Cyber Security Objectives
advertisement
30/09/2015 Cyber Security Pat Larkin Ward Solutions 1 October 21st 2015, AstraZeneca, Macclesfield Objectives • Cyber security has failed to date • What are the current trend and issues that we see? • What can we do to protect our assets? 2 October 21st 2015, AstraZeneca, Macclesfield 1 30/09/2015 FIRST LET’S DEFINE CYBER SECURITY 3 October 21st 2015, AstraZeneca, Macclesfield What is Cyber Security? • Greek origins - hype-jacked by fiction, military & “next generation” vendors • It’s sticking… – consumer level – exec level • So what's the problem?... 4 October 21st 2015, AstraZeneca, Macclesfield 2 30/09/2015 What & How – CIA (A) 5 October 21st 2015, AstraZeneca, Macclesfield Why? October 21st 2015, AstraZeneca, Macclesfield 3 30/09/2015 Purists see it as.. Assumes • external compromise • Internet realm • excludes non internet data/systems • excludes physical data 7 October 21st 2015, AstraZeneca, Macclesfield Lots of people see it as Cyber Security Compliance Information Security = Compliance Some people see it as Cyber Security Information Security Define what it is to your organisation and communicate it 8 October 21st 2015, AstraZeneca, Macclesfield 4 30/09/2015 CYBER SECURITY IS FAILING 9 October 21st 2015, AstraZeneca, Macclesfield Bad guys are winning! 10 October 21st 2015, AstraZeneca, Macclesfield Darkreading 5 30/09/2015 96% fit these patterns October 21st 2015, AstraZeneca, Macclesfield October 21st 2015, AstraZeneca, Macclesfield Verizon 2015 DBIR report 11 49% of FTSE500 exposed • Credentials on paste sites 12 October 21st 2015, AstraZeneca, Macclesfield 6 30/09/2015 Worrying stats! 13 October 21st 2015, AstraZeneca, Macclesfield • Legacy, old tech • Finite resources • Overwhelmed defence • ROI poorly defined • Lucky ALL the time • • • • Agile, latest tech More resources Overwhelming opps Nation state investment • ROI defined • Lucky only once 14 October 21st 2015, AstraZeneca, Macclesfield 7 30/09/2015 Too many opportunities 15 October 21st 2015, AstraZeneca, Macclesfield Value of an email acct 16 October 21st 2015, AstraZeneca, Macclesfield 8 30/09/2015 Cybercrime commerce 17 October 21st 2015, AstraZeneca, Macclesfield Excellent tools 18 October 21st 2015, AstraZeneca, Macclesfield 9 30/09/2015 Strong ROI Sell by Bad Guy • Paypal/eBay accts - $300 • Bank accts - $200-500 • Itunes $8 per acct • Fedex.com • Facebook, Twitter – $2.50 per acct • Credit reports - $25 • Health records - $25+ • Mobile phone - $14 Cost to organisation • $154 per record - €3.79M avg breach cost – – – – – – – IR team = -$12 & $-7 IR & DR team = -$12 Encryption = -$12 Employee training = -$8 CISO involvement = -$5 Board involvement = -$5.50 Cyber insurance = $-4 19 October 21st 2015, AstraZeneca, Macclesfield SHIFTING TRENDS 20 October 21st 2015, AstraZeneca, Macclesfield 10 30/09/2015 Start with acceptance ! • Not IF but WHEN! • Assume you can be breached at any time - for some time • Communicate this….up and down your organisation 21 October 21st 2015, AstraZeneca, Macclesfield Response ? • Work systemically to: – Reduce – Remove – Repair – Continuously improve • Target your resources and efforts • Don’t reinvent the wheel 22 October 21st 2015, AstraZeneca, Macclesfield 11 30/09/2015 Shift 1 Maturity based REACTIVE COMPLIANT/PROACTIVE OPTIMIZED (~3% of IT Budget on Security) (~8% of IT Budget on Security) (~4% of IT Budget on Security) TCO (CapEx + OpEx) Security Posture SECURITY OPTIMIZATION 23 October 21st 2015, AstraZeneca, Macclesfield Shift 2 Egg to honeycomb October 21st 2015, AstraZeneca, Macclesfield October 21st 2015, AstraZeneca, Macclesfield 24 12 30/09/2015 Shift 3 scattered to targeted attacks 25 October 21st 2015, AstraZeneca, Macclesfield CKC Based on LockheedMartin CKC26 October 21st 2015, AstraZeneca, Macclesfield 13 30/09/2015 EVOLVING APPROACHES 27 October 21st 2015, AstraZeneca, Macclesfield More emphasis on P’s • “Human firewall” is much more effective 28 October 21st 2015, AstraZeneca, Macclesfield 14 30/09/2015 Look to kill the chain 29 October 21st 2015, AstraZeneca, Macclesfield New lifecycle approach 30 October 21st 2015, AstraZeneca, Macclesfield 15 30/09/2015 New lifecycle approach Identify Protect Detect • • • • • Asset Mgmt Biz env Governance Risk Assessment Risk Management Respond Recover 31 October 21st 2015, AstraZeneca, Macclesfield Protect Identify Protect Detect Respond Recover • • • • Access control Awareness & Training Data Security Info protection process and procedures • Maintenance • Protective technologies 32 October 21st 2015, AstraZeneca, Macclesfield 16 30/09/2015 Detect Identify Protect Detect Respond • Anomalies • Events • Continuous Monitoring • Detection process Recover 33 October 21st 2015, AstraZeneca, Macclesfield Respond Identify Protect Detect Respond Recover • • • • • Response planning Communications Analysis Mitigation Continuous Improvement 34 October 21st 2015, AstraZeneca, Macclesfield 17 30/09/2015 Recover Identify Protect Detect Respond • Recovery Planning • Improvements • Communications Recover 35 October 21st 2015, AstraZeneca, Macclesfield Integrate Risk A & M Define Identify Categorise Protect Monitor Plan Detect Respond Authorise Recover Implement Assess Manage 36 October 21st 2015, AstraZeneca, Macclesfield 18 30/09/2015 Secure Supply Chain October 21st 2015, AstraZeneca, Macclesfield 37 Proactive Assurance Functional Specification & Security Specification Requirements Design Systems & Software Design & Security Design Implementation Systems & Software Build & Security Build Verification Object, Module, Integration and Systems Testing Code Review, Vulnerability & Pen Testing, DR testing Maintenance Helpdesk/Call Centre - ITIL V3 Authentication & Anti Social Engineering October 21st 2015, AstraZeneca, Macclesfield 19 30/09/2015 Agility 39 October 21st 2015, AstraZeneca, Macclesfield Information is an Asset? Gartner 2015 October 21st 2015, AstraZeneca, Macclesfield 40 20 30/09/2015 Do simple things quickly Verizon 2015 DBIR 41 October 21st 2015, AstraZeneca, Macclesfield 100% Security ? 42 October 21st 2015, AstraZeneca, Macclesfield 21 30/09/2015 ? Pat Larkin Ward Solutions October 21st 2015, AstraZeneca, Macclesfield 43 22
