigation report 2013 Top Five Threat Actions Use of stolen credentials (Hacking) Export Data (Malware) Phishing (Social Engineering) Ram Scraper (Malware) Backdoor (Malware) 2013 Data Breach Trends 4% increase in Financial Services industry breaches 67% of breaches were notified by external entities 100% of retail Point-of-Sale system breaches occurred in Payment Card Industry-compliant environments *Data taken from the 2014 Mandiant Mtrends Breach report
7
Risk Equation R = f(T,V,A) RISK is the PROBABILITY that a THREAT will exploit a VULNERABILITY to cause harm to an ASSET Classical, yes, but has its limitations
8
Risk Equation Threats and vulnerabilities change rapidly; virtually unknowable Data as an asset Classical risk equation does not account for controls Subjectivity can skew results and corresponding action plans
9
Ok, now what?: Risk assessments are a baseline Constant vigilance in assessing risk variables Establish risk tolerance Enhance approaches by leveraging compliance and industry standards
10
Due Diligence: Utilize control frameworks Intelligence gathering Attack path threat modeling Vulnerability testing Analysis, Monitoring, Treatment, and Reporting
11
Employee error Malicious insiders Malicious outsiders System errors What Causes a Breach
12
Direct costs Credit monitoring Mailing costs Indirect Costs Time/Resources Productivity Opportunity Costs Brand and Reputation Cost of a breach
13
Defending Against Threat “You should expect us” Know your data Understand what threat is Threat should drive security control prioritization Enhance control strength and reduce attack surface Manage to risk tolerance
14
Know what applies to your business Educate your workforce Documented and tested Breach Response Plan Communication plan Engage business partners Practice and hold lessons learned sessions Preparing for a Breach
15
Dave Muxfeld dave.muxfeld.icd3@statefarm.com Pamela Ringenberg pamela.ringenberg.qr5f@statefarm.com Questions?
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.