Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

The Prescription for Protection - Avoid Treatment Errors To The Malware Problem

424 views

Published on

Malware is an ailment many companies suffer from but the prescription for protection is simpler than you think. In this presentation, Vanderburg and Salamakha apply the five rights for avoiding drug errors to the malware problem at the Advanced Persistent Threats Summit.

1) Right client – Authentication
2) Right route – Gaps and strategies
3) Right drug – Security controls
4) Right dose – Security/business balance
5) Right time – Staying up to date.

Stay healthy, stay safe.

Published in: Technology
  • ⇒ www.WritePaper.info ⇐ is a good website if you’re looking to get your essay written for you. You can also request things like research papers or dissertations. It’s really convenient and helpful.
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • Be the first to like this

The Prescription for Protection - Avoid Treatment Errors To The Malware Problem

  1. 1. © 2016 JURINNOV, LLC All Rights Reserved. The Prescription for Protection Avoid Treatment Errors to the Malware Problem Advanced Persistent Threats Summit Eric Vanderburg and Bogdan Salamakha JUNE 15, 2016
  2. 2. © 2016 JURINNOV, LLC All Rights Reserved. Eric Vanderburg Director of Cybersecurity Over 40 certifications Licensed private investigator MBA with an IS concentration BS, Technology AAB, Computer Information Systems 18 years experience in information assurance and cybersecurity Author Expert witness
  3. 3. © 2016 JURINNOV, LLC All Rights Reserved. Bogdan Salamakha Penetration Tester and Security Researcher MPSC (Metasploit Pro Certified Specialist) Penetration tester and security researcher Operates JURINNOV’s honeynet Specializations include: Vulnerability assessment Ethical hacking Security analysis Incident response
  4. 4. © 2016 JURINNOV, LLC All Rights Reserved. Traditional Malware Your data or your money Encrypts or blocks access to data and demands money to gain access Examples:  Reveton  CryptoLocker  CryptoWall General viruses, trojans and worms • Spread quickly • Destroy data • Open backdoors • Make computers sluggish • Hijacks browser sessions • Steals data Coordinated malware • The cloud for crooks • Over 700 million bots worldwide • 12% of bots active • Malicious bots responsible for 29% of worldwide Internet traffic • 90% of security events are from bot activity Ransomware Bots
  5. 5. Right Client - Authentication They come to you in sheep's clothing, but inwardly they are ferocious wolves. -Matthew 7:15 NIV
  6. 6. © 2016 JURINNOV, LLC All Rights Reserved. Right Client - Authentication Drive by malware • Web filtering • Block Javascript for sites unless you need it • Ad blocking • Browser updates Software downloads • AppLocker • Java application signature verification • Microsoft code signing • Utilize official app stores • Microsoft Store • Ubuntu Software Center
  7. 7. © 2016 JURINNOV, LLC All Rights Reserved. Right Client - Authentication Mobile apps • Utilize official repositories • Read reviews • Developer reputation • Developer professionalism Email attachments • Discretionary execution • Protected mode • Macros
  8. 8. Right Route – Gaps and Strategies Productivity is never an accident. It is always the result of a commitment to excellence, intelligent planning, and focused effort. -Paul J. Meyer
  9. 9. © 2016 JURINNOV, LLC All Rights Reserved. Right Route – Gaps and Strategies •Gap assessments • SWOT • Priorities • Vision •Data inventory  Data classification • Patient information • Engineering documents • Competitive advantage information / IP • Financial information
  10. 10. © 2016 JURINNOV, LLC All Rights Reserved. Right Route – Gaps and Strategies • Identify best practices • Security governance framework • Policies and procedures • Top level support • Trained staff • Identify required third parties
  11. 11. © 2016 JURINNOV, LLC All Rights Reserved. What is greatest threat for your industry?
  12. 12. Right Drug – Security Controls I am dying from the treatment of too many physicians. -Alexander the Great
  13. 13. © 2016 JURINNOV, LLC All Rights Reserved. Right Drug Technical controls Procedural controls Training
  14. 14. © 2016 JURINNOV, LLC All Rights Reserved. Network Security NAC Firewall IPS / IDS Content security Wireless Monitoring Security Management Compliance Security Operations System Management Vulnerability Management Patch Management Change Management Data Security Encryption DLP Database Security Identity and Access Management Federation Web access management Provisioning Directories Authentication Virtualization Segmentation Hypervisor isolation Parent/child relationships Hypervisor authentication Cloud Provider resiliency Data exchange protocols Incident detection / notification Application Security Security Development Web Application Assessment Application Testing Web Application Firewalls Endpoint Security Remote Access / VPN Device Control Disk Encryption Mobile Security A/V Right Drug – Technical Controls
  15. 15. © 2016 JURINNOV, LLC All Rights Reserved. Right Drug – Procedural Controls •Incident response • Ticket escalation and tracking • Customize for: • Traditional malware • Bots • Ransomware • Procedures
  16. 16. © 2016 JURINNOV, LLC All Rights Reserved. Right Drug – Procedural Controls •Investigative procedures • Evidence handling • Third party services •Notification procedures • Customer notifications • Legal requirements • Public relations •Incident debriefs •Table top exercise / scenario
  17. 17. © 2016 JURINNOV, LLC All Rights Reserved. Right Drug – Training • Incident reporting • Recognizing spam and phishing • Data classifications • Data sensitivity levels • Data availability levels • Storage locations • Transmission restrictions • Passwords • Warning signs
  18. 18. Right Dose – Security and Business Balance I tried being reasonable, I didn't like it. –Clint Eastwood
  19. 19. © 2016 JURINNOV, LLC All Rights Reserved. Right Dose – Finding the Balance • Defining an acceptable minimum • Compliance requirements • Due diligence • Industry standards • Competitive analysis •Risk analysis • Impact + likelihood vs. cost to remediate Acceptable Minimum Risk analysis Competitors Compliance & Standards
  20. 20. © 2016 JURINNOV, LLC All Rights Reserved. Right Dose – Security and Business Balance • Combining similar controls • Streamlining existing controls • SSO • Automation • Start with security • Solicit feedback and involvement
  21. 21. Right Time – Staying up to Date “The early bird gets the worm, but the second mouse gets the cheese.” ― Willie Nelson
  22. 22. © 2016 JURINNOV, LLC All Rights Reserved. Right Time – Staying up to Date • Don’t stop now! • Awareness • Continuous improvement and Metrics • Updates and NAC • Right place in the adoption curve
  23. 23. © 2016 JURINNOV, LLC All Rights Reserved. Questions

×