Oklahoma Chapter

Information Systems Security AssociationInformation Systems Security Association

Oklahoma Chapter, TulsaOklahoma City Chapter, OKC

Student Chapter, Okmulgee

Oklahoma Chapter, TulsaOklahoma City Chapter, OKC

Student Chapter, Okmulgee

Oklahoma Chapter

What is ISSA ?What is ISSA ?

• A not-for-profit international organization of information security professionals

• Local chapter for Tulsa’s cyber security and data protection professionals and students

• Educational forums, publications, peer interaction opportunities

• Free exchange of information security techniques, approaches and problem solving

• Education outreach to local security programs

• Frequent newsletters and podcasts

• A not-for-profit international organization of information security professionals

• Local chapter for Tulsa’s cyber security and data protection professionals and students

• Educational forums, publications, peer interaction opportunities

• Free exchange of information security techniques, approaches and problem solving

• Education outreach to local security programs

• Frequent newsletters and podcasts

2

Oklahoma Chapter

ISSA Oklahoma Chapter in TulsaISSA Oklahoma Chapter in Tulsa

• Local Tulsa meetings:– Monthly meetings to network and exchange ideas held second

Monday of each month– We support local tech events like TechFest and TechJunction– Participation in and sponsorship of regional security events:

Information Warfare Summit, October in OKC BSidesOK, coming to Tulsa in April!

• Email: info@oklahoma.issa.org• Visit http://oklahoma.issa.org for more details

• Local Tulsa meetings:– Monthly meetings to network and exchange ideas held second

Monday of each month– We support local tech events like TechFest and TechJunction– Participation in and sponsorship of regional security events:

Information Warfare Summit, October in OKC BSidesOK, coming to Tulsa in April!

• Email: info@oklahoma.issa.org• Visit http://oklahoma.issa.org for more details

3

Oklahoma Chapter

See Clearly Through the Fog of WarSee Clearly Through the Fog of War

How to better prepare for a cyber attack, respond effectively, and recovery completely.

Michael HaneyPresident, ISSA Oklahoma

How to better prepare for a cyber attack, respond effectively, and recovery completely.

Michael HaneyPresident, ISSA Oklahoma

Oklahoma Chapter

Michael HaneyMichael HaneyOver 15 years as an infosec professional

11 years as information security consultant:

1 year as Walmart Stores Digital Forensics Lab QMSANS Institute MentorCISSP, GSEC, GCIA, GCIH, GCFA, and former PCI QSA

Currently full-time Ph.D. student at TU:

Michael-Haney@utulsa.edu

Over 15 years as an infosec professional

11 years as information security consultant:

1 year as Walmart Stores Digital Forensics Lab QMSANS Institute MentorCISSP, GSEC, GCIA, GCIH, GCFA, and former PCI QSA

Currently full-time Ph.D. student at TU:

Michael-Haney@utulsa.edu

BE PREPAREDBE PREPARED

6

Oklahoma Chapter

Be PreparedBe Prepared• Quality Information Security Policies

– Disaster Recovery Plan– Incident Response Plan– Communications Plan(s)

• Awareness, Training, and Education– Appropriate for the Appropriate Level– Everyone should know the policy

• Outside Assistance: – Know who to call– Know when to call

• Exercises– Table Top Exercises– Fire Drills– Lessons Learned

• Quality Information Security Policies– Disaster Recovery Plan– Incident Response Plan– Communications Plan(s)

• Awareness, Training, and Education– Appropriate for the Appropriate Level– Everyone should know the policy

• Outside Assistance: – Know who to call– Know when to call

• Exercises– Table Top Exercises– Fire Drills– Lessons Learned

BE PREPAREDBE PREPARED

8

VULNERABILITYINTELLIGENCE

VULNERABILITYINTELLIGENCE

9

Oklahoma Chapter

Vulnerability IntelligenceVulnerability Intelligence• Inventory Management

• Configuration Management

• Patch Management

• Log Management

• Secure Code Reviews

• Vulnerability Scanning and Remediation Lifecycle

• Penetration Testing– Trusted Security Vendor– White Box and Black Box Testing

• Inventory Management

• Configuration Management

• Patch Management

• Log Management

• Secure Code Reviews

• Vulnerability Scanning and Remediation Lifecycle

• Penetration Testing– Trusted Security Vendor– White Box and Black Box Testing

11

VULNERABILITYINTELLIGENCE

VULNERABILITYINTELLIGENCE

THREATINTELLIGENCE

THREATINTELLIGENCE

12

Oklahoma Chapter

Threat IntelligenceThreat Intelligence

• Malware Outbreaks (Rogue Actors and Criminals)

• Targeted Attacks (Enemy Nations and Terrorists)

• Insider Threats, Negligent Users, Social Engineers

• Know the Stages of Attack and Compromise

• Well-tuned Intrusion Detection Systems

• HONEYPOTS!

• Time to Go Hunting– Know the threats– Know your vulnerabilities– Don’t Wait for Alerts

• Malware Outbreaks (Rogue Actors and Criminals)

• Targeted Attacks (Enemy Nations and Terrorists)

• Insider Threats, Negligent Users, Social Engineers

• Know the Stages of Attack and Compromise

• Well-tuned Intrusion Detection Systems

• HONEYPOTS!

• Time to Go Hunting– Know the threats– Know your vulnerabilities– Don’t Wait for Alerts

14

THREATINTELLIGENCE

THREATINTELLIGENCE

COLLECTIVEINTELLIGENCECOLLECTIVE

INTELLIGENCE

15

Oklahoma Chapter

Collective IntelligenceCollective Intelligence• Publicly Available Information Sources:

– Internet Storm Center: isc.sans.edu– SANS NewsBytes and @RISK– The Hacker News, Krebs On Security– Lots of good blogs out there (and some bad ones, too)

• Vendors:– Verizon Data Breach Investigations Report– Mandiant APT1 and IOC– Symantec Deep Insight

• Organizations:– FS-ISAC, ES-ISAC, MS-ISAC, REN-ISAC, etc.– CERT/CC, US-CERT, ICS-CERT– ISSA, InfraGard

• PEERS!

• READ, LEARN, and SHARE!

• Publicly Available Information Sources:– Internet Storm Center: isc.sans.edu– SANS NewsBytes and @RISK– The Hacker News, Krebs On Security– Lots of good blogs out there (and some bad ones, too)

• Vendors:– Verizon Data Breach Investigations Report– Mandiant APT1 and IOC– Symantec Deep Insight

• Organizations:– FS-ISAC, ES-ISAC, MS-ISAC, REN-ISAC, etc.– CERT/CC, US-CERT, ICS-CERT– ISSA, InfraGard

• PEERS!

• READ, LEARN, and SHARE!

17

COLLECTIVEINTELLIGENCECOLLECTIVE

INTELLIGENCE

18

PRIVACYPRIVACY

Oklahoma Chapter

PrivacyPrivacy

• Know the Law

• Know the Policies and Culture

• Share information, but do so securely

• Be cautious of increasing liability and risk

• Do the Right Thing

• Know the Law

• Know the Policies and Culture

• Share information, but do so securely

• Be cautious of increasing liability and risk

• Do the Right Thing

20

PRIVACYPRIVACY

21

COLLECTIVEINTELLIGENCECOLLECTIVE

INTELLIGENCE

22

THREATINTELLIGENCE

THREATINTELLIGENCE

23

VULNERABILITYINTELLIGENCE

VULNERABILITYINTELLIGENCE

BE PREPAREDBE PREPARED

24

Oklahoma Chapter

Thanks and Good Luck!Thanks and Good Luck!