2012 CWAG Annual Meeting State Agency Data Breaches Loss prevention, response and remediation...
-
Upload
justina-york -
Category
Documents
-
view
218 -
download
0
Transcript of 2012 CWAG Annual Meeting State Agency Data Breaches Loss prevention, response and remediation...
![Page 1: 2012 CWAG Annual Meeting State Agency Data Breaches Loss prevention, response and remediation strategies.](https://reader036.fdocuments.net/reader036/viewer/2022062718/56649e655503460f94b600dd/html5/thumbnails/1.jpg)
![Page 2: 2012 CWAG Annual Meeting State Agency Data Breaches Loss prevention, response and remediation strategies.](https://reader036.fdocuments.net/reader036/viewer/2022062718/56649e655503460f94b600dd/html5/thumbnails/2.jpg)
2012 CWAG Annual Meeting
State Agency Data BreachesLoss prevention, response and remediation strategies
![Page 3: 2012 CWAG Annual Meeting State Agency Data Breaches Loss prevention, response and remediation strategies.](https://reader036.fdocuments.net/reader036/viewer/2022062718/56649e655503460f94b600dd/html5/thumbnails/3.jpg)
Employees
Job Seekers
Mortgagees
Identity Exploitations: 12+ years of our cases
Insured
The Scams Persist and This is Now an Industry
![Page 4: 2012 CWAG Annual Meeting State Agency Data Breaches Loss prevention, response and remediation strategies.](https://reader036.fdocuments.net/reader036/viewer/2022062718/56649e655503460f94b600dd/html5/thumbnails/4.jpg)
+ Prevention
+ Detection
+ Analysis & Response
![Page 5: 2012 CWAG Annual Meeting State Agency Data Breaches Loss prevention, response and remediation strategies.](https://reader036.fdocuments.net/reader036/viewer/2022062718/56649e655503460f94b600dd/html5/thumbnails/5.jpg)
Prevention
![Page 6: 2012 CWAG Annual Meeting State Agency Data Breaches Loss prevention, response and remediation strategies.](https://reader036.fdocuments.net/reader036/viewer/2022062718/56649e655503460f94b600dd/html5/thumbnails/6.jpg)
Data Loss Prevention: Comprehensive Approach People, Processes and Systems to Identify, Monitor and Protect Data...
+ In Use (endpoints, devices)
+ In Motion (network)
+ At Rest (storage)
![Page 7: 2012 CWAG Annual Meeting State Agency Data Breaches Loss prevention, response and remediation strategies.](https://reader036.fdocuments.net/reader036/viewer/2022062718/56649e655503460f94b600dd/html5/thumbnails/7.jpg)
Data Loss Prevention: Conduct Gap Analysis
+ Your Current Security System Versus What You Need to Have in Place
+ What Other Service Providers or Counter-Party are Points of Vulnerability?
+ What Other Data Do You Hold That Could Become Valuable?
+ What Processes (Internal and/or External) Can be Tightened Up?
![Page 8: 2012 CWAG Annual Meeting State Agency Data Breaches Loss prevention, response and remediation strategies.](https://reader036.fdocuments.net/reader036/viewer/2022062718/56649e655503460f94b600dd/html5/thumbnails/8.jpg)
Detection
![Page 9: 2012 CWAG Annual Meeting State Agency Data Breaches Loss prevention, response and remediation strategies.](https://reader036.fdocuments.net/reader036/viewer/2022062718/56649e655503460f94b600dd/html5/thumbnails/9.jpg)
![Page 10: 2012 CWAG Annual Meeting State Agency Data Breaches Loss prevention, response and remediation strategies.](https://reader036.fdocuments.net/reader036/viewer/2022062718/56649e655503460f94b600dd/html5/thumbnails/10.jpg)
Analysis
Data Theft Is Preceded by Smaller Intrusions...Catch Me if You Can
+ We Can Home In On Who Is Attacking
+ We Can Identify How Much Data Went Out
+ What Data Went Out, Where It Went
+ Stop the Bleeding
![Page 11: 2012 CWAG Annual Meeting State Agency Data Breaches Loss prevention, response and remediation strategies.](https://reader036.fdocuments.net/reader036/viewer/2022062718/56649e655503460f94b600dd/html5/thumbnails/11.jpg)
State Agency
State Agency
Supplier
![Page 12: 2012 CWAG Annual Meeting State Agency Data Breaches Loss prevention, response and remediation strategies.](https://reader036.fdocuments.net/reader036/viewer/2022062718/56649e655503460f94b600dd/html5/thumbnails/12.jpg)
Analytics: Real-time..or post-mortem
![Page 13: 2012 CWAG Annual Meeting State Agency Data Breaches Loss prevention, response and remediation strategies.](https://reader036.fdocuments.net/reader036/viewer/2022062718/56649e655503460f94b600dd/html5/thumbnails/13.jpg)
Analysis
An Incident Response Function and Plan Must be In Place
+ Discover Attack and Exfiltration
+ Identify Data Which Has Gone Out and Where It Went
+ Contain Damage
+ Eradicate Perpetrator’s Presence
+ Recover System and Data Protection in Secure Manner
+ Conduct in Forensically Sound Manner
+ Identify What Led to Intrusion to Prevent
![Page 14: 2012 CWAG Annual Meeting State Agency Data Breaches Loss prevention, response and remediation strategies.](https://reader036.fdocuments.net/reader036/viewer/2022062718/56649e655503460f94b600dd/html5/thumbnails/14.jpg)
Monitoring, Detection and Remediation Providers:
www.krollfraudsolutions.com
www.intersections.com
www.idanalytics.com
www.inguardians.com
www.mandiant.com
www.mantech.com
![Page 15: 2012 CWAG Annual Meeting State Agency Data Breaches Loss prevention, response and remediation strategies.](https://reader036.fdocuments.net/reader036/viewer/2022062718/56649e655503460f94b600dd/html5/thumbnails/15.jpg)
Self-help resource
http://www.sans.org/critical-security-controls/
+ 20 Security Controls For Effective Cyber Defense - The SANS Institute
+ Consortium-led Approach to Determining Best Practices and Most Cost Effective Security Across Government Bodies
![Page 16: 2012 CWAG Annual Meeting State Agency Data Breaches Loss prevention, response and remediation strategies.](https://reader036.fdocuments.net/reader036/viewer/2022062718/56649e655503460f94b600dd/html5/thumbnails/16.jpg)
![Page 17: 2012 CWAG Annual Meeting State Agency Data Breaches Loss prevention, response and remediation strategies.](https://reader036.fdocuments.net/reader036/viewer/2022062718/56649e655503460f94b600dd/html5/thumbnails/17.jpg)
Wireless Access Code: 9166703926