1. Cyber Security and Incident Response
Find out how hackers wreak havoc and learn what you can do to protect yourself.
Brett Dearman – Digital Forensic Examiner
Marc Miller - General Council
Seth Waldman – Internet Security Analyst

2. Cyber Security Team Brett Dearman
Digital forensics examiner internal investigations of varying complexity from 2002 to present
Numerous e-discovery initiatives including probable cause for reasonable termination.
COE AccessData Certified Examiner – Forensic Toolkit
MCSE Microsoft Certified Systems Engineer
EnCE (x2) Certified Information Systems Security Professional
CISSP (International Security Certification Consortium)
Certified Ethical Hacker
Certified Penetration Tester
Marc Miller
Assistant District Attorney in Harris County (Houston), Texas
United States Department of Justice – Assistant Deputy Chief Computer Crime Section
Assistant United States Attorney - Organized Crime Task Force section - complex money-laundering, conspiracy, wire-tap and narcotics cases
Nintendo – Vice President – Global IP protection
Motion Picture Association of America – Senior Vice President – IP protection
Management liaison for U.S. Justice Department with IP “czar” and other senior White House officials relating to IP policy, strategic goals and budgeting
Seth Waldman
Cyber security analyst and systems administrator
MCSE
CompTIA Network +

3. Small to Medium Sized Businesses (SMBs)
In 2014, small firms with annual revenues less than $100 million cut security spending by 20%, while large companies increased security investments by 5%.
The 2014 Target breach reportedly occurred when attackers stole network credentials from Target’s HVAC provider.
SMBs typically spend less time and money on network security than larger firms. That means they are easy targets for cyber criminals.
60% of small businesses hit by a cyber attack go out of business within 6 months of the attack!
Nearly 90% of SMBs in the U.S. do not use data protection for company and customer information, and less than half have secured company to prevent phishing scams.
In 2013, the cost of medical identity theft to consumers was estimated at $12 billion. In 2014, more than 2 million patients were victim to medical identity theft globally, a half million more than were recorded in 2013.
Too small to be on radar
Automated hacks
Supply chain

4. How Do Hackers Get Data?
The receptionist for a small municipal court found a box of branded USB drives left on her desk. In hopes of figuring out who they are for, she plugged one into her computer. The drive was blank, so she gave away the free storage. By then, she had already infected the court‘s office network— and spread the malware to each of the drive recipients.
Phishing attacks
Shoulder surfing
Malware
Social engineering

5. Office Threat Reduction
Unified Threat Management (UTM)/Next Generation Firewall (NGFW)
Encrypted VPN connection between offices and between remote users
Security policies
Monitoring

6. Home/Travel Threat Reduction
Most home offices do not use secure VPN to connect to the corporate office
Monitored/managed firewall with secure VPN capability
Password protected devices
Security policies

7. Layered Approach Perimeter – Firewall
Physical Security – Access controls
Control Network – Security policies and controls
Device Security – Anti-virus

8. Assessment and Monitoring
Meet with customer to discuss needs
Develop and implement a plan to meet the needs and budget of the company
Proactively monitor the network for security changes or breaches
Quarterly reporting of health of network

9. Incident Response Plan: The Key Elements
Prepare – Risk assessment, security architecture, and response plan
Reporting – Detect the problem, incident reporting, who receives the reports, assess the damage
Incident countermeasures – How do you protect yourself and get your business back up and running quickly, efficiently, and safely?
Identifying corrective actions – How do we get back to “normal?”
Monitoring corrective actions – Did we fix the problem? Are we doing everything we can to prevent future problems?

10. Incident Response Plan: Preservation of Evidence
Legal action is anticipated - Integrity of the evidence can be the win/lose factor
Criminal or civil action - Perpetrator, current employee, former employee, or someone else
Law enforcement - Involve?
IT staff - Must stay out!
Chain of custody - Documentation is critical

11. Cyber-Security Quarterly – 1st Quarter 2016
Regulatory Updates - What is required for your business to be in compliance?
Does your business handle financial information or medical records?
Insurance Coverage - Does your business have an insurance policy covering a cyber security incident? Will you be able to make a successful claim?
Best Practices for SMBs – Do you have the appropriate training measures in place for your employees? Are there technological measures that you should be taking?

12. About McCann Security TO GET STARTED CONTACT MCCANN TOTAL SECURITY
Every day McCann Security helps business decision-makers and stakeholders solve cyber- security issues and protect their critical data and infrastructure. Visibility and analytics tools such as WatchGuard Dimension™ translate millions of lines of logs into the thimbleful of intelligence you need to recognize and address problems in your network.
TO GET STARTED CONTACT
MCCANN TOTAL SECURITY
HOUSTON NATIONAL DISPATCH CENTER
Take control of your organization’s cyber-security by putting McCann Security’s dedicated team and three decades of proven experience on the front line!
Our operations began during the mass adoption of electronic devices and digitally stored information, and we have continued to lead the cyber-security industry through the evolution of mainframes, desktops and laptops, and now mobile devices and cloud storage. All along the way, our veteran team has been armed with the latest technology, and backed by decades of professional experience in both public law enforcement and private security.
MCCANN SECURITY SYSTEMS
10375 Richmond, Suite 260 | Houston, TX
mccann-security.com