Upload
others
View
1
Download
0
Embed Size (px)
Citation preview
CYBERSECURITY: ENTERPRISE READINESS 2018 Michigan InfraGard Annual Conference
2 ©2018 GalaxE.Solutions, Inc. Strictly Private, Proprietary & Confidential
DAVE TRADER CISO & VP of Infrastructure Services
www.linkedin.com/in/dtrader
3 ©2018 GalaxE.Solutions Strictly Private, Proprietary & Confidential
Formal Written Apology:
I, Dave Trader, being of sound mind and body to hereby officially apologize for the events and remarks
during the breakout session entitled CyberSecurity: Enterprise Readiness at the 2018 InfraGard Annual
Meeting. I meant no harm to any particular group of people nor did I mean to offend the senses of
anyone in particular.
In an effort to make the most efficient use of everyone’s time, I do hereby render this written apology in
advance of my session.
Sincerely,
-Dave T.
4 ©2018 GalaxE.Solutions, Inc. Strictly Private, Proprietary & Confidential
AGENDA
THE CHALLENGES WE FACE AIR SUPPORT CYBERSECURITY INSURANCE
WARRIOR MINDSET
SEE SOMETHING, SAY SOMETHING PROTECTIVE MEASURES THREATS
THE FUTURE LANDSCAPE INTELLIGENCE
5 ©2018 GalaxE.Solutions, Inc. Strictly Private, Proprietary & Confidential
Technology is constantly evolving
Private communications are a priority
• WikrMe
• SnapChat
While these applications were not designed for criminal activity, criminals capitalize on their effectiveness
Reactive vs. Proactive Response – Law Enforcement responds to reports
THE CHALLENGE WE FACE “THE BAD GUYS ALWAYS HAVE THE ADVANTAGE”
6 ©2018 GalaxE.Solutions, Inc. Strictly Private, Proprietary & Confidential
• Ransomware (What we did…controlled folder access)
• Business Email Compromise (BEC)
• State Sponsored Attacks
• Doxxing
• Phishing ($$$$$)
• CEO to CFO Wire Transfer ($$$$$)
• Princess from Uganda with sick parents
• Catfishing (Romantic Scams)
• Whaling
• IP and PII Theft
CURRENT THREATS:
7 ©2018 GalaxE.Solutions, Inc. Strictly Private, Proprietary & Confidential
2018 STATISTICS
8 ©2018 GalaxE.Solutions Strictly Private, Proprietary & Confidential
Private Sector CISO
Default
9 ©2018 GalaxE.Solutions, Inc. Strictly Private, Proprietary & Confidential
• ISP’s/Law Enforcement/FBI/NSA/IC3/Private/Corporate – We all know
where to go (kind of)…but we don’t know when to go. When should we
report? When we block a network scan from an unknown IP? When an
intruder connects through the firewall? When an account is accessed from
an unknown IP?
• Currently we dial 911 for a crime in progress, but what happens when we
call 911 for an network intrusion?
• What does the future of response/response-time/reactive look like? Is it
proactive, real-time, investigation? Should we be tracking to that goal?
• When do we report? When should we report?
AIR SUPPORT
10 ©2018 GalaxE.Solutions, Inc. Strictly Private, Proprietary & Confidential
• We need a set of rules or expectations that can be implemented on business for the exchange of breach coverage.
• Premiums would be affected by the risk associated with each business.
• Like other insurance coverage today, CyberSecurity Insurance needs to reward those who place the proper protections and encourage, by way of increased premiums, others to meet industry standards.
CYBERSECURITY INSURANCE
11 ©2018 GalaxE.Solutions, Inc. Strictly Private, Proprietary & Confidential
EQUIFAX CASE STUDY
12 ©2018 GalaxE.Solutions, Inc. Strictly Private, Proprietary & Confidential
• AV
• MFA
• IAM
• VPN
• Encryption
• DLP
• Data Classification
• Vulnerability Detection
• AppSEC
• Secure Coding
• SOC Operations
• NOC Operations
PROTECTIVE MEASURES
13 ©2018 GalaxE.Solutions, Inc. Strictly Private, Proprietary & Confidential
REDTEAM/BLUETEAM
• Iron sharpens iron
• Implementing this philosophy will harden
your networks and keep them up to date
against the latest and greatest attacks.
• Find the areas of weakness in your network
and protect against them.
• Do not wait for a real-world attack to find out
you have a port open that you shouldn’t.
Proactively and constantly test.
14 ©2018 GalaxE.Solutions, Inc. Strictly Private, Proprietary & Confidential
What does AI look like?
ARTIFICIAL INTELLIGENCE
15 ©2018 GalaxE.Solutions, Inc. Strictly Private, Proprietary & Confidential
BLOCKCHAIN
16 ©2018 GalaxE.Solutions, Inc. Strictly Private, Proprietary & Confidential
• This is illegal.
• Gathering data on an intruder has to be completed on your side of the firewall; leaving you with a public IP Address.
• Resist the urge to pursue beyond your network.
• We (the private sector) cannot retaliate.
HACKBACK
17 ©2018 GalaxE.Solutions, Inc. Strictly Private, Proprietary & Confidential
HUMINT
• There is no substitute for HUMINT.
• We need to partner with our communities to help us better understand when something is unusual or out of place.
• They know the ordinary. We need them to help us identify potential threats.
18 ©2018 GalaxE.Solutions, Inc. Strictly Private, Proprietary & Confidential
MCMAP
WARRIOR MINDSET
• You go to work every day and you access systems and restricted areas that a terrorist or hacker would love to get their hands on. If you weren’t a good wholesome individual and you meant to do harm, how would you stop you?
• These are the thoughts we, as good people, dismiss, but we need to visit them. We never imagined a commercial airliner becoming a weapon and we were unprepared.
• What is intelligence? – Factual, Credible, and Verifiable Information – That’s it. We are all Intelligence Analysts – If you see something, say something. How much time is wasted or lost in translation? A picture is worth a million words that we can all understand.
THINK LIKE THE ENEMY…THINK LIKE A TERRORIST…THINK LIKE A HACKER.
19 ©2018 GalaxE.Solutions, Inc. Strictly Private, Proprietary & Confidential
IF YOU SEE SOMETHING, SAY SOMETHING…
• There are contributing factors that delay the collection process of valuable intelligence.
• What does the future of this idea look like?
20 ©2018 GalaxE.Solutions, Inc. Strictly Private, Proprietary & Confidential
https://fedvte.usalearning.gov/
https://hireourheroes.org/veterans-training/
FEDVTE – FEDERAL VIRTUAL TRAINING ENVIRONMENT
21 ©2018 GalaxE.Solutions, Inc. Strictly Private, Proprietary & Confidential
TOP 10 COMMENT CARDS AT THE CONFERENCE…
10. Please increase our security clearance so we get juicier Flash Warnings.
9. I miss being read-in. Please CC me on the PDB (Presidential Daily Briefing)
8. Could we change the unclassified color to orange or purple so I at least FEEL like I’m getting TS/SCI data again?
7. Can we incorporate the code-word Sagittarius a little more often?
6. Will my selfie and check-in with the Designated Survivor show up on the FBI Facebook Page?
5. Please announce the issue point for the InfraGard badge and a gun I was promised.
4. Where can I get a Title 3 (WireTap) on my Ex’s phone?
3. Which vendor gets me 100% secure from hackers?
2. Are there any more “I’m from the Government. I’m here to help.” t-shirts available?
1. Are all the ex-directors’ audio books available in the gift shop?
THANK YOU