KEYNOTE
Two Perspectives for
Cybersecurity Best Practices
Jane LeClair, Phd
Chief Operating Officer
National Cybersecurity Institute
(NCI) at Excelsior College
Lisa Lori
Partner
Klehr, Harrison, Harvey,
Branzburg LLP
POWERED BY:
#NPPROTGC
The Challenges of
Cybersecurity
Dr. Jane LeClair
Chief Operating Officer
National Cybersecurity Institute
at Excelsior College
POWERED BY:
#NPPROTGC
A Connected World
POWERED BY:
#NPPROTGC
Malicious Intent
4
Staggering Losses
Financial Losses





Cyber crime costs the global economy $1 trillion annually
Merchants lose $190 billion to credit card fraud annually
Banks lose $11 billion in ATM fraud annually
Identify theft costs Americans $37 billion annually
Over 70 million people in the US were cyber victims last year
POWERED BY:
#NPPROTGC
Well Known Breaches
POWERED BY:
#NPPROTGC
Cyber Breaches Are
Everywhere
Hackers Attack Everywhere
Banks
Defense contractors
Learning institutions
Medical facilities
Government agencies
The White House
And….Non-profit organizations
POWERED BY:
#NPPROTGC
What Are They After?
DATA!!
•Hackers are seeking data from any source they can obtain it
•Personally Identifiable Information (PII)
•Data is ‘mined’ and used for further intrusions
•Information is leveraged to gain higher access
POWERED BY:
#NPPROTGC
But More Than That . . .
Cyber Warfare
•Defined as “actions by a nation state to penetrate another
nation’s computers or networks for the purposes of causing
damage or disruption” (Clarke and Knake, 2010)
•Goal of gaining access to many of America’s digital
infrastructures
POWERED BY:
#NPPROTGC
So What’s Changing
Higher Level of Sophistication
•Computer virus
•Network worms
•Sophisticated malware
•Targeted attacks, mobile attacks, espionage, cyber warfare
POWERED BY:
#NPPROTGC
How That Impacts You
Gateway
•Attacks are rising
•Vulnerability increased through the backdoor
•Increased costs when systems down
•Increased access to clients, partners, donors, contractors, etc.
POWERED BY:
#NPPROTGC
Organizational Structure
Challenges
•Ability and Desire to secure systems make you unique
•Generally centralized management
•Limited specialized cyber staff
•Relaxed culture often has limited formal cyber policies
•Large numbers do not have formal cyber security plan
•Large numbers do not have a formal internet security policy
•Often ignore cyber due to day-to-day operations
•Competing with large organizations, intel groups, military,
government for workforce
POWERED BY:
#NPPROTGC
Organizational Structure
Challenges
•Often ignorant of extent of security threats
•May feel it’s a given….why worry….flawed perceptions
•Not concerned about internal threats
•Don’t have expertise to develop and implement plans/policies
•Often feel that a data breach would have no effect on them
•Large numbers of owners/operator are responsible personally
•Forced to depend on advice from vendors/consultants
•Physical/Cyber security not made a priority
POWERED BY:
#NPPROTGC
What You Are Facing
Threats
•Increased basic attacks and more sophisticated
•Focus of attacks has been easily exploitable weaknesses
•Trojans used to lurk within and be a watering hole
•Attackers play on low knowledge level, limited resources,
inexperience in design configuration and implementation of
controls such as passwords, updated security settings,
patch management, phishing
POWERED BY:
#NPPROTGC
What You Can Do
Realization
Awareness
Preparation
POWERED BY:
#NPPROTGC
Realization
• All digital systems are vulnerable
• It isn’t a matter of IF, but WHEN you will be
attacked
• Work to reduce your chances of a cyber
breach
POWERED BY:
#NPPROTGC
Realizing Your Vulnerability
POWERED BY:
#NPPROTGC
Awareness
• Reduce your risk
• Increase awareness
• Educate and train your employees
POWERED BY:
#NPPROTGC
Cyber Threats
•
•
•
•
•
Sophisticated Malware
Impact of Internet of Things
Bring Your Own Devices
Expanded Black Market
Increased Website Hijacking
POWERED BY:
#NPPROTGC
Cybersecurity is a
People Problem





#NPPROTGC
Wired communication pathway between
the digital network and the Internet
Wireless communication pathway
between the digital network and the
Internet
Connection (authorized and
unauthorized) of portable digital media
and computing devices to the digital
network
Physical access (authorized and
unauthorized) to the digital network
(insider threat)
Hardware/software supply chain
(equipment from a supplier) POWERED BY:
Integrating the Domains
Ensure the
right
technology,
configuration
maintenance
and integration
Ensure
awareness,
acceptance
and tech
personnel
required
Ensure policies/
procedures are
in place to
define scope,
application, use
and exceptions
POWERED BY:
#NPPROTGC
Cyber Focus
Social engineering is the #1 method of initiating a breach
ALL of us house personally identifiable information
If you don’t have the expertise… hire it!
You can build better ‘mousetraps’
Pay attention to Cloud security
Be aware of your supply chain
POWERED BY:
#NPPROTGC
Prepare
Prepare for the Inevitable
 Install an Intrusion Detection System (IDS)
 Appoint and train a cybersecurity response team
 Develop a cybersecurity disaster and recovery plan
POWERED BY:
#NPPROTGC
Disaster Recovery




Key steps to reduce the pain of a data breach
Legal issues after a data breach
What to tell the media, customers, vendors
How to reduce the chances of a future attack
POWERED BY:
#NPPROTGC
Key Steps After a
Data Breach
 Assemble internal team
 Perform initial internal investigation
 Document who and how it was discovered and what might
have been stolen
 Contact law enforcement
 Hire specialists
 Prepare for media coverage, social media
POWERED BY:
#NPPROTGC
Key Steps After a
Data Breach






Communicate with your customers
Perform in-depth investigation
Continue in-depth documentation
Implement fixes
Validate the fixes
Enhance overall cybersecurity measures
POWERED BY:
#NPPROTGC
Documentation




Document the potential scope of the attack
What parts of the network were attacked?
What data may have been stolen?
How was the attack identified?
POWERED BY:
#NPPROTGC
Investigation
 Evidence Preservation
• View your system as a physical crime scene. Evidence
must be protected and an initial investigation conducted
quickly and with as little contamination as possible.
• Retain system, application, database, and network device
logs and avoid making changes to the system suspected of
being compromised before data is preserved.
POWERED BY:
#NPPROTGC
Investigation
Forensic Data Collection
• Consult an expert to assist you in acquiring a forensic image
of the hard drive and the live memory of the systems
suspected of being compromised
• Follow the proper chain of custody procedures. The more
details you can save, the better chance there is to identify the
criminals.
POWERED BY:
#NPPROTGC
Legal Issues After a
Data Breach




Expect Lawsuits
Determine Notification Requirements
Be prepared to share breach documentation
Determine what outside help needed
POWERED BY:
#NPPROTGC
How to Reduce Chances
of a Future Attack
Implement stronger security measures. It can happen to
you again
POWERED BY:
#NPPROTGC
How to Reduce Chances
of a Future Attack
 Conduct employee awareness training:
• Each person needs to be cautious
• Do role-playing with phishing examples
• Practice social engineering tricks so your people
can identify someone trying to do it
POWERED BY:
#NPPROTGC
Response Planning
Create a list of key people to involve for your response to an attack:
 Management: Senior officers or owners
 IT: Employee or outsourced key contact
 Financial: Employee or outside bookkeeper
 Marketing/PR: Communications to customers, vendors, partners
as well as media responses and press releases
POWERED BY:
#NPPROTGC
Response Planning
 Human Resources: Communications to employees and
how to handle questions from customers or the media.
 Telecommunications: How to communicate with staff,
vendors and customers if work-provided phones and
email system are compromised.
POWERED BY:
#NPPROTGC
Cyber Education and Training
Requirements










Web and Email Security
Cyber Law Requirements
Social Media
Data Storage
End/Host Security
Mobile Security
Wireless Security
Cloud Security
Disaster Recovery and Business Continuity Planning
Senior Management Responsibility
POWERED BY:
#NPPROTGC
Recommendations and
Best Practices












Know your risk from a Technical and Human standpoint
Know how your information is used and stored
Ensure TOTAL integrity
Implement Robust password policies
Have a Disaster/Recovery plan
Ensure encryption on all devices
Scan emails and files to prevent introduction of viruses
Keep Patch management updated
Ensure employee education
Have and update policies
Improve cyber culture within the organization
Consider Cyber Insurance
POWERED BY:
#NPPROTGC
Best Practices
Plan Ahead






Assess assets, risks, resources
Build policies
Choose controls
Deploy controls
Educate executives, employees, vendors
Continually assess, audit and test
POWERED BY:
#NPPROTGC
Future Trends




There will be an increase in cyber attacks
Small organizations will continue to be gateways
Increased interconnection of organizations and clients
Growing need to develop a cyber culture
POWERED BY:
#NPPROTGC
National Cybersecurity
Institute
The National Cybersecurity Institute (NCI) at Excelsior College
is an academic, research and training center located in
Washington, D.C. Its mission is to assist government, industry,
military, and academic sectors meet our cyber security
challenges, with a particular focus on shaping the cyber security
workforce.
POWERED BY:
#NPPROTGC
National Cybersecurity
Institute
 Provide training on security awareness
 Professional development training for cyber professionals
 Support research / publications conducted by leading cyber security
experts
 Facilitate workshops to educate stakeholders on important
dimensions of cyber security
 Present webinars to widely disseminate cutting edge policy and
research
 Help you develop your cyber plan, risk assessment, incident
response and training
POWERED BY:
#NPPROTGC
Questions?
Dr. Jane LeClair
Chief Operating Officer
National Cybersecurity Institute
2000 M St NW Suite 500
Washington, D.C.
nci@excelsior.edu
www.excelsior.edu
POWERED BY:
#NPPROTGC