Los Angeles Security Summit 7A Great Day of Collaboration, Learning,

Networking

ISSA LOS ANGELES Join Our Community Issala.org Twitter: @issala LinkedIn: ISSA Los Angeles Chapter Networking Facebook: Information Systems Security

Association (ISSA) Los Angeles Chapter Have drinks with us

ISSA LOS ANGELES Come to our monthly meetings

• Next meeting is June 17 at Taix FrenchRestaurant in Echo Park at 11:30am

We have dinner meetings: July 15 and Sept 16 Holiday Party with OWASP December 16th Join our CISO Forum Join us at sporting events

WHAT DID WE LEARN TODAY? Breaches are Occurring Everywhere in Every Industry Phishing Attacks are Multiplying and are Now the

Preferred Method of Infiltration How to Build Secure Application Development

Environments Breaches Are Not Discovered for 6-9 Months

• Often Discovered by External Source Some Potential Attacks of the Future

RECENT BREACHES Anthem: 78.8 million records Target: 42 million people’s credit or debit information stolen;

banks file class-action lawsuit against Target Home Depot: estimated 56 million credit and debit card

numbers JPMorgan: 76 million households and 7 million small

businesses Carbanak: $1 billion stolen from more than 100 banks in 30

countries AdultFriendFinder.com 3.9 million users' personal details and

sexual preferences

DATA BREACH COSTS Average Cost of a Data Breach in US Averages

$6.5 million, highest in the world One estimate of the cost to Home Depot is $10

billion by 2020 Cost in Health Care Organizations Could be as

much as $363 Per Record

THE TIMES THEY ARE A CHANGIN’

Every Business is Now a Target Every Medical Device Could be a Target Every Car Could be a Target Every Refrigerator Could be a Target Every Drone Could be an Attacker

AWARENESS OF SECURITY SEEMS TO BEEVERYWHERE!

Boardrooms Now Have Security on their Agendas80% of the Time

Breaches are a Weekly News Item on MainstreamMedia

Cousins Call Us for Advice or to Ask What We Thinkof the Latest Attack

Congress is Talking About Security

WHAT THE $%#%^%&*? Old Vulnerabilities Are Still Everywhere

• SQL Injection (in the OWASP Top 10 in 2007 and still there!)• 44%of known breaches in 2014 came from vulnerabilities

that were between two and four years old1

Patching is Still Problematic Change Management is not Happening Configuration Management is Not Happening Our Mission Critical Information is Not Encrypted

1 HP 2015 Cyber Risk Report

OUR WORKFORCE HAS GONEPHISHING!

Click That Link!Open That Attachment!Open That Email From the Unknown Sender Respond to that “Too Good to be True” Email

Scam! Forward that Funny Attachment to Everyone!We Love Port 80!!

WHAT’S A GOOD SECURITY LEADER TODO?!

Go on Tour Security Awareness Training for Everyone

• Address Your Companies Vulnerability Trends• Gamify Your Training• Provide Incentives and Prizes• Please, No Death by PowerPoint

Speak at Division Meetings Speak at General Staff Meetings

MEET WITH KEY PLAYERSLunch with all ExecutivesMeet Regularly

• With CTO or Head of System Admins• Division Heads• Legal• Risk Compliance

Learn to Talk “Businessese”

CREATE AND ENFORCE POLICIES,STANDARDS, AND PROCEDURES

Ensure Standard Image is Created• Is Regularly Updated• Is Regularly Tested• Deployed Everywhere-Especially on Admin

Systems No one Should Be Regularly Logged in with Admin

Privileges Have a Plan and Procedures for Securing Portable

Devices and BYOD

BAKE SECURITY INTO THE SDLC Embrace and Befriend the Head of Application

Development Utilize Static/Dynamic Web App Vulnerability

Scanners Have All Staff in AppDev Take Secure Coding

Training All Project Proposals Must be Reviewed by InfoSecWork with the PMO

SECURE YOUR PHYSICALENVIRONMENT

Does Your Facilities Head Purchase Physical SecuritySolutions Without InfoSec Involvement orKnowledge?

Are Your Physical Security Access Cards Waaay tooEasy to Hack? Most Are!

Do You Know Who Has Access to Your Data Center?Are You Sure?

Can People Leave Your Buildings Carrying AnythingThey Want?

MONITOR SYSTEMS REGULARLY Are You Able to Detect Anomalies on Your

Networks? Do You Know if You Have Been Compromised?

Probably Not!Would You be able to Detect Strange Outbound

Traffic to, Let’s Say, China or North Korea?Monitor Unusual Changes in User Behavior Do You Know if 50 Users All Had Their Accounts

Locked After Unsuccessful Login Attempts?

CREATE AND REVIEW REPORTS

Create Remediation Plans After Reviewing NetworkVulnerability Scans

Compare Reports From Various Tools: PatchManagement, Vulnerability Scanning, Anti-Malware

Follow-up on Remediation Efforts Rescan and Review Reports Look for Patterns in Incidents in Your HelpDesk

Database

ENFORCE ACCESS MANAGEMENTSTANDARDS

Work With HR to Establish Provisioning/Deprovisioning Procedures

Enforce Process to Approve and Grant Access toSystems

Enforce Deprovisioning Procedures Periodically Audit Systems Access Two Factors Required for all Admin Access to Mission

Critical Systems

NETWORK AND COLLABORATEAttend Networking EventsMake New Contacts Share War Stories and Solutions Join ISSA, OWASP, ISACA, CSA, HTCIA, etc. Form New Groups Look for Meetups Leave Here Today With at Least 5 New Contacts;

Follow-up with them

KEEP LEARNING

WebcastsClassesPodcastsBooksLinkedIn and Twitter LinksBlogsNetworking Events and Conferences

HELP PREPARE THE NEXT GENERATIONOF SECURITY LEADERS

Hire StudentsTrain and Mentor Your StaffSpeak at SchoolsSupport Cyber CompetitionsHelp Schools With their CurriculumTeach Security at Schools

MOST IMPORTANTLY!!

DRINK AND EAT WITH US…NOW!!!!Food and Drink Next Door in the Vendor ExpoLast Chance to Meet with VendorsLast Chance to Enter to Win Raffle PrizesBook SigningRaffle Drawing in 15 Minutes

THANK YOU!

To All Our Speakers

To All Our Volunteers

To My Fellow Board Members

To All of You For Joining Us

To All Our Vendor Partners

To Our Fellow Organizations

THANK YOU!

Stay Safe

Stay Hungry for Knowledge

Believe in Yourself

Live Long and Prosper!

See You All At Summit 8!