cyber security for growing organizations...cyber security for growing organizations action plan for...

Cyber Security For Growing OrganizationsAction Plan For Executives

Presented by Steve Meek, CISSP

Copyright © 2019 The Fulcrum Group Inc.

Agenda

Cybersecurity news

Risk Management

What to do

Giveaway


About Me?


Cybersecurity News

Center for Internet Security- May 2019.


Cybersecurity News


Cybersecurity News

Common threats

Business Email Compromise

Digital Extortion

Ransomware

Crypto-mining

False sense of security

Verizon 2019 DBIR


Risk Management

Security Events

Security Incidents

Data Breaches


Risk Management

Risk Matrix

Likelihood- probability

that a risk can occur

Impact- potential effect on

the organizationExtremely

Harmful

Harmful Slightly

Harmful

Highly

Likely

Likely

Unlikely

40%

30%

Impact

Lik

eli

ho

od


Risk Management

Different types of security

Doors

Windows

Locks

Fence

Alarm

Motion Sensor

Crime Watch

Monitoring

Dog

Gun(s)

Police

Insurance

Protect Detect Respond


Risk Management

The National Institute of Standards and Technology

(NIST) Guidance


Risk Management


What to do?

Left of Boom Right of Boom

Risk assessments

Vulnerability scanning

Penetration testing

Compliance review

Firewalls

Anti-virus

Email filtering

IDS/IPS

Security Operations

Incident Response

Remediation

Forensics

Secure Workforce and Cyber Security Insurance


What to do?

Center for

Internet

Security


What to do- Exercise

SMB Security Maturity Model

Identify Protect Detect Respond Recover

Exec involvement

Hardware/software

Basic policies

Advanced policies

Threat intelligence

Risk assessment

Standards/

procedures

Key data

repositories

Third-party eval.

1

3

5

Physical security

Secure configs

Patch OS, A/V, f/w,

email filter

Security

awareness

Admin control

NGFW, URL, MFA

Secure network

Simulated phishing

Encryption at

rest/in transit

High availability

Logging configured

Owner

Network monitoring

Security

information and

event management

Log review

Continuous

security monitoring

Lessons learned


What to do- Full

SMB Security Maturity Model

Identify Protect Detect Respond Recover

Who’s

responsible

Communication

Data

classification

Basic incident

response

Tracking

Analysis/mitigation

Detailed IRP/ SIRT

Work lessons

learned

Server backups

Cloud protections

PC/device

recover

Business impact

assessment

Basic recovery

plan

Lessons learned

Detailed recovery

Tested recovery

Manage retention,

recovery times


Summary

Use threat intelligence to know

risks

Be the leader your organization

needs

Beware a false sense of

security

Identify key assets and data

repositories

Work both left and right of boom

Make detection a key security

effort


Giveaway

The Fulcrum Group, Inc.

5751 Kroger Drive, Suite 279,

Fort Worth, TX 76244

Phone: 817-337-0300

Support Desk: 817-898-1277

Web: www.fulcrum.pro

[email protected]

http://www.fulcrum.pro/

mailto:[email protected]


SMB LinksNational Cyber Awareness System

Alerts https://www.us-

cert.gov/ncas/alerts

2019 Data Breach Investigations Report

https://enterprise.verizon.com/resources

/reports/dbir/

National Institute of Standards and

Technology

https://www.nist.gov/cyberframework/sm

all-and-medium-business-resources

CIS® (Center for Internet Security, Inc.)

https://www.cisecurity.org/controls/

Global Cyber Alliance (GCA) toolkit

https://gcatoolkit.org/smallbusiness/

Ghost In The Wires: My Adventures as

the World's Most Wanted Hacker by

Kevin Mitnick

https://www.us-cert.gov/ncas/alerts

https://enterprise.verizon.com/resources/reports/dbir/

https://www.nist.gov/cyberframework/small-and-medium-business-resources

https://www.cisecurity.org/controls/

https://gcatoolkit.org/smallbusiness/

cyber security for growing organizations...cyber security for growing organizations action plan for...

Documents