Upload
others
View
1
Download
0
Embed Size (px)
Citation preview
Are You Prepared for the CYBERSECURITY CHALLENGE?
The Cybersecurity Division of IMRI Presented by: Martha Daniel, President and CEO
Confidential & Proprietary © 2018 IMRI Cytellix, the Cybersecurity Division of IMRI
IMRI/Cytellix – Trusted Leader in Managed Cybersecurity
Computer Operations:
Manages over $300 million
Cybersecurity:
Over 1500 networks, 7 million devices;
Engaged with U.S Army Network Enterprise Technology
Command; Missile Defense Agency; U.S Army Corps of
Engineers; DISA
Data Center/Cloud Computing:
15 facilities, 4 million users, 2800 applications
Data Center Consolidation:
22 operations with merger of $2 billion in assets
Software Development:
Application modernization and software development
planning and implementation
Certifications:
ISO 9001 / AS9100; CMMI compliant; industry and
professional certifications
Confidential & Proprietary © 2018 IMRI Cytellix, the Cybersecurity Division of IMRI
ARE YOU PREPARED for the CYBERSECURITY CHALLENGE ?
TODAY’S DISCUSSION
What is the Cybersecurity Challenge?
“Cybersecurity is big business concern” Bad Actors- Hackers love Small Businesses
How can I become better prepared for the
Cybersecurity Challenge?
Questions and Answers
Confidential & Proprietary © 2018 IMRI Cytellix, the Cybersecurity Division of IMRI
Pentagon Warns CEOs: Protect Your Data or Lose Our Contracts
Deputy Defense Secretary Patrick Shanahan
“Cybersecurity should be a top priority for its contractors.” Deputy Defense Secretary Patrick Shanahan
Confidential & Proprietary © 2018 IMRI Cytellix, the Cybersecurity Division of IMRI
Regulatory Mandate for Cybersecurity Compliance
Compliance: Effective Jan 1, 2018
30-days after contract award
Breach notification 72-hours
100% Compliance has been delayed
- 5 -
DFAR’s
252.204-7012
NIST SP 800-171
CSET
The goal of the new regulations is to secure sensitive data on the computers and networks at smaller companies.
Cyber Security Evaluation Tool (CSET®)
Compliance
Confidential & Proprietary © 2018 IMRI Cytellix, the Cybersecurity Division of IMRI
WHAT IS THE ….
Discussion #1
Confidential & Proprietary © 2018 IMRI Cytellix, the Cybersecurity Division of IMRI
CYBERSECURITY CHALLENGE ?
A. DFARS compliance
B. Cybersecurity as an evaluation criteria
C. Expansion of federal contractor cybersecurity obligations beyond DoD
D. Cybersecurity audits
Regulatory Mandate for Cybersecurity Compliance
Confidential & Proprietary © 2018 IMRI Cytellix, the Cybersecurity Division of IMRI
A
Confidential & Proprietary © 2018 IMRI Cytellix, the Cybersecurity Division of IMRI
DFARS Compliance
DFAR 252.204-7012 : All Department of Defense (DoD) contractors that store, process, or transmit covered defense information (CDI) .
CONTRACTORS MUST Implement NIST 800-171 standards
1. Performed an assessment
2. System security plan (SSP)
3. Plan of actions and milestones (POAM)
Definition Covered defense
information system (CDI)
An unclassified information, system that is owned, or operated by or for, a contractor and that stores, processes, or transmits CDI.
Confidential & Proprietary © 2018 IMRI Cytellix, the Cybersecurity Division of IMRI
B
Confidential & Proprietary © 2018 IMRI Cytellix, the Cybersecurity Division of IMRI
Cybersecurity as an Evaluation Criteria
NIST SP 800-171 Rev. 1 : Agencies may request SSPs and POAMs from contractors. These
cybersecurity protections documents may be considered by procurement agencies in evaluating proposals for contracts.
IP Keys Tech, B-414890, B-414890.2, October 4, 2017
The GAO found that the agency reasonably assigned the awardee’s proposal a strength for exceeding the minimum cybersecurity criteria.
Syneren Tech, Corp, B-41508, B-415058.2, Nov. 16, 2017
General Accountability Office (GAO) upheld the Navy’s determination
• offer was technically unacceptable • failed to meet DoD and Navy
cybersecurity requirements
Disqualified as Technically Unacceptable Fully Compliant to NISP SP 800-171
Confidential & Proprietary © 2018 IMRI Cytellix, the Cybersecurity Division of IMRI
C
Confidential & Proprietary © 2018 IMRI Cytellix, the Cybersecurity Division of IMRI
Expansion of Federal Contractor Cybersecurity Obligations Beyond DoD
Several agencies include contract-specific cyber clauses in select contracts
Individual agencies are taking their own steps to strengthen cybersecurity protections
Department of Homeland Security also has proposed cybersecurity regulations for DHS contractors
GSA announced that it is developing proposed GSA FAR supplement (GSAR) clauses that will impose NIST-based controls on contractors with access to unclassified GSA information as well as cyber incident reporting requirements
Federal Acquisition Regulation (FAR) includes a basic safeguarding clause, FAR 52.204-21, which incorporates only 15 of the NIST 800-171 requirements
Confidential & Proprietary © 2018 IMRI Cytellix, the Cybersecurity Division of IMRI
D
Confidential & Proprietary © 2018 IMRI Cytellix, the Cybersecurity Division of IMRI
• Verification that the contractor has an SSP
• Verification that the contractor submitted a POAM to the DoD Chief Information Officer (CIO), within 30 days of any contract award
• Verification of any necessary External Certificate
Authority (ECA) or Public Key Infrastructure (PKI) certificate
Cybersecurity Audits
Business System Audits
Confidential & Proprietary © 2018 IMRI Cytellix, the Cybersecurity Division of IMRI
Discussion #2
Confidential & Proprietary © 2018 IMRI Cytellix, the Cybersecurity Division of IMRI
Attackers -- Hackers, Nation States, Hacktivists, Organized Crime have a business predicated on successful attacks on your data
Cyber attacks on the rise SMB’s are the largest targets
“Cybersecurity is only a concern for big business“
Confidential & Proprietary © 2018 IMRI Cytellix, the Cybersecurity Division of IMRI
Confidential & Proprietary © 2018 IMRI Cytellix, the Cybersecurity Division of IMRI
60% of SMB cybercrime victims go out of business within 6 months of attack (NCSA)
50% of all surveyed in 2016 reported being victims of cyber attacks. (National SBA)
70% of all targeted attacks struck small to mid-sized organizations in 2016 (SMB Group)
The Small & Medium Business as a Target
50% of small and midsized businesses have fallen victim to ransomware
48% of those paid a ransom (2017 Ponemon Institute)
Confidential & Proprietary © 2018 IMRI Cytellix, the Cybersecurity Division of IMRI
Attacks are becoming common place. Hacking is a fact of life
Cyber Attacks on the Rise! Cybersecurity Misconceptions:
Real Reasons Why Are SMBs Targeted
• Lack of Investment in Cybersecurity • SMBs can Lead to Blue Chip Organizations
• SMBs are More Inclined to Pay Ransom
The Top Security Challenges SMBs Currently Face: • IoT Opens Excessive Entry Points
• Insiders are the Most Common Culprits
• The Cloud Isn't Safe From Security
Flaws
Confidential & Proprietary © 2018 IMRI Cytellix, the Cybersecurity Division of IMRI
Top Cyber Attack Threats
Confidential & Proprietary © 2018 IMRI Cytellix, the Cybersecurity Division of IMRI
Discussion #3
Confidential & Proprietary © 2018 IMRI Cytellix, the Cybersecurity Division of IMRI
Simplifying the actions Following the Cybersecurity Framework
Identify
Respond
Recover Protect
Detect
Assessment
Gap analysis actions (POAM)
Continuous monitoring for cyber events
Cyber event notification,
policies, planning,
implementation
Remediation, Policies &
Procedures
Confidential & Proprietary © 2018 IMRI Cytellix, the Cybersecurity Division of IMRI
Simplifying the actions
Confidential & Proprietary © 2018 IMRI Cytellix, the Cybersecurity Division of IMRI
NIST 800-171 is our recommended guidance
Adequate security is defined as a minimum in NIST 800-171 with the 14 controls ( to
protect controlled, unclassified data):
Contractors must notify the DoD, of any security gaps, within 30-days of any contract award
Cybersecurity Framework The recommendation for all companies and verticals
• Access Control
• Awareness and Training
• Audit & Accountability
• Configuration Management
• Identification & Authentication
• Incident Response
• Maintenance
• Media Protection
• Personnel Security
• Physical Protection
• Risk Assessment
• Security Assessment
• System & Com Protections
• System & Info Integrity
Confidential & Proprietary © 2018 IMRI Cytellix, the Cybersecurity Division of IMRI
CSET Assessment management & report
Scaled to meet NIST 800-171 requirements
Network scan and real-time assessment &
report
Gap Analysis & Assessment of 14 controls
& report
Security Plan & Plan of Action & Milestones
(POAM)
Continuous network asset monitoring
Remediation – best practices & practical
implementation
To Continue with Contract Awards from your Prime Contractors or the Federal
Government You must Complete the following Cyber Security Requirements:
Confidential & Proprietary © 2018 IMRI Cytellix, the Cybersecurity Division of IMRI
AS
SE
SS
ME
NT
Confidential & Proprietary © 2018 IMRI Cytellix, the Cybersecurity Division of IMRI
AS
SE
SS
ME
NT
Confidential & Proprietary © 2018 IMRI Cytellix, the Cybersecurity Division of IMRI
GA
P A
NA
LYS
IS R
EP
OR
T
Confidential & Proprietary © 2018 IMRI Cytellix, the Cybersecurity Division of IMRI
Confidential & Proprietary © 2018 IMRI Cytellix, the Cybersecurity Division of IMRI
Confidential & Proprietary © 2018 IMRI Cytellix, the Cybersecurity Division of IMRI
Pla
n o
f Actio
n &
Mile
ston
es (P
OA
M)
Confidential & Proprietary © 2018 IMRI Cytellix, the Cybersecurity Division of IMRI
CO
NT
INO
US
RE
AL
TIM
E M
ON
ITO
RIN
G
Confidential & Proprietary © 2018 IMRI Cytellix, the Cybersecurity Division of IMRI
How Do I Get Started With My CyberSecurity Challenge ?
You Have Choices
1. Self Compliance Assessment
ICE-CSET Tool (Technical Knowledge Required)
2. Turn it over to my IT Team
Cybersecurity Skills Required and
FEDRAMP Certification
3. Secure a Consultant /Outsource
Select a firm that is affordable
TurnKey Managed Services (FedRAMP)
Automated best practices providing you with remediation support
REMEDIATION
www.cytellix.com https://www.cytellix.com/webinarregistration/ [email protected] Corporate Office: 85 Argonaut Suite 200 Aliso Viejo, Ca 92656 Phone: (949) 215-8889
The Cybersecurity Division of IMRI