accounts hacked among several in recent weeks to come upon security - - PowerPoint PPT Presentation

HEADLINES Impact and Cost

Data Breaches Put a Dent in Colleges’ Finances as Well as Reputations

The Chronical of Higher Education: At Indiana U.’s data center, in Bloomington, staff members were aghast to learn that the university was among several in recent weeks to come upon security breaches in their information-technology

• perations…………….

“The costs of a cyber attack on the University of Maryland that was made public last month will run into the millions of dollars”

Cyber attack on Twitter, 250,000 accounts hacked

AP

At least 19 states have introduced or are considering security breach legislation in

• 2014. Most of the bills would

amend existing security breach laws. According to the Ponemon Institute’s most recent "Annual Study: U.S. Cost of a Data Breach" (March 2012), the findings showed that the average cost … in the education vertical [was] $142 per record. … the University of Nebraska data breach could cost the university over $92 million Costs related to data- security lapses dating to 2011 at the Maricopa County Community College District, in Arizona, could climb to $17.1-million, says Tom Gariepy, a district

• spokesman. CHE

Malware is becoming more complex and short-lived

18+ billion 420 million 35 billion messages/month 250 million Millions Billions 700 million 40 billion Millions

Enterprise Risk Mitigation System

What if I have a Cybersecurity Incident?

For Incident Response, use your existing Microsoft Premier Services agreement! Premier Support 24x7 Call - 800-936-3100 and mention that you are experiencing a potential cyber security incident. Any staff member who has been authorized with access to open Premier Support cases should do so with a “Severity A” classification for Cyber

• incidents. Or you can reach out to your

Technical Account Manager.

GBS Security

Deep Remote Technical Support

Cybersecurity Team

Onsite Security Incident Response Team

GBS Incident Responder

Global Onsite Support within 24-hours or less

Protect

Protect your most valuable assets to help prevent compromise from cyber- attacks

Microsoft Security Risk Assessment RAP as a Service for MS Security Security Development Lifecycle Workshops* Active Directory Security Offerings*

Detect

Monitor your network for attacks, vulnerabilities, and persistent threats

Persistent Adversary Detection Service Enhanced Mitigation Experience Toolkit Offerings * Microsoft Threat Detection Service

Respond

Investigate and disrupt suspicious events to provide a diagnosis and potential mitigations

Incident Response Tactical Recovery Strategic Recovery

Offline Assessment for AD Security (OAADS)

Proactive service that collects information on key security technology, people and process areas for your environment and analyzes this information against best practices and currently relevant security threats against your identity store.

4 Days Fixed Price Offering/Premier 1 Forest; < 100 Domain Controllers (DC) Questionnaire + Tools

Active Directory Security Assessment (ADSA)

Review of customer’s Active Directory providing the customer with a comprehensive, holistic assessment

• f the overall security of the Active Directory

implementation.

• Approx. 4 weeks

Onsite (duration varies) Delivered through Premier or MCS 2-3 Forests; >100 DC’s Interviews + Tools + Visual inspection

POP - Security Lateral Account Movement (SLAM)

Provides education on credential theft as well as real world tested sample capabilities. Helps customers begin compartmentalizing local Administrator credentials through password randomization.

3 days Fixed Price Offering/Premier AD lab environment. Minimum: 1 Domain Controller, 1 system for each member

• perating system

Education + Planning + Strategy

Enhanced Security Administrative Environment

Designed to help thwart credential theft attacks by limiting exposure of domain administrative

• credentials. Implements new secure domain
• Approx. 25 weeks;

Onsite (duration varies) Delivered through MCS Implements New Secure Domain

• Designed to develop and/or adapt your security strategy to help reduce cyber

risks across the enterprise. Provides a proactive approach to security that identifies breakdowns in people, processes, and technologies before they affect

• perations.
• Using on-site, in-person interviews and technical examination, MSRA results in

the creation of a roadmap customized for your business.

• Remediation roadmap prioritizes findings into tactical and systemic

recommendations that can be acted upon in a timeframe methodology

ABOUT SOLUTION

• Two-week engagement with two consultants onsite with your team to gather

and validate information through a series of interviews with key personnel, a risk management session and technical inquiry. Specifically, the service involves: ü Risk Management Workshop ü Qualitative Interviews ü Roadmap Presentation

ABOUT DELIVERY

Enhanced Mitigation Experience Toolkit (EMET) Freely downloadable technology that protects against security vulnerability exploitation. Enhances existing protections in the Windows OS and adds new protections that help stop exploitation of unknown or unpatched security vulnerabilities

Free-Download

EMET- Proactive Operations Program (POP) EMET POP includes an Educational workshop

• n EMET and EMET deployment, as well as

assistance with pilot in non-production lab environment

2-3 Days/Onsite Fixed Price Offering through Premier

EMET- Deployment and Reporting Assist you with in-depth education and preparation for an EMET pilot, with conducting a full EMET production pilot, and with deploying an EMET ERS to monitor EMET events and configurations.

EMET Production Pilot (3 weeks) - Delivered through MCS ERS – Production and Deployment (5 weeks) – Through MCS EMET + ERS – Production Deployment (8 weeks)- Through MCS