Upload File

ntxissacsc4 - red, amber, green status: the human dashboard

  • Home
  • Internet
  • NTXISSACSC4 - Red, Amber, Green Status: The Human Dashboard
18
@NTXISSA #NTXISSACSC4 Red, Amber, Green Status: The Human Dashboard Laurianna Callaghan, CISSP, CCNA Security Information Security Analyst III Health Management Systems, Inc. October 7 – 8, 2016

Upload: north-texas-chapter-of-the-issa

Post on 16-Apr-2017

388 views

Category:

Internet


1 download

Report

TRANSCRIPT

Page 1: NTXISSACSC4 - Red, Amber, Green Status: The Human Dashboard

@NTXISSA#NTXISSACSC4

Red,Amber,GreenStatus:TheHumanDashboard

LauriannaCallaghan,CISSP,CCNASecurityInformationSecurityAnalystIII

HealthManagementSystems,Inc.October7– 8,2016

Page 2: NTXISSACSC4 - Red, Amber, Green Status: The Human Dashboard

@NTXISSA#NTXISSACSC4

AlarmingSecurityStudies

“…in2015,60percentofallattackswerecarriedoutbyinsiders,eitheroneswithmaliciousintentorthosewhoservedas

inadvertentactors”1

“Spear-phishingcampaignstargetingemployeesincreased55%in2015”2

NTXISSACyberSecurityConference– October7-8,2106 2

Page 3: NTXISSACSC4 - Red, Amber, Green Status: The Human Dashboard

@NTXISSA#NTXISSACSC4

PCIDSS3.1• 12.6Implementaformalsecurityawarenessprogramtomakeallpersonnelawareoftheimportanceofcardholderdatasecurity.

• 12.6.1Educatepersonneluponhireandatleastannually.(Note:Methodscanvarydependingontheroleofthepersonnelandtheirlevelofaccesstothecardholderdata.)

• 12.6.2Requirepersonneltoacknowledgeatleastannuallythattheyhavereadandunderstoodthesecuritypolicyandprocedures.

NTXISSACyberSecurityConference– October7-8,2106 3

Page 4: NTXISSACSC4 - Red, Amber, Green Status: The Human Dashboard

@NTXISSA#NTXISSACSC4

HIPAA

• § 164.308Administrativesafeguards• (a)(5)(i)Standard:Securityawarenessandtraining.Implementasecurityawarenessandtrainingprogramforallmembersofitsworkforce(includingmanagement).• (ii)Implementationspecifications.Implement:

• (A)Securityreminders…• (B)Protectionfrommalicioussoftware…• (C)Log-inmonitoring…• (D)Passwordmanagement…

NTXISSACyberSecurityConference– October7-8,2106 4

Page 5: NTXISSACSC4 - Red, Amber, Green Status: The Human Dashboard

@NTXISSA#NTXISSACSC4

WhatisSecurityAwareness3

• IndividualResponsibilityandSufficientUnderstandingtoComplywithPolicies

• AnotherLineofDefense

• TheBestROIforInformationSecurityPrograms

NTXISSACyberSecurityConference– October7-8,2106 5

Page 6: NTXISSACSC4 - Red, Amber, Green Status: The Human Dashboard

@NTXISSA#NTXISSACSC4

TypicalSAActivities4

NTXISSACyberSecurityConference– October7-8,2106 6

• Formalizedtrainingcourses• Posters• Securitywalk-throughs• Intranetpages• BusinessunitSAmentors• SponsorshipofSAday

• Sponsorshipofanexternalevent• Trinkets• Specialeventday• Referencematerials• Phishingsimulations*

Page 7: NTXISSACSC4 - Red, Amber, Green Status: The Human Dashboard

@NTXISSA#NTXISSACSC4

WhySecurityAwareness

• LawandRegulationCompliance• ReduceHard-To-PredictCosts• LayeredSecurity(Defense-in-Depth)5

• TeachHowtoComplywithSecurityPolicy4

• CorporateCitizenship• EmployeeRelations

NTXISSACyberSecurityConference– October7-8,2106 7

Page 8: NTXISSACSC4 - Red, Amber, Green Status: The Human Dashboard

@NTXISSA#NTXISSACSC4

Goals

• Obtainandmaintaincompliance• Minimizethenumberandimpactofsecurityincidents• Alleviateothersecurityteamsandservicedeskofnumberofincidents

• Createasecurityculture

NTXISSACyberSecurityConference– October7-8,2106 8

Page 9: NTXISSACSC4 - Red, Amber, Green Status: The Human Dashboard

@NTXISSA#NTXISSACSC4

ActivitiesSupportGoals

• Compliance• Training

• SecurityCulture• Newsletter• Survey• Intranetsite• Event

NTXISSACyberSecurityConference– October7-8,2106 9

• LessImpact,Lower#Incidents• Simulations• Phishing• Spearphishing• Whaling• Socialengineering• Physicalsecuritychecks

Page 10: NTXISSACSC4 - Red, Amber, Green Status: The Human Dashboard

@NTXISSA#NTXISSACSC4

Quantifiable6

• Whatismeasured• Howitismeasured• Interval

• Indicators• Actionable

NTXISSACyberSecurityConference– October7-8,2106 10

WHAT HOW INTERVAL INDICATORS ACTIONABLE

AnnualSecurityTraining

TrainingScores Annual RED:If15%ormorefirstscore<= 74%AMBER:If15%ormorefirstscore75%- 79%;override:if35%ormorefirstscore95– 100%GREEN:If15%ormorefirstscore80%- 100%

RED:Reviewtestdifficulty,review contentdifficulty,discussionwithtrainingvendor,improvetrainingAMBER:ReviewcontentpresentationanddifficultyGREEN:Watchend oftestsurveyresultsforareasofimprovement.Checkfortesthacksandassureitisnottooeasy.

PhishingSimulations #ofClickers(responserate)

Quarterly RED:>=15%locationreturnrateAMBER:14% - 5%locationreturnrateGREEN:<=4%locationreturnrate

RED:CEOreminderemail,departmentSAmentorsmeetings,mandatory phishingspecifictrainingcourseAMBER: CISOreminderemail,reminderatanall-handsmeetingGREEN:Positivereinforcement/ acknowledgement

Page 11: NTXISSACSC4 - Red, Amber, Green Status: The Human Dashboard

@NTXISSA#NTXISSACSC4

Goal:Compliance

• Activitiesthatarerequiredforcompliance• Keyperformanceindicators

NTXISSACyberSecurityConference– October7-8,2106 11

UserKPI ProgressAnnualRefresher 35%Onboarding 75%PCI 68%HIPAA 50%

COMPLIANCE

User

Page 12: NTXISSACSC4 - Red, Amber, Green Status: The Human Dashboard

@NTXISSA#NTXISSACSC4

Goal:IncidentReduction

• Topactivitiesusedforincidentreduction• Keyperformanceindicators

NTXISSACyberSecurityConference– October7-8,2106 12

UserKPI PerformanceRefresherTrainingScores 70%PhishingSim 95%PhishingInformants 10%PhysicalSecurity 2%SocialEngineering 25%

INCIDENTREDUCTION

User

Page 13: NTXISSACSC4 - Red, Amber, Green Status: The Human Dashboard

@NTXISSA#NTXISSACSC4

Goal:SecurityCulture

• Activitiesthatcontributetotheculture• Keyperformanceindicators

NTXISSACyberSecurityConference– October7-8,2106 13

UserKPI InterestNewsletter 75%Survey 55%IntranetSite 65%Event 88%

SECURITYCULTURE

Page 14: NTXISSACSC4 - Red, Amber, Green Status: The Human Dashboard

@NTXISSA#NTXISSACSC4

TheSecurityAwarenessDashboard

• RepresentsSecurityAwarenessgoals

• Givesvisibilitytothehumanaspectofsecurity

• CombineslogicallywiththeoverallSecuritydashboard• Preventative• Proactive

NTXISSACyberSecurityConference– October7-8,2106 14

Dept:SecurityAwareness Dashboard Budget Roadmap   Calloway,Jane

ALERTS: 1

UserKPI ProgressAnnualRefresher 35%Onboarding 75%PCI 68%HIPAA 50%

COMPLIANCE

UserKPI PerformanceRefresherTrainingScores 70%PhishingSim 95%PhishingInformants 10%PhysicalSecurity 2%SocialEngineering 25%

INCIDENTREDUCTION

UserKPI InterestNewsletter 75%Survey 55%IntranetSite 65%Event 88%

SECURITYCULTURE

2016SecurityAwarenessDashboard

Main

Compliance

Incide

ntCu

lture

Page 15: NTXISSACSC4 - Red, Amber, Green Status: The Human Dashboard

@NTXISSA#NTXISSACSC4

OtherConsiderations• Baselineotherareasofsecuritythatmaychange• %infectedcomputersò• #passwordresetrequestsò• #securewebdeliverymessagesñ• #malicioussitesblockedò• Bandwidthusedforextracurricularò• #infectionsdetectedwhileremoteò• #lostelectronicdevicesò• #humanreportedinfectionsñ• #totalinfectionscleanedò

• Impacttootherdepartments

NTXISSACyberSecurityConference– October7-8,2106 15

Page 16: NTXISSACSC4 - Red, Amber, Green Status: The Human Dashboard

@NTXISSA#NTXISSACSC4

ResourcestoShare

• DepartmentofHomelandSecurity• NationalSecurityAwarenessMonth• Stop.Think.Connect.• FEMAFree1HourSAVideoforEmployees• NationalInitiativeforCybersecurityCareersandStudies

• FederalTradeCommission• OnGuardOnline

NTXISSACyberSecurityConference– October7-8,2106 16

Page 17: NTXISSACSC4 - Red, Amber, Green Status: The Human Dashboard

@NTXISSA#NTXISSACSC4

References1. I.X.-F.Research,“ReviewingaYearofSeriousDataBreaches,

MajorAttacksandNewVulnerabilities,”IBMSecurity,2016.2. Symantec,“InternetSecurityThreatReport,MountainView,

2016.3. L.Lindholm,“USDept ofStateDiplomaticSecretaryThe

AwarenessTeam,”BureauofDiplomaticSecurity.4. AdamGordon,OfficialISC2 GuidetotheCISSPCBK,Boca

Raton:Taylor&FrancisGroup,LLC,2015.5. J.Shenk,“LayeredSecurity:WhyItWorks,”SANSInstitute,

2013.6. L.Spitzner,“HumanMetrics:MeasuringBehavior,”SANS

Institute,2010-2016.

NTXISSACyberSecurityConference– October7-8,2106 17

Page 18: NTXISSACSC4 - Red, Amber, Green Status: The Human Dashboard

@NTXISSA#NTXISSACSC4@NTXISSA#NTXISSACSC4

The Collin College Engineering DepartmentCollin College StudentChapteroftheNorthTexasISSA

NorthTexasISSA(InformationSystemsSecurityAssociation)

NTXISSACyberSecurityConference– October7-8,2016 18

Thankyou


Amber Valley Labour Market Dashboard - UTC Derby

NTXISSACSC4 - How Not to Build a Trojan Horse

NTXISSACSC4 - Detecting and Catching the Bad Guys Using Deception

NTXISSACSC4 - Mitigating Security Risks in Vendor Agreements

Employee Setup Dashboard Components Dashboard Settings Dashboard Widgets Selection Manipulation Use Data Information

Work with the Integrated Dashboard · Blackboard Web Community Manager Integrated Dashboard WCM_IntDashboard_0118174 WCM_IntDashboard_0118174 Dashboard Elements The Dashboard consists

Classic Baltic Amber Signature Baltic Amber Baltic Amber ... › downloads › Amber... · boast of wearing Baltic amber for relief from migraines, teething, tooth aches, arthritis,

NTXISSACSC4 - Identity as a Threat Plane Leveraging UEBA and IdA

NTXISSACSC4 - World of Discovery

International Amber Association Baltic Amber · made of Baltic amber pieces pressed in high temperature and under high pressure without additional components. Bonded Baltic amber

SproutCore: Amber

NTXISSACSC4 - Hacking Performance Management, the Blue Green Game

NTXISSACSC4 - Layered Security / Defense in Depth

Amber 01 - Noua Prinți Din Amber

NTXISSACSC4 - A Brief History of Cryptographic Failures

CHIC · 2019. 5. 24. · Amber 105.0383.01 19,7x19,7 Amber Beyaz / Amber White 105.0383.04 19,7x19,7 Amber Fildişi / Amber Ivory P 6,5 mm 1 PEI4 2 5

Human-Inspired Walking in AMBER 1.0 and AMBER 2

AMBER SELECT / AMBER SELECTX Guía del Usuario€¦ · parte posterior del AMBER SELECT / AMBER SELECTX. Su teléfono seguirá funcionando normalmente. 2. Conecte el cable con adaptador

NTXISSACSC4 - Business Geekdom: 1 = 3 = 5

NTXISSACSC4 - What Should a College Information or Cyber Security Program Contain?

NTXISSACSC4 - Introducing the Vulnerability Management Maturity Model - VM3

ABC Amber PDF Merger - curiosidades version of ABC Amber PDF Merger, . ABC Amber PDF Merger ABC Amber PDF Merger ABC Amber PDF Merger

Amber Profile

NTXISSACSC4 - Between The Keyboard And The Chair - Cybersecurity's Secret Weapon

Amber - Cherryman Industries€¦ · amber. amber collection. configurations configurations configurations configurations configurations configurations configurations configurations

NTXISSACSC4 - Day in the Life of a Security Solutions Architect

Warranty : 10 Years Direct OEM Replacement Amber/Amber ... · LED Side Marker Light Warranty : 10 Years Direct OEM Replacement Amber/Amber Clear/Amber Amber Lens/ Amber Diode LL021201

Amber 7-Blood of Amber

Smooth operator the Digital Dashboard Drives … operator: The Digital Dashboard Drives optimum Performance DaShBoarD tooLS wIthout the DaShBoarD? the digital dashboard is a moving

Amber Roger Zelaznys Visual Guide to Castle Amber

NTXISSACSC4 - The Rise of Social Engineering -- Anatomy of a Full Scale Attack

NTXISSACSC4 - Artifacts Are for Archaeologists: Why Hunting Malware Isn't Enough

NTXISSACSC4 - The Art of Evading Anti-Virus

The amber. Search method alluvial deposits of amber

Seagate Dashboard UG...Presentación de Seagate Dashboard Funciones de Seagate Dashboard Guía del usuario de Seagate Dashboard 5 1. Presentación de Seagate Dashboard