Cyber criminal methods prevention techniques
Download
1 / 29

- PowerPoint PPT Presentation


  • 189 Views
  • Updated On :

Cyber Criminal Methods & Prevention Techniques. By [email protected] [email protected] Meeting Agenda. Trends Attacker Motives and Methods Areas of Concern Typical Assessment Findings ISO-17799 & NIST Typical Remediation Costs. FBI / CSI Statistics.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about '' - reuel


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

Meeting agenda l.jpg
Meeting Agenda

  • Trends

  • Attacker Motives and Methods

  • Areas of Concern

  • Typical Assessment Findings

  • ISO-17799 & NIST

  • Typical Remediation Costs


Fbi csi statistics l.jpg
FBI / CSI Statistics

  • Every Year Dollars are Lost due to Cyber Criminal Activity

  • Greatest Loss = Proprietary Information

  • Second Greatest Loss = Denial of Service


Slide4 l.jpg

Confidentiality

Integrity

Availability

Elements to Protect

Security

Availability



Cyber criminals motives l.jpg
Cyber Criminals Motives

  • Financial Rewards

  • Politics

  • Show Off

  • Personal Gratification

  • They know they can


Intruder methods l.jpg
Intruder Methods

  • Web Site Research

  • User Groups

  • Email Staff

  • Call Modems

  • Read Trash

  • Impersonated Someone You Trust

  • Scan Your Systems

  • War Drive Your Wireless


Intruder methods cont l.jpg
Intruder Methods Cont.

  • Use Known and Unknown Exploits

  • Viruses, Trojans & Worms

  • Phishing

  • Attack Partner Networks to Gain Access to Yours

  • Sniff Your Traffic

  • Brute Force Passwords

  • Spam You

  • Denial of Service


Most common items to protect l.jpg
Most Common Items to Protect

  • Intellectual Property

  • Customer’s And Staff’s Privacy

  • Confidential Data

  • System Availability

  • Reputation

  • Regulatory Challenges


Assessment benefits l.jpg
Assessment Benefits

  • Roadmap

  • Establishes Baseline

  • Strengthens Security

  • Provides Due Diligence

  • Efficient Formal Audits

  • Finds the Weak Areas


How to identify and prioritize risk l.jpg
How To Identify and Prioritize Risk

  • Holistic Approach

    • Comprehensive reviews (infrastructure, server, application, etc.)

    • Based on Organizational Security Policy, and taking full life cycle into account

    • Consider people and processes, as well as technology

  • Sensible, accessible documentation

    • Helpful to executive decision-makers: explanation of risk in business terms

    • Helpful to managers: project plans, prioritization of tasks

    • Helpful to technical staff: clear standards, specific recommendations

  • Threat Modeling

    • Identifying assets

    • Identifying threats

    • Making qualitative (or quantitative) assessments of risk


Top ten security risks l.jpg
Top Ten Security Risks

  • Policies & Procedures

  • Security Awareness

  • Access and Authorization

  • Patch Management

  • Mis-Configured Systems & Applications

  • Encryption & Digital Signatures

  • Incident Handling Processes

  • Disaster Recovery & Business Continuity

  • Physical Safeguards

  • Intentional Bypassing of Security Controls


Security policies l.jpg
Security Policies

  • Communicate Your Organizations Commitment to Security

  • Provide a Baseline and Roadmap for Security Controls

  • Demonstrate Due Diligence

  • All Pertinent Security Control Information Communicated

  • Realistic – Manageable

  • Enforceable


Security awareness l.jpg
Security Awareness

  • A well trained user will assist your security efforts

  • Time needs to be invested in user training

  • A well trained user usually requires less help desk support


Access authorization l.jpg
Access & Authorization

  • Weak Passwords

  • Sharing Accounts

  • Not Enforced

  • Easy to Exploit

  • Prevention

    • Strong Security Policies

    • Utilize OS Complex Password Configuration

    • Implement Technical Authorization, Authentication and Accounting Mechanisms (AAA)

    • Implement Two-Factor Authentication


Patch management l.jpg
Patch Management

  • Hard to Manage

  • Less Window of Opportunity

  • Exploits are coming too fast

  • Can Break System

  • Require Resources

  • Prevention

    • Strong Patch Management Mechanisms – Automate

    • Add Intrusion Prevention Mechanisms


Mis configured systems l.jpg
Mis-Configured Systems

  • Assure only needed or updated Services

  • Strengthen SNMP Strings

  • Secure Wireless Networks

  • Remove Default Settings

  • Filter Outgoing Access at Firewall


Encryption digital signatures l.jpg
Encryption / Digital Signatures

Protects Against:

  • Forging

  • Impersonation/

    Spoofing

  • Eavesdropping

  • Intercepting

  • Denial of Receipt or Send (Non-Repudiation)


Incident handling process l.jpg
Incident Handling Process

  • Intrusion Prevention/Detection

  • Anti-virus Mechanisms

  • Logging/Auditing

  • Strong Policies and Documentation


Disaster recovery business continuity l.jpg
Disaster Recovery & Business Continuity

  • Formal Plan

  • Prioritized Systems

  • Standard Backup Process

  • Tested Backups

  • Redundant Systems


Physical safeguards l.jpg
Physical Safeguards

  • Visitor Badges

  • Building & Data Center Access/Monitoring

  • Fire Prevention/Suppression & Detection

  • UPS Testing and Load


Intentional by passing of security controls l.jpg
Intentional By-Passing of Security Controls

  • Installing

    • Modems

    • Wireless Networks

    • Gotomypc or other remote access items

    • Unauthorized Software – Games, Screensavers, etc

  • Prevention

    • Strong Security Policies

    • Centralized and Managed Intrusion Prevention Mechanisms

    • Implement Network Admission Control


Importance of nist iso 17799 l.jpg
Importance of NIST & ISO-17799

  • National Institute of Standards & Technology Referenced Throughout Most Regulations

  • Policies and Procedures Are Critical to NIST Best Practices

  • ISO-17799 is Industry Recognized Standard for Security

  • ISO-17799 Covers 10 Areas of Security

  • Each ISO-17799 Area Has Individual Security Items

  • If You Follow NIST and ISO-17799 You Would Have a Strong Security Posture and Should Pass Almost Every Audit

  • Combine NIST 800-26 Levels and ISO-17799


Iso 17799 covered areas l.jpg
ISO-17799 Covered Areas

  • Security Policies

  • Organizational Security

  • Asset Classification & Control

  • Personnel Security

  • Physical and Environmental Security

  • Communications & Operations Management

  • Access Control

  • System Development & Maintenance

  • Business Continuity Management

  • Compliance


Nist legend l.jpg
NIST Legend

  • Level 1 – control objective documented in a security policy

  • Level 2 – security controls documented as procedures

  • Level 3 – procedures have been implemented

  • Level 4 – procedures and security controls are tested and reviewed

  • Level 5 – procedures and security controls are fully integrated into a comprehensive program.



Remediation costs l.jpg
Remediation Costs

  • It is important to budget for remediation

  • A security assessment without remediation efforts is a waste of time and money

  • Remediation usually involves resource time and product cost

  • It is important to budget for one time and reoccurring costs


Remediation first steps l.jpg
Remediation – First Steps

  • Prioritize Risks and Remediation Steps

  • Align Business and IT Strategies

  • Establish Resources – Internal, External, Products

  • Establish Internal SLAs between IT and Business Units


Internet links question answers l.jpg
Internet Links & Question/Answers

Thank

You

  • www.berbee.com

  • www.cisco.com

  • www.ibm.com

  • www.microsoft.com

  • www.rsa.com

  • www.gocsi.com

  • www.sans.org

  • www.nist.gov


ad