Welcome and Opening Remarks Michael Watson...National Cybersecurity Awareness Month National Cyber...
Transcript of Welcome and Opening Remarks Michael Watson...National Cybersecurity Awareness Month National Cyber...
![Page 1: Welcome and Opening Remarks Michael Watson...National Cybersecurity Awareness Month National Cyber Security Awareness Month is observed every October. It was created as an effort between](https://reader034.fdocuments.net/reader034/viewer/2022042408/5f24354649fef85cfa7e2b34/html5/thumbnails/1.jpg)
1
Welcome and Opening Remarks
Michael Watson
September 26, 2018
www.vita.virginia.gov 1
![Page 2: Welcome and Opening Remarks Michael Watson...National Cybersecurity Awareness Month National Cyber Security Awareness Month is observed every October. It was created as an effort between](https://reader034.fdocuments.net/reader034/viewer/2022042408/5f24354649fef85cfa7e2b34/html5/thumbnails/2.jpg)
2
ISOAG September 26, 2018
I. Welcome & Opening Remarks Mike Watson, VITA
II. Cyber Threat Trends Jayne Holland, NIC
III. VSP Cybersecurity Update Eric Gowan, VSP
IV. Upcoming Events Mike Watson, VITA
V. Partnership Updates SAIC
![Page 3: Welcome and Opening Remarks Michael Watson...National Cybersecurity Awareness Month National Cyber Security Awareness Month is observed every October. It was created as an effort between](https://reader034.fdocuments.net/reader034/viewer/2022042408/5f24354649fef85cfa7e2b34/html5/thumbnails/3.jpg)
3
CYBER THREAT TRENDS
JAYNE FRIEDLAND HOLLAND, CHIEF SECURITY OFFICER
SEPTEMBER 26, 2018
![Page 4: Welcome and Opening Remarks Michael Watson...National Cybersecurity Awareness Month National Cyber Security Awareness Month is observed every October. It was created as an effort between](https://reader034.fdocuments.net/reader034/viewer/2022042408/5f24354649fef85cfa7e2b34/html5/thumbnails/4.jpg)
4
SECTION HEADLINE
4
Cyber Threat Trends
Overview
• Speaker Background/Bio
• Current and Emerging Security Trends
• Threat Categories
• Events, Vulnerabilities and Actors
• Threat Intelligence
• Most Common Tactics, Techniques and Procedures
(TTPs) & Mitigating Actions
• Other Trends – Legal Update
![Page 5: Welcome and Opening Remarks Michael Watson...National Cybersecurity Awareness Month National Cyber Security Awareness Month is observed every October. It was created as an effort between](https://reader034.fdocuments.net/reader034/viewer/2022042408/5f24354649fef85cfa7e2b34/html5/thumbnails/5.jpg)
5
![Page 6: Welcome and Opening Remarks Michael Watson...National Cybersecurity Awareness Month National Cyber Security Awareness Month is observed every October. It was created as an effort between](https://reader034.fdocuments.net/reader034/viewer/2022042408/5f24354649fef85cfa7e2b34/html5/thumbnails/6.jpg)
6
SECTION HEADLINE
6
● Chief Security Officer
● Member of NIC’s Executive Leadership Team
● Certified PCI Internal Security Assessor (PCI ISA)
and practicing attorney
● Manages the legal, policy and technology practices
related to security
● NIC provides 13,000+ digital government services
● NIC serves more than 5,500 federal, state and local
agencies
● 220 million online transactions completed using NIC
services = $20 billion securely processed annually
Jayne Friedland Holland
Speaker Background / Bio
![Page 7: Welcome and Opening Remarks Michael Watson...National Cybersecurity Awareness Month National Cyber Security Awareness Month is observed every October. It was created as an effort between](https://reader034.fdocuments.net/reader034/viewer/2022042408/5f24354649fef85cfa7e2b34/html5/thumbnails/7.jpg)
7
![Page 8: Welcome and Opening Remarks Michael Watson...National Cybersecurity Awareness Month National Cyber Security Awareness Month is observed every October. It was created as an effort between](https://reader034.fdocuments.net/reader034/viewer/2022042408/5f24354649fef85cfa7e2b34/html5/thumbnails/8.jpg)
8
SECTION HEADLINE
Trends in Security
Publicly available citizen data will present
challenges for digital services
Activism and political demonstrations will tend
to have a cyber component
Attacks will continue to be cheaper and easier to do
Growing complexity of solutions will challenge
security teams
1
3
2
4
Top Trends
![Page 9: Welcome and Opening Remarks Michael Watson...National Cybersecurity Awareness Month National Cyber Security Awareness Month is observed every October. It was created as an effort between](https://reader034.fdocuments.net/reader034/viewer/2022042408/5f24354649fef85cfa7e2b34/html5/thumbnails/9.jpg)
9
Publicly available citizen data will
present challenges for digital
services
o Total Records Compromised
o Value of a Data Record
Trends in Security
1
![Page 10: Welcome and Opening Remarks Michael Watson...National Cybersecurity Awareness Month National Cyber Security Awareness Month is observed every October. It was created as an effort between](https://reader034.fdocuments.net/reader034/viewer/2022042408/5f24354649fef85cfa7e2b34/html5/thumbnails/10.jpg)
10
2.6 Billion
Total Records Compromised in
2017
• Equifax – 147.7 million records
• River City Media – 1.34 billion email addresses
• Deep Root Analytics – 198 million records
• Alteryx – 120 million records
• Center for Election Systems at Kennesaw State University – 7.5 million records
Trends in Security
https://www.darkreading.com/attacks-breaches/26-billion-plus-data-records-breached-last-year/d/d-id/1331514
Total Records Compromised
![Page 11: Welcome and Opening Remarks Michael Watson...National Cybersecurity Awareness Month National Cyber Security Awareness Month is observed every October. It was created as an effort between](https://reader034.fdocuments.net/reader034/viewer/2022042408/5f24354649fef85cfa7e2b34/html5/thumbnails/11.jpg)
11
$15.00
$0.25
$0.10
$1,000.00
$- $200.00 $400.00 $600.00 $800.00 $1,000.00 $1,200.00
Credentials
Credit Card Data
Social Security Number
Medical Record
Value ($) / record Value ($) / record
https://www.forbes.com/sites/mariyayao/2017/04/14/
your-electronic-medical-records-can-be-worth-1000-to-hackers/
Trends in Security
Value of Data Record
![Page 12: Welcome and Opening Remarks Michael Watson...National Cybersecurity Awareness Month National Cyber Security Awareness Month is observed every October. It was created as an effort between](https://reader034.fdocuments.net/reader034/viewer/2022042408/5f24354649fef85cfa7e2b34/html5/thumbnails/12.jpg)
12
Attacks will become cheaper and
easier
• Cyberweapons
• Cheaper than a cup of coffee
• Dark Market – Cyberservices
Market as a Service
Trends in Security
2
![Page 13: Welcome and Opening Remarks Michael Watson...National Cybersecurity Awareness Month National Cyber Security Awareness Month is observed every October. It was created as an effort between](https://reader034.fdocuments.net/reader034/viewer/2022042408/5f24354649fef85cfa7e2b34/html5/thumbnails/13.jpg)
13
• Cyber Warfare is real and out in the open now.
• Toolkits are common place and utilized by any entity
with medium/high skills.
• Anyone can use a point and click service to deliver an
attack.
Trends in Security
Cyberweapons
![Page 14: Welcome and Opening Remarks Michael Watson...National Cybersecurity Awareness Month National Cyber Security Awareness Month is observed every October. It was created as an effort between](https://reader034.fdocuments.net/reader034/viewer/2022042408/5f24354649fef85cfa7e2b34/html5/thumbnails/14.jpg)
14
Dark Web Pricelist
Trends in Security
http://www.itsecurityguru.org/2018/08/03/wannabe-fraudsters-can-buy-
hacking-tools-dark-web-cost-cup-coffee/
Cheaper Than Coffee
![Page 15: Welcome and Opening Remarks Michael Watson...National Cybersecurity Awareness Month National Cyber Security Awareness Month is observed every October. It was created as an effort between](https://reader034.fdocuments.net/reader034/viewer/2022042408/5f24354649fef85cfa7e2b34/html5/thumbnails/15.jpg)
15
• Malware
(ransomware, miners)
• Exploits
(known and zero-days)
• Data
(personal, accounting, etc.)
• Access
(web shells, passwords, etc.)
Trends in Security
https://www.ptsecurity.com/ww-
en/analytics/293975/
Dark Market – as a Service
![Page 16: Welcome and Opening Remarks Michael Watson...National Cybersecurity Awareness Month National Cyber Security Awareness Month is observed every October. It was created as an effort between](https://reader034.fdocuments.net/reader034/viewer/2022042408/5f24354649fef85cfa7e2b34/html5/thumbnails/16.jpg)
16
Activism and political
demonstrations will tend to have
a cyber component
•Historical Events
•Midterm Campaign Hacks
Trends in Security
3
![Page 17: Welcome and Opening Remarks Michael Watson...National Cybersecurity Awareness Month National Cyber Security Awareness Month is observed every October. It was created as an effort between](https://reader034.fdocuments.net/reader034/viewer/2022042408/5f24354649fef85cfa7e2b34/html5/thumbnails/17.jpg)
17
• Indiana Religious Freedom Bill
•West Virginia Elk River Chemical Spill
Trends in Security
Historical Events
![Page 18: Welcome and Opening Remarks Michael Watson...National Cybersecurity Awareness Month National Cyber Security Awareness Month is observed every October. It was created as an effort between](https://reader034.fdocuments.net/reader034/viewer/2022042408/5f24354649fef85cfa7e2b34/html5/thumbnails/18.jpg)
18
• Website impersonating Microsoft
• Three candidates targeted
• Method was phishing emails
• Origination point is unknown
Trends in Security
https://www.politico.com/story/2018/07/19/midterm-campaign-hacking-
microsoft-733256
Midterm Campaign Hacks
![Page 19: Welcome and Opening Remarks Michael Watson...National Cybersecurity Awareness Month National Cyber Security Awareness Month is observed every October. It was created as an effort between](https://reader034.fdocuments.net/reader034/viewer/2022042408/5f24354649fef85cfa7e2b34/html5/thumbnails/19.jpg)
19
Trends in Security
Growing complexity of solutions
will challenge security teams 4
![Page 20: Welcome and Opening Remarks Michael Watson...National Cybersecurity Awareness Month National Cyber Security Awareness Month is observed every October. It was created as an effort between](https://reader034.fdocuments.net/reader034/viewer/2022042408/5f24354649fef85cfa7e2b34/html5/thumbnails/20.jpg)
20
SECTION HEADLINE
Trends in Security
Big Data
Mobile
Social Media
Cloud Computing
Internet of Things
Growing Complexity
Artificial Intelligence /
Machine Learning
![Page 21: Welcome and Opening Remarks Michael Watson...National Cybersecurity Awareness Month National Cyber Security Awareness Month is observed every October. It was created as an effort between](https://reader034.fdocuments.net/reader034/viewer/2022042408/5f24354649fef85cfa7e2b34/html5/thumbnails/21.jpg)
21
Trends in Security
• The threat landscape is deep and
constantly changing.
• Avoid overcommitting on nascent
technologies and better manage
descending threats to adapt earlier.
• 100% of large enterprises will be
asked to report to Board on
cybersecurity and technology risk.
The Future Landscape
20-30 Billion
connected things will be in use by 2020
- Gardner, IDC
![Page 22: Welcome and Opening Remarks Michael Watson...National Cybersecurity Awareness Month National Cyber Security Awareness Month is observed every October. It was created as an effort between](https://reader034.fdocuments.net/reader034/viewer/2022042408/5f24354649fef85cfa7e2b34/html5/thumbnails/22.jpg)
22
![Page 23: Welcome and Opening Remarks Michael Watson...National Cybersecurity Awareness Month National Cyber Security Awareness Month is observed every October. It was created as an effort between](https://reader034.fdocuments.net/reader034/viewer/2022042408/5f24354649fef85cfa7e2b34/html5/thumbnails/23.jpg)
23
Threat Categories
Events
Vulnerabilities
Actors
Threats
![Page 24: Welcome and Opening Remarks Michael Watson...National Cybersecurity Awareness Month National Cyber Security Awareness Month is observed every October. It was created as an effort between](https://reader034.fdocuments.net/reader034/viewer/2022042408/5f24354649fef85cfa7e2b34/html5/thumbnails/24.jpg)
24
SECTION HEADLINE
24
Activities that occur (scheduled or
otherwise) with the potential to evoke
negative emotions.
Threat Categories: Events
Events
![Page 25: Welcome and Opening Remarks Michael Watson...National Cybersecurity Awareness Month National Cyber Security Awareness Month is observed every October. It was created as an effort between](https://reader034.fdocuments.net/reader034/viewer/2022042408/5f24354649fef85cfa7e2b34/html5/thumbnails/25.jpg)
25
SECTION HEADLINE
25
Conducting cyber attacks as a platform
for delivering your message
Threat Categories: Events
Hacktivism
![Page 26: Welcome and Opening Remarks Michael Watson...National Cybersecurity Awareness Month National Cyber Security Awareness Month is observed every October. It was created as an effort between](https://reader034.fdocuments.net/reader034/viewer/2022042408/5f24354649fef85cfa7e2b34/html5/thumbnails/26.jpg)
26
Indiana passed legislation which was interpreted as
allowing legal discrimination against the LGBT
community.
DDoS attacks launched against Indiana website in
protest of legislation.
Threat Categories: Events
Legislation
![Page 27: Welcome and Opening Remarks Michael Watson...National Cybersecurity Awareness Month National Cyber Security Awareness Month is observed every October. It was created as an effort between](https://reader034.fdocuments.net/reader034/viewer/2022042408/5f24354649fef85cfa7e2b34/html5/thumbnails/27.jpg)
27
SECTION HEADLINE
27
Identified as targets for not explicitly
making the act of zoophilia illegal.
states 11
Term: Zoophilia
Don’t “Google” that term!
Threat Categories: Events
Lack of Legislation
![Page 28: Welcome and Opening Remarks Michael Watson...National Cybersecurity Awareness Month National Cyber Security Awareness Month is observed every October. It was created as an effort between](https://reader034.fdocuments.net/reader034/viewer/2022042408/5f24354649fef85cfa7e2b34/html5/thumbnails/28.jpg)
28
DDoS attacks launched against Texas
websites in protest of comments made or viewpoints
expressed during the process.
At one point in the 2016 primary
cycle, five of the Republican
candidates were from Texas.
Threat Categories: Events
Presidential Primaries
![Page 29: Welcome and Opening Remarks Michael Watson...National Cybersecurity Awareness Month National Cyber Security Awareness Month is observed every October. It was created as an effort between](https://reader034.fdocuments.net/reader034/viewer/2022042408/5f24354649fef85cfa7e2b34/html5/thumbnails/29.jpg)
29
SECTION HEADLINE
29
Weaknesses which can be exploited by
an actor to perform unauthorized access
within a system.
Threat Categories: Vulnerabilities
Vulnerabilities
![Page 30: Welcome and Opening Remarks Michael Watson...National Cybersecurity Awareness Month National Cyber Security Awareness Month is observed every October. It was created as an effort between](https://reader034.fdocuments.net/reader034/viewer/2022042408/5f24354649fef85cfa7e2b34/html5/thumbnails/30.jpg)
30
Adobe and Microsoft are exploited much closer to the
announcement than other products like Apple and Mozilla.
Most successful attacks happen because of a failure of
cyber hygiene (patching).
1/2 Half of all exploitations happen between 10 and
100 days after the vulnerability announcement,
with the median around 30 days. (trending
downward)
Threat Categories: Vulnerabilities
Vulnerabilities
![Page 31: Welcome and Opening Remarks Michael Watson...National Cybersecurity Awareness Month National Cyber Security Awareness Month is observed every October. It was created as an effort between](https://reader034.fdocuments.net/reader034/viewer/2022042408/5f24354649fef85cfa7e2b34/html5/thumbnails/31.jpg)
31
Threat Categories: Vulnerabilities
From Checkpoint Cyber Attack Trends mid-year 2018 report
Vulnerabilities
99% of attacks observed in
2018 attempted to exploit vulnerabilities
from 2017 or older
![Page 32: Welcome and Opening Remarks Michael Watson...National Cybersecurity Awareness Month National Cyber Security Awareness Month is observed every October. It was created as an effort between](https://reader034.fdocuments.net/reader034/viewer/2022042408/5f24354649fef85cfa7e2b34/html5/thumbnails/32.jpg)
32
SECTION HEADLINE
32
Individuals or groups who use specific Tactics, Techniques
and Procedures (TTPs) to conduct their attacks.
Hackers / hacktivists
Criminals / organized crime
Nation states
Competitors
Employees / insiders / third parties
We can’t defend against actors, but we can defend against
TTPs.
Actors
Threat Categories: Actors
![Page 33: Welcome and Opening Remarks Michael Watson...National Cybersecurity Awareness Month National Cyber Security Awareness Month is observed every October. It was created as an effort between](https://reader034.fdocuments.net/reader034/viewer/2022042408/5f24354649fef85cfa7e2b34/html5/thumbnails/33.jpg)
33
SECTION HEADLINE
33
Identifying events, vulnerabilities and
actors that might negatively impact your
organization.
Threat Categories: Threat Intelligence
Threat Intelligence
31
SECTION HEADLINE
31
Identifying events, vulnerabilities and
actors that might negatively impact your
organization.
Threat Cat eg o r ies: Threat In t e l l ig ence
Threat Intelligence
![Page 34: Welcome and Opening Remarks Michael Watson...National Cybersecurity Awareness Month National Cyber Security Awareness Month is observed every October. It was created as an effort between](https://reader034.fdocuments.net/reader034/viewer/2022042408/5f24354649fef85cfa7e2b34/html5/thumbnails/34.jpg)
34
https://www.threatq.com/threat-intelligence/
Analysis
Threat Categories: Threat Intelligence
![Page 35: Welcome and Opening Remarks Michael Watson...National Cybersecurity Awareness Month National Cyber Security Awareness Month is observed every October. It was created as an effort between](https://reader034.fdocuments.net/reader034/viewer/2022042408/5f24354649fef85cfa7e2b34/html5/thumbnails/35.jpg)
35
100% likelihood
THREAT: Commonly available malware is more able
to evade traditional anti-virus than anti-virus is able to
detect malware.
Threat Categories: Threat Intelligence
Ransomware
IMPACT: San Francisco Light Rail (3 days of free rides)
Hancock Health (disruption, $55K ransom),
City of Atlanta (disruption, costly remediation)
![Page 36: Welcome and Opening Remarks Michael Watson...National Cybersecurity Awareness Month National Cyber Security Awareness Month is observed every October. It was created as an effort between](https://reader034.fdocuments.net/reader034/viewer/2022042408/5f24354649fef85cfa7e2b34/html5/thumbnails/36.jpg)
36
![Page 37: Welcome and Opening Remarks Michael Watson...National Cybersecurity Awareness Month National Cyber Security Awareness Month is observed every October. It was created as an effort between](https://reader034.fdocuments.net/reader034/viewer/2022042408/5f24354649fef85cfa7e2b34/html5/thumbnails/37.jpg)
37
SECTION HEADLINE
Most Common TTPs
DDoS Attacks
Application Weaknesses
Social Engineering / Phishing
Stolen Credentials / Identities
Ransomware & Extortion $$
Most Common TTPs
![Page 38: Welcome and Opening Remarks Michael Watson...National Cybersecurity Awareness Month National Cyber Security Awareness Month is observed every October. It was created as an effort between](https://reader034.fdocuments.net/reader034/viewer/2022042408/5f24354649fef85cfa7e2b34/html5/thumbnails/38.jpg)
38
Most Common TTPs
•16% increase in DDoS attacks since last year
•February 2018 – Github’s code hosting website
hit with largest DDoS attack
•Highest volume recorded at 1.35Tbps that’s
fast!!
DDoS Attacks (Distributed Denial of Service)
![Page 39: Welcome and Opening Remarks Michael Watson...National Cybersecurity Awareness Month National Cyber Security Awareness Month is observed every October. It was created as an effort between](https://reader034.fdocuments.net/reader034/viewer/2022042408/5f24354649fef85cfa7e2b34/html5/thumbnails/39.jpg)
39
SECTION HEADLINE
Most Common TTPs
• Proactive Subscription
• Upstream ISP
• Third Party Service or Appliance
• Cloud SaaS also available
Mitigating DDoS Attacks
![Page 40: Welcome and Opening Remarks Michael Watson...National Cybersecurity Awareness Month National Cyber Security Awareness Month is observed every October. It was created as an effort between](https://reader034.fdocuments.net/reader034/viewer/2022042408/5f24354649fef85cfa7e2b34/html5/thumbnails/40.jpg)
40
Most Common TTPs
Attackers target:
• Interactions with databases (SQLi)
• Presentation of data (XSS)
• Permissions (business logic)
Objective: To reach data protected by
the application
Application Weaknesses
![Page 41: Welcome and Opening Remarks Michael Watson...National Cybersecurity Awareness Month National Cyber Security Awareness Month is observed every October. It was created as an effort between](https://reader034.fdocuments.net/reader034/viewer/2022042408/5f24354649fef85cfa7e2b34/html5/thumbnails/41.jpg)
41
Most Common TTPs
Mitigating Application Security
Weaknesses
• IMPLEMENT secure coding best practices.
• MAKE security requirements part of project initiation;
and security testing part of success criteria.
• CONDUCT periodic penetration testing.
• HAVE a solid application patch management
program/process in place.
• DEPLOY a web application firewall (WAF).
![Page 42: Welcome and Opening Remarks Michael Watson...National Cybersecurity Awareness Month National Cyber Security Awareness Month is observed every October. It was created as an effort between](https://reader034.fdocuments.net/reader034/viewer/2022042408/5f24354649fef85cfa7e2b34/html5/thumbnails/42.jpg)
42
Most Common TTPs
Email phishing attacks wire fraud, ransomware
Telephone scams
Social media scams
Social Engineering / Phishing
![Page 43: Welcome and Opening Remarks Michael Watson...National Cybersecurity Awareness Month National Cyber Security Awareness Month is observed every October. It was created as an effort between](https://reader034.fdocuments.net/reader034/viewer/2022042408/5f24354649fef85cfa7e2b34/html5/thumbnails/43.jpg)
43
Most Common TTPs
Tips for Educating Employees:
Trust no one!
Don’t reply to the email or do anything to fulfill the request.
Confirm if the request is legitimate.
Contact appropriate security personnel if you need confirmation
the email or attachment is “safe”.
Follow the protocol for escalation.
Employees should be reminded not to send sensitive information
over emails or chats.
Install and maintain anti-malware software (next-gen AV).
Mitigating Social Engineering • Provide employee Security Awareness Training
![Page 44: Welcome and Opening Remarks Michael Watson...National Cybersecurity Awareness Month National Cyber Security Awareness Month is observed every October. It was created as an effort between](https://reader034.fdocuments.net/reader034/viewer/2022042408/5f24354649fef85cfa7e2b34/html5/thumbnails/44.jpg)
44
Most Common TTPs
• Social engineering used to steal credentials
and identities
• Stolen credentials and identities then
leveraged to cause a breach of an entity’s
network
• Examples: Reddit.com breach
Cici’s Pizza breach
Stolen Credentials / Identities
![Page 45: Welcome and Opening Remarks Michael Watson...National Cybersecurity Awareness Month National Cyber Security Awareness Month is observed every October. It was created as an effort between](https://reader034.fdocuments.net/reader034/viewer/2022042408/5f24354649fef85cfa7e2b34/html5/thumbnails/45.jpg)
45
Most Common TTPs
• Greater assurance of the identity behind the
credentials being used
• Consider multi-factor authentication technologies
• Something you know (password)
• Something you have (token)
• Something you are (biometric)
• Consider removing passwords altogether
• One-time login URLs delivered to registered emails
• Maintain strong permissions and user access controls
Mitigating Stolen Credentials
![Page 46: Welcome and Opening Remarks Michael Watson...National Cybersecurity Awareness Month National Cyber Security Awareness Month is observed every October. It was created as an effort between](https://reader034.fdocuments.net/reader034/viewer/2022042408/5f24354649fef85cfa7e2b34/html5/thumbnails/46.jpg)
46
Most Common TTPs
• Malware that restricts access to infected system and
perpetrator demands ransom to remove restrictions
• 1.5 million phishing websites created each month
• Phishing attempts have grown by 65%
• 30% are opened by users
• 12% click on links or attachments
• 95% of all attacks on enterprise networks are the
result of successful phishing
Ransomware & Extortion
![Page 47: Welcome and Opening Remarks Michael Watson...National Cybersecurity Awareness Month National Cyber Security Awareness Month is observed every October. It was created as an effort between](https://reader034.fdocuments.net/reader034/viewer/2022042408/5f24354649fef85cfa7e2b34/html5/thumbnails/47.jpg)
47
Most Common TTPs
• IMPLEMENT a comprehensive patch management
program for all endpoints.
• DEPLOY Next-Gen Antivirus (zero day threat
detection).
• MAINTAIN backups of data on endpoints that
includes multiple revisions of the files.
• UNDERSTAND your organization’s stance on paying
a ransom.
Mitigating Ransomware & Extortion
![Page 48: Welcome and Opening Remarks Michael Watson...National Cybersecurity Awareness Month National Cyber Security Awareness Month is observed every October. It was created as an effort between](https://reader034.fdocuments.net/reader034/viewer/2022042408/5f24354649fef85cfa7e2b34/html5/thumbnails/48.jpg)
48
OTHER TRENDS
![Page 49: Welcome and Opening Remarks Michael Watson...National Cybersecurity Awareness Month National Cyber Security Awareness Month is observed every October. It was created as an effort between](https://reader034.fdocuments.net/reader034/viewer/2022042408/5f24354649fef85cfa7e2b34/html5/thumbnails/49.jpg)
49
SECTION HEADLINE
49
• Big privacy and consumer protection focus
Other Trends
Legal Update
California Privacy Protection Act (CPPA)
State Data Breach Notification Statutes
![Page 50: Welcome and Opening Remarks Michael Watson...National Cybersecurity Awareness Month National Cyber Security Awareness Month is observed every October. It was created as an effort between](https://reader034.fdocuments.net/reader034/viewer/2022042408/5f24354649fef85cfa7e2b34/html5/thumbnails/50.jpg)
50
Conclusion/Summary
Cyber threats are increasing in frequency, complexity and
severity.
Expect to see more advanced attacks that disrupt government
activities.
Tools and services are readily available on The Dark Market.
To provide your organizations with the best level of protection,
security teams must be attuned to the ever-changing landscape
and the latest threats and attack methods.
Use threat intelligence and enhanced threat detection to ID trends
/ TTPs.
Be prepared.
Summary
![Page 51: Welcome and Opening Remarks Michael Watson...National Cybersecurity Awareness Month National Cyber Security Awareness Month is observed every October. It was created as an effort between](https://reader034.fdocuments.net/reader034/viewer/2022042408/5f24354649fef85cfa7e2b34/html5/thumbnails/51.jpg)
51
QUESTIONS?
![Page 52: Welcome and Opening Remarks Michael Watson...National Cybersecurity Awareness Month National Cyber Security Awareness Month is observed every October. It was created as an effort between](https://reader034.fdocuments.net/reader034/viewer/2022042408/5f24354649fef85cfa7e2b34/html5/thumbnails/52.jpg)
52 www.vita.virginia.gov 52
Upcoming Events
![Page 53: Welcome and Opening Remarks Michael Watson...National Cybersecurity Awareness Month National Cyber Security Awareness Month is observed every October. It was created as an effort between](https://reader034.fdocuments.net/reader034/viewer/2022042408/5f24354649fef85cfa7e2b34/html5/thumbnails/53.jpg)
53
![Page 54: Welcome and Opening Remarks Michael Watson...National Cybersecurity Awareness Month National Cyber Security Awareness Month is observed every October. It was created as an effort between](https://reader034.fdocuments.net/reader034/viewer/2022042408/5f24354649fef85cfa7e2b34/html5/thumbnails/54.jpg)
54
National Cybersecurity Awareness Month
National Cyber Security Awareness Month is observed every
October. It was created as an effort between government and
industry to make sure all Americans have the resources they need
to stay and secure on the Internet.
National Cyber Security Awareness Month is celebrating its
15th year of promoting internet safety.
![Page 55: Welcome and Opening Remarks Michael Watson...National Cybersecurity Awareness Month National Cyber Security Awareness Month is observed every October. It was created as an effort between](https://reader034.fdocuments.net/reader034/viewer/2022042408/5f24354649fef85cfa7e2b34/html5/thumbnails/55.jpg)
55
2019Kids Safe Online Poster Contest
Kick Off: September 26
Deadline or submissions: January 25, 2019
Website Information: https://www.cisecurity.org/ms-isac/ms-isac-toolkit/
Guideline: https://www.cisecurity.org/wp-content/uploads/2018/08/MS-ISAC-
Poster-Contest-and-Form.pdf
Virginia winner will grace the cover of the 2019 “Kid Safe Online”
poster calendar.
*Virginia has had at least two national winners for the past five
years.
![Page 56: Welcome and Opening Remarks Michael Watson...National Cybersecurity Awareness Month National Cyber Security Awareness Month is observed every October. It was created as an effort between](https://reader034.fdocuments.net/reader034/viewer/2022042408/5f24354649fef85cfa7e2b34/html5/thumbnails/56.jpg)
56
2019 Kids Safe Online Poster Contest Cover Winner
![Page 57: Welcome and Opening Remarks Michael Watson...National Cybersecurity Awareness Month National Cyber Security Awareness Month is observed every October. It was created as an effort between](https://reader034.fdocuments.net/reader034/viewer/2022042408/5f24354649fef85cfa7e2b34/html5/thumbnails/57.jpg)
57 www.vita.virginia.gov
ISO Certification
![Page 58: Welcome and Opening Remarks Michael Watson...National Cybersecurity Awareness Month National Cyber Security Awareness Month is observed every October. It was created as an effort between](https://reader034.fdocuments.net/reader034/viewer/2022042408/5f24354649fef85cfa7e2b34/html5/thumbnails/58.jpg)
58
Mandatory ISO Meeting
www.vita.virginia.gov
• We will have a mandatory meeting of all ISOs on October 3.
• We encourage all primary ISOs to attend this meeting in person.
• If you are a primary ISO, and cannot attend, you may designate the backup ISO to attend in your place.
![Page 59: Welcome and Opening Remarks Michael Watson...National Cybersecurity Awareness Month National Cyber Security Awareness Month is observed every October. It was created as an effort between](https://reader034.fdocuments.net/reader034/viewer/2022042408/5f24354649fef85cfa7e2b34/html5/thumbnails/59.jpg)
59
Contacts
www.vita.virginia.gov
If you need a status update on your ISO Certification, please
contact:
Tina [email protected]
![Page 60: Welcome and Opening Remarks Michael Watson...National Cybersecurity Awareness Month National Cyber Security Awareness Month is observed every October. It was created as an effort between](https://reader034.fdocuments.net/reader034/viewer/2022042408/5f24354649fef85cfa7e2b34/html5/thumbnails/60.jpg)
60
Last IS Orientation
www.vita.virginia.gov
The last IS Orientation for 2018 will be held on
December 13, 2018 @1:00 PM
CESC - Room 1221
![Page 61: Welcome and Opening Remarks Michael Watson...National Cybersecurity Awareness Month National Cyber Security Awareness Month is observed every October. It was created as an effort between](https://reader034.fdocuments.net/reader034/viewer/2022042408/5f24354649fef85cfa7e2b34/html5/thumbnails/61.jpg)
61
ADJOURN
THANK YOU FOR ATTENDING
Picture courtesy of www.v3.co.uk