whmsabal systems, llc 16-may-15 “executive staff perspectives on cyber...

Download WHMSabal Systems, LLC 16-May-15 “Executive Staff Perspectives on Cyber Securityâ€‌ Information Systems Security Association (ISSA) Central Florida Chapter

Post on 17-Dec-2015




0 download

Embed Size (px)


  • Slide 1
  • WHMSabal Systems, LLC 16-May-15 Executive Staff Perspectives on Cyber Security Information Systems Security Association (ISSA) Central Florida Chapter & InfraGard William H. Miller, Jr. Founder & CEO, Sabal Systems, LLC Crowne Plaza Hotel, Orlando, FL September 15, 2011
  • Slide 2
  • WHMSabal Systems, LLC CAUTION: I do not claim to be an expert in this field .
  • Slide 3
  • WHMSabal Systems, LLC Security Issues Are Timeless Better be despised for too anxious apprehensions, than ruined by too confident security. - Edmund Burke - Edmund Burke, Irish orator, philosopher, & politician (1729 - 1797) Security is mostly a superstition. It does not exist in nature.... Life is either a daring adventure or nothing. - Helen Keller - Helen Keller, The Open Door (1957) To err is human, but to really foul things up requires a computer. - Farmers' Almanac - Farmers' Almanac, 1978
  • Slide 4
  • WHMSabal Systems, LLC Cyber Headlines .. Sony recruits information security boss after hacking Isabel Reynolds, Reuters, September 6, 2011 (Reuters) - Sony Corp picked a former official at the U.S. Department of Homeland Security for the new post of chief information security officer, months after a massive hacking attack leaked information on 100 million user accounts on its games networks. Philip Reitinger, previously director of the U.S. National Cyber Security Center, will become senior vice president and will report to general counsel Nicole Seligman, the Japanese electronics conglomerate said on Tuesday. "Certainly the network issue was a catalyst for the appointment," a Sony spokesman said. "We are looking to bolster our network security even further." Hackers spied on 300,000 Iranians using fake Google certificate Gregg Keiser, Computerworld, September 6, 2011 About 300,000 Iranians had their Gmail accounts compromised and their messages read by hackers, according to a forensics firm that has investigated the theft of hundreds of digital certificates from a Dutch company. Although the report did not identify the hacker, or hackers, who may have spied on the Iranian users, security researchers have pointed to Iran's government, which has been linked to other attempts to intercept the communications of activists and protesters.. Nearly all -- Fox-IT said 99% -- of those IP addresses originated in Iran. Investigators assumed that the google.com certificate was used primarily to spy on Iranians' Gmail accounts. Phone hacking: James Murdoch 'told of hacking email' Ben Geoghegan, BBC News, September 6, 2011 Former News of the World legal manager Tom Crone has told MPs he was "certain" he told James Murdoch about an email which indicated phone hacking at the paper went beyond one rogue reporter. Mr. Crone said the email was discussed and "it was the reason that we had to settle the case". In a previous hearing, News Corp bosses Rupert and James Murdoch said they were not told of an email.
  • Slide 5
  • WHMSabal Systems, LLC Notable .. Quotable More insiders snooping into health records, says survey Greg Masters - August 31, 2011 - Breaches into protected health information (PHI) are on the rise, and staffers are responsible for more than a third of the intrusions, a new survey has found. Alleged 'Anonymous 14' plead innocent to PayPal DDoS Angela Moscaritolo September 02, 2011 - Fourteen individuals believed to be part of the hacktivist group Anonymous plead not guilty in federal court in San Jose, Calif on Thursday to charges of participating in an attack against PayPal. Multifunction printers may threaten network security TJD, GMA News, September 06, 2011 - Office workers, beware: the Internet-ready multifunction printer (MFP) may turn out to be the weakest link in your networks security. In a talk at this summers DefCon 19 conference, researcher Deral Heiland said vulnerable devices include printers that can scan to a file, scan to email, and fax documents. Over 43,000 Yale Faculty, Staff And Students Hacked Ondrej Krehel, Business Insider, August 24, 2011 - The Ivy League school fell prey to Google hacking, also known as Google dorking, when cybercriminals use Google search functions to access data on the Internet. The practice is becoming more common. The latest victims: More than 43,000 Yale faculty, staff and students, both current and former as of 1999. Dutch Hacking Case Escalates as Man Claims Responsibility for DigiNotar Breach Staff Reporter, International Business Times, September 06, 2011 - A hacking scandal in the Netherlands has escalated, with Dutch government officials investigating whether a hacker who stole online security certificates also stole any sensitive information on Dutch citizens. Last week, DigiNotar, a government security contractor, announced that a hacker had stolen several SSL certificates, which are used to validate the authenticity of Web sites and thus to protect people from hackers impersonating legitimate sites.
  • Slide 6
  • WHMSabal Systems, LLC 16-May-15 Cyber Threat Status: Red Offshore resources are likely targeting your company IP today Origins of cyber attacks vary greatly (from crime syndicates, to national interest groups, to foreign agencies, to foreign military) Adversarys objective is to short-cut R&D dollars .. and time Data exfiltration is rarely intended to be highly visible Barriers to entry for our adversaries are extremely low Public is vaguely aware but largely ignorant of realities Attacks come in gradations of sophistication Cyber threats are of great concern to informed company management
  • Slide 7
  • WHMSabal Systems, LLC Very Real Issues Confront All Sectors Today Sonys PlayStation Network was halted for more than a week, disrupting 77 million PSN and Qriocity accounts. The company learned that hackers stole personal information about PSN users as well as more than 24 million Sony Online Entertainment user accounts. Stolen information included names, addresses, email addresses, birth dates and account credentials. The breach also included a database containing more than 12,000 non-U.S. credit and debit card numbers. Ref: SearchSecurity.com
  • Slide 8
  • WHMSabal Systems, LLC Concerned about human rights, the American Civil Liberties Union (ACLU) warned that there "is evidence that InfraGard may be closer to a corporate TIPS program, turning private-sector corporations some of which may be in a position to observe the activities of millions of individual customers into surrogate eyes and ears for the FBI". From Wikipedia But Still, Critics Abound
  • Slide 9
  • WHMSabal Systems, LLC Whos Concerned Today? Government Agencies Government Contractors & Aerospace Chemical Industry/Oil & Gas Banking and Investment Houses Transportation Providers Power Generation & Distribution Network Carriers Other Forms of Utilities High Tech, IP-Generating Firms Healthcare Concerns Emerging eBusiness Enterprises Internet Savvy Companies Referenced by DEPSECDEF William Lynn: Nasdaq Google Citibank International Monetary Fund Lockheed Martin Oil & Gas
  • Slide 10
  • WHMSabal Systems, LLC 16-May-15 DoD DIB Government Organized DoD DIB = U.S. Department of Defense, Defense Industrial Base; Critical Infrastructure Protection Comprised of largest U.S. Defense contracting firms Contractual Arrangement with the Federal Government Focus on sensitive but unclassified data Both Classified & Unclassified components of the program Focused on sharing of critical information to thwart global threats U.S. National Interest is at stake DIB Cyber Pilot with Homeland Security Practices are leading to additional Federal Acquisition Guidelines Structural changes in core information flow have been suggested Committees formed to divide into manageable working groups Challenges: International firms participating Smaller company engagement Motivate vs. Legislate
  • Slide 11
  • WHMSabal Systems, LLC Security Policy Guidelines Cyberspace has a completely different physics than any other domain. It is impossible to "take and hold" cyberspace. Cyberspace is a dynamical system that runs at super human speed. A good offense is NOT a good defense. Instead, a good defense is the ONLY defense. Throwing a better, more accurate rock in a glass house is still throwing a rock. Our systems are so permeated with problems that even an untrained child can exploit them. Divide and conquer will not work. Civilian, government, and military systems are so deeply entangled that they cannot be separated and protected distinctly. The nature of the entanglement is the people who interact with the systems. Cyber crime and cyber espionage are more important than cyber war. The (very) bad news is that shiny new cyber weaponry will be repurposed for crime and spycraft reason enough to take pause before charging ahead with offense. The good news is that fixing the broken stuff will help simultaneously combat crime, war, and espionage. Public/private partnerships pander politically but they do no real good. As it turns out, security is not a game of ops centers, information sharing, and reacting when the broken stuff is exploited. Instead, it is about building our systems to be secure, resilient, survivable. No security is perfect and problems will happen. Even if a large portion of taxpayer money and collective know-how is dedicated to the task of building better, more secure systems, mistakes will still be made and systems will still be attacked and compromised. Cyber security policy must be built on the assumption that risk cannot be completely avoided, meaning that systems must continue to function even in sub-optimal conditions. If it sounds like BS or magic, it's probably not

View more >