welcome
play

Welcome! Getting to Defensible: Your Roadmap to Maturing Defensible - PowerPoint PPT Presentation

Mar 26, 2023 •26 likes •366 views

Conference 2018 Conference 2018 Welcome! Getting to Defensible: Your Roadmap to Maturing Defensible Security in your Organization Global Context global annual cybercrime will cost the world in excess of $6 trillion annually by 2021 - this

  1. Conference 2018 Conference 2018 Welcome! Getting to Defensible: Your Roadmap to Maturing Defensible Security in your Organization

  2. Global Context § global annual cybercrime will cost the world in excess of $6 trillion annually by 2021 - this is an increase from $400 billion in early 2015 § global spending on cybersecurity defence is projected to exceed $1 trillion over the next 5 years § U.S. has declared a national emergency to deal with the cyber threat § global shortage of cybersecurity professionals is expected to reach 2 million by 2019 - now expected to be 3.5 million by 2021 - Canada’s share expected to be 62-65,000 * source: Herjavec 2016 Cybercrime Report Conference 2018

  3. Key Messages § incidents are increasing in frequency and are more sophisticated and targeted than ever § no organization globally is immune to attack § doing the basics well will stop 80% of the problems § organizations will be judged not only on their ability to prevent but detect and respond § security is not just an IT problem, it’s business enterprise risk § security is a top issue of concern for executives and Boards of Directors globally Conference 2018

  4. Questions the CEO/Board are Asking 1. do you know what our critical systems and data are? 2. what are the security controls in place? 3. are the controls sufficient to mitigate risk to an acceptable level? Conference 2018

  5. Questions the CEO/Board Should Answer 1. what are the key cybersecurity risks affecting your industry/organization? 2. is your organization aligned with an existing industry security standard (ie. ISO or NIST) 3. what is your current capability/maturity rating? (0 – Not Implemented, 1 – Initial, 2 – Repeatable, 3 – Defined, 4 – Managed, 5 – Optimized) 4. what is your desired capability/maturity rating? 5. do you have a plan to reach the desired level? 6. how frequently do you receive plan updates? 7. is security a recurring item on the board agenda? Conference 2018

  6. Approach § pick a standard relevant to your organization and industry (eg. ISO, NIST, NERC) § develop your security program consistent with the standard § perform a self-assessment § determine future state § perform gap analysis § plan, prioritize, execute § consider third party assessment Conference 2018

  7. Consider Maturity Level Maturity Approach Steps Low Risk register 1. identify key risks 2. rate inherent risk and trend 3. identify controls in place 4. rate residual risk 5. compare with risk appetite Medium Standards-based 1. identify an appropriate standard for your organization compliance 2. assess present state 3. determine desired target state based on appropriate controls 4. gap analysis 5. plan, prioritize 6. execute High Capability-based 1. review trends in environment 2. focus on changes in risk posture 3. consider relevant updates in standards 4. augment with increased capabilities Conference 2018

  8. Defensible Security what is it § where it came from § why is it needed § world-class next steps § risk-based security defensible compliance hygiene 8 Conference 2018

  9. DefSec Triage Security Security DNA Embedding (DNA) Prerequisites Prerequisites Executive Support Controls Roles & Responsibilities Info Security Program Crown Jewels Info Security Classification Risk Appetite & Register Security Awareness Risk Assessment Security Governance Security Assessment Security Security Directives Respiratory Asset Management & Disposal Controls Change Management Backup & Retention Directives Incident Management Logging & Monitoring Business Continuity Plan (BCP) Physical Security & Visible ID Disaster Recovery Plan (DRP) Criminal Record Checks Respiration Security Incident Response Vendor Security Requirements Info Security Policy Access Control “DiD” for Endpoints & Networks VM & Patching “Covering the organization end-to-end” Conference 2018

  10. Raise the Water Level § increase the security capability across our province to an acceptable level Conference 2018

  11. Hygiene Controls (Procedural) Security Controls Identify what employees may and may not do that will Information Security impact risk to systems and data Policy Conscious identification and treatment of physical and Risk Register logical risks to systems and data Review risk each time a new system is introduced or upon Risk Assessments material change to an existing system Respond to inevitable security incidents in a consistent Incident Response and scalable way Plan Team that is dedicated, virtual, or on retainer with third Incident Response party provider to respond to security incidents Team Humans represent the easiest method for attackers to Security Education and gain unauthorized access to systems and data Awareness Conference 2018

  12. Hygiene Controls (Technical) Security Controls Firewall Modern version designed to prevent illegitimate network traffic Sensors to prevent unauthorized access to networks and Intrusion data Prevention System to detect employee access to inappropriate and Website Content infected websites Filtering System to detect infected email and spam messages Email Content Filtering Software to detect malware and viruses on workstations Anti-virus/Malware and servers Conference 2018

  13. Defensible Security Cybersecurity has never been as imperative as it is today. Most organizations have failed to invest at a rate that has sustained previously achieved capability levels. Others have never reached a level of security maturity adequate to mitigate risks to an acceptable level. Organizations must target a level at or above risk-based security. It is critical to ensure hygiene and compliance level controls are in effect. Public sector organizations have a responsibility to apply appropriate safeguards and maintain a defensible level of security. Defensible security is at or above hygiene + compliance 13 Conference 2018

  14. Pre-requisites The following are pre-requisites to success for security: q Ensure the importance of cybersecurity is recognized by executives q Information Security roles and responsibilities are identified and assigned q Identify critical systems and data as the crown jewels of the organization q Organization’s risk appetite is known and a risk register is reviewed quarterly q Risk assessments are conducted for new systems and material changes to existing q Conduct security assessments regularly against an established security standard Conference 2018

  15. Defensible Security Organizations must have documented, followed, reviewed, updated, and tested: q Security Incident Response q Asset Management & Disposal q Information Security Policy q Change Management q Information Security Program q Incident Management q Information Security Classification q Business Continuity Plan (BCP) q Criminal Record Checks q Disaster Recovery Plan (DRP) q Security Awareness Program & q Backup & Retention Course q Logging & Monitoring q Vendor Security Requirements q Physical Security & Visible Identification The following practices must be in effect: q Security Governance q Access Control q Vulnerability Management q Defence in Depth for Endpoints & Patching and Networks Conference 2018

  16. Defensible Security Durations are based on an average-sized organization and intended as a guide. Whether an organization must invest more or less time will depend on scope, volume, and maturity. H hours W week(s) M month+ hazard hygiene Conference 2018

  17. Defensible Security Conference 2018

  18. Defensible Security Conference 2018

  19. Present State 1 2 3 4 5 6 Exec Roles Crown Risk Risk Security awareness responsibilities jewels appetite assessments assessments 7 8 9 10 11 12 13 14 Asset Change Incid BCP DRP Backup Logging Physical management management management & retention & monitoring & visible ID 15 16 17 18 19 20 21 Incid Policy Prog Info Crim Aware Vendor response (security) (security) classification record checks program/course requirements 22 23 24 25 complete or substantially complete Access DiD Security VM partially complete or in progress control for end-points governance & patching incomplete or substantially incomplete & network Notes: - self assessments are notorious for being too generous - third party assessment provides independence - may use third party as a baseline to show improvement - otherwise may prefer to remediate self-assessed gaps first Conference 2018

  20. Future State 1 2 3 4 5 6 Exec Roles Crown Risk Risk Security awareness responsibilities jewels appetite assessments assessments 7 8 9 10 11 12 13 14 Asset Change Incid BCP DRP Backup Logging Physical management management management & retention & monitoring & visible ID 15 16 17 18 19 20 21 Incid Policy Prog Info Crim Aware Vendor response (security) (security) classification record checks program/course requirements 22 23 24 25 Access DiD Security VM control for end-points governance & patching & network Notes: - self assessments are notorious for being too generous - third party assessment provides independence - may use third party as a baseline to show improvement - otherwise may prefer to remediate self-assessed gaps first Conference 2018

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Enhancement of the Safety of the Jordan Research and Training Reactor (JRTR) Dr. Khalifeh

Enhancement of the Safety of the Jordan Research and Training Reactor (JRTR) Dr. Khalifeh

Enhancement of the Safety of the Jordan Research and Training Reactor (JRTR) Dr. Khalifeh AbuSaleem Commissioner for Nuclear Research JRTR Manager During Construction & Commissioning Phase Jordan Atomic Energy Commission 0 Jordan Atomic

372 views • 34 slides
CYBER ATTACK ON YOUR UMBILICALS SUT YES CYBER SECURITY EVENT Andrea Kesterson | Change Manager

CYBER ATTACK ON YOUR UMBILICALS SUT YES CYBER SECURITY EVENT Andrea Kesterson | Change Manager

CYBER ATTACK ON YOUR UMBILICALS SUT YES CYBER SECURITY EVENT Andrea Kesterson | Change Manager Loai Khalayli | Operational Technology Engineer 25 May 2017 Disclaimer and important notice Outline Current, real and ever increasing threat

152 views • 11 slides
Defense in Depth: In Depth Presented by: Chelsea H. Komlo About me - Software engineer, privacy

Defense in Depth: In Depth Presented by: Chelsea H. Komlo About me - Software engineer, privacy

Defense in Depth: In Depth Presented by: Chelsea H. Komlo About me - Software engineer, privacy and security engineer - HashiCorp, ThoughtWorks, Tor - Worked in 5 countries and two languages About this talk - NOT how to do security -

564 views • 32 slides
Enabling Cloud-Native Applications with Application Credentials in Keystone Colleen Murphy Cloud

Enabling Cloud-Native Applications with Application Credentials in Keystone Colleen Murphy Cloud

Enabling Cloud-Native Applications with Application Credentials in Keystone Colleen Murphy Cloud Developer at SUSE cmurphy @_colleenm Overview Why we needed application credentials What are application credentials? (with demo!)

637 views • 25 slides
Security Vulnerabilities Decomposition Katy Anton OWASP Top 10 @KatyAnton When the report is

Security Vulnerabilities Decomposition Katy Anton OWASP Top 10 @KatyAnton When the report is

Security Vulnerabilities Decomposition Katy Anton OWASP Top 10 @KatyAnton When the report is published @KatyAnton Katy Anton Software development background Project co-leader for OWASP Top 10 Proactive Controls (@OWASPControls)

1.21k views • 45 slides
Readiness For Regulating Small Modular Reactors International Nuclear Regulators Association

Readiness For Regulating Small Modular Reactors International Nuclear Regulators Association

Readiness For Regulating Small Modular Reactors International Nuclear Regulators Association September 19, 2017 Vienna, Austria Ramzi Jammal Executive Vice-President and Chief Regulatory Operations Officer Canadian Nuclear Safety Commission

522 views • 20 slides
Licensing of UK ABWR in an international environment 12 th September 2017 Dave Watson Senior

Licensing of UK ABWR in an international environment 12 th September 2017 Dave Watson Senior

XE GD 0134 Rev.0 Licensing of UK ABWR in an international environment 12 th September 2017 Dave Watson Senior Regulatory Advisor, Nuclear Power Project, Hitachi Europe Ltd. Hitachi-GE Nuclear Energy, Ltd. Proprietary Information

351 views • 11 slides
Insider Fraud Laura Hutton SAS detecting the invisible The new fraud landscape & the rise

Insider Fraud Laura Hutton SAS detecting the invisible The new fraud landscape & the rise

Insider Fraud Laura Hutton SAS detecting the invisible The new fraud landscape & the rise of the insider How to rob a bank How to detect fraudulent staff Fraud is a global problem Typical organisations lose 5% of revenues Source:

503 views • 34 slides
How to defend your proposal like professional Dr Dr. Reyas What is proposal presentation

How to defend your proposal like professional Dr Dr. Reyas What is proposal presentation

RD FYP 1 WORKSHOP 3 RD Proposal Presentation How to defend your proposal like professional Dr Dr. Reyas What is proposal presentation or proposal defend To defend your final year project work a) Comply with Bachelor or Diploma

436 views • 33 slides
H3C Products Portfolio Enterprise Portfolio, May 2010 APR Nico Wang 2010 May IToIP Technology

H3C Products Portfolio Enterprise Portfolio, May 2010 APR Nico Wang 2010 May IToIP Technology

H3C Products Portfolio Enterprise Portfolio, May 2010 APR Nico Wang 2010 May IToIP Technology Strategy EAD Mgmt. Software MPLS Router Switch Software IRF platform Stacking Wireless Hardware Virtual Security Platform platform

467 views • 14 slides
A Suggested Framework for National Statistical Offices for Assessing and Managing Privacy Risks

A Suggested Framework for National Statistical Offices for Assessing and Managing Privacy Risks

A Suggested Framework for National Statistical Offices for Assessing and Managing Privacy Risks Related to the Use of Big Data Pascal Jacques Eurostat Local Security Officer 1 UNECE 2014 Project : The Role of Big Data in the Modernisation of

227 views • 12 slides
Overview of NetFlow NetFlow and ITSG -33 Existing Monitoring Tools Network

Overview of NetFlow NetFlow and ITSG -33 Existing Monitoring Tools Network

Overview of NetFlow NetFlow and ITSG -33 Existing Monitoring Tools Network Monitoring and Visibility Challenges Technology of the future Q&A What t is NetFlow? Network protocol originally developed by Cisco

560 views • 21 slides
MASTERS THESIS INFORMATION Erik Bohlin erik.bohlin@chalmers.se Robin Hanson

MASTERS THESIS INFORMATION Erik Bohlin erik.bohlin@chalmers.se Robin Hanson

MASTERS THESIS INFORMATION Erik Bohlin erik.bohlin@chalmers.se Robin Hanson robin.hanson@chalmers.se October 9th Technology Management and Economics AGENDA Aim, goal and relevance of masters thesis General requirements How

463 views • 24 slides
Workshop on Nuclear Robotics Safety & Security Cases Sachas Hotel, Manchester 11 September

Workshop on Nuclear Robotics Safety & Security Cases Sachas Hotel, Manchester 11 September

Workshop on Nuclear Robotics Safety & Security Cases Sachas Hotel, Manchester 11 September 2018 Safety Cases for Autonomous Systems: ONR Perspective 11 September 2018 ONR is an independent statutory body. We are as far removed from

918 views • 76 slides
Safety Issues for High Temperature Gas Reactors Andrew C. Kadak Professor of the Practice Major

Safety Issues for High Temperature Gas Reactors Andrew C. Kadak Professor of the Practice Major

Safety Issues for High Temperature Gas Reactors Andrew C. Kadak Professor of the Practice Major Questions That Need Good Technical Answers Fuel Performance Normal operational performance Transient performance Ejected Rod

371 views • 34 slides
Innovation policy for Industry 4.0 Remarks from Giorgio Mosca Chair of Cybersecurity Steering

Innovation policy for Industry 4.0 Remarks from Giorgio Mosca Chair of Cybersecurity Steering

Innovation policy for Industry 4.0 Remarks from Giorgio Mosca Chair of Cybersecurity Steering Committee Confindustria Digitale Director Strategy & Technologies - Security & IS Division, Leonardo Agenda A technological shift (OT + IT

486 views • 36 slides
future perspectives in Nuclear Safety and Radiation Protection Michael HBEL DG ENERGY

future perspectives in Nuclear Safety and Radiation Protection Michael HBEL DG ENERGY

EURATOM Directives: Status, challenges and future perspectives in Nuclear Safety and Radiation Protection Michael HBEL DG ENERGY Directorate D Head of Unit - Radiation Protection and Nuclear Safety Energy Euratom competences Nuclear

423 views • 28 slides
Investor Presentation 28th February 2020 SOURCE SUPPLY SUPPORT Ambertech Overview Customers

Investor Presentation 28th February 2020 SOURCE SUPPLY SUPPORT Ambertech Overview Customers

Investor Presentation 28th February 2020 SOURCE SUPPLY SUPPORT Ambertech Overview Customers Partners Market Traction More than 800 customers across Over 200 dealers in custom audio video Multi award winner install/

139 views • 11 slides
PRAMEA Probabilistic risk assessment method development and applications Presentation at the

PRAMEA Probabilistic risk assessment method development and applications Presentation at the

PRAMEA Probabilistic risk assessment method development and applications Presentation at the SAFIR2018 research programme final seminar, Hanasaari 21.3.2019 1 25.3.2019 VTT beyond the obvious HRA and advanced control rooms

341 views • 10 slides
Hydrographic Surveying Introduction of Speaker Definition Applications Echo

Hydrographic Surveying Introduction of Speaker Definition Applications Echo

Hydrographic Surveying Introduction of Speaker Definition Applications Echo sounding Sounding equipment Survey vessels Dredging equipment Software Data Processing Tidal Datums Projects Education

824 views • 36 slides
UDRC Highlights on activities, exploitation and training the next generation of defence signal

UDRC Highlights on activities, exploitation and training the next generation of defence signal

University Defence Research Collaboration (UDRC) Signal Processing in a Networked Battlespace UDRC Highlights on activities, exploitation and training the next generation of defence signal processors Consortium Directors Prof. Jonathon

407 views • 22 slides
Design your own Multifunctional Flood Defense Minor module 9 Smart Cities Multifunctional

Design your own Multifunctional Flood Defense Minor module 9 Smart Cities Multifunctional

Design your own Multifunctional Flood Defense Minor module 9 Smart Cities Multifunctional Flood Defences 26 March 2019 Minor: Smart Cities - Multifunctional Flood Defences 1 M9: Smart Cities Design your own Multifunctional Flood

576 views • 22 slides
2010 Preliminary Results Agenda Introduction Andy Stevens Chief Executive Officer

2010 Preliminary Results Agenda Introduction Andy Stevens Chief Executive Officer

3 March 2011 The most important thing we build is trust 2010 Preliminary Results Agenda Introduction Andy Stevens Chief Executive Officer Financial Results Warren Tucker Chief Financial Officer Business Review Andy Stevens

698 views • 50 slides
Prof. Dr. Ir. Bart De Moor Vice-rector International Policy The technology transfer engine Fase

Prof. Dr. Ir. Bart De Moor Vice-rector International Policy The technology transfer engine Fase

On the use of science and technology for society and defence Prof. Dr. Ir. Bart De Moor Vice-rector International Policy The technology transfer engine Fase 1 Fase 2 Direct Contract Research FFF BA/VC spinoff NV KUL Research Research

308 views • 17 slides

More recommend