Gourmet Cyber Security on a Fast Food Budget DAVID ROSSELL, PH.D., - - PowerPoint PPT Presentation

Gourmet Cyber Security

• n a Fast Food Budget

DAVID ROSSELL, PH.D., CISSP NTIVA, INC.

Maximizing Your Cybersecurity Investment

• Know What You Value
• Understand Your Risks
• Invest appropriately

Know What You Value

• What do you need to keep?
• How long do you need to keep it?
• Who needs to access it?

Understand your data

Understand your members

• What do they expect from your

security program?

Know What You Value

First, some vocabulary ry

• Threats
• Vulnerabilities
• Risks

Understand your risks

Understand Your Risks, cont’d.

Learn your threat environment

• Just because you’re paranoid, doesn’t mean you’re wrong

Conduct a risk assessment Understand the legal environment

Understand your risks

• Are you likely to be sued for a breach?
• Are there rival or competing organizations to which you would lose

members?

• Coming up next!

Risk Assessment Cheat Sheet

1. Document where your data lives 2. Think about who could mean you harm, external and internal 3. Think about what can disrupt your business (e.g., hurricane or fire) 4. Determine how likely attacks and disruptions are 5. Determine how bad these things are for your business 6. Use a matrix to rank the severity of the risk 7. Identify what controls you have in place to head off risks 8. Invest where your risk is high and you don’t have controls to help reduce that risk

Impact

Likelihood

Low Medium High

Low

Low Risk Low Risk Medium Risk

Medium

Low Risk Medium Risk High Risk

High

Low Risk High Risk High Risk

Invest Appropriately

• Target cybersecurity investment to minimize your risk
• Implement basic measures as part of your due diligence
• Invest in advanced systems where your risk assessment directs

Due Diligence

1. Throw stuff out! 2. Standard antivirus 3. Create clear security policies 4. Plan for disasters and security incidents 5. Implement multifactor authentication (MFA) for remote access 6. Educate your employees in how to recognize phishing attacks

• Do your members expect or need them?
• Is a data breach an “extinction event” for

your organization?

How do I decide if I need additional security measures?

Advanced Systems

In Intrusion Detection and Response (I (IDR or SIE IEM)

• Detects suspicious activity on your

network and with user accounts

• Good for identifying attacks in early

stages

Advanced Systems

Advanced Endpoint Detection and Response (E (EDR)

• Detects suspicious activity on

computers and servers and automatically blocks it

• Good for preventing viruses and attacks

from getting a toehold

Advanced Systems

Vuln lnerability Sc Scanning and Remediation

• Looks for settings or missing patches that

attackers can exploit

• Closing the vulnerabilities makes it

harder for attackers to move within your network

Summary

Three things you can do to dramatically im improve your cybersecurity posture!

• Ass

ssess your r ris risks

• Se

Secure remote access with ith mult ltif ifactor authentic icatio ion (M (MFA)

• Train

in your r use sers routin inely ly to recogniz ize phis ishin ing attacks

Where to get help?

Managed Security Service Providers (MSSPs) recommend, implement, and monitor security solutions for

• rganizations that don’t have the time
• r expertise to do it themselves.

david.rossell@ntiva.com

Ntiva, Inc. 7900 Westpark Drive, Suite A100 McLean, VA. www.ntiva.com 703 891 0131

Contact Us