Cybersecurity is a Team Sport - WordPress.com · 2016. 10. 22. · Cybersecurity is a Team Sport...
24
Enriching lives through effective & caring service National Cyber Security Awareness Month – October 2015 0 Cybersecurity is a Team Sport Cyber Security Summit at Loyola Marymount University - October 22 2016 Dr. Robert Pittman, CISM Chief Information Security Officer
Transcript of Cybersecurity is a Team Sport - WordPress.com · 2016. 10. 22. · Cybersecurity is a Team Sport...
October 11, 2007
Enriching lives through effective & caring service
National Cyber Security Awareness Month – October 20150
Cybersecurity is a Team SportCyber Security Summit at Loyola Marymount University - October 22 2016
Dr. Robert Pittman, CISMChief Information Security Officer
Presenter
Presentation Notes
Cyber is all around us with online access available ANYTIME, ANYWHERE, from ANY DEVICE. With the transition from entertainment systems to infotainment systems validates that cars, smart cities, smart traffic signals, smart parking meters, refrigerators, flat-screen TVs, gamers, and smartwatches to tablet computers. This brings security and privacy challenges to organizations like the County, along with their employees, families, and relatives due to its data, not necessarily access.
October 11, 2007
Enriching lives through effective & caring service
National Cyber Security Awareness Month – October 2016
County of Los Angeles Background
1
The County
• Largest populous County in the United States of America
• Serving 10+ million population speaking 140 languages
• Equivalent to 8th largest state just behind Ohio and ahead of Michigan
• Spans 4,043 square miles
• Comprised of 88 cities with more than 65% of County is unincorporated
• 19th largest economy in the world
Presenter
Presentation Notes
October 11, 2007
Enriching lives through effective & caring service
National Cyber Security Awareness Month – October 2016
County of Los Angeles Background (2)
2
The Government• Five-member bipartisan elected Board of Supervisors
• 34 departments and over 140 commissions ~108,000 employees
• $28.7 billion FY 2016-17 Final Adopted Budget
• Serviced 700,000 patients, manage 14 major dams, care for 18,000
inmates/day, responded to over 300,000 emergency calls, 70 million
visits to county beaches, cash assistance to 502,000 general relief
recipients, maintain over 4,200 miles of roads and streets, issued
52,000 marriage licenses, loaned 16 million books, and collect taxes
for 2.6 million households and commercial properties
Presenter
Presentation Notes
34 departments are clustered into: public safety, health services, general government, social services, and operations.
October 11, 2007
Enriching lives through effective & caring service
National Cyber Security Awareness Month – October 2016
Transformation in the County
3
September 13, 2001“a transformation occurred …”
Presenter
Presentation Notes
16 departments at the County’s Hall of Administration experienced a virus attack called NIMDA. There was no awareness of this attack from 9/11 as well as coordination and communication for remediation of this virus. This was a “TRANSFORMATIONAL” event, not episodic event!
October 11, 2007
Enriching lives through effective & caring service
National Cyber Security Awareness Month – October 2016
Is China our Friend or Foe?
4
Presenter
Presentation Notes
Each red dot is a unique corporate, private, or U.S. government victim.
October 11, 2007
Enriching lives through effective & caring service
National Cyber Security Awareness Month – October 2016
Cyber Attacks
5
Presenter
Presentation Notes
The issue is NOT IF WE WILL BE BREACH, but WHEN …
October 11, 2007
Enriching lives through effective & caring service
National Cyber Security Awareness Month – October 2016
Life, Death, Taxes, and Breaches
6
Presenter
Presentation Notes
The 21.5 million individuals impacted by this massive data breach at the US Office of Personnel Management. On September 22, 2016 Yahoo had a data breach of 500 million accounts.
October 11, 2007
Enriching lives through effective & caring service
National Cyber Security Awareness Month – October 2016
Life, Death, Taxes, and Breaches (2)
7
California on guard after cyber attacks on electionsdatabases in two states
voter arrives to cast her ballot in the Arizona primary in March. (Matt York / AP)
Presenter
Presentation Notes
In Illinois, hackers accessed a database for the Illinois Board of Elections, compromising up to 200,000 personal voter records according to Ken Menzel, General Counsel for the board. According to Matthew Roberts, director of communications for the Arizona secretary of state, in late May, Arizona officials took the statewide voting registration system offline after the FBI alerted the Arizona Department of Administration that there was a credible cyber threat to the voter registration system.
October 11, 2007
Enriching lives through effective & caring service
National Cyber Security Awareness Month – October 2016
Life, Death, Taxes, and Breaches (3)
8
October 11, 2007
Enriching lives through effective & caring service
National Cyber Security Awareness Month – October 2016
Life, Death, Taxes, and Breaches (4)
9
October 11, 2007
Enriching lives through effective & caring service
National Cyber Security Awareness Month – October 2016
Who Participates in Cyber Crime?
10
October 11, 2007
Enriching lives through effective & caring service
National Cyber Security Awareness Month – October 2016
Data Breaches Root Cause
11
October 11, 2007
Enriching lives through effective & caring service
National Cyber Security Awareness Month – October 2016
Countywide Information Security Program
12
October 11, 2007
Enriching lives through effective & caring service
National Cyber Security Awareness Month – October 2016
Countywide Information Security Program (2)
13
Board of Supervisors
CEO
ISD/ITS
Dept’s
Policies/Standards
CERT
Security
HW/SWToolsChief Info Security Officer Info Security Officer
Security Division
Presenter
Presentation Notes
If one was to overlay this Venn Diagram, it would have People, Process, and Technology. Essentially, the interaction of PEOPLE.
October 11, 2007
Enriching lives through effective & caring service
National Cyber Security Awareness Month – October 2016
Countywide Information Security Program (3)
14
Presenter
Presentation Notes
The Countywide Information Security Program is referred to as the “Triangle Defense”, not Triangle Offense by the NBA Legendary Coach Phil Jackson. The Program is based on a well-defined governance model based on Board policy where collaboration, communication, and coordination is constant. Equilibrium of Accountability and Authority – apathy toward security is an imbalance between the security program’s authority and accountability. This is a simple concept that states that the authority of the security program should be commensurate with that for which it is accountable. There are organizations where the CISO reports at a supervisor or manager level within the management hierarchy, but has been tasked with the security posture for the entire enterprise. Chances are that the CISO’s level of authority is not nearly sufficient to accomplish, let alone influence., a mission of that magnitude. There are instances where the authority exceeds responsibility; they are rare, but they do exist.
October 11, 2007
Enriching lives through effective & caring service
National Cyber Security Awareness Month – October 2016
Countywide Information Security Program (4)
15
Presenter
Presentation Notes
October 11, 2007
Enriching lives through effective & caring service
National Cyber Security Awareness Month – October 2016
County’s Cyber Security Incidents
16
Presenter
Presentation Notes
1st – Social Engineering 2nd – Lost/Stolen Electronic Device 3rd – Malware Infection
October 11, 2007
Enriching lives through effective & caring service
National Cyber Security Awareness Month – October 2016
County’s Cyber Security Incidents (2)
17
Incident Categories JAN FEB MAR APR MAY JUNE JUL AUG SEP OCT NOV DEC YTDMalware Infection 0 2 4 2 4 3 5 4 3 27Cease and Desist Order 1 0 0 1 2 9 0 0 0 13Lost/Stolen Electronic Device 0 7 4 11 20 22 5 11 26 106Data Breach 0 1 0 4 3 0 1 2 0 11Hacking/Unauthorized Access 0 1 5 0 2 2 0 1 3 14Social Engineering 0 2 9 16 11 9 20 32 24 123Child Pornography 0 0 0 0 0 0 0 0 0 0
TOTALS: 1 13 22 34 42 45 31 50 56 294
Incident Categories JAN FEB MAR APR MAY JUN JUL AUG SEP OCT NOV DEC YTDMalware Infection 0 0 0 0 1 0 0 0 0 1 1 0 3Cease and Desist Order 0 0 0 0 0 0 0 0 0 0 0 0 0Lost/Stolen Electronic Device 0 0 5 1 0 0 4 5 3 10 6 1 35Data Breach (Reportable and Non-Reportable)
0 2 1 1 1 0 0 0 1 1 0 0 7
Hacking/Unauthorized Access 0 0 0 0 0 0 0 0 0 0 0 0 0Social Engineering 0 0 0 1 0 0 1 2 0 5 3 3 15Child Pornography 0 0 0 0 0 0 0 0 0 0 0 0 0
TOTALS: 0 2 6 3 2 0 5 7 4 17 10 4 60
2015
2016
Presenter
Presentation Notes
1st – Social Engineering 2nd – Lost/Stolen Electronic Device 3rd – Malware Infection
October 11, 2007
Enriching lives through effective & caring service
National Cyber Security Awareness Month – October 2016
County IT Security Initiatives FY 2016-17
18
Board Motion Data-at-Rest County workstations ~90,000 (complete) Contractors’ workstations and portable devices (New Board Policy #5.200)
Software License Consolidation for Endpoint Management
Enterprise Mobility Suite
Cyber Disruption Response Plan
Enterprise IT Security Awareness & Training Content
Phishing Campaign
Cyber Security Liability Risk Insurance
Presenter
Presentation Notes
October 11, 2007
Enriching lives through effective & caring service
National Cyber Security Awareness Month – October 2016
CISP Incident Response
19
October 11, 2007
Enriching lives through effective & caring service
National Cyber Security Awareness Month – October 2016
CISP Incident Response (2)
20
October 11, 2007
Enriching lives through effective & caring service
National Cyber Security Awareness Month – October 2016
CISP Incident Response (3)
21
“Signal or Noise””
County’s Email Gateway
April 1 to Sept. 30, 2016 INBOUND EMAIL
Total Threat Messages 88.80% 278,819,581
Total Graymails 5.40% 16,982,166
Clean Messages 5.80% 18,349,176
Total Attempted Messages 314,150,923
Presenter
Presentation Notes
2015 the Total Attempted Messages were 87% bad, which translates into 13% good traffic. 2014 the Total Attempted Messages were 89% bad, which translates into 11% good traffic.
October 11, 2007
Enriching lives through effective & caring service
National Cyber Security Awareness Month – October 2016
CISP Incident Response (4)
22
“Signal or Noise”
County’s Web Application Firewall
Category
Year 2016
April May June July August September
TRB 983,629 1,012,363 706,995 595,698 414,328 324,585
NTRB 354,057 961,190 1,127,320 836,481 823,601 674,089
NBFR 2,688,621 4,283,184 2,512,230 4,270,160 2,257,354 2,234,008
MONTHLYTOTAL
4,026,307 6,256,737 4,346,545 5,702,339 3,495,283 3,232,682
Presenter
Presentation Notes
Legend TRB = ThreatRadar Blocks (Blocks by IP reputation from vendor) NTRB = Non ThreatRadar Blocks (Blocks by Custom and Default Policies) NBFR = Non Blocked Events For Review (Not Blocked, but requires additional assessment) Year 2014 Blocked events: August237,106 July239,702 June977,596
October 11, 2007
Enriching lives through effective & caring service
National Cyber Security Awareness Month – October 2016
County Digest – October 2016
25
