Netwatcher Credit Union Tech Talk
-
Upload
netwatcher -
Category
Business
-
view
65 -
download
2
Transcript of Netwatcher Credit Union Tech Talk
HOW TO ENJOY EXPERT 24/7 THIRD PARTY MONITORING FOR LESS THAN $300 PER MONTH
Scott B. Suhy, [email protected]
®
05/02/2023
Agenda
Copyright © 2017 NetWatcher All Rights Reserved.
• Trends your Financial Institution needs to understand• A new trend “Managed Detection & Response”• NetWatcher’s Managed Detection & Response service
Copyright © 2017 NetWatcher All Rights Reserved.
The Gramm–Leach–Bliley Act – (for details 6801–6809) requires financial institutions to explain their information-sharing practices to their customers and to safeguard sensitive data. The Act contains three elements (Privacy Rule, Safeguards Rule and Pretexting Protection) regarding the privacy of information, of which businesses, primarily "financial institutions," need to be aware – (More from the FTC on complying with the Safeguards Rule).
The Safeguards Rule requires an institution to develop, implement, and maintain a comprehensive information security program that is written, contains administrative, technical and physical safeguards, is “appropriate” to the institution’s size and complexity, as well as the nature and scope of its activities, and is appropriate to the sensitivity of the customer information at issue.
Managed Security ProvidersSecurity is the #1 Growth area for Managed Services Providers (MSPs)—CompTIA
5kopportunities
HPIBM
FireEyePalo Alto
Etc…
Secu
rity
Soph
istica
tion
Small Medium Large
Size of Business
Threat Intelligence
SIEM
End Point Technology
Intrusion Detection
Intrusion Protection
…big gap…
FirewallAnti-virus
Customer demands and compliance mandates 15k
opportunities
MSSPs
Copyright © 2017 NetWatcher All Rights Reserved.
Trend #1 – SME’s Pressured to Have More Protection
Managed Security ProvidersSecurity is the #1 Growth area for Managed Services Providers (MSPs)—CompTIA
5kopportunities
HPIBM
FireEyePalo Alto
Etc…
Secu
rity
Soph
istica
tion
Small Medium Large
Size of Business
Threat Intelligence
SIEM
End Point Technology
Intrusion Detection
Intrusion Protection
…big gap…
FirewallAnti-virus
Solutions expensive difficult to use security analysts don’t exist
15kopportunities
MSSPs
Copyright © 2017 NetWatcher All Rights Reserved.
Trend #1 – SME’s Pressured to Have More Protection
Managed Security ProvidersSecurity is the #1 Growth area for Managed Services Providers (MSPs)—CompTIA
5kOrganizations
HPIBM
FireEyePalo Alto
Etc…
Secu
rity
Soph
istica
tion
Small Medium Large
Size of Business
Threat Intelligence
SIEM
End Point Technology
Intrusion Detection
Intrusion Protection
…big gap…
FirewallAnti-virus
Solutions expensive difficult to use security analysts don’t exist
Customer demands and compliance mandates 15k
Organizations
MSSPs
5M+Organizations
Copyright © 2017 NetWatcher All Rights Reserved.
Trend #1 – SME’s Pressured to Have More Protection
Trend #2 – Giant Skills Gap in Cyber Security
Copyright © 2017 NetWatcher All Rights Reserved.
shortfall of 1.5 million security professionals by 2020 – Frost & Sullivan
Trend #3 - Known Vulnerabilities
Copyright © 2017 NetWatcher All Rights Reserved.
44% of breaches came from vulnerabilities that are two to four years old… -- HP’s Cyber Risk Report
http://www.cvedetails.com/vulnerability-list
Think about it… Organized crime and foreign government employees are….
Trend #4 – Ransomware – as - service.
Copyright © 2017 NetWatcher All Rights Reserved.
TrueCrypter (late April)CryptXXX (mid April) 7ev3n-HONE$T (mid April)AutoLocky (mid April)Jigsaw (early April)CryptoHost (early April)Rokku (late March)KimcilWare (late March) Coverton (late March)Petya (late March)Maktub Locker (mid March) Nemucod .CRYPTED (mid March) Samas/Kazi (mid March) The Surprise (mid March) Pompous (early March) KeRanger (early March)Cerber (early March)CTB-Locker for web sites (mid February) Padcrypt (mid February)Locky (mid February)Umbrecrypt (early February)DMA Locker (early February)NanoLocker (late January)7ev3n (late January)LeChiffre (mid January) Magic (mid January)CryptoJoker (early January)Ransom32 (early January)
Trend #4 – Ransomware – as - service.
Copyright © 2017 NetWatcher All Rights Reserved.
TrueCrypter (late April)CryptXXX (mid April) 7ev3n-HONE$T (mid April)AutoLocky (mid April)Jigsaw (early April)CryptoHost (early April)Rokku (late March)KimcilWare (late March) Coverton (late March)Petya (late March)Maktub Locker (mid March) Nemucod .CRYPTED (mid March) Samas/Kazi (mid March) The Surprise (mid March) Pompous (early March) KeRanger (early March)Cerber (early March)CTB-Locker for web sites (mid February) Padcrypt (mid February)Locky (mid February)Umbrecrypt (early February)DMA Locker (early February)NanoLocker (late January)7ev3n (late January)LeChiffre (mid January) Magic (mid January)CryptoJoker (early January)Ransom32 (early January)
Trend #5 - Unintentional Insider Threat
Copyright © 2017 NetWatcher All Rights Reserved.
Clicking on a Phishing Message
Browsing Explicit Web SitesDownloading Risky Software
(TOR, Hola, BitTorrent etc..)Using Vulnerable Software
(outdated Java and Flash)Sending Personally
Identifiable Information in Clear Text
Trend #5 - Unintentional Insider Threat
Copyright © 2017 NetWatcher All Rights Reserved.
Clicking on a Phishing Message
Browsing Explicit Web SitesDownloading Risky Software
(TOR, Hola, BitTorrent etc..)Using Vulnerable Software
(outdated Java and Flash)Sending Personally
Identifiable Information in Clear Text
Trend #6 - Supply Chain Risk
Copyright © 2017 NetWatcher All Rights Reserved.
Do you have customer data?Do you provide your customers data to third party vendors?Do you provide your data to third party vendors?
“It is abundantly clear that, in many respects,” Mr. Lawsky (New York State’s top financial regulator) said in the letter, “a firm’s level of cybersecurity is only as good as the security of its vendors.” -- NYTimes.com: After JPMorgan Cyberattack, a Push to Fortify Wall Street Banks
Think “Business Associate Agreement/HIPAA” – Your customers are going to be expecting you to have great Cyber Security Controls. You should expect the same of your suppliers…
Trend #7 - Open Source
Copyright © 2017 NetWatcher All Rights Reserved.
• Doh! Shellshock… Heartbleed… POODLE…
• Duh! They have the source code…
• What is managing the BOM in the solutions built on Open Source?
Trend #7 - Open Source
Copyright © 2017 NetWatcher All Rights Reserved.
• Doh! Shellshock… Heartbleed… POODLE…
• Duh! They have the source code…
• What is managing the BOM in the solutions built on Open Source?
FACT – Your Customer’s are Weak on Cyber Security
Copyright © 2017 NetWatcher All Rights Reserved.
Generally no security controls (users have admin access to machines, weak employee policy documents, no cyber training, no cyber liability insurance, sr. execs not schooled on the risks etc…) Most are not aware that they have
already been compromised! Don’t keep firmware up to date on
WIFI, Routers, Switches, Firewalls Many do not change Default Passwords
on equipment (see Shodan.io) Most don’t know who their employees
are talking to and what bad actor scans are making it through the firewall
FACT – Your Customer’s are Weak on Cyber Security
Copyright © 2017 NetWatcher All Rights Reserved.
Generally no security controls (users have admin access to machines, weak employee policy documents, no cyber training, no cyber liability insurance, sr. execs not schooled on the risks etc…) Most are not aware that they have
already been compromised! Don’t keep firmware up to date on
WIFI, Routers, Switches, Firewalls Many do not change Default Passwords
on equipment (see Shodan.io) Most don’t know who their employees
are talking to and what bad actor scans are making it through the firewall
Copyright © 2017 NetWatcher All Rights Reserved.
Example… Your 12 year old can do this…
Copyright © 2017 NetWatcher All Rights Reserved.
Example… Your 12 year old can do this…
Copyright © 2017 NetWatcher All Rights Reserved.
Example… Your 12 year old can do this…
Click Here…
Copyright © 2017 NetWatcher All Rights Reserved.
Example… Your 12 year old can do this…
Copyright © 2017 NetWatcher All Rights Reserved.
Example… Your 12 year old can do this…
Will it Get Worse? Or Better?
Copyright © 2017 NetWatcher All Rights Reserved.
2005 2015 2020
Cyber Attack Surface
Invo
lvem
ent o
f Org
anize
d Cr
ime
& N
ation
Sta
tes
MoreProtection
MoreInnovation
Desire for Privacy
More Surface to
Attack
More Organized
CrimeConvenience
What is Managed Detection & Response (MDR)
www.netwatcher.com
• Automated “Detection” to find issues 24x7 (Alarms) in concert with Threat Hunting across broad customer base• Cloud based correlation of events over different silo’s of information
over time• Alerting, MSP integration, Analyst availability, “Response” Automation• Focused inside Perimeter versus Edge • Focused on what makes it through the traditional line of defense versus
replacing traditional line of defense
Where NetWatcher’s MDR Service Fits24x7 Continuous Monitoring for Exploits & Vulnerabilities
www.netwatcher.com
End Point Protection IPS/UTM/Firewall
Keeps bad guy from Coming through the
Front door…
NetWatcher Continuous Monitoring
Keeps employees from
Letting bad guy through theFront door…
NetWatcher Service Delivery.
www.netwatcher.com
Sensor(s) (hardware or VM) that sits on the inside of customers network and listens for anomalies… (IDS, Netflow, SIEM, Scanner)
Endpoint software (HIDS, Logs, Sensor-in-Cloud VPN/IDS)
“Cloud based” Service that sends you necessary alerts when a serious security issue is discovered. (Advanced correlation)
Security Analysts in Secure Operations Center (SOC)
Why NetWatcher?.
www.netwatcher.com
What is your Cyber Promiscuity Score™?
Automation Hunting for exploits & malware hidden in infected computers, phones or tablets etc...
Cyber Promiscuity issues (sometimes referred to as unintentional insider threats) that can lead to security problems such as your employees visiting compromised websites, out of date software or Personally Identifiable Information (PII) being sent over the internet in clear text.
Change the users behavior!
SMB Requirements
www.netwatcher.com
Accuracy Multi-tenant cloud
Ease of installation Plug it in and it works
Easy to Use CPortal design, easy to understand alarms, CHS/CPS scores Alarms sent via Text & eMail Sensor in the Cloud endpoint module
MSP Friendly Single Pane of Glass MSP Portal ConnectWise integration
Affordable Easy to understand pricing
DEMO
www.netwatcher.com
Don’t BecomeOne ofThese…
www.netwatcher.com
http://privacyrights.org/data-breach
www.netwatcher.com
NetWatcher is committed to Financial Services
www.netwatcher.com
NetWatcher is committed to Financial Services• NCUA Cyber Resources site (found here)• FFIEC Cyber Assessment Tool (found here)• Conference of State Bank Supervisors Executive Leadership of Cybersecurity
Resource Guide (found here)• The FDIC Community Bank Cyber Exercise (found here) – Created to encourage
community financial institutions to discuss operational risk issues and the potential impact of information technology disruptions on common banking functions.
• FFIEC Handbook’s Section on Information Security (found here)• FDIC Framework for Cybersecurity (found here) - The article addresses some common
cyber-attack strategies, the critical components of information security programs (corporate governance, threat intelligence, security awareness training, and patch-management programs), and actions taken by federal bank regulators to respond to cybersecurity threats. The article stresses that everyone within a financial institution, from entry-level staff to the board of directors, is responsible for prioritizing cybersecurity. The article includes information about several resources available to help educate and inform employees and directors on cybersecurity.
• NIST Cyber Security Framework (found here)
Thank You!To Contact Us:
[email protected] 571.308.3661
www.netwatcher.comScott B. Suhy, [email protected]