turning your cybersecurity
play

Turning Your Cybersecurity Toddlers Into Warriors! Simple lessons - PowerPoint PPT Presentation

Oct 13, 2022 •159 likes •483 views

Turning Your Cybersecurity Toddlers Into Warriors! Simple lessons to fill the knowledge gap within your staff Shira Shamban Dome9 Security @shambanIT 0 1 2 3 4 5 You and your staff Are NOT going to keep up with Technology

  1. Turning Your Cybersecurity Toddlers… Into Warriors! Simple lessons to fill the knowledge gap within your staff Shira Shamban Dome9 Security @shambanIT 0

  2. 1

  3. 2

  4. 3

  5. 4

  6. 5

  7. You and your staff Are NOT going to keep up with Technology @shambanIT

  8. Today, Enterprises Average… different security vendors installed in their company to solve problems ZDNet – “Security landscape plagued by too many. Nov. 2016 @shambanIT

  10. You and your staff Are NOT going to keep up with Technology ALERT!!!! ALERT!!!! ALERT!!!! ALERT!!!! ALERT!!!! ALERT!!!! ALERT!!!! ALERT!!!! ALERT!!!! ALERT!!!! @shambanIT

  12. @shambanIT 11

  13. Top 5 Causes of Data Breaches in Healthcare #1. Human Error: 33.5% The elephant in the figures is the #2. Misuse: 29.5% number of incidents where the discovery was measured in #3. Physical (mostly theft): 16.3% months or years …. #4. Hacking: 14.8% #5. Malware: 10.8% Protected Health Information Data Breach Report Verizon – March 2018 @shambanIT 12

  14. Top Three Causes – JDL Group – January 2018 63% of investigated breaches involved weak, #1. Password Problems stolen or default password Verizon recently reported ransomware is the #2. Ransomware & Malware fifth most common type of malware. Reuters reports 73% of data breaches happen #3. Human Error because of the people operating machines @shambanIT 14

  15. Why So Much Phishing? It Works... @shambanIT 15

  16. We All Have a Dave… @shambanIT 16

  17. Understanding the Basics of CD/CR Security @shambanIT 17

  18. We Don’t Need Faster Horses “If I had asked people what they wanted, they would have said faster horses.” ― Henry Ford @shambanIT 19

  19. So, what is the secret ingredient?

  20. Understanding the Basics of CD/CR Security • Whatever it is that you’re doing with your • Don’t monitor the logs, monitor the “I use the default AWS configuration” • 80% of the problems repeat themselves “I don’t need logs, I have an AV” “I keep all of my logs… I think” logs – It’s not working – time for a change unusual findings @shambanIT 21 21

  22. Logs Provide…

  23. The Secret Recipe… Your Logs are the Secret Ingredient ● How Long to Keep? ● Sources and Variety? ● Scalability ○ Easily add new (future) sources ● Detection Algorithms Used ○ How detailed/granularity ● Supporting User Interface @shambanIT

  24. Typical Attack Vector Criminal hacker User clicked Criminal hacker Money Username and Phishing email has privileged deployed bitcoin loss! link password stolen mining assets access to AWS Awareness URL scanning Least privilege Give very specific Enforce 2FA prevent policies to users program for email principle regarding assets Monitor activity patterns Monitor activity patterns Monitor login detect Detection tool Detection tool and unusual events, like and unusual events like patterns creating of new keys, new assets, unusual billing, users etc CPU, DNS requests A Complete 360 Degree View Is Impossible… Without Logs! @shambanIT

  25. Typical Attack Vector PII breach, including Criminal hacker User re-used Criminal hacker Criminal hacker moves around the Money loss, emails and password for has privileged encrypted DB, reputation, VPC, looking for asking for ransom compliance AWS account access to AWS passwords sensitive DB Enforce 2FA, Enforce strong least privilege Backup! prevent awareness password policy least privilege Monitor Internal Monitor login Monitor activity patterns Monitor unusual detect and unusual events, like port scan, failed haveibeenpwned patterns account activity creating of new keys, login attempts users etc Remember! Logging is For EVERYONE @shambanIT

  26. Love Your Logs!

  27. Focus On The Big Rocks First 30

  28. Automate Remediation Repetitive problems are easier to remediate Hire Expert(s) to Create Cluster - Address the Top 10 Recurring Problems Hire Expert(s) to Prepare Appropriate Solutions Allow Machine to Label Each Problem If Yes – Auto Remediate If No – Escalate to Human @shambanIT 31

  29. Remediation – What’s The Future…Crowdsourcing I have a problem Other people have that I wonder how they solved ow they solved problem (or similar) it it Security is improved! Others will share their own I will share my solution with the community solutions, we exchange knowledge @shambanIT 33

  30. Free Your Warriors! @shambanIT 34

  31. Any Questions? I Dare You! Thank You Shira Shamban @shambanIT Head of Security Research @shambanIT 35 shira@dome9.com

Recommend

U.S. National U.S. National Why are we talking about Cybersecurity Cybersecurity

U.S. National U.S. National Why are we talking about Cybersecurity Cybersecurity

U.S. National U.S. National Why are we talking about Cybersecurity Cybersecurity cybersecurity? William J. Perry Martin Casado Keith Coleman Dan Wendlandt MS&E 91SI Spring 2004 Stanford University U.S. National Cybersecurity

79 views • 7 slides
Presented by: Islanders Bank Cybersecurity Awareness Cybersecurity Awareness Objectives:

Presented by: Islanders Bank Cybersecurity Awareness Cybersecurity Awareness Objectives:

Presented by: Islanders Bank Cybersecurity Awareness Cybersecurity Awareness Objectives: Define Cybersecurity & why its important Provide information about Dept. Homeland Security Cybersecurity Campaigns: National

328 views • 22 slides
2018 TURNING IT AROUND The past 18 months have been a concentrated effort on turning the

2018 TURNING IT AROUND The past 18 months have been a concentrated effort on turning the

AGM PRESENTATION 2018 TURNING IT AROUND The past 18 months have been a concentrated effort on turning the finances around to a more stable position. The forecasts for this year are good new membership fees and cost cutting have

600 views • 30 slides
Cybersecurity A presentation to the National Association of Black Accountants Cleveland

Cybersecurity A presentation to the National Association of Black Accountants Cleveland

Cybersecurity A presentation to the National Association of Black Accountants Cleveland Chapter Contents Cybersecurity and risk management 1 Cybersecurity and the regulatory 2 environment Cybersecurity and the audit 3 4 Appendix

685 views • 37 slides
TURNING SWU INTO U TURNING SWU INTO U Thomas L. Neff Center for International Studies

TURNING SWU INTO U TURNING SWU INTO U Thomas L. Neff Center for International Studies

TURNING SWU INTO U TURNING SWU INTO U Thomas L. Neff Center for International Studies Massachusetts Institute of Technology tlneff@mit.edu URANIUM & SWU IMBALANCE World Uranium Production Substantially Below Apparent Requirements

405 views • 15 slides
Turning and Related Operations Turning is widely used for machining external cylindrical and

Turning and Related Operations Turning is widely used for machining external cylindrical and

Turning and Related Operations Turning is widely used for machining external cylindrical and conical surfaces. The workpiece rotates and a longitudinally fed single point cutting tool does the cutting. Machine tools used for this process are

639 views • 46 slides
KACo Cybersecurity Training KACo Cybersecurity Training Cybersecurity Threats Phishing

KACo Cybersecurity Training KACo Cybersecurity Training Cybersecurity Threats Phishing

7/17/2020 KACo Cybersecurity Training KACo Cybersecurity Training Cybersecurity Threats Phishing Attacks Malware/Ransomware Hacking Imposter Scams 1 7/17/2020 KACo Cybersecurity Training BEWARE OF Phishing Phishing attacks

248 views • 6 slides
Formal Methods and CyberSecurity James Davenport University of Bath Former Fulbright

Formal Methods and CyberSecurity James Davenport University of Bath Former Fulbright

Formal Methods and CyberSecurity James Davenport University of Bath Former Fulbright CyberSecurity Scholar 4 September 2019 James Davenport Formal Methods and CyberSecurity CyberSecurity CyberSecurity failures abound: tens daily in the

212 views • 19 slides
Formal Methods and CyberSecurity James Davenport University of Bath Former Fulbright

Formal Methods and CyberSecurity James Davenport University of Bath Former Fulbright

Formal Methods and CyberSecurity James Davenport University of Bath Former Fulbright CyberSecurity Scholar 4 September 2018 James Davenport Formal Methods and CyberSecurity CyberSecurity CyberSecurity failures abound: tens daily in the

325 views • 18 slides
ITU Mandate and Activities ITU Mandate and Activities Related to Cybersecurity Cybersecurity

ITU Mandate and Activities ITU Mandate and Activities Related to Cybersecurity Cybersecurity

ITU Mandate and Activities ITU Mandate and Activities Related to Cybersecurity Cybersecurity Related to Subregional Seminar on Cybersecurity for Information and Communication Networks 21 June 2005 Lima, Peru Christine Sund Christine Sund

921 views • 48 slides
Turning Point About Turning Point A two-year inclusive postsecondary program designed to prepare

Turning Point About Turning Point A two-year inclusive postsecondary program designed to prepare

GARDEN STATE PATHWAYS TO INDEPENDENCE Turning Point About Turning Point A two-year inclusive postsecondary program designed to prepare young adults with intellectual disabilities for competitive integrated employment. Areas of focus include

563 views • 21 slides
Being Strategic about Cybersecurity Regional Cybersecurity Forum, 29-30 Nov 2016, Grand Hotel

Being Strategic about Cybersecurity Regional Cybersecurity Forum, 29-30 Nov 2016, Grand Hotel

Being Strategic about Cybersecurity Regional Cybersecurity Forum, 29-30 Nov 2016, Grand Hotel Sofia, Bulgaria Mr. Joaqun Castelln , Operational Director Spanish National Security Department Ms. Anita TIKOS , Desk Officer for International

197 views • 15 slides
EU in action about cybersecurity NIS Directive 5G Cybersecurity Act GDPR Contractual ISACs

EU in action about cybersecurity NIS Directive 5G Cybersecurity Act GDPR Contractual ISACs

EU Cybersecurity European policy overview e-IRG e-IRG 4 December 2019 Brussels Anni Hellman, Senior Expert, Permanent Representation of Finland to the European Union Seconded for the Finnish Presidency from the Directorate General

320 views • 28 slides
MAYASEVENs Hacking Diary Who are we? Nop Phoomthaisong MAYASEVEN Team Cybersecurity

MAYASEVENs Hacking Diary Who are we? Nop Phoomthaisong MAYASEVEN Team Cybersecurity

MAYASEVENs Hacking Diary Who are we? Nop Phoomthaisong MAYASEVEN Team Cybersecurity Consultants, The Cybersecurity Expert Guys Cybersecurity Researcher 2 Agenda 1. Account Takeover via Forgot Password Function 2. Amazon S3

2.36k views • 75 slides
INTRODUCTION Institute 12/10/2018 1 OBJECTIVES Current cybersecurity statistics and

INTRODUCTION Institute 12/10/2018 1 OBJECTIVES Current cybersecurity statistics and

Section 1 Dr. Bruce Burton California Cybersecurity INTRODUCTION Institute 12/10/2018 1 OBJECTIVES Current cybersecurity statistics and implications Learn from past attacks Understand the NIST Cybersecurity Framework (CSF) &

368 views • 33 slides
Cybersecurity Today CYBERSECURITY IN TODAYS WORLD Cyberattacks in Wyoming Medical

Cybersecurity Today CYBERSECURITY IN TODAYS WORLD Cyberattacks in Wyoming Medical

Cybersecurity Today CYBERSECURITY IN TODAYS WORLD Cyberattacks in Wyoming Medical Facilities Local Government Schools Law Enforcement Media Outlets The threat and how to think about it Ransomware has rapidly emerged as the most

398 views • 15 slides
Cybersecurity and the AICPA Cybersecurity Attestation Project Chris Halterman Executive

Cybersecurity and the AICPA Cybersecurity Attestation Project Chris Halterman Executive

Cybersecurity and the AICPA Cybersecurity Attestation Project Chris Halterman Executive Director EY Chair AICPA Trust Information Integrity Task Force Agenda Item 8-D IAASB Meeting, September 21-25, 2015 New York, USA Page 1 Increasing

444 views • 17 slides
CYBERSECURITY Situational awareness Franois Thill, Director Cybersecurity, Ministry of the

CYBERSECURITY Situational awareness Franois Thill, Director Cybersecurity, Ministry of the

CYBERSECURITY Situational awareness Franois Thill, Director Cybersecurity, Ministry of the economy Agenda The actual situation Strategy of the ministry Risk management a common language Some good practice examples 2 The

427 views • 21 slides
Internet and CyberSecurity 101 U.S. National Cybersecurity, 10/5/06 presented by: Martin Casado

Internet and CyberSecurity 101 U.S. National Cybersecurity, 10/5/06 presented by: Martin Casado

Internet and CyberSecurity 101 U.S. National Cybersecurity, 10/5/06 presented by: Martin Casado Network vs. Internet a network is a system of computers that talk over some communication medium: phone line (analogue modem, DSL), cable,

957 views • 47 slides
CYBERSECURITY @ STEVENS CYBERSECURITY@STEVENS THE WORLD IS A DANGEROUS AND COSTLY PLACE

CYBERSECURITY @ STEVENS CYBERSECURITY@STEVENS THE WORLD IS A DANGEROUS AND COSTLY PLACE

GIUSEPPE ATENIESE FARBER CHAIR AND CS DEPT CHAIR CYBERSECURITY @ STEVENS CYBERSECURITY@STEVENS THE WORLD IS A DANGEROUS AND COSTLY PLACE According to insurance company Lloyds, cyberattacks cost businesses $400 billion a year A

123 views • 9 slides
Managing Cybersecurity & Safety Risk CTO, Industrial Cybersecurity CRO, TV Rheinland 2mc

Managing Cybersecurity & Safety Risk CTO, Industrial Cybersecurity CRO, TV Rheinland 2mc

Nigel Stanley MSc CEng FIET MIEEE Anthony Dickinson BSc MBA Managing Cybersecurity & Safety Risk CTO, Industrial Cybersecurity CRO, TV Rheinland 2mc In the Aluminium Industry nigel.stanley@us.tuv.com adickinson@2mc.co Building Cyber

405 views • 12 slides
Bound states of particle in a potential well Recall WKB breaks down near turning pts These

Bound states of particle in a potential well Recall WKB breaks down near turning pts These

Bound states of particle in a potential well Recall WKB breaks down near turning pts These must be smoothly connected across turning points For that, we expand the potential near turning points Substitute in Schrodinger equation near

328 views • 15 slides
AIRS Minor Constituents Focus Group: Turning small residuals into science Turning small

AIRS Minor Constituents Focus Group: Turning small residuals into science Turning small

AIRS Minor Constituents Focus Group: Turning small residuals into science Turning small residuals into science Wallace McMillan, Juying Warner, Michele McCourt Comer, Larrabee Strow, Sergio De-Souza Machado, Scott Hannon (UMBC/JCET), Mous

530 views • 32 slides
Shaping the Future of Cybersecurity Education Is N.I.C.E. NATIONAL INITIATIVE FOR CYBERSECURITY

Shaping the Future of Cybersecurity Education Is N.I.C.E. NATIONAL INITIATIVE FOR CYBERSECURITY

UNCLASSIFIED Shaping the Future of Cybersecurity Education Is N.I.C.E. NATIONAL INITIATIVE FOR CYBERSECURITY EDUCATION (NICE) March 2011 UNCLASSIFIED UNCLASSIFIED 60 Day Cyber Review Building Capacity for a Digital Nation Promote

526 views • 14 slides

More recommend