CYBERSECURITY : ENTERPRISE READINESS · 2018-05-30 · ©2018 GalaxE.Solutions Strictly Private, Proprietary & Confidential 3 Formal Written Apology: I, Dave Trader, being of sound

CYBERSECURITY: ENTERPRISE READINESS 2018 Michigan InfraGard Annual Conference

2 ©2018 GalaxE.Solutions, Inc. Strictly Private, Proprietary & Confidential

DAVE TRADER CISO & VP of Infrastructure Services

www.linkedin.com/in/dtrader

http://www.linkedin.com/in/dtrader

http://www.linkedin.com/in/dtrader

3 ©2018 GalaxE.Solutions Strictly Private, Proprietary & Confidential

Formal Written Apology:

I, Dave Trader, being of sound mind and body to hereby officially apologize for the events and remarks

during the breakout session entitled CyberSecurity: Enterprise Readiness at the 2018 InfraGard Annual

Meeting. I meant no harm to any particular group of people nor did I mean to offend the senses of

anyone in particular.

In an effort to make the most efficient use of everyone’s time, I do hereby render this written apology in

advance of my session.

Sincerely,

-Dave T.


AGENDA

THE CHALLENGES WE FACE AIR SUPPORT CYBERSECURITY INSURANCE

WARRIOR MINDSET

SEE SOMETHING, SAY SOMETHING PROTECTIVE MEASURES THREATS

THE FUTURE LANDSCAPE INTELLIGENCE


Technology is constantly evolving

Private communications are a priority

• WikrMe

• SnapChat

• WhatsApp

While these applications were not designed for criminal activity, criminals capitalize on their effectiveness

Reactive vs. Proactive Response – Law Enforcement responds to reports

THE CHALLENGE WE FACE “THE BAD GUYS ALWAYS HAVE THE ADVANTAGE”


• Ransomware (What we did…controlled folder access)

• Business Email Compromise (BEC)

• State Sponsored Attacks

• Doxxing

• Phishing ($$$$$)

• CEO to CFO Wire Transfer ($$$$$)

• Princess from Uganda with sick parents

• Catfishing (Romantic Scams)

• Whaling

• IP and PII Theft

CURRENT THREATS:


2018 STATISTICS

8 ©2018 GalaxE.Solutions Strictly Private, Proprietary & Confidential

Private Sector CISO

Default


• ISP’s/Law Enforcement/FBI/NSA/IC3/Private/Corporate – We all know

where to go (kind of)…but we don’t know when to go. When should we

report? When we block a network scan from an unknown IP? When an

intruder connects through the firewall? When an account is accessed from

an unknown IP?

• Currently we dial 911 for a crime in progress, but what happens when we

call 911 for an network intrusion?

• What does the future of response/response-time/reactive look like? Is it

proactive, real-time, investigation? Should we be tracking to that goal?

• When do we report? When should we report?

AIR SUPPORT


• We need a set of rules or expectations that can be implemented on business for the exchange of breach coverage.

• Premiums would be affected by the risk associated with each business.

• Like other insurance coverage today, CyberSecurity Insurance needs to reward those who place the proper protections and encourage, by way of increased premiums, others to meet industry standards.

CYBERSECURITY INSURANCE


EQUIFAX CASE STUDY


• AV

• MFA

• IAM

• VPN

• Encryption

• DLP

• Data Classification

• Vulnerability Detection

• AppSEC

• Secure Coding

• SOC Operations

• NOC Operations

PROTECTIVE MEASURES


REDTEAM/BLUETEAM

• Iron sharpens iron

• Implementing this philosophy will harden

your networks and keep them up to date

against the latest and greatest attacks.

• Find the areas of weakness in your network

and protect against them.

• Do not wait for a real-world attack to find out

you have a port open that you shouldn’t.

Proactively and constantly test.


What does AI look like?

ARTIFICIAL INTELLIGENCE


BLOCKCHAIN


• This is illegal.

• Gathering data on an intruder has to be completed on your side of the firewall; leaving you with a public IP Address.

• Resist the urge to pursue beyond your network.

• We (the private sector) cannot retaliate.

HACKBACK


HUMINT

• There is no substitute for HUMINT.

• We need to partner with our communities to help us better understand when something is unusual or out of place.

• They know the ordinary. We need them to help us identify potential threats.


MCMAP

WARRIOR MINDSET

• You go to work every day and you access systems and restricted areas that a terrorist or hacker would love to get their hands on. If you weren’t a good wholesome individual and you meant to do harm, how would you stop you?

• These are the thoughts we, as good people, dismiss, but we need to visit them. We never imagined a commercial airliner becoming a weapon and we were unprepared.

• What is intelligence? – Factual, Credible, and Verifiable Information – That’s it. We are all Intelligence Analysts – If you see something, say something. How much time is wasted or lost in translation? A picture is worth a million words that we can all understand.

THINK LIKE THE ENEMY…THINK LIKE A TERRORIST…THINK LIKE A HACKER.


IF YOU SEE SOMETHING, SAY SOMETHING…

• There are contributing factors that delay the collection process of valuable intelligence.

• What does the future of this idea look like?


https://fedvte.usalearning.gov/

https://hireourheroes.org/veterans-training/

FEDVTE – FEDERAL VIRTUAL TRAINING ENVIRONMENT








TOP 10 COMMENT CARDS AT THE CONFERENCE…

10. Please increase our security clearance so we get juicier Flash Warnings.

9. I miss being read-in. Please CC me on the PDB (Presidential Daily Briefing)

8. Could we change the unclassified color to orange or purple so I at least FEEL like I’m getting TS/SCI data again?

7. Can we incorporate the code-word Sagittarius a little more often?

6. Will my selfie and check-in with the Designated Survivor show up on the FBI Facebook Page?

5. Please announce the issue point for the InfraGard badge and a gun I was promised.

4. Where can I get a Title 3 (WireTap) on my Ex’s phone?

3. Which vendor gets me 100% secure from hackers?

2. Are there any more “I’m from the Government. I’m here to help.” t-shirts available?

1. Are all the ex-directors’ audio books available in the gift shop?

THANK YOU

Documents

CYBERSECURITY : ENTERPRISE READINESS · 2018-05-30 · ©2018 GalaxE.Solutions Strictly Private, Proprietary & Confidential 3 Formal Written Apology: I, Dave Trader, being of sound