security awareness, lost between chains and walls
TRANSCRIPT
![Page 1: Security Awareness, lost between chains and walls](https://reader034.vdocuments.site/reader034/viewer/2022051709/5878bfaf1a28ab26728b4cdf/html5/thumbnails/1.jpg)
Security AwarenessLost between Chains and Walls
![Page 2: Security Awareness, lost between chains and walls](https://reader034.vdocuments.site/reader034/viewer/2022051709/5878bfaf1a28ab26728b4cdf/html5/thumbnails/2.jpg)
Everything we hear is an opinion, not a fact. Everything we see is perspective, not the truth.
“”– Marcus Aurelis
![Page 3: Security Awareness, lost between chains and walls](https://reader034.vdocuments.site/reader034/viewer/2022051709/5878bfaf1a28ab26728b4cdf/html5/thumbnails/3.jpg)
The Weakest Link in Information Security…
![Page 4: Security Awareness, lost between chains and walls](https://reader034.vdocuments.site/reader034/viewer/2022051709/5878bfaf1a28ab26728b4cdf/html5/thumbnails/4.jpg)
mostly People…?
![Page 5: Security Awareness, lost between chains and walls](https://reader034.vdocuments.site/reader034/viewer/2022051709/5878bfaf1a28ab26728b4cdf/html5/thumbnails/5.jpg)
![Page 6: Security Awareness, lost between chains and walls](https://reader034.vdocuments.site/reader034/viewer/2022051709/5878bfaf1a28ab26728b4cdf/html5/thumbnails/6.jpg)
The Weakest link…
•A popular Metaphor/Figure of Speech in Information Security.•Metaphors influence our thinking. They simplify the complex. They persuade by creating a vivid picture in our mind.•They by-pass our rationality and make us more accepting, less skeptic.
![Page 7: Security Awareness, lost between chains and walls](https://reader034.vdocuments.site/reader034/viewer/2022051709/5878bfaf1a28ab26728b4cdf/html5/thumbnails/7.jpg)
The Weakest link…
•The chain secures our asset and is held together by links.
•We achieve security by mitigating risks through implementation of treatment plans or simply “controls”.
![Page 8: Security Awareness, lost between chains and walls](https://reader034.vdocuments.site/reader034/viewer/2022051709/5878bfaf1a28ab26728b4cdf/html5/thumbnails/8.jpg)
ChainIf one link fails, the chain breaks.
SecurityIf one control fails, our security breaks down.
![Page 9: Security Awareness, lost between chains and walls](https://reader034.vdocuments.site/reader034/viewer/2022051709/5878bfaf1a28ab26728b4cdf/html5/thumbnails/9.jpg)
Chain Wallsvs.
![Page 10: Security Awareness, lost between chains and walls](https://reader034.vdocuments.site/reader034/viewer/2022051709/5878bfaf1a28ab26728b4cdf/html5/thumbnails/10.jpg)
ResilienceThe failure of one control should not lead to the total collapse of our security.A resilient security architecture is build upon defense in depth or zero-trust models.
![Page 11: Security Awareness, lost between chains and walls](https://reader034.vdocuments.site/reader034/viewer/2022051709/5878bfaf1a28ab26728b4cdf/html5/thumbnails/11.jpg)
Incidents: From Start to End
Every breach has to start somewhere.
Not every start leads to a successful breach.Threat Events are not Loss Events.
The path to a successful breach is paved by a series of mistakes.
![Page 12: Security Awareness, lost between chains and walls](https://reader034.vdocuments.site/reader034/viewer/2022051709/5878bfaf1a28ab26728b4cdf/html5/thumbnails/12.jpg)
ThirdPartyRemoteAccessManagement!! Network
Segmentation
! EventManagement
! SystemHardening
! EndpointProtection
!BehaviourAnomalyDetection
! DLP! VulnerabilityManagement
![Page 13: Security Awareness, lost between chains and walls](https://reader034.vdocuments.site/reader034/viewer/2022051709/5878bfaf1a28ab26728b4cdf/html5/thumbnails/13.jpg)
STUXNET• Exploitingfourzero-dayflaws.• Signedwithstolencertificate.• WinCCdefaulthard-codedpasswordnotreset.Leakedyearsbefore(at
leastsince2008).• InfectionviaUSB (NoDeviceControl)• Enteredthroughhackedsuppliersorinterceptedcontrolsystemsinthe
supplychain.• Propagatesthroughthenetwork.(NoNetworkSegmentation)• Attemptstoaccesstheinternetanddownloadanupdate(NoEgress
Monitoring).• NoIntegrityChecks.
![Page 14: Security Awareness, lost between chains and walls](https://reader034.vdocuments.site/reader034/viewer/2022051709/5878bfaf1a28ab26728b4cdf/html5/thumbnails/14.jpg)
HowComplexSystemsFail[RichardI.Cook,MD.CognitiveTechnologiesLaboratory,UniversityofChicago”,http://goo.gl/7Q3LOj]
• “Catastropherequiresmultiplefailures– singlepointfailuresarenotenough..”• “Overtcatastrophicfailureoccurswhensmall,apparentlyinnocuousfailuresjointocreateopportunity forasystemicaccident.Eachofthesesmallfailuresisnecessarytocausecatastrophebutonlythecombinationissufficienttopermitfailure.“
• “Post-accidentattributionaccidenttoa‘rootcause’isfundamentallywrong.”• “Becauseovertfailurerequiresmultiplefaults,thereisnoisolated‘cause’ofanaccident.Therearemultiplecontributorstoaccidents.Eachoftheseisnecessaryinsufficientinitselftocreateanaccident.Onlyjointlyarethesecausessufficienttocreateanaccident.Indeed,itisthelinkingofthesecausestogetherthatcreatesthecircumstancesrequiredfortheaccident.Thus,noisolationofthe‘rootcause’ofanaccidentispossible.Theevaluationsbasedonsuchreasoningas‘rootcause’donotreflectatechnicalunderstandingofthenatureoffailurebutratherthesocial,culturalneedtoblame specific,localizedforcesoreventsforoutcomes.”
![Page 15: Security Awareness, lost between chains and walls](https://reader034.vdocuments.site/reader034/viewer/2022051709/5878bfaf1a28ab26728b4cdf/html5/thumbnails/15.jpg)
Tosummarize
1. Securityisnottypicallybuiltonsinglepointoffailure.
2. Ittakesmorethanbreakingasingle“Link”/Controltoresultinasignificantincident.
3. Thereisnointuitivescalewithwhichtomeasuretheweaknessofonetypeof“link”againstanother.
![Page 16: Security Awareness, lost between chains and walls](https://reader034.vdocuments.site/reader034/viewer/2022051709/5878bfaf1a28ab26728b4cdf/html5/thumbnails/16.jpg)
Allofthisissimplebut ifwearenotconsciouslyawareofit,wemakethewrongdecisions.
![Page 17: Security Awareness, lost between chains and walls](https://reader034.vdocuments.site/reader034/viewer/2022051709/5878bfaf1a28ab26728b4cdf/html5/thumbnails/17.jpg)
KEEPCALMAND
STAYRATIONAL
![Page 18: Security Awareness, lost between chains and walls](https://reader034.vdocuments.site/reader034/viewer/2022051709/5878bfaf1a28ab26728b4cdf/html5/thumbnails/18.jpg)
Sticking with Metaphors
Hackers will go after “the lowest hanging fruits”
Hackers will take “the path of least resistance”
![Page 19: Security Awareness, lost between chains and walls](https://reader034.vdocuments.site/reader034/viewer/2022051709/5878bfaf1a28ab26728b4cdf/html5/thumbnails/19.jpg)
Assumingthat“TheweakestlinkinInformationSecurityis
People” leadsustoInformationSecurityAwareness.
![Page 20: Security Awareness, lost between chains and walls](https://reader034.vdocuments.site/reader034/viewer/2022051709/5878bfaf1a28ab26728b4cdf/html5/thumbnails/20.jpg)
IbelievethatSecurityAwareness
canbe...
![Page 21: Security Awareness, lost between chains and walls](https://reader034.vdocuments.site/reader034/viewer/2022051709/5878bfaf1a28ab26728b4cdf/html5/thumbnails/21.jpg)
![Page 22: Security Awareness, lost between chains and walls](https://reader034.vdocuments.site/reader034/viewer/2022051709/5878bfaf1a28ab26728b4cdf/html5/thumbnails/22.jpg)
HighExpectationsandExaggerations“MakeyourWeakestLinkyourStrongestAsset…”
MetricsWhatnotwhy…CausalityandCorrelation
![Page 23: Security Awareness, lost between chains and walls](https://reader034.vdocuments.site/reader034/viewer/2022051709/5878bfaf1a28ab26728b4cdf/html5/thumbnails/23.jpg)
![Page 24: Security Awareness, lost between chains and walls](https://reader034.vdocuments.site/reader034/viewer/2022051709/5878bfaf1a28ab26728b4cdf/html5/thumbnails/24.jpg)
![Page 25: Security Awareness, lost between chains and walls](https://reader034.vdocuments.site/reader034/viewer/2022051709/5878bfaf1a28ab26728b4cdf/html5/thumbnails/25.jpg)
• Addinginsulttoinjury:“WeakestLink”,“Thinkbeforeyouclick”,“Don’ttakethatbait”
• “SecurityisEveryone’sresponsibility”isthewrongmessage.• Bettertosay:“Everyonehassomesecurityresponsibilities”
![Page 26: Security Awareness, lost between chains and walls](https://reader034.vdocuments.site/reader034/viewer/2022051709/5878bfaf1a28ab26728b4cdf/html5/thumbnails/26.jpg)
![Page 27: Security Awareness, lost between chains and walls](https://reader034.vdocuments.site/reader034/viewer/2022051709/5878bfaf1a28ab26728b4cdf/html5/thumbnails/27.jpg)
Motivation,Incentives,BehavioralScience,OrganizationDevelopment,ChangeManagement,LearningTheories,Gamification…
andevenPsychology
![Page 28: Security Awareness, lost between chains and walls](https://reader034.vdocuments.site/reader034/viewer/2022051709/5878bfaf1a28ab26728b4cdf/html5/thumbnails/28.jpg)
![Page 29: Security Awareness, lost between chains and walls](https://reader034.vdocuments.site/reader034/viewer/2022051709/5878bfaf1a28ab26728b4cdf/html5/thumbnails/29.jpg)
Beforeweaskotherswhattodo(ornottodo),weneedtomakesurewehavedoneourpart.
![Page 30: Security Awareness, lost between chains and walls](https://reader034.vdocuments.site/reader034/viewer/2022051709/5878bfaf1a28ab26728b4cdf/html5/thumbnails/30.jpg)
Phishing
Takinganaction• DiscloseUsername/Password,ConfidentialInformation• Issuepayment..(BEC)• others
RunningMalware
Trickpeopleinto…
![Page 31: Security Awareness, lost between chains and walls](https://reader034.vdocuments.site/reader034/viewer/2022051709/5878bfaf1a28ab26728b4cdf/html5/thumbnails/31.jpg)
Malware
Don’tOpenSuspiciousAttachments
IsourendpointsecuritystillbuiltonAntivirus?Usenext-generationendpointprotection:Sandboxing,ApplicationWhitelisting,EDR,ApplicationIsolation,MachineLearning,BehaviorAnalysis…Howeffectiveisyourattachmentscreeningsolution?Blockunnecessaryattachments,markexternalemail,blockinbounddomainemail…
Message Control
Don’tClickonsuspiciouslinks.
![Page 32: Security Awareness, lost between chains and walls](https://reader034.vdocuments.site/reader034/viewer/2022051709/5878bfaf1a28ab26728b4cdf/html5/thumbnails/32.jpg)
Malware
UpdateYourOSandAppsregularly.
Inacompanythat’stypicallyfullymanagedbySystemsEngineersandnothingisexpectedbyenduser.Explainyourparticularimplementation.Getunderstandingwhyusersgetpopupstoreboottoapplypatches.…againwithaneffectiveEndpointsolutionconcernsaresignificantlyreduced.
Message Control
![Page 33: Security Awareness, lost between chains and walls](https://reader034.vdocuments.site/reader034/viewer/2022051709/5878bfaf1a28ab26728b4cdf/html5/thumbnails/33.jpg)
Malware
Don’tuseunknownUSBsticksandCDs.
DeviceManagementLimitUSBaccessonlytowhatisreallyrequired.Remove/DisconnectCDDrives.…againwithaneffectiveEndpointsolutionUSB/CDtroublesaresignificantlyreduced.
Message Control
![Page 34: Security Awareness, lost between chains and walls](https://reader034.vdocuments.site/reader034/viewer/2022051709/5878bfaf1a28ab26728b4cdf/html5/thumbnails/34.jpg)
Passwords
• UseComplexPasswords• Don’treuseyourpassword• Changeyourpassword
Areweexaggeratingtheimportanceofpasswords?PasswordComplexity,reuseandexpiryisenforcedbymostauthenticationsolutionsandapplications.Explainyourownpolicy.Whatisourcoverage?Systemsthatdon’tenforcepasswordcomplexitycansendwrongmessageorconfuseusers.User’swillchoosetheweakestpasswordthesystempermits.
Message Control
![Page 35: Security Awareness, lost between chains and walls](https://reader034.vdocuments.site/reader034/viewer/2022051709/5878bfaf1a28ab26728b4cdf/html5/thumbnails/35.jpg)
Passwords
Don’tshareyourpassword.(Willinglyorgettrickedthroughphishing)
Whereitreallymatters:Usemultifactorauthentication(smartcard,HW/SWToken,biometricsetc.)
PrivilegedAccessManagement.
BehavioralAnalysis
Message Control
![Page 36: Security Awareness, lost between chains and walls](https://reader034.vdocuments.site/reader034/viewer/2022051709/5878bfaf1a28ab26728b4cdf/html5/thumbnails/36.jpg)
DeviceLoss
Don’tleaveyourdevicesunattended.
Protectthedevicesothereisnoimpactifthedeviceislost/stolen:Thattypicallyinvolvesenforcingpasswords,encryption,Backup,MDMetc.
Message Control
![Page 37: Security Awareness, lost between chains and walls](https://reader034.vdocuments.site/reader034/viewer/2022051709/5878bfaf1a28ab26728b4cdf/html5/thumbnails/37.jpg)
PhysicalSecurity
Tailgating SecurityGuards,turnstiles,Cameraanalytics(facialrecognition),multiplepeopledetection(lasers),mantrap
Ensurethatdoorstocontrolledareasclosesecurelyafterenteringorexiting.
Message Control
InstallabeepersimilartoyourfridgeJ
Challengepeoplethatattempttofollowyouthroughdoors.
• Protectwhateverassetsbehindthatparticulardoorwithadditionalcontrols.• Useasecurityguard.
![Page 38: Security Awareness, lost between chains and walls](https://reader034.vdocuments.site/reader034/viewer/2022051709/5878bfaf1a28ab26728b4cdf/html5/thumbnails/38.jpg)
PublicWi-Fi
BecarefulwithpublicWi-Fi.Encryptedvs.unencryptedWi-Fietc.
• EncryptedWi-Fithatyoudon’tmanageisasunsecureasanonencryptedWi-Fi.• Don’tallowconnectingtocorporateresourcesunlessaVPN/Micro-VPNconnectionisutilized.
Message Control
![Page 39: Security Awareness, lost between chains and walls](https://reader034.vdocuments.site/reader034/viewer/2022051709/5878bfaf1a28ab26728b4cdf/html5/thumbnails/39.jpg)
https:\\
Differencebetweenhttpandhttps. • Focusonscenariosrelevanttothecorporateenvironment.• UseVPN.• Avoidsendingmixedmessages.Makesureyourinternalservicesareusingvalidcertificates!
Message Control
![Page 40: Security Awareness, lost between chains and walls](https://reader034.vdocuments.site/reader034/viewer/2022051709/5878bfaf1a28ab26728b4cdf/html5/thumbnails/40.jpg)
Summary
• AvoidExternalities:• Involvethebusinessinthedecisionmakingorfindbetterrisktreatmentplans.
• Alwaysaskifthereissomethingmorewecandobeforeaskingenduserstoplaytheirpart.• Anyaction,decisionetc.theenduserhastotakeisaneffortthatshouldnotbeunderestimated.• Focusonreducingimpact.• GetSecurityrightfirst,thanAwareness.
![Page 41: Security Awareness, lost between chains and walls](https://reader034.vdocuments.site/reader034/viewer/2022051709/5878bfaf1a28ab26728b4cdf/html5/thumbnails/41.jpg)
Thankyou