1 / 17

2012 CWAG Annual Meeting

2012 CWAG Annual Meeting. State Agency Data Breaches Loss prevention, response and remediation strategies. Identity Exploitations: 12+ years of our cases. Employees. Mortgagees. Job Seekers. Insured. The Scams Persist and This is Now an Industry. + Prevention + Detection

aurelia-hensley
Download Presentation

2012 CWAG Annual Meeting

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. 2012 CWAG Annual Meeting State Agency Data Breaches Loss prevention, response and remediation strategies

  2. Identity Exploitations: 12+ years of our cases Employees Mortgagees Job Seekers Insured The Scams Persist and This is Now an Industry

  3. + Prevention + Detection + Analysis & Response

  4. Prevention

  5. Data Loss Prevention: Comprehensive Approach People, Processes and Systems to Identify, Monitor and Protect Data... • + In Use (endpoints, devices) • + In Motion (network) • + At Rest (storage)

  6. Data Loss Prevention: Conduct Gap Analysis + Your Current Security System Versus What You Need to Have in Place + What Other Data Do You Hold That Could Become Valuable? + What Processes (Internal and/or External) Can be Tightened Up? + What Other Service Providers or Counter-Party are Points of Vulnerability?

  7. Detection

  8. Analysis Data Theft Is Preceded by Smaller Intrusions...Catch Me if You Can + We Can Home In On Who Is Attacking + We Can Identify How Much Data Went Out + What Data Went Out, Where It Went + Stop the Bleeding

  9. State Agency State Agency Supplier

  10. Analytics: Real-time..or post-mortem

  11. Analysis An Incident Response Function and Plan Must be In Place + Discover Attack and Exfiltration + Identify Data Which Has Gone Out and Where It Went + Contain Damage + Eradicate Perpetrator’s Presence + Recover System and Data Protection in Secure Manner + Conduct in Forensically Sound Manner + Identify What Led to Intrusion to Prevent

  12. Monitoring, Detection and Remediation Providers: www.idanalytics.com www.inguardians.com www.mandiant.com www.mantech.com www.krollfraudsolutions.com www.intersections.com

  13. Self-help resource + 20 Security Controls For Effective Cyber Defense - The SANS Institute http://www.sans.org/critical-security-controls/ + Consortium-led Approach to Determining Best Practices and Most Cost Effective Security Across Government Bodies

  14. Wireless Access Code: 9166703926

More Related