Post on 09-Aug-2020
AT&TSecurityConsul2ng“TheDarkWeb”Sco$Sweren,Sr.ConsultantOctober2017
Presenta9on9tlehere—editonSlideMaster
©2017AT&TIntellectualProperty.Allrightsreserved.AT&T,Globelogo,MobilizingYourWorldandDIRECTVareregisteredtrademarksandservicemarksofAT&TIntellectualPropertyand/orAT&Taffiliatedcompanies.Allothermarksarethepropertyoftheirrespec9veowners.
Su$on’sLaw
2
“Whydoyourobbanks?”“Becausethat’swherethemoneyis”
WillieSu$on….bankrobber…author
Sutton’s Law: https://en.wikipedia.org/wiki/Sutton%27s_law
Presenta9on9tlehere—editonSlideMaster
©2017AT&TIntellectualProperty.Allrightsreserved.AT&T,Globelogo,MobilizingYourWorldandDIRECTVareregisteredtrademarksandservicemarksofAT&TIntellectualPropertyand/orAT&Taffiliatedcompanies.Allothermarksarethepropertyoftheirrespec9veowners.
TheWorldToday
China Alleged to Have Hacked Three Medical Device Companies
Cybercrime Costs the Average U.S. Firm $15 Million a Year
Russia Hacked Hundreds of Western Asian Companies: Security Firm
63% of SMBs Increased Security Spending, but More Than Half Still Experienced Breaches
Ransomware Sales on the Dark Web Spike 2,502% in 2017
Presenta9on9tlehere—editonSlideMaster
©2017AT&TIntellectualProperty.Allrightsreserved.AT&T,Globelogo,MobilizingYourWorldandDIRECTVareregisteredtrademarksandservicemarksofAT&TIntellectualPropertyand/orAT&Taffiliatedcompanies.Allothermarksarethepropertyoftheirrespec9veowners.
10WorstDataBreachesofAllTime
4
10.USGovt.Agency,2008:76millionrecords9.RussianInternetPortal,2014:98millionaccounts8.EntertainmentandElectronicsCo.,2011:102millionrecords7.USRetailer,2013:110millionrecords6.PaymentProcessor,2008-2009:130millionrecords
5.CreditAgency,2017:143millionaccounts4.ProfessionalSocialNetwork,2012:165millionaccounts3.PersonalProfessionalNetwork,unknown:360millionaccounts2.SocialNetwork,2016:412millionaccounts
1. InternetPortal,2013&2016:1.5billionaccountscombined
Elizabeth Palermo & Paul Wagenseil Sep 8, 2017 HTTPS://WWW.TOMSGUIDE.COM/US/PICTURES-STORY/872-WORST-DATA-BREACHES.HTML#S2
Presenta9on9tlehere—editonSlideMaster
©2017AT&TIntellectualProperty.Allrightsreserved.AT&T,Globelogo,MobilizingYourWorldandDIRECTVareregisteredtrademarksandservicemarksofAT&TIntellectualPropertyand/orAT&Taffiliatedcompanies.Allothermarksarethepropertyoftheirrespec9veowners.
2017Breaches
5
Heidi Daitch Sep 26, 2017 HTTPS://WWW.IDENTITYFORCE.COM/BLOG/2017-DATA-BREACHES
1
3
7
2
7
3
2
1
6
0
1
2
3
4
5
6
7
8
January February March April May June July August September
2017Breaches
32BreachesToDate
Presenta9on9tlehere—editonSlideMaster
©2017AT&TIntellectualProperty.Allrightsreserved.AT&T,Globelogo,MobilizingYourWorldandDIRECTVareregisteredtrademarksandservicemarksofAT&TIntellectualPropertyand/orAT&Taffiliatedcompanies.Allothermarksarethepropertyoftheirrespec9veowners.
• Spearphishingemail• Plugginginathumbdrivethathasn’tbeen
securityscreened• Socialengineering• Lackofemployeetraining,awareness
aroundsecurity
• Revenge• Money• Whistleblowers• Hack9vism• Espionage• BusinessAdvantage
6
InsiderThreats MaliciousInsiderRisks
Source:AT&TCybersecurityInsightsReport–DecodingtheAdversaryVolumeh$ps://www.business.a$.com/cybersecurity/docs/decodingtheadversary.pdf
WhyBreachesHappen
Presenta9on9tlehere—editonSlideMaster
©2017AT&TIntellectualProperty.Allrightsreserved.AT&T,Globelogo,MobilizingYourWorldandDIRECTVareregisteredtrademarksandservicemarksofAT&TIntellectualPropertyand/orAT&Taffiliatedcompanies.Allothermarksarethepropertyoftheirrespec9veowners.
SomeStats…
Source:PonemonIns9tute2016CostofDataBreachStudy:GlobalAnalysis
Presenta9on9tlehere—editonSlideMaster
©2017AT&TIntellectualProperty.Allrightsreserved.AT&T,Globelogo,MobilizingYourWorldandDIRECTVareregisteredtrademarksandservicemarksofAT&TIntellectualPropertyand/orAT&Taffiliatedcompanies.Allothermarksarethepropertyoftheirrespec9veowners.
Applica9onSecurityStats…
8
Source:PonemonIns9tute2016CostofDataBreachStudy:GlobalAnalysis
Presenta9on9tlehere—editonSlideMaster
©2017AT&TIntellectualProperty.Allrightsreserved.AT&T,Globelogo,MobilizingYourWorldandDIRECTVareregisteredtrademarksandservicemarksofAT&TIntellectualPropertyand/orAT&Taffiliatedcompanies.Allothermarksarethepropertyoftheirrespec9veowners.
UnrestrictedWarfare….
Records from Government Data Breach Surface on ‘Darknet,’ says Expert
QiaoLiangandWangXiangsui(Beijing:PLALiteratureandArtsPublishingHouse,February1999)
Presenta9on9tlehere—editonSlideMaster
©2017AT&TIntellectualProperty.Allrightsreserved.AT&T,Globelogo,MobilizingYourWorldandDIRECTVareregisteredtrademarksandservicemarksofAT&TIntellectualPropertyand/orAT&Taffiliatedcompanies.Allothermarksarethepropertyoftheirrespec9veowners.
ItisaboutmorethanPaymentCardData
Financial Hack2vism CyberEspionage
Drivenprimarilybystealingdatathatcanbemone3zed(BOA,MAZAFAKA,RBN)
Wishtomakeapoli3calorsocialstatementwitha$acks(Anonymous,LulzSec,FSA)
StatesponsoredIPthe:tobenefitstatePrimarilyChina,andRussiaalthoughothercountriestakepart
WhataretheMOTIVATIONS?
Presenta9on9tlehere—editonSlideMaster
©2017AT&TIntellectualProperty.Allrightsreserved.AT&T,Globelogo,MobilizingYourWorldandDIRECTVareregisteredtrademarksandservicemarksofAT&TIntellectualPropertyand/orAT&Taffiliatedcompanies.Allothermarksarethepropertyoftheirrespec9veowners.
CyberEspionage
Mo9vatedtoStealIntellectualProperty,corporatesecrets
Chinese,Russian,andothergovernmentssponsor
“PatriotHackers”takeupcause
Companiesperformingresearch–private,government,aerospace,IP,etc.
AdvancedPersistentThreat…”LowandSlow”
$300,000,000,000peryearcosttoUS
“TheUnitedStatesisUnderAAack…TheCommunistChineseGovernmenthasdefinedusastheenemy.Itisbuying,
buildingandstealingwhateverittakestocontainanddestroyus.Again,theChineseGovernmenthasdefinedusastheenemy.”
Source:DanaRohrbacher,USCongressionalSubcommi$eeonOversightandInves9ga9ons,April15,2011
Presenta9on9tlehere—editonSlideMaster
©2017AT&TIntellectualProperty.Allrightsreserved.AT&T,Globelogo,MobilizingYourWorldandDIRECTVareregisteredtrademarksandservicemarksofAT&TIntellectualPropertyand/orAT&Taffiliatedcompanies.Allothermarksarethepropertyoftheirrespec9veowners.
12
ANewBa$lefield(APT)
NorthKorea– 50Kservers,SouthKorean
financialsystem(2013)
– SonyPictures,“TheInterview”(Nov2014)
China– RSA/EMCphishingemail,
0-dayFlashVuln(2011)– LockheedMar9nVPN/
2FAa$ack,F35(2011)– OPM21Mrecords
includingclearances(July2015)
Russia– PentagonJCSemailhack
(Aug2015)– WHemail(Apr2015)
US(withsupportfromIsrael)
– IranStuxnet/Dukuenrichmentfacul9eshack(2010)
– Equa9onGrouprevealedbyKaspersky(2015)
ImageSource:CNN.com
ImageSource:CNN.com
ImageSource:krebsonsecurity.com
Presenta9on9tlehere—editonSlideMaster
©2017AT&TIntellectualProperty.Allrightsreserved.AT&T,Globelogo,MobilizingYourWorldandDIRECTVareregisteredtrademarksandservicemarksofAT&TIntellectualPropertyand/orAT&Taffiliatedcompanies.Allothermarksarethepropertyoftheirrespec9veowners.
Hack9vists;DrivenbyIdeology
Vic2ms-WorldBank,Stra]or,SONY,etc.
ShutdownsiteswithDDOSa$acks,stealdatato“makeapoli9calorsocialstatement”
– Anonymous&LulzSec,FreeSyrianArmy
– Entertainment,NewMedia,InternetPortals,etc.
“Oneman’sfreedomfighterisanotherman’sterrorist.Soletthemcallusterrorists,”headdedmomentslater:“I’lls3llbombtheirbuildings.”JeremyHammond
“SABU”
Presenta9on9tlehere—editonSlideMaster
©2017AT&TIntellectualProperty.Allrightsreserved.AT&T,Globelogo,MobilizingYourWorldandDIRECTVareregisteredtrademarksandservicemarksofAT&TIntellectualPropertyand/orAT&Taffiliatedcompanies.Allothermarksarethepropertyoftheirrespec9veowners.
CyberCriminals-DrivenbyFinancialMo9ves
DmitryIvanovichGolubov“Script”(ARRESTED)– Allegedtobeamajorcyberthief– FounderofCarderPlanet– RanforUkrainianSenate– Headspoli9calparty
StevenWab(Convicted)– CreatedTrojanresponsibleformajorretailbreaches– Graduatedcollegeat19– WorkedatMorganStanleyat9meofbreach
MaxRayButler“IceMan”(convicted)– FounderofCardersMarket– Recovered1.3millionaccountsonlaptop
Presenta9on9tlehere—editonSlideMaster
©2017AT&TIntellectualProperty.Allrightsreserved.AT&T,Globelogo,MobilizingYourWorldandDIRECTVareregisteredtrademarksandservicemarksofAT&TIntellectualPropertyand/orAT&Taffiliatedcompanies.Allothermarksarethepropertyoftheirrespec9veowners.
“InternetPartyofUkraine”–DmitryGulubov(Script)
Presenta9on9tlehere—editonSlideMaster
©2017AT&TIntellectualProperty.Allrightsreserved.AT&T,Globelogo,MobilizingYourWorldandDIRECTVareregisteredtrademarksandservicemarksofAT&TIntellectualPropertyand/orAT&Taffiliatedcompanies.Allothermarksarethepropertyoftheirrespec9veowners.
TheMostProlificGanginCyberHistory?
AlbertGonzalez"soupnazi"(convicted)– Large-scaleretailbreaches
– MostwhileonpayrollwithSS$75k/yr
– Serving20yearterm
HumzaZaman,laundering(convicted)– Internalbadactor,workedon-staffatglobalbankasnetworksecuritymanager
– Moneymule,ATMs(FedExpor9ontoGonzalez)
MaksymYastremskiy“Maksik”(convicted)
– Greatestprofiteer$11Mascarder
ChristopherScob&JonathanJames(convicted)
– US-1wardrivingspecialists
Presenta9on9tlehere—editonSlideMaster
©2017AT&TIntellectualProperty.Allrightsreserved.AT&T,Globelogo,MobilizingYourWorldandDIRECTVareregisteredtrademarksandservicemarksofAT&TIntellectualPropertyand/orAT&Taffiliatedcompanies.Allothermarksarethepropertyoftheirrespec9veowners.©2017AT&TIntellectualProperty.Allrightsreserved.AT&T,Globelogo,MobilizingYourWorldandDIRECTVareregisteredtrademarksandservicemarksofAT&TIntellectualPropertyand/orAT&Taffiliatedcompanies.Allothermarksarethepropertyoftheirrespec9veowners.
HowitisDone
17
Presenta9on9tlehere—editonSlideMaster
©2017AT&TIntellectualProperty.Allrightsreserved.AT&T,Globelogo,MobilizingYourWorldandDIRECTVareregisteredtrademarksandservicemarksofAT&TIntellectualPropertyand/orAT&Taffiliatedcompanies.Allothermarksarethepropertyoftheirrespec9veowners.
18 Source:Verisign
Presenta9on9tlehere—editonSlideMaster
©2017AT&TIntellectualProperty.Allrightsreserved.AT&T,Globelogo,MobilizingYourWorldandDIRECTVareregisteredtrademarksandservicemarksofAT&TIntellectualPropertyand/orAT&Taffiliatedcompanies.Allothermarksarethepropertyoftheirrespec9veowners.
19 Source:Verisign
Presenta9on9tlehere—editonSlideMaster
©2017AT&TIntellectualProperty.Allrightsreserved.AT&T,Globelogo,MobilizingYourWorldandDIRECTVareregisteredtrademarksandservicemarksofAT&TIntellectualPropertyand/orAT&Taffiliatedcompanies.Allothermarksarethepropertyoftheirrespec9veowners.
TheDeepWeb…
Surfaceweb(clearweb)accountsfor4%ofcontent…19TBofcontent(1billionuniquedocuments)Deepwebaccountsfor96%ofcontentor7,500+TB(550billionuniquedocuments)Deepwebhasanes9mated1,000–2,000moreinforma9onthanclearwebUsedbyspies,journalists,dissidents,ac9vists,thoseinrestrictedcountries…andcriminals.
Source:CharlieAbrahams,MarkMonitor
Presenta9on9tlehere—editonSlideMaster
©2017AT&TIntellectualProperty.Allrightsreserved.AT&T,Globelogo,MobilizingYourWorldandDIRECTVareregisteredtrademarksandservicemarksofAT&TIntellectualPropertyand/orAT&Taffiliatedcompanies.Allothermarksarethepropertyoftheirrespec9veowners.
Tor
Presenta9on9tlehere—editonSlideMaster
©2017AT&TIntellectualProperty.Allrightsreserved.AT&T,Globelogo,MobilizingYourWorldandDIRECTVareregisteredtrademarksandservicemarksofAT&TIntellectualPropertyand/orAT&Taffiliatedcompanies.Allothermarksarethepropertyoftheirrespec9veowners.
h$p://zqktlwi4fecvo6ri.onion/wiki/index.php/Main_Page
TheHiddenWiki
Presenta9on9tlehere—editonSlideMaster
©2017AT&TIntellectualProperty.Allrightsreserved.AT&T,Globelogo,MobilizingYourWorldandDIRECTVareregisteredtrademarksandservicemarksofAT&TIntellectualPropertyand/orAT&Taffiliatedcompanies.Allothermarksarethepropertyoftheirrespec9veowners.
FakeRealPlas9c
Presenta9on9tlehere—editonSlideMaster
©2017AT&TIntellectualProperty.Allrightsreserved.AT&T,Globelogo,MobilizingYourWorldandDIRECTVareregisteredtrademarksandservicemarksofAT&TIntellectualPropertyand/orAT&Taffiliatedcompanies.Allothermarksarethepropertyoftheirrespec9veowners.
ZeroSquad&SafeDrop
Presenta9on9tlehere—editonSlideMaster
©2017AT&TIntellectualProperty.Allrightsreserved.AT&T,Globelogo,MobilizingYourWorldandDIRECTVareregisteredtrademarksandservicemarksofAT&TIntellectualPropertyand/orAT&Taffiliatedcompanies.Allothermarksarethepropertyoftheirrespec9veowners.
Cebulka
Presenta9on9tlehere—editonSlideMaster
©2017AT&TIntellectualProperty.Allrightsreserved.AT&T,Globelogo,MobilizingYourWorldandDIRECTVareregisteredtrademarksandservicemarksofAT&TIntellectualPropertyand/orAT&Taffiliatedcompanies.Allothermarksarethepropertyoftheirrespec9veowners.©2017AT&TIntellectualProperty.Allrightsreserved.AT&T,Globelogo,MobilizingYourWorldandDIRECTVareregisteredtrademarksandservicemarksofAT&TIntellectualPropertyand/orAT&Taffiliatedcompanies.Allothermarksarethepropertyoftheirrespec9veowners.
TheChallengeofDefiningSecurity
Presenta9on9tlehere—editonSlideMaster
©2017AT&TIntellectualProperty.Allrightsreserved.AT&T,Globelogo,MobilizingYourWorldandDIRECTVareregisteredtrademarksandservicemarksofAT&TIntellectualPropertyand/orAT&Taffiliatedcompanies.Allothermarksarethepropertyoftheirrespec9veowners.
Denota9on?Connota9on?Somecommonlyusedphrasestodescribesecurity:
“Personal,privateorpublicprotec2on”?“Providingalevelofdefenseforatargetofhighvalueagainstaggressors.”?“LIFE,Property,Knowledge.Freedom”?“Beingpreparedtolessenoreliminatetheeffectofunwantedevents.”?“Protec2onfromvulnerabili9esandac9onstoreduceriskofcomprises.”?“Ensureconfiden2ality,integrityandavailabilityofsystemsanddata”?
“…intheabsenceofagreeddefini3onstheconceptofsecuritymeansdifferentthingstodifferentpeopleindifferentcontexts.”Manunta,Giovanni.“WhatisSecurity?”:SecurityJournal.1999Pg.57-66
Whatdowemeanwhenwesay“Security”?
Presenta9on9tlehere—editonSlideMaster
©2017AT&TIntellectualProperty.Allrightsreserved.AT&T,Globelogo,MobilizingYourWorldandDIRECTVareregisteredtrademarksandservicemarksofAT&TIntellectualPropertyand/orAT&Taffiliatedcompanies.Allothermarksarethepropertyoftheirrespec9veowners.
Socrates,Jacobellis,&Security-Security201
Whatis“F-Ness”?Ifyoudon’tknowthen:
• Youcan’tknowifsomethingisorisnot“F”
• Can’tdescribethecharacteris9csof“F-ness”
• Can’ttellsomeonehowtoachieve“F-ness”
“I shall not today attempt further to define the kinds of material I understand to be
embraced within that shorthand description ["hard-core pornography"]; and perhaps I could never succeed in
intelligibly doing so. But I know it when I see it, and the motion picture involved in this case is not that.”- Mr. Justice Stewart;
Jacobellis v. Ohio, 378 US 184 (1964)
Presenta9on9tlehere—editonSlideMaster
©2017AT&TIntellectualProperty.Allrightsreserved.AT&T,Globelogo,MobilizingYourWorldandDIRECTVareregisteredtrademarksandservicemarksofAT&TIntellectualPropertyand/orAT&Taffiliatedcompanies.Allothermarksarethepropertyoftheirrespec9veowners.
Defini9onThroughNega9on(apophasis)
IcannotdefinewhatsecurityisthroughitsaAributesbutIcandefinesecuritybydescribingwhatitisnot.Nobodywilltellacompanywhentheyaresecurebutarequicktorenderanopiniona:erabreach…
Presenta9on9tlehere—editonSlideMaster
©2017AT&TIntellectualProperty.Allrightsreserved.AT&T,Globelogo,MobilizingYourWorldandDIRECTVareregisteredtrademarksandservicemarksofAT&TIntellectualPropertyand/orAT&Taffiliatedcompanies.Allothermarksarethepropertyoftheirrespec9veowners.
“Giventhepoorstateofcybersecurity,compliance-drivensecurityisatbestaqualifiedfailure.”-CommiAeeonDeterringCyberaAacks:InformingStrategiesandDevelopingOp3ons;Na3onalResearchCouncil
PCIDSS,FISMA,HIPAA/HITECH,SB1386,NREC,FRPA,ISO27001,MPSA,PADSS,etc.,etc.,etc.!
Because‘we’can’tdefinesecuritywedefaultto‘compliance’…
Proceedings of a Workshop on Deterring CyberAttacks: Informing Strategies and Developing Options for U.S. Policy Committee on Deterring Cyberattacks: Informing Strategies and Developing Options; National Research Council ISBN: 0-309-16086-3, 400 pages, 8 1/2 x 11, (2010)
Presenta9on9tlehere—editonSlideMaster
©2017AT&TIntellectualProperty.Allrightsreserved.AT&T,Globelogo,MobilizingYourWorldandDIRECTVareregisteredtrademarksandservicemarksofAT&TIntellectualPropertyand/orAT&Taffiliatedcompanies.Allothermarksarethepropertyoftheirrespec9veowners.
TheChallengewithSecurityToday
“Informa3onSecurityProfessionals”arereally“technologyprofessionals”andnot“securityprofessionals”
Securityisul9matelyaboutpredic9ngandcontrollinghumanbehaviorontwosidesofarela9onship…SecuritydescribesanAdversarialRela9onship
Frequen9stProbabilityModelsareineffec9veforAdap9veThreats…BayesianProbabilityisabe$ermeasure
SecurityProfessionalsinalldomainsneedtounderstand… - Ra9onalActorModel
- Deterrence/Compellencetheory- ThreatAdapta9on- ThreatAsymmetry- ParallaxandConvergence
- ChangeBlindness- ProximateReality- DefenseinDepth- Condi9onalProbability- Etc.!!
Presenta9on9tlehere—editonSlideMaster
©2017AT&TIntellectualProperty.Allrightsreserved.AT&T,Globelogo,MobilizingYourWorldandDIRECTVareregisteredtrademarksandservicemarksofAT&TIntellectualPropertyand/orAT&Taffiliatedcompanies.Allothermarksarethepropertyoftheirrespec9veowners.
Adap9veThreats&AsymmetricThreats
“..includesthreatsinten3onallycausedbyhumans.”ItfurtherstatesthatAdap9veThreatsare:“…causedbypeoplethatcanchangetheirbehaviororcharacteris3csinreac3ontopreven3on,protec3on,response,andrecoverymeasurestaken.”–DHSLexicon,2010
AccordingtoPimmerman,anAsymmetricThreatmustmeetthreecriteria.Thesehavebeenmodifiedforourpurposesandinclude:
1. Itmustinvolveanexploit,tac9corstrategythattheadversarybothcouldandwoulduseagainstanorganiza9on
2. Itmustinvolveanexploit,tac9c,orstrategythattheorganiza9onwouldnotemployagainsttheadversary
3. Itmustinvolveanexploit,tac9c,orstrategythat,ifnotcountered,couldhaveseriousconsequences
Presenta9on9tlehere—editonSlideMaster
©2017AT&TIntellectualProperty.Allrightsreserved.AT&T,Globelogo,MobilizingYourWorldandDIRECTVareregisteredtrademarksandservicemarksofAT&TIntellectualPropertyand/orAT&Taffiliatedcompanies.Allothermarksarethepropertyoftheirrespec9veowners.33
IsthisaValidStatement?(hint..HindsightBias)
“Felixquipotuitrerumcognoscerecausas”
“blessedaccomplishmenttheirs,whocantrackthecausesofthings”-Virgil;420BC
Presenta9on9tlehere—editonSlideMaster
©2017AT&TIntellectualProperty.Allrightsreserved.AT&T,Globelogo,MobilizingYourWorldandDIRECTVareregisteredtrademarksandservicemarksofAT&TIntellectualPropertyand/orAT&Taffiliatedcompanies.Allothermarksarethepropertyoftheirrespec9veowners.34
“…atcurrentspendingrates,companiesareonlyaddressing68%ofvulnerabili3es.Toachieve95%protec3on,companieswouldneedtoincreasespendingby700%from$30.8millionto$270.9million.
PonemonIns9tute;2012
“Today,thePCIprocesstakesupto55%ofthetotaldatasecuritybudgetforretailers…”
IHL;2015
SpendingOurselvesIntoOblivion
Presenta9on9tlehere—editonSlideMaster
©2017AT&TIntellectualProperty.Allrightsreserved.AT&T,Globelogo,MobilizingYourWorldandDIRECTVareregisteredtrademarksandservicemarksofAT&TIntellectualPropertyand/orAT&Taffiliatedcompanies.Allothermarksarethepropertyoftheirrespec9veowners.
35
Whichwouldyouratherhave?
Magne9cLock
PalmReader
KeyLock
ComboDeadbolt
SecurityGuard
IrisScannerBadgeReader
Presenta9on9tlehere—editonSlideMaster
©2017AT&TIntellectualProperty.Allrightsreserved.AT&T,Globelogo,MobilizingYourWorldandDIRECTVareregisteredtrademarksandservicemarksofAT&TIntellectualPropertyand/orAT&Taffiliatedcompanies.Allothermarksarethepropertyoftheirrespec9veowners.
• StrengthenYourSecurityFounda9on• Focusyourteamonthebasicsfirst
• MakeSecurityEveryone’sResponsibility• Employeetraininghelpsturnemployeesintoa
maliciousinsiderearlywarningsystem• BreakDownOrganiza9onalSilos
• Demandsecurityteamshavefullaccesstoalldataandrecordsinalldepartmentsanddivisions
• InvestinBehavioralAnaly9cs• BigDatatoolscanhelpsniffoutac9vi9esbymalicious
insiders
• TrainYourUsers• Offermandatorysecurityawarenesscourses
• SharetheSecurityResponsibility• FollowISO27001tocreateasteeringgroup
• EmployeeBuy-inforSecurityStartsattheTop• Leadbyexample
• EnforcetheRules• Enforcesecuritytrainingeffortswithpromptand
highlyvisibleenforcementofyoursecuritypolicies• Don’tBanShadowIT,ManageIt
• Findoutwhybusinessunitsbuycloudservicesandsecurethem
• EvaluateandMonitorYourSuppliers• Assesstheirsecurityandcomplianceprac9cesbefore
andwhiledoingbusinesswiththem
36
MaliciousInsiders Uninten9onalInsiders
Source:AT&TCybersecurityInsightsReport–DecodingtheAdversaryVolumeh$ps://www.business.a$.com/cybersecurity/docs/decodingtheadversary.pdf
ThingsYouCandoToday
Presenta9on9tlehere—editonSlideMaster
©2017AT&TIntellectualProperty.Allrightsreserved.AT&T,Globelogo,MobilizingYourWorldandDIRECTVareregisteredtrademarksandservicemarksofAT&TIntellectualPropertyand/orAT&Taffiliatedcompanies.Allothermarksarethepropertyoftheirrespec9veowners.