1 / 26

Building A Security Program From T he Ground Up

Building A Security Program From T he Ground Up. Agenda. Understand InfoSec role in the business Assess risks to the business Secure support and funding from management Document approach Selection and tuning of tools Reporting Monitoring

phuong
Download Presentation

Building A Security Program From T he Ground Up

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Building A Security Program From The Ground Up

  2. Agenda • Understand InfoSec role in the business • Assess risks to the business • Secure support and funding from management • Document approach • Selection and tuning of tools • Reporting • Monitoring • Gain cooperation and support from IT teams

  3. Background • Studied Music at University of North Texas • Played and taught guitar from 1984 to 2000 • Attended SMU MCSE Program • Started in IT in 2000 as Windows AD admin • Moved into security in 2006

  4. Overview of past work • Heartland Payment Systems • Acquired by Global Payment Systems • 5th largest card acquirer in US • 4 years as systems administrator • 6 ½ as Security Manager • 2009 Massive security breach

  5. Overview of past work • International Security Manger • Responsible for Europe, Australia and New Zealand locations • Sr. Security Manager • Global IT Security Operations

  6. Business World

  7. Money

  8. Risk Financial Loss • Ecommerce Downtime • Customer data • Fraud • Litigation • Damage to Brand Possibility and Probability

  9. Breaches Sell Security 2013 – 2014 Security Breaches 2013 Target Breach • 252 Million Dollars to resolve • Recommend to fire 7 of 10 board members

  10. The Hard SellGivethem data! Top down or busting out of IT Department Data to justify tools • Downtime due to malware infections • Data on attacks against websites • Data on investment per record • Breach cost per record • Breach cost per record (Sector)

  11. Existing tools Data • Accurate data on phishing • Infections due to clicking • Amount data encrypted from Ransomware • Time to recovery (hours of downtime) • Tie it to something the business can understand

  12. Data From Board Presentation

  13. Where to Start • ID data most valuable to the company • Who need access to data • Applications • Systems • Network • Controls • Monitor

  14. Create Policies and Standards Time Consuming but important • Acceptable use policy • VPN Policy • Incident Response Policy • Firewall configuration standard • Web Proxy configuration standard Obtain signoff from IT and or Business www.sans.org/info/166795

  15. Security Infrastructure Make roadmap (Have a plan) Identify, Protect, Detect, Respond and Recover (NIST Security Domains) Target most useful tools • Firewalls • IDS • Endpoint systems • Web Proxy • Log correlation • Vulnerability Scanner Better to have a few tools tuned well than many half implemented

  16. Monitor Events and Alerts Alerts and events from • Anti-Virus • IDS • Endpoint agents • Web proxy logs • Failed login attempts • Outbound connections attempts

  17. IT Teams • They want the company to be secure • They just don’t want more work on them • Often believe security wants to “Shut everything down” • Security doesn’t understand SLAs • Often they don’t know what to fix • Varying levels of talent

  18. IT and Security Security Culture • Partner with teams • Often best resource for reporting incidents • Do research to enable quick remediation • Be reasonable about requests • Understand their job responsibility • Attend Change Control Meetings

  19. International Security • Understand culture • Learn about their business • Review organization structure • Listen to their concerns • Acknowledge their accomplishments • Reassure you won’t break their systems • Report findings in a constructive manner

  20. MicromaniaFrance

  21. HQ Sophia Antipolis(Nice) France • 444 stores • Parent Company GameStop • Most profitable International region • First security person for company

  22. Lack of Cooperation • IT teams or individuals difficult to work with • Non-cooperative • Obstructive

  23. Strictly Business not Personal

  24. Questions

  25. mray@fossil.com

More Related