The Security Cauldron - MTUG Net Misuse Illicit Content Unapproved Workaround # Incidents Our...

download The Security Cauldron - MTUG Net Misuse Illicit Content Unapproved Workaround # Incidents Our employees,

of 50

  • date post

    05-Jul-2020
  • Category

    Documents

  • view

    0
  • download

    0

Embed Size (px)

Transcript of The Security Cauldron - MTUG Net Misuse Illicit Content Unapproved Workaround # Incidents Our...

  • The Security Cauldron Always Brewing,

    Ever Changing, Never Tamed

    Peter Brown, COO ALIADO IT SECURITY

    Management Consulting

    Victor Chakravarty State of Maine

    CIO Infrastructure

  • What’s Brewing Today

    • Language of Security

    •2015 in Review

    •A Look into 2016

    •What’s Stoking the Fire

    •Value of Lost Information

    •Big Guys Aren’t the Only Targets

    • Immediate Actions to Take Home

  • Definition of Information Systems Security

    Per the U.S. National Information Systems Security Glossary

    …the protection of information systems against unauthorized access to or modification of information, whether in storage, processing or transit, and against the denial of service to authorized users or the provision of service to unauthorized users, including those measures necessary to detect, document, and counter such threats.

    Three widely accepted elements of information security (mnemonic - "CIA") are:

    Confidentiality Integrity Availability

  • IT Security Language

    Incident

    Breach

    Vulnerability

    A Treat

    A Risk

    Phishing

    Spear-Phishing

    IOT

    Malware

    Ransomware

    DoS

    Bot

    Botnet

    Zombie Army

    Fultz

    Kitz

    Pre-texting email

    Data Exfiltration

    CVE

    C&C

    SCADA

  • The Simmering Pot 2015 Incidents and Breaches

  • Verizon, 2016 Data Breach Investigation Reports, Table 1, Pg. 4. www.VerizonEnterprise.com

    Industry Total Small Large Unknown

    Accommodation (72) 362 140 79 143

    Administrative (56) 44 6 3 35

    Agriculture (11) 4 1 0 3

    Construction (23) 9 0 4 5

    Educational (61) 254 16 29 209

    Entertainment (71) 2,707 18 1 2,688

    Finance (52) 1,368 29 131 1,208

    Healthcare (62) 166 21 25 120

    Information (51) 1,028 18 38 972

    Management (55) 1 0 1 0

    Manufacturing (31-33) 171 7 61 103

    Mining (21) 11 1 7 3

    Other Services (81) 17 5 3 9

    Professional (54) 916 24 9 883

    Public (92) 47,237 6 46,973 258

    Real Estate (53) 11 3 4 4

    Retail (44-45) 159 102 20 37

    Trade (42) 15 3 7 5

    Transportation (48-49) 31 1 6 24

    Utilities (22) 24 0 3 21

    Unknown 9,453 113 1 9,339

    Total 64,199 521 47,408 16,270

    INDUSTRY TOTAL SMALL LARGE UNKNOWN

    Healthcare(62) 166 21 25 120

    Information(51) 1028 18 38 972

    Number of Confirmed Incidents by Victim Industry

    http://www.verizonenterprise.com/ https://www.census.gov/cgi-bin/sssd/naics/naicsrch?chart_code=72&search=2012 NAICS Search https://www.census.gov/cgi-bin/sssd/naics/naicsrch?chart_code=56&search=2012 NAICS Search https://www.census.gov/cgi-bin/sssd/naics/naicsrch?chart_code=11&search=2012 NAICS Search https://www.census.gov/cgi-bin/sssd/naics/naicsrch?chart_code=23&search=2012 NAICS Search https://www.census.gov/cgi-bin/sssd/naics/naicsrch?chart_code=61&search=2012 NAICS Search https://www.census.gov/cgi-bin/sssd/naics/naicsrch?chart_code=71&search=2012 NAICS Search https://www.census.gov/cgi-bin/sssd/naics/naicsrch?chart_code=52&search=2012 NAICS Search https://www.census.gov/cgi-bin/sssd/naics/naicsrch?chart_code=62&search=2012 NAICS Search https://www.census.gov/cgi-bin/sssd/naics/naicsrch?chart_code=51&search=2012 NAICS Search https://www.census.gov/cgi-bin/sssd/naics/naicsrch?chart_code=55&search=2012 NAICS Search https://www.census.gov/cgi-bin/sssd/naics/naicsrch?chart_code=31&search=2012 NAICS Search https://www.census.gov/cgi-bin/sssd/naics/naicsrch?chart_code=21&search=2012 NAICS Search https://www.census.gov/cgi-bin/sssd/naics/naicsrch?chart_code=81&search=2012 NAICS Search https://www.census.gov/cgi-bin/sssd/naics/naicsrch?chart_code=54&search=2012 NAICS Search https://www.census.gov/cgi-bin/sssd/naics/naicsrch?chart_code=92&search=2012 NAICS Search https://www.census.gov/cgi-bin/sssd/naics/naicsrch?chart_code=53&search=2012 NAICS Search https://www.census.gov/cgi-bin/sssd/naics/naicsrch?chart_code=44&search=2012 NAICS Search https://www.census.gov/cgi-bin/sssd/naics/naicsrch?chart_code=42&search=2012 NAICS Search https://www.census.gov/cgi-bin/sssd/naics/naicsrch?chart_code=48&search=2012 NAICS Search https://www.census.gov/cgi-bin/sssd/naics/naicsrch?chart_code=22&search=2012 NAICS Search

  • Verizon, 2016 Data Breach Investigation Reports, Table 2, Pg. 5. www.VerizonEnterprise.com

    Industry Total Small Large Unknown

    Accommodation (72) 282 136 10 136

    Administrative (56) 18 6 2 10

    Agriculture (11) 1 0 0 1

    Construction (23) 4 0 1 3

    Educational (61) 29 3 8 18

    Entertainment (71) 38 18 1 19

    Finance (52) 795 14 94 687

    Healthcare (62) 115 18 20 77

    Information (51) 194 12 12 170

    Management (55) 0 0 0 0

    Manufacturing (31-33) 37 5 11 21

    Mining (21) 7 0 6 1

    Other Services (81) 11 5 2 4

    Professional (54) 53 10 4 39

    Public (92) 193 4 122 67

    Real Estate (53) 5 3 0 2

    Retail (44-45) 137 96 12 29

    Trade (42) 4 2 2 0

    Transportation (48-49) 15 1 3 11

    Utilities (22) 7 0 0 7

    Unknown 270 109 0 161

    Total 2,260 447 312 1501

    INDUSTRY TOTAL SMALL LARGE UNKNOWN

    Healthcare(62) 115 18 20 77

    Information(51) 194 12 12 170

    Number of Incidents with Confirmed Data Loss by Industry

    http://www.verizonenterprise.com/ https://www.census.gov/cgi-bin/sssd/naics/naicsrch?chart_code=72&search=2012 NAICS Search https://www.census.gov/cgi-bin/sssd/naics/naicsrch?chart_code=56&search=2012 NAICS Search https://www.census.gov/cgi-bin/sssd/naics/naicsrch?chart_code=11&search=2012 NAICS Search https://www.census.gov/cgi-bin/sssd/naics/naicsrch?chart_code=23&search=2012 NAICS Search https://www.census.gov/cgi-bin/sssd/naics/naicsrch?chart_code=61&search=2012 NAICS Search https://www.census.gov/cgi-bin/sssd/naics/naicsrch?chart_code=71&search=2012 NAICS Search https://www.census.gov/cgi-bin/sssd/naics/naicsrch?chart_code=52&search=2012 NAICS Search https://www.census.gov/cgi-bin/sssd/naics/naicsrch?chart_code=62&search=2012 NAICS Search https://www.census.gov/cgi-bin/sssd/naics/naicsrch?chart_code=51&search=2012 NAICS Search https://www.census.gov/cgi-bin/sssd/naics/naicsrch?chart_code=55&search=2012 NAICS Search https://www.census.gov/cgi-bin/sssd/naics/naicsrch?chart_code=31&search=2012 NAICS Search https://www.census.gov/cgi-bin/sssd/naics/naicsrch?chart_code=21&search=2012 NAICS Search https://www.census.gov/cgi-bin/sssd/naics/naicsrch?chart_code=81&search=2012 NAICS Search https://www.census.gov/cgi-bin/sssd/naics/naicsrch?chart_code=54&search=2012 NAICS Search https://www.census.gov/cgi-bin/sssd/naics/naicsrch?chart_code=92&search=2012 NAICS Search https://www.census.gov/cgi-bin/sssd/naics/naicsrch?chart_code=53&search=2012 NAICS Search https://www.census.gov/cgi-bin/sssd/naics/naicsrch?chart_code=44&search=2012 NAICS Search https://www.census.gov/cgi-bin/sssd/naics/naicsrch?chart_code=42&search=2012 NAICS Search https://www.census.gov/cgi-bin/sssd/naics/naicsrch?chart_code=22&search=2012 NAICS Search

  • Time to Compromise and Exfiltration

    0

    200

    400

    600

    800

    1000

    1200

    Seconds Minutes Hours Days Weeks Months

    Compromises n=1177 Exfiltration n=326

    Compromises Exfiltration

    7.1%

    11% 81.9%

    21.2%

    2.5% 6%

    67.8%

  • How many of you have had a breach?

  • How many of you have had a breach?

    If not, the real question to ask yourself is,

    When will I?

  • What’s Stoking the Fire

    •Data theft is a Business •Real markets • Tools to enable sales complete with upgrades • Infrastructure

    •Attackers aware of relations

    • Small organizations fall prey more often

    •80% of infections occur from well planned email campaigns- Phishing

  • What is Phishing?

    • The attempt to acquire sensitive personal data (sometimes money) by masquerading as trustworthy source in an electronic communication

    Email sent

    User clicks

    Malware dropped

    Foothold gained

  • Don’t Take the Bait- It takes seconds

    • Who is holding the Phishing pole • 89% Organized Crime

    • 9% State Affiliates

    • In a 2015 study of 9576 phishing occurrences, 916 confirmed data disclosures

    • We are becoming more aware • 2015 30% msgs opened 12% clicked & opened

    attachment

    • 2016 23% msgs opened 11% clicked & opened attachment

  • Incident Classification Patterns

    102

    247

    534

    5334

    7951

    8886

    9630

    9701

    10490

    11347

    0% 2% 4% 6% 8% 10% 12% 14% 16% 18% 20%

    PAYMENT CARD SKIMMERS

    CYBER ESPIONAGE

    POS INTRUSIONS

    WEB APP ATTACKS

    CRIMEWARE

    EVERYTHING ELSE

    DENIAL OF SERVICE

    PHYSICAL THEFT/LOSS

    PRIVILEGE MISUSE

    MISCELLANEOUS ERRORS

    Percentage and Number of Incidents n=64,199

    % of IncidentsVerizon, 2016 Data Breach Investigation Reports, Table 17 , Pg. 22. www.VerizonEnterprise.com

  • Incident Patterns by Industry- Denial of Service Greatest Impact