A CISO's Guide to Cyber Liability Insurance
-
Upload
secureauth -
Category
Software
-
view
174 -
download
3
Transcript of A CISO's Guide to Cyber Liability Insurance
![Page 1: A CISO's Guide to Cyber Liability Insurance](https://reader036.fdocuments.net/reader036/viewer/2022062903/58ed1a881a28ab2b2a8b469b/html5/thumbnails/1.jpg)
A CISOs Guide to Cyber Liability InsuranceJuly 21, 2016
![Page 2: A CISO's Guide to Cyber Liability Insurance](https://reader036.fdocuments.net/reader036/viewer/2022062903/58ed1a881a28ab2b2a8b469b/html5/thumbnails/2.jpg)
2Copyright SecureAuth Corporation 2016
Today’s Speakers
Dawn-Marie HutchinsonExecutive Director, Office of the CISO
Optiv Security
Tim ArvanitesVice President, Technical Services
SecureAuth
![Page 3: A CISO's Guide to Cyber Liability Insurance](https://reader036.fdocuments.net/reader036/viewer/2022062903/58ed1a881a28ab2b2a8b469b/html5/thumbnails/3.jpg)
3Copyright SecureAuth Corporation 2016
Agenda
+ Creating Confidence; Reducing Risk: Navigating Cyber Liability Insurance – Dawn-Marie Hutchinson, Optiv
+ Mitigating Risk with Adaptive Access Control – Tim Arvanites, SecureAuth
+ Q&A
![Page 4: A CISO's Guide to Cyber Liability Insurance](https://reader036.fdocuments.net/reader036/viewer/2022062903/58ed1a881a28ab2b2a8b469b/html5/thumbnails/4.jpg)
Proprietary and Confidential. Do Not Distribute. © 2016 Optiv Inc. All Rights Reserved.
Creating Confidence; Reducing Risk
Navigating Cyber Liability Insurance
![Page 5: A CISO's Guide to Cyber Liability Insurance](https://reader036.fdocuments.net/reader036/viewer/2022062903/58ed1a881a28ab2b2a8b469b/html5/thumbnails/5.jpg)
5Copyright SecureAuth Corporation 2016
Are you Insurable?
![Page 6: A CISO's Guide to Cyber Liability Insurance](https://reader036.fdocuments.net/reader036/viewer/2022062903/58ed1a881a28ab2b2a8b469b/html5/thumbnails/6.jpg)
6Copyright SecureAuth Corporation 2016
Premiums at a premium
![Page 7: A CISO's Guide to Cyber Liability Insurance](https://reader036.fdocuments.net/reader036/viewer/2022062903/58ed1a881a28ab2b2a8b469b/html5/thumbnails/7.jpg)
7Copyright SecureAuth Corporation 2016
Economics Lesson
“One of the most important simple truths in this technological war is that you simply cannot AFFORD to prevent a successful attack.” –Tyler Wrightson
![Page 8: A CISO's Guide to Cyber Liability Insurance](https://reader036.fdocuments.net/reader036/viewer/2022062903/58ed1a881a28ab2b2a8b469b/html5/thumbnails/8.jpg)
8Copyright SecureAuth Corporation 2016
AD HOCINFRASTRUCTUREBASED
COMPLIANCEBASED
THREATBASED
RISK BASED/DATA CENTRIC BUSINESS
ALIGNEDXShortcut =
FailuretoPass
The Security JourneyBusiness Aligned Strategy: Create a security program that enables your organization by understanding the business objectives, compliance objectives, threats and material risks..
![Page 9: A CISO's Guide to Cyber Liability Insurance](https://reader036.fdocuments.net/reader036/viewer/2022062903/58ed1a881a28ab2b2a8b469b/html5/thumbnails/9.jpg)
9Copyright SecureAuth Corporation 2016
System security
Network security
Endpoint security
Data security
Security management
User security
Application security
Secure infrastructure
![Page 10: A CISO's Guide to Cyber Liability Insurance](https://reader036.fdocuments.net/reader036/viewer/2022062903/58ed1a881a28ab2b2a8b469b/html5/thumbnails/10.jpg)
10Copyright SecureAuth Corporation 2016
The 5 Key Questions of Cyber Liability Insurance+ If a breach were to occur, what quantifiable direct impact would it have on
business, customers and the supply chain?
+ Is there an established framework the insurance provider uses to assess security readiness?
+ What does the provider expect you to do to qualify for a suitable policy?
+ Will they be satisfied with the documentation you provide or will they require a thorough audit of policies and practices?
+ Who will you engage in the conversation to reduce cost and manage risk?
![Page 11: A CISO's Guide to Cyber Liability Insurance](https://reader036.fdocuments.net/reader036/viewer/2022062903/58ed1a881a28ab2b2a8b469b/html5/thumbnails/11.jpg)
11Copyright SecureAuth Corporation 2016
The 5 Key Post Breach Activities
+ If a breach were to occur, do you know what the coverage levels and limits are?
+ Are you following an established program for responding to an incident?
+ What does the provider expect you to do to upon identification of an incident?
+ Will they be satisfied with the documentation you provide or will they require a third party assessment?
+ Who will you engage to manage the incident?
![Page 12: A CISO's Guide to Cyber Liability Insurance](https://reader036.fdocuments.net/reader036/viewer/2022062903/58ed1a881a28ab2b2a8b469b/html5/thumbnails/12.jpg)
12Copyright SecureAuth Corporation 2016
![Page 13: A CISO's Guide to Cyber Liability Insurance](https://reader036.fdocuments.net/reader036/viewer/2022062903/58ed1a881a28ab2b2a8b469b/html5/thumbnails/13.jpg)
Mitigating Risk with Adaptive Access Control Tim Arvanites, VP of Technical Services, SecureAuth
![Page 14: A CISO's Guide to Cyber Liability Insurance](https://reader036.fdocuments.net/reader036/viewer/2022062903/58ed1a881a28ab2b2a8b469b/html5/thumbnails/14.jpg)
14Copyright SecureAuth Corporation 2016
Data Breaches: A Global Epidemic
781 publicly reported data breaches in 2015Billion+ identities compromised
![Page 15: A CISO's Guide to Cyber Liability Insurance](https://reader036.fdocuments.net/reader036/viewer/2022062903/58ed1a881a28ab2b2a8b469b/html5/thumbnails/15.jpg)
15Copyright SecureAuth Corporation 2016
Anatomy of a Data Breach
Initial Penetration
EstablishFoothold
EscalatePrivileges
CompleteMission
LateralMovement
Majority of the breaches in the enterprises start with social engineering and phishing
Intruders gained access through a Citrix remote access portal set up for use by employees. {Home Depot Breach}
"The hackers acquired elevated rights that allowed them to navigate portions of Home Depot's network and to deploy unique, custom built malware on its self check out systems in the U.S. and Canada.” – eWeek
![Page 16: A CISO's Guide to Cyber Liability Insurance](https://reader036.fdocuments.net/reader036/viewer/2022062903/58ed1a881a28ab2b2a8b469b/html5/thumbnails/16.jpg)
16Copyright SecureAuth Corporation 2016
Why Adaptive Access Control to Mitigate Risk?+ Traditional security infrastructures are routinely circumvented
– Billions spent annually on Endpoint and Network security, yet breaches persist
+ Both the FBI & White House’s under the new Cybersecurity National Action Plan recommend the use of multi-factor authentication.
+ The right level of security controls can help reduce your Cyber Liability Insurance premium and strengthen your security posture.
![Page 17: A CISO's Guide to Cyber Liability Insurance](https://reader036.fdocuments.net/reader036/viewer/2022062903/58ed1a881a28ab2b2a8b469b/html5/thumbnails/17.jpg)
17Copyright SecureAuth Corporation 2016
Why SecureAuth?
SecureAuth acts as a central authentication point, controlling access to all on-premises and cloud-based applications:
Pre-authentication capabilities protect
against APT and prevent unauthorized
users from gaining access to your critical
networks and applications.
Continuous authentication provides
early detection and insight into your overall
network and application traffic.
Flexible workflows allow you to quickly
respond to attacks by leveraging step-up
authentication during a major security incident.
![Page 18: A CISO's Guide to Cyber Liability Insurance](https://reader036.fdocuments.net/reader036/viewer/2022062903/58ed1a881a28ab2b2a8b469b/html5/thumbnails/18.jpg)
18Copyright SecureAuth Corporation 2016
Risk LayersDynamic Adaptive Authentication
• Layered Risk Analysis = Stronger Security
• No User Experience Impact
• Only present multi-factor authentication when needed
Device Recognition
Threat Service
Directory Lookup
Geo-Location
Geo-Velocity
Behavioral Biometrics
![Page 19: A CISO's Guide to Cyber Liability Insurance](https://reader036.fdocuments.net/reader036/viewer/2022062903/58ed1a881a28ab2b2a8b469b/html5/thumbnails/19.jpg)
19Copyright SecureAuth Corporation 2016
Device Recognition
+ First time authentication: register the endpoint device+ Subsequent authentications: validate the endpoint device+ Device recognition can include:
– web browser configuration – device IP address
– language – screen resolution
– installed fonts – browser cookies settings
– browser plugin – time zone
![Page 20: A CISO's Guide to Cyber Liability Insurance](https://reader036.fdocuments.net/reader036/viewer/2022062903/58ed1a881a28ab2b2a8b469b/html5/thumbnails/20.jpg)
20Copyright SecureAuth Corporation 2016
IP Reputation Data
![Page 21: A CISO's Guide to Cyber Liability Insurance](https://reader036.fdocuments.net/reader036/viewer/2022062903/58ed1a881a28ab2b2a8b469b/html5/thumbnails/21.jpg)
21Copyright SecureAuth Corporation 2016
Identity Store Lookup
+ Compare and filter based on information in the store+ Can be based on any attribute of the user
![Page 22: A CISO's Guide to Cyber Liability Insurance](https://reader036.fdocuments.net/reader036/viewer/2022062903/58ed1a881a28ab2b2a8b469b/html5/thumbnails/22.jpg)
22Copyright SecureAuth Corporation 2016
Geo-Location
+ Compare the users current geographic location against good or bad locations
![Page 23: A CISO's Guide to Cyber Liability Insurance](https://reader036.fdocuments.net/reader036/viewer/2022062903/58ed1a881a28ab2b2a8b469b/html5/thumbnails/23.jpg)
23Copyright SecureAuth Corporation 2016
Geo-Velocity
+ Compare current location and login history to determine whether an improbable travel event has occurred
![Page 24: A CISO's Guide to Cyber Liability Insurance](https://reader036.fdocuments.net/reader036/viewer/2022062903/58ed1a881a28ab2b2a8b469b/html5/thumbnails/24.jpg)
24Copyright SecureAuth Corporation 2016
+ Analyze behavior that can be used to verify a person+ Gather and store characteristics about the way the user
interacts with a device such as:– Keystroke dynamics– Mouse movements– Gesture patterns– Motion patterns
Behavioral Biometrics
![Page 25: A CISO's Guide to Cyber Liability Insurance](https://reader036.fdocuments.net/reader036/viewer/2022062903/58ed1a881a28ab2b2a8b469b/html5/thumbnails/25.jpg)
25Copyright SecureAuth Corporation 2016
Cyber Crime
Hacktivism
Anonymous Proxy
Advanced Persistent Threat (APT)
SecureAuth Threat Service
Threat Intelligence
Threat Information
Black/White Lists
Threat ServiceCombining Threat Intelligence & Threat Information for Best-in-Class Security
![Page 26: A CISO's Guide to Cyber Liability Insurance](https://reader036.fdocuments.net/reader036/viewer/2022062903/58ed1a881a28ab2b2a8b469b/html5/thumbnails/26.jpg)
26Copyright SecureAuth Corporation 2016
Putting it all together
Device Recognition
IP Reputation
Identity Store Lookup
Geo-Location
Geo-Velocity
Behavioral Biometrics
Threat Service
Device RecognitionDecision
Allow Access
Require MFA
Redirect
Deny AccessUser
Pre-Auth Analysis
![Page 27: A CISO's Guide to Cyber Liability Insurance](https://reader036.fdocuments.net/reader036/viewer/2022062903/58ed1a881a28ab2b2a8b469b/html5/thumbnails/27.jpg)
27Copyright SecureAuth Corporation 2016
In Summary
+ Cyber Liability Insurance is no substitute for good security and practices
– Write and put in place a data breach response plan– Conduct an external penetration test to highlight potential
areas to address– Keep all your systems and software patched up.– Have adaptive access controls in place that can reduce your
Cyber Insurance premium and strengthen your security posture.
![Page 28: A CISO's Guide to Cyber Liability Insurance](https://reader036.fdocuments.net/reader036/viewer/2022062903/58ed1a881a28ab2b2a8b469b/html5/thumbnails/28.jpg)
Q&A