1 / 34

Cyber Immune Defense: HITRUST CSF Delivers an Active Cyber Defense

Cyber Defense Strategy. Cyber Immune Defense: HITRUST CSF Delivers an Active Cyber Defense. Agenda!. Assess enterprise readiness for attacks such as IoT + DDoS, botnets, ransomware and more Review options for and how to implement the HITRUST CSF as a cybersecurity framework

bwilkins
Télécharger la présentation

Cyber Immune Defense: HITRUST CSF Delivers an Active Cyber Defense

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Cyber Defense Strategy Cyber Immune Defense: HITRUST CSF Delivers an Active Cyber Defense

  2. Agenda! Assess enterprise readiness for attacks such as IoT + DDoS, botnets, ransomware and more Review options for and how to implement the HITRUST CSF as a cybersecurity framework Step thru how a single standard such as HITRUST CSF addresses GDPR, NIST CsF, 23 NYCRR 500, and more Learning Objectives Cyber Risk = Business Risk State of Cybersecurity Compliance Risk HITRUST: Key Facts! Cyber Defense Strategy

  3. Cyber Risk = Business Risk

  4. Human Immune Defense • The human body is waging a constant battle against harmful microscopic organisms • One of the human body’s targeted line of defense is the immune system Immune System • Our immune system recognizes and defends against specific pathogens, cancer cells, and certain chemicals • The immune system delivers a specific, or targeted defense • The immune system is able to distinguish between its own body cells (“self”) intruders (“non-self”) • When non-self cells or other intruders are identified, the immune system launches a customized response • While such a response may take longer it is longer lasting and typically more effective than non-specific defenses Human Body • Over a 100 trillion organisms in our gut • 8,000 different bacteria, viruses • Impacted by sleep, exercise, diet

  5. Human Immune Defense(Cont’d…) Within the digital business, the PII volume will only increase, and so will attack surfaces. The challenge to defend assets of value that extend across mobile platforms and a diverse cloud eco-system is not insignificant. Further, not just sensitive data but also our security controls may be at risk. The security controls must also be formally assessed to ensure these have not been compromised.

  6. State of Cybersecurity

  7. A Current Cyber Assessment: Results

  8. A Current Cyber Assessment: Results Allow an attacker to take control of the system [745 instances] • Allow an attacker to gain unauthorized access to sensitive data [214 instances] • Allow an attacker to perform a Denial of Service attack [169 instances] • Provide an attacker with valuable information [167 instances] • Allow an attacker to gain elevated privileges [99 instances] • Allow an attacker to gain access to sensitive data [76 instances] • Allow an attacker to bypass security restrictions [22 instances]

  9. Verizon Report (DBIR) • The Verizon Data Breach Investigations Report (DBIR) identified the following state of cybersecurity Cyber Risk to Business 68% 94%

  10. Cyber-attacks Attack Facts 76% 58% 68%

  11. Breach Facts

  12. Ransomware has ballooned into a $1B business for criminal enterprises Increasingly, impacting business critical systems Over 50% of small and medium sized businesses, were victims of ofransomware attacks in 2017 Ransomware Cyber-attacks Prepared

  13. Israeli intelligence officers looked on in real time as Russian government hackers researched computers around the world for American intelligence programs. Russian hackers were detected and followed for over two years by Israeli intelligence. • Russian hacker used an improvised search tool – antivirus software made by the Russian company, Kaspersky Lab. • Kaspersky software requires access to everything stored on the computer, so it can scout for viruses or other malware. The security software scans for signatures of malicious software or malware and removes it or neuters it. It then sends the report to Kaspersky Lab. • This was the perfect tool for Russian intelligence to exploit to survey the content of computers and retrieve whatever was found to be of interest. • Kaspersky employee noticed unusual activity on the network. Kaspersky noted that the breach bore striking similarities to a previous attack known as “Duqu,” which was attributed to nation-states responsible for the Stuxnetcyberweapon. Israeli Spies Watching Russian Hackers Watching American Systems!

  14. Our Past: A Mirror to Cyber Future • An IoT botnet, dubbed IOTroop, is expected to spread faster than Mirai; it has infected more than 1 million organizations since its discovery in late September 2017. • FBI has reported that over two million IoT devices may have been compromised by malware. • DDoS attack speeds are exceeding 1.7 Tbps! Mirai, Japanese, for “the future,” represents the future of threats to come.

  15. Bottom Line: Cyber Attack Lifecycle

  16. Compliance Risk

  17. GDPR Areas of Impact

  18. Cyber Security Framework

  19. 23 NYCRR 500, Cybersecurity

  20. CCPA Regulation: The Future? • California passed the California Consumer Privacy Act of 2018 (CCPA) • CCPA goes into effect on January 1, 2020. • Grants California residents’ new privacy rights and will provide California residents with more control over their personal information and includes significant penalties to companies that fail to comply. California Enacts First State Law Targeting IoT Cybersecurity The California law, which goes into effect on January 1, 2020, sets requirements for manufacturers of a "connected device." This term is broadly defined to include "any device, or other physical object that is capable of connecting to the Internet, directly or indirectly, and that is assigned an Internet Protocol address or Bluetooth address.

  21. HITRUST: An Emerging Cyber Standard

  22. Adopt a Cybersecurity Framework. Examine HITRUST CSF Senior leadership must ensure a credible cybersecurity program is established. The cybersecurity program should be based on a mature, robust cybersecurity framework Businesses are surrounded by asymmetric risk. HITRUST CSF provides a comprehensive, scalable, and a technology-neutral framework

  23. HITRUST Facts • HITRUST CSF is architected on the ISO/IEC 27001. • All security requirements are mapped to Control Categories/Domains. 14 Security Control Categories • 45 Control Objectives 149 Control Specifications

  24. HITRUST Path to Certification Self-Assessment Validation Certification

  25. Cyber Defense Strategy 1. Know the Enemy and Know Yourself 2. All Warfare is Based On Deception 3. In Warfare There Are No Constant Conditions The Art of War, Sun Tzu, 5th Century BC

  26. Verizon Report (DBIR): Exec Summary Use two-factor authentication Don’t forget physical security

  27. Five Why’s! Identify root causes using the “five whys” technique. The method, pioneered by Toyota Motor Corp., calls for repeating the question “why?” and then using each answer as the basis of the next question. For example, if someone discloses a bug that leads to remote code execution, then ask The exercise isn’t about blame, but getting to the core problem

  28. Final Thoughts During the Reagan-Gorbachev years, the mantra was Trust, but Verify. That seems like light-years ago. Today, the mindset is Verify, then Trust! • Bottom-line.Get started and develop an enterprise cybersecurity plan based on your adopted cybersecurity framework. • The journey of the past had Mirai associated with it. Add Artificial Intelligence (AI) with DDoS, and the risk is only significantly higher today. • Mirai represents the threat. Kaizen reflects our approach for cyber defense.

  29. Cyber Immune Defense

  30. About ecfirst

  31. Thank you! | Ali.Pabrai@ecfirst.com +1.949.528.5224

More Related