Key Tools to Combat CyberSecurity ThreatsErik J. Devine, CISORiverside Healthcare

Expectations and Disclosures

These “tools” will not guarantee you from being hacked or having a data breach

No vendors will be promoted or criticized

Please make comments, or ask questions during presentation.

Someone in this audience is having a breach right now, and probably doesn’t know it, hopefully that someone is not me…..

2016 State of Cybersecurity

Only 40% of businesses can handle simple attacks

74% of businesses expect to be affected by an attack

30% of businesses see a phishing attack at least once a day

About 25% of business don’t know that their credentials were stolen, who stole them, or how they were used

The Bad and The Good1.02 Billion Data Records were stolen in 2014

707.5 Million Data Records were stolen in 2015

867 Million Data Records stolen so far in 2016 (Jan-Aug)

This equates to 42 records stolen per second.

Cost of a record being breached?

$158 / record

Breaking the Tools Down

Breaking down Security and Privacy

ComplianceTechnology

Awareness

RelationshipStrategic Planning

Key Technology ToolsFirewalls - Create Segregation with UTM Services

Endpoint Security

Application Control (Endpoint and Edge)

Patch Management

Security Event Information Management

Email Encryption, SPAM and A/V

Full Disk Encryption

Device Management

Sandboxes / File Integrity Checking

Key Compliance ToolsUpdated Policies and Procedures, Cybersecurity Frameworks

3rd Party review of Policies, Procedures and Technology

Regulated business making sure they are up on today’s audits and reviews.

Knowing where your data is at, and who has access to it: inside and outside your organization

Risk Assessments is key

Incident Response Planning and Testing

Key Awareness ToolsInformation Security Reporting Structure

Social Engineering Tests

Yearly Tests for Employees

Community Events / Conferences

Report to Department Meetings and Key Staff Members

Key Strategic Planning ToolsSecurity Feeds from the Internet

Government Security Officials (FBI, DHS, DOD)

Peers and Social Networking

Monitor trends within your own industry and community

Learn how to fail fast

Focus on Information Technology and Workflow

Focus on other Department needs and strategies

Key Relationship ToolsCulture is everything, don’t try to change the world in 7 hours or less

Speak to key personnel (board, management, staff) in their language

Transparent Communication is key

Empower your staff and peers

Empower the employee to help you. I try have 3000+ employees act as my Security Analysts.

Any Questions, Comments, Insults, or Need For Resuscitation?