what every employee should know about cyber security - mario balakgie

7/27/2019 What Every Employee Should Know About Cyber Security - Mario Balakgie

1/27

Copyright 2013 World Wide Technology, Inc. All rights reserved.

Mario Balakgie Principal Security Consultant

What Every Employee Should Know

about Cyber Security

Los Angeles Digital Government Summit

September 4, 2013


2/27

Agenda.1. Cyber Fraud

2. Advanced Persistent Threats (APTs)

3. APT Mitigation Strategy


3/27

Remember this? 1991 top personal productivity device


4/27

CYBER FRAUD THREAT

LANDSCAPESPANS A SPECTRUM OF SIZE AND POWER

FOCUSED ON TARGETED ATTACKS


5/27

CYBERCRIME AND MALWARE

Information systems and data are exposed to a new set or risks and

there is increased organization around exploitation (Cybercrime)

Cybercrime

Industry

Sophisticationof Malware &

Attacks

Exceeds drug trafficking in criminal activity from

global loss exceeding $1 trillion a year

Black markets exist bringing together buyers and

sellers of services and tools Low barrier to entry with criminals operating from

global safe havens

Malware designed to infiltrate a network, identifyvulnerabilities, and obtain sensitive information

Data continues to be the #1 target


6/27

NEW THREATS AND RISKS

A Shift in Perspective

Exponential increase in the sophistication, innovation and frequency of

attacks

The degree of required intruder skills continue to decrease

Attacks tend to target the weakest link

The motive of attacks is financial gain Infinite causes, limited effects.


7/27

IDENTIFY YOUR

ORGANIZATIONS VALUEAS A TARGET

WHO IS INTERESTED IN YOU, AND WHY?


8/27

Response to the threat landscape evolved as

Americans began to understand their risk

UNDERSTANDING YOUR ROLE


9/27

Improving the tools of protection

Those Threatened Have a Role to

Play in Protecting Themselves.

and using them.


10/27

THERE IS A LANDSCAPE

OF CYBER FRAUD PROTECTION

FBILOCAL

LAW

ENFORCEMENTNSA

US MILITARY

CYBER

COMMANDCIA

But organizations still face

an internal gap.In other words, are you clicking your seatbelt?


11/27

ARE YOU PREPARED?HOW WILL YOU STAND?

OR

ARE YOU PREPARED FOR THE NEW BREED OF

ATTACKS KNOWN AS APTS?


12/27Copyright 2013 World Wide Technology, Inc. All rights reserved.

ADVANCED PERSISTENT THREAT (APT)


13/27

of organizations believe they havebeen the victim of an Advanced

Threats

83%of organizations dont believe theyhave sufficient resources to prevent

Advanced Threats

65%

Source: Ponemon Institute Survey titled The Growing Risk of Advanced Threats

of breaches led to data compromisewithin days or less

99%of breaches took weeks

or more to discover

85%

Source: Verizon 2012 Data Breach Investigations Report

Advanced Persistent Threat(APT)


14/27

Characteristicsof an APT Group of People

Intent and Capability Persistent and Adaptive (cover their tracks)

Targeted and not Accidental


15/27

1

Phishing emailsJohn receives a email with a linkto a compromised website

designed as a trusted one

EXAMPLE OF AN APT

I DONT FALL FOR PHISHING?


16/27

2

Drive-by download

John clicks on the link andgets infected by Trojan fromdrive-by download.

Johns machine

3


17/27

Attacker gains accessto a critical server

Trojan installs backdoor which allowsreverse connection login to infected

machine

Hacker gets password to gain access to acritical server via RDP.

3

RDP

PASSWORD

Johns machine

Critical Server


18/27

Data Extraction begins

Attacker encrypts sensitive files found onthe critical server and transfers out via FTP

4


20/27

Factor in your threat valuation.

Understand the protection that exists.

Consider whats missing from your current IT Security posture.

Your Role in Cyber Fraud

Protection


21/27

Humility & Trust It can happen to you and anyone

Believe that the threat is real and credible

Put your money where your mouth is

Build Trust in Your Defense by Investing in

Protection that Aligns with Your Vulnerability


22/27

INVEST IN THE TRUST AND

REPUTATION OF YOUR BRAND.

Prevention

80%

Monitoring

15%

Response

5%

Historical

Security Investment

Response

33%

Prevention

33%

Monitoring

33%

Future

Security Investment

Source: RSA Internal Analysis


23/27

Training & Awareness Board members Motivational demonstrations

LOB owners End user

Security professionals

IT professionals

Key stake holders

C-level


24/27

Be Prepared. Test your defenses because you will be tested

Breach Readiness Assessments

People, Process and Technology

Run breach drills similar to fire drills

Goal of drills should be to improve detection time

Technology solutions leveraging big data analytics work well


25/27

Key Takeaways Understand your organizations value and your role

in its protection

APTs are real and the latest elements of cyber fraud

Invest in your reputation and brand

Be Prepared breach readiness


26/27

QUESTIONS?THANK YOU


27/27

what every employee should know about cyber security - mario balakgie

Documents