crowd sourcing cybersecurity through the ren isac
play

Crowd-sourcing CyberSecurity through the REN- ISAC Community Chris - PowerPoint PPT Presentation

Jul 31, 2023 •167 likes •628 views

Crowd-sourcing CyberSecurity through the REN- ISAC Community Chris ODonnell REN-ISAC Background MISSION Overall serve the Research and Higher Education space and promote operational security CSIRT Role Operate a trusted

  1. Crowd-sourcing CyberSecurity through the REN- ISAC Community Chris O’Donnell

  2. REN-ISAC Background

  3. MISSION ● Overall – serve the Research and Higher Education space and promote operational security ● CSIRT Role ● Operate a trusted community ● Work with other ISACs and others external parties

  4. FACTS AND FIGURES ▪ Hosted at Indiana University ▪ Board of Directors ▪ Advisory groups ▪ Ad hoc special interest groups and projects ▪ Over 500 member institutions and over 1600 member representatives

  5. Threat Landscape

  6. INFOSEC IS #1 IT ISSUE IN HIGHER ED, 2016 * AND AGAIN IN 2017* * Educause Top 10 IT Issues 2016 and 2017

  7. THREAT TRENDS § Motive? § The threat actor is external to the organization § Time to compromise is < one hour § Time to discover a breach occurred > than one day

  8. 90 85 80 82 76 70 60 62 60 57 50 51 47 40 30 33 20 22 19 16 10 0 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 DATA BREACHES IN HIGHER EDUCATION Source: Privacy Rights Clearinghouse

  9. WHERE IS EDUCATION ON THE LIST?

  10. SENSITIVE DATA BREACHES

  12. RANSOMWARE

  13. What Are You Doing to Mitigate the Risk of Ransomware? (N=27) Increasing employee education and awareness efforts 19 (70%) Tightening spam filters on email systems 11 (41%) Accelerating the institutions move to cloud storage 1 (4%) Reminding system administrators to verify/test backups, check schedules 9 (33%) Updating institutional policies / standards 2 (7%) RECENT SURVEY RESULTS

  14. MOBILE § Mobile use is increasing § Lots of older unpatched OSes § 3 rd party app stores § Malicious apps on primary app stores

  15. INSIDER THREAT

  16. PHISHING § Primary attack vector for online crime § Spear-phishing / Whaling

  17. RECENT SURVEY RESULTS

  18. DENIAL OF SERVICE ATTACKS „ Amplification via vulnerable protocols, e.g. NTP „ Increasing use of Internet connected devices (IoT)

  19. DENIAL OF SERVICE ATTACKS

  20. COMPROMISED CREDENTIALS

  21. Crowdsourcing Cybersecurity Through the REN-ISAC Community

  22. RELATIONSHIPS § Sector ISAC § Members § 3 rd Parties

  23. CONCERNS

  24. How do we help?

  25. CSIRT for EDU Space

  26. REN-ISAC CSIRT Activity, YTD 2016 Notifications Q1 Q2 Q3 Q4 Compromised machines 23,943 16,911 13,589 12,661 Compromised credentials 13,162 1,037,881 5,094 1,141,653 Spam or Phish 117 86 111 1,995 Vulnerable machines 1 39 2 11 Open recursive DNS resolvers 793 713 607 655 Open mail relays 52 25 37 34 Other 1 3 5 1 Totals 38,069 1,055,658 19,445 1,157,010 SOC ACTIVITY – MOSTLY AUTOMATED

  27. REN-ISAC SOC Activity, YTD 2016 Notifications Q1 Q2 Q3 Q4 Notification Questions 429 626 278 194 Password resets 105 100 75 60 Notifications 51 21 50 38 Other 177 627 477 371 Totals 762 1,374 880 663 Non-interactive tickets 2,060 2,611 3,302 3,026 SOC ACTIVITY - MANUAL

  28. SHARING INTEL

  29. ALERTS, ADVISORIES, AND REPORTS § Advisories on various threats § Daily Watch

  30. COMMUNITY SHARING § Community of trusted cybersecurity staff at R&E member institutions § Confidentiality, Integrity and Availability § Sharing actionable intel for operational protection and response

  31. CIF/SES AUTOMATED THREAT INTELLIGENCE

  32. PASSIVE DNS – WHAT?

  33. My University authoritative ` ` DNS server example.com’s authoritative Global DNS DNS server recursive caching DNS www.example.com server request to resolve www.example.com Global Internet visit www.my.edu

  34. My University authoritative ` ` DNS server example.com’s authoritative where is the DNS server authoritative for example.com? recursive caching DNS www.example.com server Global Internet visit www.my.edu

  35. My University authoritative ` ` DNS server example.com’s authoritative DNS server response recursive caching DNS www.example.com server Global Internet visit www.my.edu

  36. My University authoritative ` ` DNS server example.com’s authoritative Global DNS DNS server query recursive caching DNS www.example.com server Global Internet visit www.my.edu

  37. My University authoritative ` ` DNS server example.com’s authoritative Global DNS DNS server recursive caching response DNS www.example.com server Global Internet visit www.my.edu

  38. My University authoritative ` ` DNS server example.com’s authoritative Global DNS DNS server recursive caching DNS www.example.com server response Global Internet visit www.my.edu

  39. My University authoritative ` ` DNS server example.com’s authoritative Global DNS DNS server recursive caching DNS www.example.com server Whee! Global Internet visit www.my.edu

  40. PASSIVE DNS – WHY?

  41. EDUCATION ▪ Techbursts ▪ Wikis

  42. FUTURE (NOW) THREAT VECTORS ▪ Automated Access Controls ▪ Industrial Control Systems ▪ Internet of Things

  43. Wrap up….

  44. QUESTIONS?

  45. „ REN-ISAC „ http://ren-isac.net „ soc@ren-isac.net „ (317) 274-7228

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

www.ren-isac.net soc@ren-isac.net 317.274.7228 What is an ISAC? Information

www.ren-isac.net soc@ren-isac.net 317.274.7228 What is an ISAC? Information

www.ren-isac.net soc@ren-isac.net 317.274.7228 What is an ISAC? Information Sharing and Analysis Centers Presidential Decision Directive-63 (PDD-63), signed May 22, 1998 The federal government asked each critical

537 views • 20 slides
CrowdsFunding Gilad Ravid, PhD Crowd Sourcing Pooling Collective Knowledge Ushahidi

CrowdsFunding Gilad Ravid, PhD Crowd Sourcing Pooling Collective Knowledge Ushahidi

CrowdsFunding Gilad Ravid, PhD Crowd Sourcing Pooling Collective Knowledge Ushahidi Micro volunteering The Seed Company Crowd Creation https://twitter.com/youropera Crowd Voting

667 views • 39 slides
Ac#ve Learning and Crowd- Sourcing for Machine Transla#on

Ac#ve Learning and Crowd- Sourcing for Machine Transla#on

Ac#ve Learning and Crowd- Sourcing for Machine Transla#on Vamshi Amba#, Stephan Vogel, &amp; Jamie Carbonell Pramod Thammaiah ScoC Brinker November 17,

623 views • 45 slides
Challenges in Crowd-sourcing The positive side of things 150+ active volunteer translators

Challenges in Crowd-sourcing The positive side of things 150+ active volunteer translators

Challenges in Crowd-sourcing The positive side of things 150+ active volunteer translators in over 40 languages Over 2 million words translated for all Opera products, including browsers, web-sites and -applications Working

369 views • 8 slides
Lessons Learned In Smart Grid Cybersecurity Chris Blask Chair ICS-ISAC TCIPG Workshop, October

Lessons Learned In Smart Grid Cybersecurity Chris Blask Chair ICS-ISAC TCIPG Workshop, October

Lessons Learned In Smart Grid Cybersecurity Chris Blask Chair ICS-ISAC TCIPG Workshop, October 30, 2012 Cyberwar Hits Energy Firms Escalating from Interruption to Destruction Iranian nuclear program: Stuxnet destroys 1,000+

253 views • 12 slides
Program Boosting: Program Synthesis via Crowd-Sourcing Robert A. Cochran, Loris DAntoni,

Program Boosting: Program Synthesis via Crowd-Sourcing Robert A. Cochran, Loris DAntoni,

Program Boosting: Program Synthesis via Crowd-Sourcing Robert A. Cochran, Loris DAntoni, Benjamin Livshits, David Molnar and Margus Veanes Presented by: Sam Witty, Shehzaad Dhuliawala and Samer Nashed Outline Introduction (Research

734 views • 62 slides
Harnessing Crowd-Sourcing to Assess Genes based on Effect Size Using Visual Inference Methods

Harnessing Crowd-Sourcing to Assess Genes based on Effect Size Using Visual Inference Methods

Harnessing Crowd-Sourcing to Assess Genes based on Effect Size Using Visual Inference Methods Di Cook, Monash University Joint work with Niladri Roy Chowdhury, Eric Hare, Mahbub Majumder, Michelle Graham, Tengfei Yin, Heike Hofmann Outline

1.08k views • 86 slides
CROWD-SOURCING Simin Chen Amazon Mechanical Turk Advantages On demand workforce

CROWD-SOURCING Simin Chen Amazon Mechanical Turk Advantages On demand workforce

CROWD-SOURCING Simin Chen Amazon Mechanical Turk Advantages On demand workforce Scalable workforce Qualified workforce Pay only if satisfied Terminology Requestors HITs (Human Intelligence Tasks) Assignment

1.87k views • 62 slides
Crowd-Sourcing Concurrent Relations Anna Dickinson, Hannah Rohde, Annie Louis, Christopher N.

Crowd-Sourcing Concurrent Relations Anna Dickinson, Hannah Rohde, Annie Louis, Christopher N.

Crowd-Sourcing Concurrent Relations Anna Dickinson, Hannah Rohde, Annie Louis, Christopher N. L. Clark &amp; Bonnie Webber ! University of Edinburgh Signalling discourse relations Conjunctions &quot;We've started trying just about

484 views • 17 slides
October 14, 2020 Virtual Talking Circle Crowd-Sourcing the RISE Vision Virtual Talking C

October 14, 2020 Virtual Talking Circle Crowd-Sourcing the RISE Vision Virtual Talking C

October 14, 2020 Virtual Talking Circle Crowd-Sourcing the RISE Vision Virtual Talking C Circles t to Date Topics : Innovation in a Time of Crisis, Virtual Communities of Practice, Virtual Care, Learners as

483 views • 13 slides
CROWD SOURCING C S 1 4 7 PROJECT TEAM Karna Sloane Marie Tina MBA-GSB, 2 nd CS, Senior Year

CROWD SOURCING C S 1 4 7 PROJECT TEAM Karna Sloane Marie Tina MBA-GSB, 2 nd CS, Senior Year

CROWD SOURCING C S 1 4 7 PROJECT TEAM Karna Sloane Marie Tina MBA-GSB, 2 nd CS, Senior Year CS, JuniorYear CS, JuniorYear Year NEEDFINDING METHODOLGY Speaker Speaker/ Audience Engagement Event Manage Audience ment STUDENT Skype

165 views • 14 slides
Event Management Presentation ISAC has built and is unveiling a new meeting registration system

Event Management Presentation ISAC has built and is unveiling a new meeting registration system

Event Management Presentation ISAC has built and is unveiling a new meeting registration system for both ISAC members and vendors this summer in preparation for its debut during the 2016 ISAC Fall School of Instruction registration on August 17.

257 views • 6 slides
Black Sky Hazards and Water Sector Resilience January 23, 2018 About WaterISAC What is an ISAC?

Black Sky Hazards and Water Sector Resilience January 23, 2018 About WaterISAC What is an ISAC?

Black Sky Hazards and Water Sector Resilience January 23, 2018 About WaterISAC What is an ISAC? Nonprofit, est. 2002 Mission Mission : To help water sector utilities reduce risks from cybersecurity, physical security and natural

413 views • 24 slides
Global Sourcing Local Solutions www.ncsourcing.com NC Sourcing Your industrial

Global Sourcing Local Solutions www.ncsourcing.com NC Sourcing Your industrial

Global Sourcing Local Solutions www.ncsourcing.com NC Sourcing Your industrial subcontractor, a complete solution of production, logistics and quality management efficiency to your sourcing and supply chain. Global reach: Suzhou,

816 views • 23 slides
U.S. National U.S. National Why are we talking about Cybersecurity Cybersecurity

U.S. National U.S. National Why are we talking about Cybersecurity Cybersecurity

U.S. National U.S. National Why are we talking about Cybersecurity Cybersecurity cybersecurity? William J. Perry Martin Casado Keith Coleman Dan Wendlandt MS&amp;E 91SI Spring 2004 Stanford University U.S. National Cybersecurity

79 views • 7 slides
Vendors Meet -2016 Problem fa faced by IS ISAC fr from Vendors on EGPS Pla latform ISRO

Vendors Meet -2016 Problem fa faced by IS ISAC fr from Vendors on EGPS Pla latform ISRO

Vendors Meet -2016 Problem fa faced by IS ISAC fr from Vendors on EGPS Pla latform ISRO Satellite Centre (ISAC) 12 th December 2016 EGPS WORKS Vendors ISAC Vendors on - line Web-enable led Proc rocurement t SC

308 views • 27 slides
Securing Automatic Voter Registration Data Webinar hosted by the Center for Technology and Civic

Securing Automatic Voter Registration Data Webinar hosted by the Center for Technology and Civic

Modernizing voter registration Securing Automatic Voter Registration Data Webinar hosted by the Center for Technology and Civic Life &amp; the Center for Secure and Modern Elections May 30, 2019 1:00pm 1:45 Central Time 2 Hello, there!

308 views • 30 slides
UCS Programme December 2009 GMM London, Paris, Lisbon, Amsterdam, Brussels Agenda

UCS Programme December 2009 GMM London, Paris, Lisbon, Amsterdam, Brussels Agenda

UCS Programme December 2009 GMM London, Paris, Lisbon, Amsterdam, Brussels Agenda Introduction to the UCS Programme UCS - Stream 2 Context Scope &amp; Stakeholders UCS Programme overview Environment Harmonised Model

796 views • 31 slides
Monitoring Your CMS Tier 3 Site Joel W. Walker Sam Houston State University OSG and CMS Tier 3

Monitoring Your CMS Tier 3 Site Joel W. Walker Sam Houston State University OSG and CMS Tier 3

Monitoring Your CMS Tier 3 Site Joel W. Walker Sam Houston State University OSG and CMS Tier 3 Summer Workshop Texas Tech University August 9-11, 2011 Representing: the Texas A&amp;M Tier 3 CMS Grid Site on the Brazos Cluster In

918 views • 60 slides
Cancer Services Program Direct Provider Payment webinar for CSP August 2018 1 Agenda/Topics To

Cancer Services Program Direct Provider Payment webinar for CSP August 2018 1 Agenda/Topics To

Direct Provider Payment in the Cancer Services Program Direct Provider Payment webinar for CSP August 2018 1 Agenda/Topics To Be Covered Introduction to Direct Provider Payment (DPP) DPP Process for: o State-funded clinical services o

624 views • 23 slides
I-SEM Market Power Mitigation RA Public Workshop Crowne Plaza Hotel, Dundalk, 2 nd December 2015

I-SEM Market Power Mitigation RA Public Workshop Crowne Plaza Hotel, Dundalk, 2 nd December 2015

I-SEM Market Power Mitigation RA Public Workshop Crowne Plaza Hotel, Dundalk, 2 nd December 2015 Welcome &amp; Introduction Market Power is a key workstream in I-SEM A complex and important area Discussion Paper of May started the

847 views • 71 slides
Congestion Management Strategies and Mobile Access Competition Heikki Hmminen Aalto

Congestion Management Strategies and Mobile Access Competition Heikki Hmminen Aalto

Congestion Management Strategies and Mobile Access Competition Heikki Hmminen Aalto University 2nd Workshop on Internet Economics UCSD, San Diego, Dec 1-2, 2011 Time Scales of Congestion and Competition Competition Congestion Time Scale

322 views • 18 slides
William J. Brodsky, Chairman and CEO CBOE Holdings, Inc. 2012 Sandler ONeill Global Exchange

William J. Brodsky, Chairman and CEO CBOE Holdings, Inc. 2012 Sandler ONeill Global Exchange

William J. Brodsky, Chairman and CEO CBOE Holdings, Inc. 2012 Sandler ONeill Global Exchange &amp; Brokerage Conference June 8, 2012 CBOE Holdings, Inc . Forward Looking Statements This presentation may contain forward-looking statements,

784 views • 39 slides
INOC-DBA Hotline Phone System aka. The AS Number Phone APRICOT 2006 Gaurab Raj Upadhaya

INOC-DBA Hotline Phone System aka. The AS Number Phone APRICOT 2006 Gaurab Raj Upadhaya

INOC-DBA Hotline Phone System aka. The AS Number Phone APRICOT 2006 Gaurab Raj Upadhaya INOC-DBA Operator, Packet Clearing House operator@pch.net Whats it About? INOC-DBA: Inter-NOC Dial-by-ASN Global Voice-over-IP hotline

588 views • 14 slides

More recommend