turning your cybersecurity
play

Turning Your Cybersecurity Toddlers Into Warriors! Simple lessons - PowerPoint PPT Presentation

Oct 13, 2022 •159 likes •483 views

Turning Your Cybersecurity Toddlers Into Warriors! Simple lessons to fill the knowledge gap within your staff Shira Shamban Dome9 Security @shambanIT 0 1 2 3 4 5 You and your staff Are NOT going to keep up with Technology

  1. Turning Your Cybersecurity Toddlers… Into Warriors! Simple lessons to fill the knowledge gap within your staff Shira Shamban Dome9 Security @shambanIT 0

  2. 1

  3. 2

  4. 3

  5. 4

  6. 5

  7. You and your staff Are NOT going to keep up with Technology @shambanIT

  8. Today, Enterprises Average… different security vendors installed in their company to solve problems ZDNet – “Security landscape plagued by too many. Nov. 2016 @shambanIT

  10. You and your staff Are NOT going to keep up with Technology ALERT!!!! ALERT!!!! ALERT!!!! ALERT!!!! ALERT!!!! ALERT!!!! ALERT!!!! ALERT!!!! ALERT!!!! ALERT!!!! @shambanIT

  12. @shambanIT 11

  13. Top 5 Causes of Data Breaches in Healthcare #1. Human Error: 33.5% The elephant in the figures is the #2. Misuse: 29.5% number of incidents where the discovery was measured in #3. Physical (mostly theft): 16.3% months or years …. #4. Hacking: 14.8% #5. Malware: 10.8% Protected Health Information Data Breach Report Verizon – March 2018 @shambanIT 12

  14. Top Three Causes – JDL Group – January 2018 63% of investigated breaches involved weak, #1. Password Problems stolen or default password Verizon recently reported ransomware is the #2. Ransomware & Malware fifth most common type of malware. Reuters reports 73% of data breaches happen #3. Human Error because of the people operating machines @shambanIT 14

  15. Why So Much Phishing? It Works... @shambanIT 15

  16. We All Have a Dave… @shambanIT 16

  17. Understanding the Basics of CD/CR Security @shambanIT 17

  18. We Don’t Need Faster Horses “If I had asked people what they wanted, they would have said faster horses.” ― Henry Ford @shambanIT 19

  19. So, what is the secret ingredient?

  20. Understanding the Basics of CD/CR Security • Whatever it is that you’re doing with your • Don’t monitor the logs, monitor the “I use the default AWS configuration” • 80% of the problems repeat themselves “I don’t need logs, I have an AV” “I keep all of my logs… I think” logs – It’s not working – time for a change unusual findings @shambanIT 21 21

  22. Logs Provide…

  23. The Secret Recipe… Your Logs are the Secret Ingredient ● How Long to Keep? ● Sources and Variety? ● Scalability ○ Easily add new (future) sources ● Detection Algorithms Used ○ How detailed/granularity ● Supporting User Interface @shambanIT

  24. Typical Attack Vector Criminal hacker User clicked Criminal hacker Money Username and Phishing email has privileged deployed bitcoin loss! link password stolen mining assets access to AWS Awareness URL scanning Least privilege Give very specific Enforce 2FA prevent policies to users program for email principle regarding assets Monitor activity patterns Monitor activity patterns Monitor login detect Detection tool Detection tool and unusual events, like and unusual events like patterns creating of new keys, new assets, unusual billing, users etc CPU, DNS requests A Complete 360 Degree View Is Impossible… Without Logs! @shambanIT

  25. Typical Attack Vector PII breach, including Criminal hacker User re-used Criminal hacker Criminal hacker moves around the Money loss, emails and password for has privileged encrypted DB, reputation, VPC, looking for asking for ransom compliance AWS account access to AWS passwords sensitive DB Enforce 2FA, Enforce strong least privilege Backup! prevent awareness password policy least privilege Monitor Internal Monitor login Monitor activity patterns Monitor unusual detect and unusual events, like port scan, failed haveibeenpwned patterns account activity creating of new keys, login attempts users etc Remember! Logging is For EVERYONE @shambanIT

  26. Love Your Logs!

  27. Focus On The Big Rocks First 30

  28. Automate Remediation Repetitive problems are easier to remediate Hire Expert(s) to Create Cluster - Address the Top 10 Recurring Problems Hire Expert(s) to Prepare Appropriate Solutions Allow Machine to Label Each Problem If Yes – Auto Remediate If No – Escalate to Human @shambanIT 31

  29. Remediation – What’s The Future…Crowdsourcing I have a problem Other people have that I wonder how they solved ow they solved problem (or similar) it it Security is improved! Others will share their own I will share my solution with the community solutions, we exchange knowledge @shambanIT 33

  30. Free Your Warriors! @shambanIT 34

  31. Any Questions? I Dare You! Thank You Shira Shamban @shambanIT Head of Security Research @shambanIT 35 shira@dome9.com

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

U.S. National U.S. National Why are we talking about Cybersecurity Cybersecurity

U.S. National U.S. National Why are we talking about Cybersecurity Cybersecurity

U.S. National U.S. National Why are we talking about Cybersecurity Cybersecurity cybersecurity? William J. Perry Martin Casado Keith Coleman Dan Wendlandt MS&E 91SI Spring 2004 Stanford University U.S. National Cybersecurity

79 views • 7 slides
Presented by: Islanders Bank Cybersecurity Awareness Cybersecurity Awareness Objectives:

Presented by: Islanders Bank Cybersecurity Awareness Cybersecurity Awareness Objectives:

Presented by: Islanders Bank Cybersecurity Awareness Cybersecurity Awareness Objectives: Define Cybersecurity & why its important Provide information about Dept. Homeland Security Cybersecurity Campaigns: National

328 views • 22 slides
2018 TURNING IT AROUND The past 18 months have been a concentrated effort on turning the

2018 TURNING IT AROUND The past 18 months have been a concentrated effort on turning the

AGM PRESENTATION 2018 TURNING IT AROUND The past 18 months have been a concentrated effort on turning the finances around to a more stable position. The forecasts for this year are good new membership fees and cost cutting have

600 views • 30 slides
Cybersecurity A presentation to the National Association of Black Accountants Cleveland

Cybersecurity A presentation to the National Association of Black Accountants Cleveland

Cybersecurity A presentation to the National Association of Black Accountants Cleveland Chapter Contents Cybersecurity and risk management 1 Cybersecurity and the regulatory 2 environment Cybersecurity and the audit 3 4 Appendix

685 views • 37 slides
TURNING SWU INTO U TURNING SWU INTO U Thomas L. Neff Center for International Studies

TURNING SWU INTO U TURNING SWU INTO U Thomas L. Neff Center for International Studies

TURNING SWU INTO U TURNING SWU INTO U Thomas L. Neff Center for International Studies Massachusetts Institute of Technology tlneff@mit.edu URANIUM & SWU IMBALANCE World Uranium Production Substantially Below Apparent Requirements

405 views • 15 slides
Turning and Related Operations Turning is widely used for machining external cylindrical and

Turning and Related Operations Turning is widely used for machining external cylindrical and

Turning and Related Operations Turning is widely used for machining external cylindrical and conical surfaces. The workpiece rotates and a longitudinally fed single point cutting tool does the cutting. Machine tools used for this process are

639 views • 46 slides
KACo Cybersecurity Training KACo Cybersecurity Training Cybersecurity Threats Phishing

KACo Cybersecurity Training KACo Cybersecurity Training Cybersecurity Threats Phishing

7/17/2020 KACo Cybersecurity Training KACo Cybersecurity Training Cybersecurity Threats Phishing Attacks Malware/Ransomware Hacking Imposter Scams 1 7/17/2020 KACo Cybersecurity Training BEWARE OF Phishing Phishing attacks

248 views • 6 slides
Formal Methods and CyberSecurity James Davenport University of Bath Former Fulbright

Formal Methods and CyberSecurity James Davenport University of Bath Former Fulbright

Formal Methods and CyberSecurity James Davenport University of Bath Former Fulbright CyberSecurity Scholar 4 September 2019 James Davenport Formal Methods and CyberSecurity CyberSecurity CyberSecurity failures abound: tens daily in the

212 views • 19 slides
Formal Methods and CyberSecurity James Davenport University of Bath Former Fulbright

Formal Methods and CyberSecurity James Davenport University of Bath Former Fulbright

Formal Methods and CyberSecurity James Davenport University of Bath Former Fulbright CyberSecurity Scholar 4 September 2018 James Davenport Formal Methods and CyberSecurity CyberSecurity CyberSecurity failures abound: tens daily in the

325 views • 18 slides
ITU Mandate and Activities ITU Mandate and Activities Related to Cybersecurity Cybersecurity

ITU Mandate and Activities ITU Mandate and Activities Related to Cybersecurity Cybersecurity

ITU Mandate and Activities ITU Mandate and Activities Related to Cybersecurity Cybersecurity Related to Subregional Seminar on Cybersecurity for Information and Communication Networks 21 June 2005 Lima, Peru Christine Sund Christine Sund

921 views • 48 slides
Turning Point About Turning Point A two-year inclusive postsecondary program designed to prepare

Turning Point About Turning Point A two-year inclusive postsecondary program designed to prepare

GARDEN STATE PATHWAYS TO INDEPENDENCE Turning Point About Turning Point A two-year inclusive postsecondary program designed to prepare young adults with intellectual disabilities for competitive integrated employment. Areas of focus include

563 views • 21 slides
Being Strategic about Cybersecurity Regional Cybersecurity Forum, 29-30 Nov 2016, Grand Hotel

Being Strategic about Cybersecurity Regional Cybersecurity Forum, 29-30 Nov 2016, Grand Hotel

Being Strategic about Cybersecurity Regional Cybersecurity Forum, 29-30 Nov 2016, Grand Hotel Sofia, Bulgaria Mr. Joaqun Castelln , Operational Director Spanish National Security Department Ms. Anita TIKOS , Desk Officer for International

197 views • 15 slides
EU in action about cybersecurity NIS Directive 5G Cybersecurity Act GDPR Contractual ISACs

EU in action about cybersecurity NIS Directive 5G Cybersecurity Act GDPR Contractual ISACs

EU Cybersecurity European policy overview e-IRG e-IRG 4 December 2019 Brussels Anni Hellman, Senior Expert, Permanent Representation of Finland to the European Union Seconded for the Finnish Presidency from the Directorate General

320 views • 28 slides
MAYASEVENs Hacking Diary Who are we? Nop Phoomthaisong MAYASEVEN Team Cybersecurity

MAYASEVENs Hacking Diary Who are we? Nop Phoomthaisong MAYASEVEN Team Cybersecurity

MAYASEVENs Hacking Diary Who are we? Nop Phoomthaisong MAYASEVEN Team Cybersecurity Consultants, The Cybersecurity Expert Guys Cybersecurity Researcher 2 Agenda 1. Account Takeover via Forgot Password Function 2. Amazon S3

2.36k views • 75 slides
INTRODUCTION Institute 12/10/2018 1 OBJECTIVES Current cybersecurity statistics and

INTRODUCTION Institute 12/10/2018 1 OBJECTIVES Current cybersecurity statistics and

Section 1 Dr. Bruce Burton California Cybersecurity INTRODUCTION Institute 12/10/2018 1 OBJECTIVES Current cybersecurity statistics and implications Learn from past attacks Understand the NIST Cybersecurity Framework (CSF) &

368 views • 33 slides
Cybersecurity Today CYBERSECURITY IN TODAYS WORLD Cyberattacks in Wyoming Medical

Cybersecurity Today CYBERSECURITY IN TODAYS WORLD Cyberattacks in Wyoming Medical

Cybersecurity Today CYBERSECURITY IN TODAYS WORLD Cyberattacks in Wyoming Medical Facilities Local Government Schools Law Enforcement Media Outlets The threat and how to think about it Ransomware has rapidly emerged as the most

398 views • 15 slides
1 2 3 21 st CC Confident Person, Concerned Citizen, Seld-Directed Learner, Acitve

1 2 3 21 st CC Confident Person, Concerned Citizen, Seld-Directed Learner, Acitve

1 2 3 21 st CC Confident Person, Concerned Citizen, Seld-Directed Learner, Acitve Contributor M otto kept though there was talk in the previous leadership to change to the Best is Y et to Be. The existing motto is kept as the school

1.29k views • 77 slides
Inclusive Growth and the Informal Waste Sector in Africa: Exploring the Challenges and

Inclusive Growth and the Informal Waste Sector in Africa: Exploring the Challenges and

Inclusive Growth and the Informal Waste Sector in Africa: Exploring the Challenges and Opportunities Martin Medina Contact: martin.medina-martinez.grd.genr@aya.yale.edu Waste Management in Africa One of the Most Pressing Urban Environmental

928 views • 43 slides
Syndromic Surveillance Predicting and monitoring influenza-like illness using telephone and

Syndromic Surveillance Predicting and monitoring influenza-like illness using telephone and

Syndromic Surveillance Predicting and monitoring influenza-like illness using telephone and digital data Work by Mica Hartley Presented by Michael Araco Outline Influenza a healthcare problem How can telephone and digital data help?

397 views • 14 slides
San Mateo County Fire In Cooperation with Mission Statement CAL FIRE serves and safeguards the

San Mateo County Fire In Cooperation with Mission Statement CAL FIRE serves and safeguards the

San Mateo County Fire In Cooperation with Mission Statement CAL FIRE serves and safeguards the people and protects the property and resources of California. Shared Vision 2025 Ensure that our neighborhoods are safe and provide residents

295 views • 27 slides
Exploring Views for Goal-oriented Requirements Comprehension Lyrene Silva, Ana Moreira, Joo

Exploring Views for Goal-oriented Requirements Comprehension Lyrene Silva, Ana Moreira, Joo

Exploring Views for Goal-oriented Requirements Comprehension Lyrene Silva, Ana Moreira, Joo Arajo, Catarina Gralha , Miguel Goulo and Vasco Amaral Universidade Federal do Rio Grande do Norte (Brazil), Universidade NOVA de

446 views • 22 slides
INF5470 Spring 2010 Philipp Hfliger Lecture 2: Neurophysiology in a Nutshell Content

INF5470 Spring 2010 Philipp Hfliger Lecture 2: Neurophysiology in a Nutshell Content

INF5470 Spring 2010 Philipp Hfliger Lecture 2: Neurophysiology in a Nutshell Content Overview Methods Known Properties Lecture 2: Neurophysiology in a Nutshell 2 Content Overview Methods Known Properties Lecture 2: Neurophysiology

685 views • 29 slides
Digital Medicine I: Introduction to Programming Introduction to the Course Autumn 2019

Digital Medicine I: Introduction to Programming Introduction to the Course Autumn 2019

Hans-Joachim Bckenhauer and Dennis Komm Digital Medicine I: Introduction to Programming Introduction to the Course Autumn 2019 October 3, 2019 Welcome to the Course Material Lecture website https://courses.ite.inf.ethz.ch/digiMed19

1.4k views • 100 slides
Ann Arbor VA Credentialing Academic Year 2020 - 2021 VA Trainee On-boarding 1. Trainee Guide and

Ann Arbor VA Credentialing Academic Year 2020 - 2021 VA Trainee On-boarding 1. Trainee Guide and

Ann Arbor VA Credentialing Academic Year 2020 - 2021 VA Trainee On-boarding 1. Trainee Guide and Requirements Talent Management System (TMS) Fingerprints How to complete and submit VA Paperwork 2. Trainee Application New to the VA

468 views • 16 slides

More recommend