Cybersecurity at Texas Tech · 2018-05-11 · * IRM: Information Resources Manager (Texas...
Transcript of Cybersecurity at Texas Tech · 2018-05-11 · * IRM: Information Resources Manager (Texas...
Cybersecurity at Texas Tech
Vince Fell | Doug Fox | Kay Rhodes | Jerry Rodriguez | Sam Segran
Agenda• Information Resources, IT Governance,
Collaborations• Kay Rhodes
• Cybersecurity Landscape• Sam Segran
• Research and Academic Institutions• Sam Segran• Doug Fox
• Health Related Institutions• Vince Fell• Jerry Rodriguez
• Summary• Kay Rhodes
2
3
Information Resources, IT Governance, Collaborations
Kay Rhodes
TEXAS TECH UNIVERSITY SYSTEMInformation Technology
Organizational ChartApril 2018
• Strategic Direction• Policy Development• Coordination & Collaboration• Shared Services • Information Security Officers (ISO**)
Texas Tech University SystemBoard of Regents
TTUSCIO Council
* IRM: Information Resources Manager(Texas Government Code 2054, Subchapter D)** ISO: Information Security Officer(Texas Administrative Code, Title 1, Part 10, Chapter 202)
Gary BarnesVice Chancellor/CFO
TTUS
Lawrence Schovanec, Ph.D.
PresidentTTU
Doug FoxAssoc. VP, CIO
ASU(IRM*)
Sam SegranVice President, CIO
TTU(IRM*)
Kay RhodesAssoc Vice
Chancellor, CIOTTUS(IRM*)
Vince FellVice President, CIO
TTUHSC(IRM*)
Jerry Rodriguez Assoc. VP, CIO
TTUHSC El Paso(IRM*)
Michael Galyean, Ph.D.
ProvostTTU
Brian May, Ph.D.President
ASU
Robert L. DuncanChancellor
TTUS
Angie WrightVice President, Finance
and AdministrationASU
Tedd Mitchell, M.D.PresidentTTUHSC
Richard Lange, M.D., MBA
PresidentTTUHSC El Paso
IT Organization and Governance• CIO Council
• Collaboration• Project coordination• Policy coordination• Sharing best practices
• Network Infrastructure and Security Responsibilities
• Risk Assessments
5
6
Cybersecurity Landscape
Sam Segran
Quick Definitions
7
Computer Virus
Worm
Spyware
Trojan
Keylogger
Ransomware
Internet of Things (IoT)
8
Cybercrime Evolution
PranksEconomic
(Individual)
Nation State & Cyber Warfare
/ EspionageTerrorism
Malicious Economic(Organized, Individual)
Hacktivism Disinformation Campaign
IoT Hijacking
Ransomware
CryptoJacking
2017 Notable Breaches9
Malware-infected POS
stole CC info @ 2,250
restaurants
Source: https://www.checkmarx.com/2017/06/05/may-2017-top-hacks-breaches-infographic/
143 MILLION US consumers affected
Hackers access CUSTOMER EMAIL DATABASE –Flooded users with PHISHING EMAILS
2017 Notable Breaches - Education10
Source: http://breachlevelindex.com/data-breach-database
• KSU Center For Election System• 7.5 million voter records breached
• Online education platform• Data for sale on dark web
32,000 students affected
• DB wiped – held for ransom
SEND 0.2 BTC TO THIS ADDRESS 1Hhb4rJY7hYFMLwE1j1834zWsNBRWXN9Sv AND CONTACT THIS EMAIL WITH YOUR IP OF YOUR SERVER TO RECOVER YOUR DATABASE !
2018 Notable Breaches Thus Far11
Malware-infected POS stole CC info –at least 164 stores (68 in Texas) and
2 Million payment cards compromised
Source: https://www.idtheftcenter.org/images/breach/2018/DataBreachReport_2018.pdf
PII of 247,000+ current and former employees found in possession of former DHS employee during ongoing criminal investigation
Nearly 280,000 Medicaid patient records breached @ Center For Health Sciences
12
Source: Verizon 2017 Data Breach Investigations Report
Number Of Records
Per Data Type
Stolen
13
Source: Ponemon Institute 2017 Cost Of Data Breach Study
Cost Per Stolen Record
(sampling)
US Average - $225
Healthcare - $380
Financial - $336
Education - $245
Technology - $251
Research - $123
Average total cost per incident – $10,834,560Additional costs - HIPAA violation fines $100 - $1.5 million, notification costs $200 - $1,000
Average total cost per incident - $6,985,440
14
Source: Verizon 2017 Data Breach Investigations Report
Transportation
Retail
Finance
Education
Professional
Public
Utilities
Other Services
Manufacturing
InformationCyber Espionage
By Industry
2
3
5
22
28
112
15
17
115
4
15
Source: Symantec Internet Security Threat Report – April 2016
2016
463,841
$1,077
$500 B($499,556,757)
2015
340,665
$294
$100 B($100,155,510)
Average Ransom Per Incident
16
Number of KnownGlobal Incidents
RansomwareSource: Symantec Internet Security Threat Report – April 2017
Estimated Total Ransom
IoT Hijacking17
Source: https://gizmodo.com/report-cctv-system-in-washington-dc-was-hacked-before-1791734583
18
Dyn IoT HijackingSource: Krebs On Security – October 2016
19
Source: https://www.intel.com/content/www/us/en/internet-of-things/infographics/guide-to-iot.html
20
Phishing On The RiseSource: https://info.phishlabs.com/blog/quarter-phishing-attacks-hosted-https-domains
% O
F P
HIS
HIN
G A
TT
AC
KS
ON
HT
TP
S S
ITE
S W
OR
LD
WID
E
Cybersecurity Essentials At Texas Tech Institutions
21
PEOPLE || PROCESSES || TOOLS
3 crucial components of security:
CONFIDENTIALITY
INTEGRITY
AVAILABILITY
Minimize Risk(Risk = Threats x Vulnerabilities x Asset Value)
Compliance With Federal And State Standards
GOAL
22
Initiatives @ TTU
Sam Segran
Some Major Cybersecurity Initiatives @ TTU
23
Encryption
Weekly Vulnerability Scans
Multi-Factor Authentication
Endpoint Systems Management
PHI Data Protection (arrangement with TTUHSC)
Mobile Device Checkout
Federal Data Security Requirements For Research
Security Analytics Software
Training For IT Staff
Training For Faculty, Staff, And Students
IMPLEMENTED
IN PROGRESS
24
Initiatives @ ASU
Doug Fox
Some Major Cybersecurity Initiatives @ ASU
25
IMPLEMENTED
IN PROGRESS
Mobile Device Controls
Ongoing Security Awareness and Training Program
Timely Security Updates And Patches
Encryption of Laptops, Desktops, And Mobile Devices
Enhanced Risk Management Processes through Analytics
Multi-factor Authentication
Email Security Enhancements
26
Initiatives @ TTUHSC
Vince Fell
Some Major Cybersecurity Initiatives @ TTUHSC
27
Network Segmentation
Vulnerability Management Program
Web Security (Proxy Servers)
Secure Configurations – Desktops And Laptops
Encryption Of User Devices And Media
Endpoint Security
Privilege Account Management
Secure Cloud Storage - BOX
NIST Policy And Program Development
Email Security – Sender Policy Framework
IMPLEMENTED
IN PROGRESSDesktop Encryption
Secure Configurations - Servers
28
Initiatives @ TTUHSC El Paso
Jerry Rodriguez
Some Major Cybersecurity Initiatives @ TTUHSC El Paso
29
IMPLEMENTED
IN PROGRESS
Policies And Information Security Program Architecture
Encryption Of Laptops, Desktops, Mobile Devices (Personal and Institutional)
Network Access For Physical Devices (Personal and Institutional)
Improved Administrative Rights Control
Domain Migration Preparation
30
Kay Rhodes
Summary
Summary• Cybersecurity Assessment
• TTUS Risk Management Office and CIOs• Marsh and Cyber Self-Assessment
• Internal Risks• Decentralized IT• Maintaining right resources
• Recurring Training• Executive Leadership Support
31
32
Questions?Thank you!