Cybersecurity at Texas Tech

Vince Fell | Doug Fox | Kay Rhodes | Jerry Rodriguez | Sam Segran

Agenda• Information Resources, IT Governance,

Collaborations• Kay Rhodes

• Cybersecurity Landscape• Sam Segran

• Research and Academic Institutions• Sam Segran• Doug Fox

• Health Related Institutions• Vince Fell• Jerry Rodriguez

• Summary• Kay Rhodes

2

3

Information Resources, IT Governance, Collaborations

Kay Rhodes

TEXAS TECH UNIVERSITY SYSTEMInformation Technology

Organizational ChartApril 2018

• Strategic Direction• Policy Development• Coordination & Collaboration• Shared Services • Information Security Officers (ISO**)

Texas Tech University SystemBoard of Regents

TTUSCIO Council

* IRM: Information Resources Manager(Texas Government Code 2054, Subchapter D)** ISO: Information Security Officer(Texas Administrative Code, Title 1, Part 10, Chapter 202)

Gary BarnesVice Chancellor/CFO

TTUS

Lawrence Schovanec, Ph.D.

PresidentTTU

Doug FoxAssoc. VP, CIO

ASU(IRM*)

Sam SegranVice President, CIO

TTU(IRM*)

Kay RhodesAssoc Vice

Chancellor, CIOTTUS(IRM*)

Vince FellVice President, CIO

TTUHSC(IRM*)

Jerry Rodriguez Assoc. VP, CIO

TTUHSC El Paso(IRM*)

Michael Galyean, Ph.D.

ProvostTTU

Brian May, Ph.D.President

ASU

Robert L. DuncanChancellor

TTUS

Angie WrightVice President, Finance

and AdministrationASU

Tedd Mitchell, M.D.PresidentTTUHSC

Richard Lange, M.D., MBA

PresidentTTUHSC El Paso

IT Organization and Governance• CIO Council

• Collaboration• Project coordination• Policy coordination• Sharing best practices

• Network Infrastructure and Security Responsibilities

• Risk Assessments

5

6

Cybersecurity Landscape

Sam Segran

Quick Definitions

7

Computer Virus

Worm

Spyware

Trojan

Keylogger

Ransomware

Internet of Things (IoT)

8

Cybercrime Evolution

PranksEconomic

(Individual)

Nation State & Cyber Warfare

/ EspionageTerrorism

Malicious Economic(Organized, Individual)

Hacktivism Disinformation Campaign

IoT Hijacking

Ransomware

CryptoJacking

2017 Notable Breaches9

Malware-infected POS

stole CC info @ 2,250

restaurants

Source: https://www.checkmarx.com/2017/06/05/may-2017-top-hacks-breaches-infographic/

143 MILLION US consumers affected

Hackers access CUSTOMER EMAIL DATABASE –Flooded users with PHISHING EMAILS

2017 Notable Breaches - Education10

Source: http://breachlevelindex.com/data-breach-database

• KSU Center For Election System• 7.5 million voter records breached

• Online education platform• Data for sale on dark web

32,000 students affected

• DB wiped – held for ransom

SEND 0.2 BTC TO THIS ADDRESS 1Hhb4rJY7hYFMLwE1j1834zWsNBRWXN9Sv AND CONTACT THIS EMAIL WITH YOUR IP OF YOUR SERVER TO RECOVER YOUR DATABASE !

2018 Notable Breaches Thus Far11

Malware-infected POS stole CC info –at least 164 stores (68 in Texas) and

2 Million payment cards compromised

Source: https://www.idtheftcenter.org/images/breach/2018/DataBreachReport_2018.pdf

PII of 247,000+ current and former employees found in possession of former DHS employee during ongoing criminal investigation

Nearly 280,000 Medicaid patient records breached @ Center For Health Sciences

12

Source: Verizon 2017 Data Breach Investigations Report

Number Of Records

Per Data Type

Stolen

13

Source: Ponemon Institute 2017 Cost Of Data Breach Study

Cost Per Stolen Record

(sampling)

US Average - $225

Healthcare - $380

Financial - $336

Education - $245

Technology - $251

Research - $123

Average total cost per incident – $10,834,560Additional costs - HIPAA violation fines $100 - $1.5 million, notification costs $200 - $1,000

Average total cost per incident - $6,985,440

14

Source: Verizon 2017 Data Breach Investigations Report

Transportation

Retail

Finance

Education

Professional

Public

Utilities

Other Services

Manufacturing

InformationCyber Espionage

By Industry

2

3

5

22

28

112

15

17

115

4

15

Source: Symantec Internet Security Threat Report – April 2016

2016

463,841

$1,077

$500 B($499,556,757)

2015

340,665

$294

$100 B($100,155,510)

Average Ransom Per Incident

16

Number of KnownGlobal Incidents

RansomwareSource: Symantec Internet Security Threat Report – April 2017

Estimated Total Ransom

IoT Hijacking17

Source: https://gizmodo.com/report-cctv-system-in-washington-dc-was-hacked-before-1791734583

18

Dyn IoT HijackingSource: Krebs On Security – October 2016

19

Source: https://www.intel.com/content/www/us/en/internet-of-things/infographics/guide-to-iot.html

20

Phishing On The RiseSource: https://info.phishlabs.com/blog/quarter-phishing-attacks-hosted-https-domains

% O

F P

HIS

HIN

G A

TT

AC

KS

ON

HT

TP

S S

ITE

S W

OR

LD

WID

E

Cybersecurity Essentials At Texas Tech Institutions

21

PEOPLE || PROCESSES || TOOLS

3 crucial components of security:

CONFIDENTIALITY

INTEGRITY

AVAILABILITY

Minimize Risk(Risk = Threats x Vulnerabilities x Asset Value)

Compliance With Federal And State Standards

GOAL

22

Initiatives @ TTU

Sam Segran

Some Major Cybersecurity Initiatives @ TTU

23

Encryption

Weekly Vulnerability Scans

Multi-Factor Authentication

Endpoint Systems Management

PHI Data Protection (arrangement with TTUHSC)

Mobile Device Checkout

Federal Data Security Requirements For Research

Security Analytics Software

Training For IT Staff

Training For Faculty, Staff, And Students

IMPLEMENTED

IN PROGRESS

24

Initiatives @ ASU

Doug Fox

Some Major Cybersecurity Initiatives @ ASU

25

IMPLEMENTED

IN PROGRESS

Mobile Device Controls

Ongoing Security Awareness and Training Program

Timely Security Updates And Patches

Encryption of Laptops, Desktops, And Mobile Devices

Enhanced Risk Management Processes through Analytics

Multi-factor Authentication

Email Security Enhancements

26

Initiatives @ TTUHSC

Vince Fell

Some Major Cybersecurity Initiatives @ TTUHSC

27

Network Segmentation

Vulnerability Management Program

Web Security (Proxy Servers)

Secure Configurations – Desktops And Laptops

Encryption Of User Devices And Media

Endpoint Security

Privilege Account Management

Secure Cloud Storage - BOX

NIST Policy And Program Development

Email Security – Sender Policy Framework

IMPLEMENTED

IN PROGRESSDesktop Encryption

Secure Configurations - Servers

28

Initiatives @ TTUHSC El Paso

Jerry Rodriguez

Some Major Cybersecurity Initiatives @ TTUHSC El Paso

29

IMPLEMENTED

IN PROGRESS

Policies And Information Security Program Architecture

Encryption Of Laptops, Desktops, Mobile Devices (Personal and Institutional)

Network Access For Physical Devices (Personal and Institutional)

Improved Administrative Rights Control

Domain Migration Preparation

30

Kay Rhodes

Summary

Summary• Cybersecurity Assessment

• TTUS Risk Management Office and CIOs• Marsh and Cyber Self-Assessment

• Internal Risks• Decentralized IT• Maintaining right resources

• Recurring Training• Executive Leadership Support

31

32

Questions?Thank you!