Cyber crime with privention
-
Upload
manish-dixit-ceh -
Category
Documents
-
view
325 -
download
2
Transcript of Cyber crime with privention
![Page 1: Cyber crime with privention](https://reader033.fdocuments.in/reader033/viewer/2022042701/55a4dea61a28aba00e8b4594/html5/thumbnails/1.jpg)
ByManish Dixit
CISOAppin Security Group
![Page 2: Cyber crime with privention](https://reader033.fdocuments.in/reader033/viewer/2022042701/55a4dea61a28aba00e8b4594/html5/thumbnails/2.jpg)
Trends Attacker Motives and Methods Areas of Concern Typical Assessment Findings ISO-17799 & NIST Typical Remediation Costs
![Page 3: Cyber crime with privention](https://reader033.fdocuments.in/reader033/viewer/2022042701/55a4dea61a28aba00e8b4594/html5/thumbnails/3.jpg)
Every Year Dollars are Lost due to Cyber Criminal Activity
Greatest Loss = Proprietary Information
Second Greatest Loss = Denial of Service
![Page 4: Cyber crime with privention](https://reader033.fdocuments.in/reader033/viewer/2022042701/55a4dea61a28aba00e8b4594/html5/thumbnails/4.jpg)
Availability
Integrity Availability
Confidentiality
Security
Elements to Protect
![Page 5: Cyber crime with privention](https://reader033.fdocuments.in/reader033/viewer/2022042701/55a4dea61a28aba00e8b4594/html5/thumbnails/5.jpg)
![Page 6: Cyber crime with privention](https://reader033.fdocuments.in/reader033/viewer/2022042701/55a4dea61a28aba00e8b4594/html5/thumbnails/6.jpg)
Financial Rewards Politics Show Off Personal Gratification They know they can
![Page 7: Cyber crime with privention](https://reader033.fdocuments.in/reader033/viewer/2022042701/55a4dea61a28aba00e8b4594/html5/thumbnails/7.jpg)
Web Site Research User Groups Email Staff Call Modems Read Trash Impersonated Someone You Trust Scan Your Systems War Drive Your Wireless
![Page 8: Cyber crime with privention](https://reader033.fdocuments.in/reader033/viewer/2022042701/55a4dea61a28aba00e8b4594/html5/thumbnails/8.jpg)
Use Known and Unknown Exploits Viruses, Trojans & Worms Phishing Attack Partner Networks to Gain Access to
Yours Sniff Your Traffic Brute Force Passwords Spam You Denial of Service
![Page 9: Cyber crime with privention](https://reader033.fdocuments.in/reader033/viewer/2022042701/55a4dea61a28aba00e8b4594/html5/thumbnails/9.jpg)
Intellectual Property Customer’s And Staff’s Privacy Confidential Data System Availability Reputation Regulatory Challenges
![Page 10: Cyber crime with privention](https://reader033.fdocuments.in/reader033/viewer/2022042701/55a4dea61a28aba00e8b4594/html5/thumbnails/10.jpg)
Roadmap Establishes Baseline Strengthens Security Provides Due Diligence Efficient Formal Audits Finds the Weak Areas
![Page 11: Cyber crime with privention](https://reader033.fdocuments.in/reader033/viewer/2022042701/55a4dea61a28aba00e8b4594/html5/thumbnails/11.jpg)
Holistic ApproachComprehensive reviews (infrastructure, server, application, etc.)Based on Organizational Security Policy, and taking full life cycle into accountConsider people and processes, as well as technology
Sensible, accessible documentationHelpful to executive decision-makers: explanation of risk in business termsHelpful to managers: project plans, prioritization of tasksHelpful to technical staff: clear standards, specific recommendations
Threat Modeling Identifying assets Identifying threats Making qualitative (or quantitative) assessments of risk
![Page 12: Cyber crime with privention](https://reader033.fdocuments.in/reader033/viewer/2022042701/55a4dea61a28aba00e8b4594/html5/thumbnails/12.jpg)
1. Policies & Procedures2. Security Awareness3. Access and Authorization4. Patch Management5. Mis-Configured Systems & Applications6. Encryption & Digital Signatures7. Incident Handling Processes8. Disaster Recovery & Business Continuity9. Physical Safeguards10. Intentional Bypassing of Security Controls
![Page 13: Cyber crime with privention](https://reader033.fdocuments.in/reader033/viewer/2022042701/55a4dea61a28aba00e8b4594/html5/thumbnails/13.jpg)
Communicate Your Organizations Commitment to Security
Provide a Baseline and Roadmap for Security Controls
Demonstrate Due Diligence
All Pertinent Security Control Information Communicated
Realistic – Manageable
Enforceable
![Page 14: Cyber crime with privention](https://reader033.fdocuments.in/reader033/viewer/2022042701/55a4dea61a28aba00e8b4594/html5/thumbnails/14.jpg)
A well trained user will assist your security efforts
Time needs to be invested in user training
A well trained user usually requires less help desk support
![Page 15: Cyber crime with privention](https://reader033.fdocuments.in/reader033/viewer/2022042701/55a4dea61a28aba00e8b4594/html5/thumbnails/15.jpg)
Weak Passwords
Sharing Accounts
Not Enforced
Easy to Exploit
Prevention Strong Security Policies Utilize OS Complex Password Configuration Implement Technical Authorization, Authentication
and Accounting Mechanisms (AAA) Implement Two-Factor Authentication
![Page 16: Cyber crime with privention](https://reader033.fdocuments.in/reader033/viewer/2022042701/55a4dea61a28aba00e8b4594/html5/thumbnails/16.jpg)
Hard to Manage
Less Window of Opportunity
Exploits are coming too fast
Can Break System
Require Resources
Prevention Strong Patch Management Mechanisms – Automate Add Intrusion Prevention Mechanisms
![Page 17: Cyber crime with privention](https://reader033.fdocuments.in/reader033/viewer/2022042701/55a4dea61a28aba00e8b4594/html5/thumbnails/17.jpg)
Assure only needed or updated Services
Strengthen SNMP Strings
Secure Wireless Networks
Remove Default Settings
Filter Outgoing Access at Firewall
![Page 18: Cyber crime with privention](https://reader033.fdocuments.in/reader033/viewer/2022042701/55a4dea61a28aba00e8b4594/html5/thumbnails/18.jpg)
Protects Against:
Forging
Impersonation/Spoofing
Eavesdropping
Intercepting
Denial of Receipt or Send (Non-Repudiation)
![Page 19: Cyber crime with privention](https://reader033.fdocuments.in/reader033/viewer/2022042701/55a4dea61a28aba00e8b4594/html5/thumbnails/19.jpg)
Intrusion Prevention/Detection
Anti-virus Mechanisms
Logging/Auditing
Strong Policies and Documentation
![Page 20: Cyber crime with privention](https://reader033.fdocuments.in/reader033/viewer/2022042701/55a4dea61a28aba00e8b4594/html5/thumbnails/20.jpg)
Formal Plan
Prioritized Systems
Standard Backup Process
Tested Backups
Redundant Systems
![Page 21: Cyber crime with privention](https://reader033.fdocuments.in/reader033/viewer/2022042701/55a4dea61a28aba00e8b4594/html5/thumbnails/21.jpg)
Visitor Badges
Building & Data Center Access/Monitoring
Fire Prevention/Suppression & Detection
UPS Testing and Load
![Page 22: Cyber crime with privention](https://reader033.fdocuments.in/reader033/viewer/2022042701/55a4dea61a28aba00e8b4594/html5/thumbnails/22.jpg)
Installing Modems Wireless Networks Gotomypc or other remote access items Unauthorized Software – Games, Screensavers,
etc
Prevention Strong Security Policies Centralized and Managed Intrusion Prevention
Mechanisms Implement Network Admission Control
![Page 23: Cyber crime with privention](https://reader033.fdocuments.in/reader033/viewer/2022042701/55a4dea61a28aba00e8b4594/html5/thumbnails/23.jpg)
National Institute of Standards & Technology Referenced Throughout Most Regulations
Policies and Procedures Are Critical to NIST Best Practices
ISO-17799 is Industry Recognized Standard for Security
ISO-17799 Covers 10 Areas of Security Each ISO-17799 Area Has Individual Security Items If You Follow NIST and ISO-17799 You Would
Have a Strong Security Posture and Should Pass Almost Every Audit
Combine NIST 800-26 Levels and ISO-17799
![Page 24: Cyber crime with privention](https://reader033.fdocuments.in/reader033/viewer/2022042701/55a4dea61a28aba00e8b4594/html5/thumbnails/24.jpg)
Security Policies Organizational Security Asset Classification & Control Personnel Security Physical and Environmental Security Communications & Operations Management Access Control System Development & Maintenance Business Continuity Management Compliance
![Page 25: Cyber crime with privention](https://reader033.fdocuments.in/reader033/viewer/2022042701/55a4dea61a28aba00e8b4594/html5/thumbnails/25.jpg)
Level 1 – control objective documented in a security policy
Level 2 – security controls documented as procedures
Level 3 – procedures have been implemented
Level 4 – procedures and security controls are tested and reviewed
Level 5 – procedures and security controls are fully integrated into a comprehensive program.
![Page 26: Cyber crime with privention](https://reader033.fdocuments.in/reader033/viewer/2022042701/55a4dea61a28aba00e8b4594/html5/thumbnails/26.jpg)
Business Continuity
0
1
2
3
4
5
6
Business ContinuityManagement Process
Business Continuity &Impact Analysis
Writing & ImplementingContinuity Plan
Business ContinuityPlanning Framework
Testing Maintaining &Reassessing BC Plan
Actual Practice
Peer Comparison
NIST Level
![Page 27: Cyber crime with privention](https://reader033.fdocuments.in/reader033/viewer/2022042701/55a4dea61a28aba00e8b4594/html5/thumbnails/27.jpg)
It is important to budget for remediation
A security assessment without remediation efforts is a waste of time and money
Remediation usually involves resource time and product cost
It is important to budget for one time and reoccurring costs
![Page 28: Cyber crime with privention](https://reader033.fdocuments.in/reader033/viewer/2022042701/55a4dea61a28aba00e8b4594/html5/thumbnails/28.jpg)
Prioritize Risks and Remediation Steps
Align Business and IT Strategies
Establish Resources – Internal, External, Products
Establish Internal SLAs between IT and Business Units
![Page 29: Cyber crime with privention](https://reader033.fdocuments.in/reader033/viewer/2022042701/55a4dea61a28aba00e8b4594/html5/thumbnails/29.jpg)
Thank You
www.berbee.com www.cisco.com www.ibm.com www.microsoft.com www.rsa.com www.gocsi.com www.sans.org www.nist.gov
![Page 30: Cyber crime with privention](https://reader033.fdocuments.in/reader033/viewer/2022042701/55a4dea61a28aba00e8b4594/html5/thumbnails/30.jpg)
Introduction QuestionsBackground Techniques Prevention Demo Conclusions
Thank You
Contact :- 0612 – 6544454 , 9031044450 /51/52/53
Emal : [email protected] [email protected]
Website : www.appinonline.com