Gourmet Cyber Security on a Fast Food Budget DAVID ROSSELL, PH.D., CISSP NTIVA, INC.
Maximizing Your Cybersecurity Investment o Know What You Value o Understand Your Risks o Invest appropriately
Know What You Value Understand your data o What do you need to keep? o How long do you need to keep it? o Who needs to access it?
Know What You Value Understand your members o What do they expect from your security program?
Understand your risks First, some vocabulary ry o Threats o Vulnerabilities o Risks
Understand Your Risks, cont’d. Understand your risks Learn your threat environment o Just because you’re paranoid, doesn’t mean you’re wrong Understand the legal environment o Are you likely to be sued for a breach? o Are there rival or competing organizations to which you would lose members? Conduct a risk assessment o Coming up next!
Risk Assessment Cheat Sheet 1. Document where your data lives 2. Think about who could mean you harm, external and internal 3. Think about what can disrupt your business (e.g., hurricane or fire) 4. Determine how likely attacks and disruptions are 5. Determine how bad these things are for your business 6. Use a matrix to rank the severity of the risk 7. Identify what controls you have in place to head off risks 8. Invest where your risk is high and you don’t have controls to help reduce that risk
Impact Likelihood Low Medium High Low Low Risk Low Risk Medium Risk Medium Low Risk Medium Risk High Risk High Low Risk High Risk High Risk
Invest Appropriately o Target cybersecurity investment to minimize your risk o Implement basic measures as part of your due diligence o Invest in advanced systems where your risk assessment directs
Due Diligence 1. Throw stuff out! 2. Standard antivirus 3. Create clear security policies 4. Plan for disasters and security incidents 5. Implement multifactor authentication (MFA) for remote access 6. Educate your employees in how to recognize phishing attacks
How do I decide if I need additional security measures? o Do your members expect or need them? o Is a data breach an “extinction event” for your organization?
Advanced Systems In Intrusion Detection and Response (I (IDR or SIE IEM) o Detects suspicious activity on your network and with user accounts o Good for identifying attacks in early stages
Advanced Systems Advanced Endpoint Detection and Response (E (EDR) o Detects suspicious activity on computers and servers and automatically blocks it o Good for preventing viruses and attacks from getting a toehold
Advanced Systems Vuln lnerability Sc Scanning and Remediation o Looks for settings or missing patches that attackers can exploit o Closing the vulnerabilities makes it harder for attackers to move within your network
Summary Three things you can do to dramatically im improve your cybersecurity posture! o Ass ssess your r ris risks o Se Secure remote access with ith mult ltif ifactor authentic icatio ion (M (MFA) o Train in your r use sers routin inely ly to recogniz ize phis ishin ing attacks
Where to get help? Managed Security Service Providers (MSSPs) recommend, implement, and monitor security solutions for organizations that don’t have the time or expertise to do it themselves.
Contact Us david.rossell@ntiva.com Ntiva, Inc. 7900 Westpark Drive, Suite A100 McLean, VA. www.ntiva.com 703 891 0131
Recommend
More recommend
