Anda di halaman 1dari 22

How are Cybercriminals Threatening Security?

Robert Myles, CISSP, CISM


National Practice Manager, S&L Government

Robert Myles, CISSP, CISM


USCG Retired
Recovering CISO with 15 years in Health Care, Academia & Financial services
Public Safety Practice Manager, National responsibility for Federal, State, Local
Government
25 Years in Information Security
28 years in Health Care
35 years in IT
CISSP (2001), CISM (2004)
IACP, APCO, AAMVA, NFCA, NCJA, NASCIO, IJIS, MS-ISAC CyberSecurity Taskforce

Social Media

Changing Landscape and Market Trends

Internet of Things

Mobility

Digital & Social Life

Computing Ecosystems
4

1.2ZB
7.9ZB

THE WORLDS DATA IN 2010

THE WORLDS DATA BY 2015

THE WORLDS DATA BY 2020

61.8%

40ZB
UNSTRUCTURED DATA
GROWTH RATE TO 2014

1. IDC, Digital Universe study, December 2012


2. IDC, Worldwide Disk-Based Data Protection and Recovery 2012-2016 Forecast, December 2012

Where is your Data?

http://thedatamap.org/

Threat Landscape
A fundamental shift

Old Motivation

Hacking
Cyber Crime
Cyber Espionage
Cyber Warfare
7

CYBERCRIME TO CYBERWAR

In 2010 Computer Worm Attacks Irans


Nuclear Facilities

In March 2012, Chinese hackers reportedly


gained access to designs of more than two
dozen major U.S. weapons systems and stole
data from 100 companies

FBI reports that hackers linked to


Anonymous have secretly accessed US
government computers and stolen sensitive
information in a campaign that began almost
a year ago

Specialization of Skill In The Attack Chain


Reconnaissance: Know your Targets
Incursion: Gain Access
Discovery: Create a Map to the Asset
Capture: Take Control of the Asset
Exfiltration: Steal or Destroy Asset

The statistics arent surprising

60%
77%

OF ORGANIZATIONS HAVE >25 INCIDENTS EACH MONTH

HAVE ROGUE CLOUD DEPLOYMENTS

6X

INCREASE IN MOBILE MALWARE LAST YEAR

243

AVERAGE # OF DAYS TO DISCOVER A BREACH

10

INTERNET OF THINGS

IoT: Architecture of Risk

RISK

RISK

RISK
23.56 KM

123
BPM

RISK

15.8

RISK

Whether you consider smartphones part of IoT or not, they are part of the
architecture of risks, with apps often being the user interface to IoT

INTERNET SECURITY THREAT REPORT 2015, VOLUME 20

12

Security and Public Safety Apps : Example

NO PRIVACY
POLICY

52%

PII/LOGIN
CLEAR TEXT

20%*

How many other apps and websites is the same password used
on?
INTERNET SECURITY THREAT REPORT 2015, VOLUME 20

*Services that required a login

13

How is Public Safety App Data Shared?


MAX DOMAINS
CONTACTED

APP ANALYTICS
AD NETWORKS

14

APP PROVIDER
OS PROVIDER
SOCIAL MEDIA
APP FRAMEWORKS

AVG DOMAINS
CONTACTED

CRM/MARKETING
UTILITY API

Each of these vendors could share your data


again

INTERNET SECURITY THREAT REPORT 2015, VOLUME 20

14

Internet of Things and Privacy

1 in 4
68%

end users admit to not know what access they gave away
when agreeing to terms of the app

were willing to trade privacy for a free app

INTERNET SECURITY THREAT REPORT 2015, VOLUME 20

Source: 2014 Norton Global Survey

15

Password Attacks are Piling Up

October 6th, 2014

16

The statistics arent surprising

60%
77%

OF ORGANIZATIONS HAVE >25 INCIDENTS EACH MONTH

HAVE ROGUE CLOUD DEPLOYMENTS

6X

INCREASE IN MOBILE MALWARE LAST YEAR

243

AVERAGE # OF DAYS TO DISCOVER A BREACH

17

Incident Response
Media Protection
Information Exchange
Agreements
Information Integrity
Auditing &
Accountability

The strategies of the past will not


Identification &
Authentication
support the infrastructure
of today
and for theConfiguration
future
Security Awareness
Training

Management

HIPAA Privacy
FERPA
Access Control
HIPAA Security
GLBA
PCI FISMA
ARRA/HITECH
Formal Audits
SOX
FACTA CJIS IRS 1075
HIPAA Omnibus Rule
Physical Security
Mobile Devices

Copyright 2014 Symantec Corporation

Personnel Security
18

Best Practices Implement UNIFIED SECURITY


Dont get caught flatfooted

Use advanced threat intelligence solutions to help you find indicators of compromise and
respond faster to incidents.

Employ a strong
security posture

Implement multi-layered endpoint security, network security, encryption, strong authentication


and reputation-based technologies. Partner with a managed security service provider to extend
your IT team.

Prepare for the worst

Incident management ensures your security framework is optimized, measureable and


repeatable, and that lessons learned improve your security posture. Consider adding a retainer
with a third-party expert to help manage crises.

Provide ongoing
education and training

Establish guidelines and company policies and procedures for protecting sensitive data on
personal and corporate devices. Regularly assess internal investigation teamsand run practice
drillsto ensure you have the skills necessary to effectively combat cyber threats.

INTERNET SECURITY THREAT REPORT 2015, VOLUME 20

19

If it's Connected,
it's Vulnerable
Know the risks.

Stay Informed

symantec.com/threatreport

Security Response Website

Twitter.com/threatintel

21

Thank You
Robert Myles, CISSP, CISM
National Practice Manager, State & Local Government
@RobertMyles

Robert_Myles@Symantec.com

http://www.linkedin.com/in/robertmyles/