the cyber threat landscape and risk mitigation strategies ... · the cyber threat landscape and...
TRANSCRIPT
![Page 1: The Cyber Threat Landscape and Risk Mitigation Strategies ... · The Cyber Threat Landscape and Risk Mitigation Strategies for Hospitals and Nursing Homes JoEllen Frain. Agenda •](https://reader036.vdocuments.site/reader036/viewer/2022081402/5f1081527e708231d44970a6/html5/thumbnails/1.jpg)
The Cyber Threat Landscape and Risk Mitigation Strategies for Hospitals and Nursing HomesJoEllen Frain
![Page 2: The Cyber Threat Landscape and Risk Mitigation Strategies ... · The Cyber Threat Landscape and Risk Mitigation Strategies for Hospitals and Nursing Homes JoEllen Frain. Agenda •](https://reader036.vdocuments.site/reader036/viewer/2022081402/5f1081527e708231d44970a6/html5/thumbnails/2.jpg)
Agenda• Understand the who behind cybercrime• Understand what they are after• Understand what role we as individuals and as an organization
play in protecting our data and ourselves from this criminal activity.
![Page 3: The Cyber Threat Landscape and Risk Mitigation Strategies ... · The Cyber Threat Landscape and Risk Mitigation Strategies for Hospitals and Nursing Homes JoEllen Frain. Agenda •](https://reader036.vdocuments.site/reader036/viewer/2022081402/5f1081527e708231d44970a6/html5/thumbnails/3.jpg)
3TECHNOLOGYHAS CHANGED US…
![Page 4: The Cyber Threat Landscape and Risk Mitigation Strategies ... · The Cyber Threat Landscape and Risk Mitigation Strategies for Hospitals and Nursing Homes JoEllen Frain. Agenda •](https://reader036.vdocuments.site/reader036/viewer/2022081402/5f1081527e708231d44970a6/html5/thumbnails/4.jpg)
![Page 5: The Cyber Threat Landscape and Risk Mitigation Strategies ... · The Cyber Threat Landscape and Risk Mitigation Strategies for Hospitals and Nursing Homes JoEllen Frain. Agenda •](https://reader036.vdocuments.site/reader036/viewer/2022081402/5f1081527e708231d44970a6/html5/thumbnails/5.jpg)
![Page 6: The Cyber Threat Landscape and Risk Mitigation Strategies ... · The Cyber Threat Landscape and Risk Mitigation Strategies for Hospitals and Nursing Homes JoEllen Frain. Agenda •](https://reader036.vdocuments.site/reader036/viewer/2022081402/5f1081527e708231d44970a6/html5/thumbnails/6.jpg)
CYBER CRIME HAPPENS EVERY DAY …the threat to you and to your organization is real
![Page 7: The Cyber Threat Landscape and Risk Mitigation Strategies ... · The Cyber Threat Landscape and Risk Mitigation Strategies for Hospitals and Nursing Homes JoEllen Frain. Agenda •](https://reader036.vdocuments.site/reader036/viewer/2022081402/5f1081527e708231d44970a6/html5/thumbnails/7.jpg)
NATION-STATE Cyberterrorism, hacktivist, IP
SYNDICATED CRIME Access data for sale
INSIDER THREAT Personal Gain
OURSELVES Mixed data, lack of awareness
![Page 8: The Cyber Threat Landscape and Risk Mitigation Strategies ... · The Cyber Threat Landscape and Risk Mitigation Strategies for Hospitals and Nursing Homes JoEllen Frain. Agenda •](https://reader036.vdocuments.site/reader036/viewer/2022081402/5f1081527e708231d44970a6/html5/thumbnails/8.jpg)
THE INTERNET OF THINGS …more devices than people
![Page 9: The Cyber Threat Landscape and Risk Mitigation Strategies ... · The Cyber Threat Landscape and Risk Mitigation Strategies for Hospitals and Nursing Homes JoEllen Frain. Agenda •](https://reader036.vdocuments.site/reader036/viewer/2022081402/5f1081527e708231d44970a6/html5/thumbnails/9.jpg)
Changing Threat LandscapeThen… Now…
Perimeter defense
Fantasy of 100% compliance with zero-risk
System focusAssume the inside is secure
Defense-in-depth
Transparent information risk management
Data focusMonitor everything
Security control focus Security culture focus
![Page 10: The Cyber Threat Landscape and Risk Mitigation Strategies ... · The Cyber Threat Landscape and Risk Mitigation Strategies for Hospitals and Nursing Homes JoEllen Frain. Agenda •](https://reader036.vdocuments.site/reader036/viewer/2022081402/5f1081527e708231d44970a6/html5/thumbnails/10.jpg)
• “There are a couple of highways the attackers like to use. Blocking those slows them down. Attempting to block all possible paths is a fool’s game. “
Source: 2016 Veriozon Report
10
![Page 11: The Cyber Threat Landscape and Risk Mitigation Strategies ... · The Cyber Threat Landscape and Risk Mitigation Strategies for Hospitals and Nursing Homes JoEllen Frain. Agenda •](https://reader036.vdocuments.site/reader036/viewer/2022081402/5f1081527e708231d44970a6/html5/thumbnails/11.jpg)
How Do We Get There• Alignment with NIST-CSF (National Institute of Standards and
Technology – Cybersecurity Framework)
https://www.nist.gov/topics/cybersecurity
![Page 12: The Cyber Threat Landscape and Risk Mitigation Strategies ... · The Cyber Threat Landscape and Risk Mitigation Strategies for Hospitals and Nursing Homes JoEllen Frain. Agenda •](https://reader036.vdocuments.site/reader036/viewer/2022081402/5f1081527e708231d44970a6/html5/thumbnails/12.jpg)
![Page 13: The Cyber Threat Landscape and Risk Mitigation Strategies ... · The Cyber Threat Landscape and Risk Mitigation Strategies for Hospitals and Nursing Homes JoEllen Frain. Agenda •](https://reader036.vdocuments.site/reader036/viewer/2022081402/5f1081527e708231d44970a6/html5/thumbnails/13.jpg)
Device Management• Identify and document all networked devices
• Asset inventory is critical to understand your threat landscape• Medical Devices are often connected but not part of the
inventory• Supply Chain and IT are key to this work
• Stay up to date on software updates• Define accountability and timeframes• Have a process for being informed of and acting upon off cycle
software updates• Hold the vendors accountable
• Use vendors who have demonstrated ability and commitment to updating and securing their product
https://nhisac.org/
![Page 15: The Cyber Threat Landscape and Risk Mitigation Strategies ... · The Cyber Threat Landscape and Risk Mitigation Strategies for Hospitals and Nursing Homes JoEllen Frain. Agenda •](https://reader036.vdocuments.site/reader036/viewer/2022081402/5f1081527e708231d44970a6/html5/thumbnails/15.jpg)
Heard it on the News
![Page 16: The Cyber Threat Landscape and Risk Mitigation Strategies ... · The Cyber Threat Landscape and Risk Mitigation Strategies for Hospitals and Nursing Homes JoEllen Frain. Agenda •](https://reader036.vdocuments.site/reader036/viewer/2022081402/5f1081527e708231d44970a6/html5/thumbnails/16.jpg)
Ransomware
![Page 17: The Cyber Threat Landscape and Risk Mitigation Strategies ... · The Cyber Threat Landscape and Risk Mitigation Strategies for Hospitals and Nursing Homes JoEllen Frain. Agenda •](https://reader036.vdocuments.site/reader036/viewer/2022081402/5f1081527e708231d44970a6/html5/thumbnails/17.jpg)
Ransomware in Healthcare
• Why is healthcare being targeted? • Healthcare information is valuable• Technology lags other industry• Dependency on real-time access to information
![Page 18: The Cyber Threat Landscape and Risk Mitigation Strategies ... · The Cyber Threat Landscape and Risk Mitigation Strategies for Hospitals and Nursing Homes JoEllen Frain. Agenda •](https://reader036.vdocuments.site/reader036/viewer/2022081402/5f1081527e708231d44970a6/html5/thumbnails/18.jpg)
Ransomware
• WANNACRY• Microsoft issued a patch for vulnerability
3/14/17• Wannacry is launched 5/12/17 – infects
unpatched Windows systems
![Page 19: The Cyber Threat Landscape and Risk Mitigation Strategies ... · The Cyber Threat Landscape and Risk Mitigation Strategies for Hospitals and Nursing Homes JoEllen Frain. Agenda •](https://reader036.vdocuments.site/reader036/viewer/2022081402/5f1081527e708231d44970a6/html5/thumbnails/19.jpg)
Secure the People• The weakest link, most often in cyber security, is the end user• Ensure your staff are equipped to recognize the risk and
respond appropriately
https://securingthehuman.sans.org/resources
![Page 20: The Cyber Threat Landscape and Risk Mitigation Strategies ... · The Cyber Threat Landscape and Risk Mitigation Strategies for Hospitals and Nursing Homes JoEllen Frain. Agenda •](https://reader036.vdocuments.site/reader036/viewer/2022081402/5f1081527e708231d44970a6/html5/thumbnails/20.jpg)
Business Case• It is estimated that over 156 million phishing emails are sent
on a daily basis, with 80,000 falling victim*• The sophistication of these types of attacks constantly
evolve and improve, bypassing the technology that is meant to stop it
• Activating the “Human Sensor” is a low cost, but highly effective way to increase your security posture (for prevention, detection and reduction in time to remediation)
*IT ProPortal
![Page 21: The Cyber Threat Landscape and Risk Mitigation Strategies ... · The Cyber Threat Landscape and Risk Mitigation Strategies for Hospitals and Nursing Homes JoEllen Frain. Agenda •](https://reader036.vdocuments.site/reader036/viewer/2022081402/5f1081527e708231d44970a6/html5/thumbnails/21.jpg)
• Proactive Phishing began in Sept 2015
• Objectives– Increase good security behaviors among staff– Decrease susceptible email behavior – Encourage users to report all suspicious emails
Proactive Phishing Overview
![Page 22: The Cyber Threat Landscape and Risk Mitigation Strategies ... · The Cyber Threat Landscape and Risk Mitigation Strategies for Hospitals and Nursing Homes JoEllen Frain. Agenda •](https://reader036.vdocuments.site/reader036/viewer/2022081402/5f1081527e708231d44970a6/html5/thumbnails/22.jpg)
Proactive Phishing Overview
• Campaigns were inclusive of 65k+ employees/students
• Third party vendor (PhishMe) was the partner for conducting campaigns
• Campaigns were standard campaigns that could be benchmarked against other organizations
• Project included endorsement from various governance groups
![Page 23: The Cyber Threat Landscape and Risk Mitigation Strategies ... · The Cyber Threat Landscape and Risk Mitigation Strategies for Hospitals and Nursing Homes JoEllen Frain. Agenda •](https://reader036.vdocuments.site/reader036/viewer/2022081402/5f1081527e708231d44970a6/html5/thumbnails/23.jpg)
Proactive Phishing Overview
• Trending data is available on susceptibility rates, reporter rates and no-action rates.
• Susceptibility Rates = individuals who have fallen victim because they clicked on a link or opened an attachment within the simulated training exercise.
• Reporter Rates = individuals who have identified the simulated training exercise as suspicious, did not click any links or attachments and have reported the email using the Report Phishing button.
• Did Nothing Rates = individuals who have not reported or fallen victim to the simulated training exercise.
![Page 24: The Cyber Threat Landscape and Risk Mitigation Strategies ... · The Cyber Threat Landscape and Risk Mitigation Strategies for Hospitals and Nursing Homes JoEllen Frain. Agenda •](https://reader036.vdocuments.site/reader036/viewer/2022081402/5f1081527e708231d44970a6/html5/thumbnails/24.jpg)
![Page 25: The Cyber Threat Landscape and Risk Mitigation Strategies ... · The Cyber Threat Landscape and Risk Mitigation Strategies for Hospitals and Nursing Homes JoEllen Frain. Agenda •](https://reader036.vdocuments.site/reader036/viewer/2022081402/5f1081527e708231d44970a6/html5/thumbnails/25.jpg)
![Page 26: The Cyber Threat Landscape and Risk Mitigation Strategies ... · The Cyber Threat Landscape and Risk Mitigation Strategies for Hospitals and Nursing Homes JoEllen Frain. Agenda •](https://reader036.vdocuments.site/reader036/viewer/2022081402/5f1081527e708231d44970a6/html5/thumbnails/26.jpg)
Security Awareness Module• Launched February 2016• General Information Security Awareness Module launched to 65,000
• Focused on raising awareness to the threat and highlighted phishing awareness
• 97% completion rate by March 2016
![Page 27: The Cyber Threat Landscape and Risk Mitigation Strategies ... · The Cyber Threat Landscape and Risk Mitigation Strategies for Hospitals and Nursing Homes JoEllen Frain. Agenda •](https://reader036.vdocuments.site/reader036/viewer/2022081402/5f1081527e708231d44970a6/html5/thumbnails/27.jpg)
We all have a role to play to protect our information
![Page 28: The Cyber Threat Landscape and Risk Mitigation Strategies ... · The Cyber Threat Landscape and Risk Mitigation Strategies for Hospitals and Nursing Homes JoEllen Frain. Agenda •](https://reader036.vdocuments.site/reader036/viewer/2022081402/5f1081527e708231d44970a6/html5/thumbnails/28.jpg)
©2013 MFMER | slide-28
BEHAVIORCHANGE
![Page 29: The Cyber Threat Landscape and Risk Mitigation Strategies ... · The Cyber Threat Landscape and Risk Mitigation Strategies for Hospitals and Nursing Homes JoEllen Frain. Agenda •](https://reader036.vdocuments.site/reader036/viewer/2022081402/5f1081527e708231d44970a6/html5/thumbnails/29.jpg)
ONLINE…...it’s always phishing season
![Page 30: The Cyber Threat Landscape and Risk Mitigation Strategies ... · The Cyber Threat Landscape and Risk Mitigation Strategies for Hospitals and Nursing Homes JoEllen Frain. Agenda •](https://reader036.vdocuments.site/reader036/viewer/2022081402/5f1081527e708231d44970a6/html5/thumbnails/30.jpg)
Phishing
• Deceitful emails designed to capture personal information from the recipient
• Coax recipient to click on a link, open a document or submit credentials
• It is estimated that 85%-95% of all cyber breach incidents begin with a phishing email
![Page 31: The Cyber Threat Landscape and Risk Mitigation Strategies ... · The Cyber Threat Landscape and Risk Mitigation Strategies for Hospitals and Nursing Homes JoEllen Frain. Agenda •](https://reader036.vdocuments.site/reader036/viewer/2022081402/5f1081527e708231d44970a6/html5/thumbnails/31.jpg)
EXAMPLE:
![Page 32: The Cyber Threat Landscape and Risk Mitigation Strategies ... · The Cyber Threat Landscape and Risk Mitigation Strategies for Hospitals and Nursing Homes JoEllen Frain. Agenda •](https://reader036.vdocuments.site/reader036/viewer/2022081402/5f1081527e708231d44970a6/html5/thumbnails/32.jpg)
• PhishMe button deployed to all Windows workstations
• Click any time you suspect a phishing attempt
HOW TO REPORT
![Page 33: The Cyber Threat Landscape and Risk Mitigation Strategies ... · The Cyber Threat Landscape and Risk Mitigation Strategies for Hospitals and Nursing Homes JoEllen Frain. Agenda •](https://reader036.vdocuments.site/reader036/viewer/2022081402/5f1081527e708231d44970a6/html5/thumbnails/33.jpg)
![Page 34: The Cyber Threat Landscape and Risk Mitigation Strategies ... · The Cyber Threat Landscape and Risk Mitigation Strategies for Hospitals and Nursing Homes JoEllen Frain. Agenda •](https://reader036.vdocuments.site/reader036/viewer/2022081402/5f1081527e708231d44970a6/html5/thumbnails/34.jpg)
![Page 35: The Cyber Threat Landscape and Risk Mitigation Strategies ... · The Cyber Threat Landscape and Risk Mitigation Strategies for Hospitals and Nursing Homes JoEllen Frain. Agenda •](https://reader036.vdocuments.site/reader036/viewer/2022081402/5f1081527e708231d44970a6/html5/thumbnails/35.jpg)
Outcomes
• First report from end user was 2 minutes after first email arrived, 11 people interacted
• 200 total reporters• Security Operations Center was able to determine the
email was malicious• Immediately blocked the malicious link• Removed remaining emails from end user mailboxes• Identified 11 users who had interacted with the link for
remediation
![Page 36: The Cyber Threat Landscape and Risk Mitigation Strategies ... · The Cyber Threat Landscape and Risk Mitigation Strategies for Hospitals and Nursing Homes JoEllen Frain. Agenda •](https://reader036.vdocuments.site/reader036/viewer/2022081402/5f1081527e708231d44970a6/html5/thumbnails/36.jpg)
Business Case
• Decreases the risk of end users interacting with suspicious emails
• Increases the ability for the organization to identify the threat before harm
• Decision on the up front preventative cost vs. the cost of remediation or a breach
• Consistency in the plan and utilize the data to track the risk reduction to the organization
*IT ProPortal
![Page 37: The Cyber Threat Landscape and Risk Mitigation Strategies ... · The Cyber Threat Landscape and Risk Mitigation Strategies for Hospitals and Nursing Homes JoEllen Frain. Agenda •](https://reader036.vdocuments.site/reader036/viewer/2022081402/5f1081527e708231d44970a6/html5/thumbnails/37.jpg)
Assess, Plan and Practice• Perform risk assessments to gain an understanding of where
your vulnerabilities are.• Understanding your weak spots help prioritize where to focus
first• Have a plan in place if/when you are the victim of an intrusion
• Understand in-house capabilities vs. where you would need to augment
• Practice the plan• Table top exercises are invaluable in preparation
https://staysafeonline.org/
![Page 38: The Cyber Threat Landscape and Risk Mitigation Strategies ... · The Cyber Threat Landscape and Risk Mitigation Strategies for Hospitals and Nursing Homes JoEllen Frain. Agenda •](https://reader036.vdocuments.site/reader036/viewer/2022081402/5f1081527e708231d44970a6/html5/thumbnails/38.jpg)
Questions
38