SlideShare uma empresa Scribd logo

Insider Threat Final Powerpoint Prezi

Transferir como PPTX, PDF
K
Kashif Semple

The document outlines a risk assessment of various assets including software, databases, hardware, networks, and human factors. It identifies inherent risks and residual risks after compensating controls. It then discusses plans to contain incidents, communicate to stakeholders, address risks through technical and third party means, and revamp employee training. It also outlines current and enhanced network topologies. Finally, it describes a cybersecurity framework taking a "Identify-Protect-Detect-Respond-Recover" approach.

1 de 11
• STAKEHOLDERS • Internal • External • RISK ASSESSMENT Assets Probability (P) Impact (I) Inherent Risk = P x I Compensating Controls Residual Risk Software Medium High High • Patch Management • White Listing Medium Databases Medium High High • Encryption Medium Hardware Low Medium Medium • Blocking External Devices Low Network Medium Medium Medium • Monitoring Low Human Factor Medium High High • Training & Awareness • Reporting Structure • Anti-Retaliation Policy • Open-Door Policy Medium Access Control Medium High High • Least User Privileges Medium
• Patch Management • Whitelisting • Removal of RDP • Hardware-based Firewalls • Two-step authentication • Awareness • Training
• Background Checks/Ongoing Employee Screening • Cyber Vetting • Monitoring user activity • Unauthorized use of personal devices • Security Information and Event Management • Policies on Confidential Reporting • Anti-retaliation Policy • Open-door Policy
Plan and Protect • Create an Incident Response Team Containing the Incident • Isolate affected files or networks • Backup files on servers and hard drives • Remove access upon termination Communication to Stakeholders • Internal Stakeholders • Business Operations • Oversight • Board of Directors • External Stakeholders • Law Enforcement • Regulatory Agencies
Technical Aspect: • Encryption • New Intrusion Prevention Systems • Anti-malware tools Third Party Involvement: • Legal and Insurance Assessments • Notifications of Incidents to: • S&E, FTC, FBI Behavioral: • Revamped Employee Training Modules Press Involvement: • Press Statements • Maintains the integrity of the company Looking Towards The Future!
Current Topology Enhanced Topology • Eliminates Path to E-trading System • Redundancy • Smaller subsets allow for easy management
Identify Place: • Red-Amber-Green Protect Street: • Hardware • Software • Employee Behavior Protection Detect Square: • Screening Process • Flagging Respond Park: • Incident Response Plan Recover Blvd: • Reassessment
Insider Threat Final Powerpoint Prezi

Recomendados

Insider threat kill chain
Insider threat kill chainInsider threat kill chain
Insider threat kill chainTarun Gupta,CRISC CISSP CISM CISA BCCE
 
Ht t17
Ht t17Ht t17
Ht t17SelectedPresentations
 
Insider threat v3
Insider threat v3Insider threat v3
Insider threat v3Lancope, Inc.
 
Insider Threat Solution from GTRI
Insider Threat Solution from GTRIInsider Threat Solution from GTRI
Insider Threat Solution from GTRIZivaro Inc
 
Identify and Stop Insider Threats
Identify and Stop Insider ThreatsIdentify and Stop Insider Threats
Identify and Stop Insider ThreatsLancope, Inc.
 
5 Signs you have an Insider Threat
5 Signs you have an Insider Threat5 Signs you have an Insider Threat
5 Signs you have an Insider ThreatLancope, Inc.
 
Detecting-Preventing-Insider-Threat
Detecting-Preventing-Insider-ThreatDetecting-Preventing-Insider-Threat
Detecting-Preventing-Insider-ThreatMike Saunders
 
The Insider Threat
The Insider ThreatThe Insider Threat
The Insider ThreatPECB
 

Recomendados

Insider threat kill chain
Insider threat kill chainInsider threat kill chain
Insider threat kill chainTarun Gupta,CRISC CISSP CISM CISA BCCE
 
Ht t17
Ht t17Ht t17
Ht t17SelectedPresentations
 
Insider threat v3
Insider threat v3Insider threat v3
Insider threat v3Lancope, Inc.
 
Insider Threat Solution from GTRI
Insider Threat Solution from GTRIInsider Threat Solution from GTRI
Insider Threat Solution from GTRIZivaro Inc
 
Identify and Stop Insider Threats
Identify and Stop Insider ThreatsIdentify and Stop Insider Threats
Identify and Stop Insider ThreatsLancope, Inc.
 
5 Signs you have an Insider Threat
5 Signs you have an Insider Threat5 Signs you have an Insider Threat
5 Signs you have an Insider ThreatLancope, Inc.
 
Detecting-Preventing-Insider-Threat
Detecting-Preventing-Insider-ThreatDetecting-Preventing-Insider-Threat
Detecting-Preventing-Insider-ThreatMike Saunders
 
The Insider Threat
The Insider ThreatThe Insider Threat
The Insider ThreatPECB
 
Insider threats and countermeasures
Insider threats and countermeasuresInsider threats and countermeasures
Insider threats and countermeasuresKAMRAN KHALID
 
The Accidental Insider Threat
The Accidental Insider ThreatThe Accidental Insider Threat
The Accidental Insider ThreatMurray Security Services
 
Insider Threat
Insider ThreatInsider Threat
Insider ThreatAndy Thompson
 
How to Build an Insider Threat Program in 30 Minutes
How to Build an Insider Threat Program in 30 Minutes How to Build an Insider Threat Program in 30 Minutes
How to Build an Insider Threat Program in 30 Minutes ObserveIT
 
Proactive Measures to Defeat Insider Threat
Proactive Measures to Defeat Insider ThreatProactive Measures to Defeat Insider Threat
Proactive Measures to Defeat Insider ThreatAndrew Case
 
Insider Threat Summit - The Future of Insider Threat Detection
Insider Threat Summit - The Future of Insider Threat DetectionInsider Threat Summit - The Future of Insider Threat Detection
Insider Threat Summit - The Future of Insider Threat DetectionObserveIT
 
Internal Threats: The New Sources of Attack
Internal Threats: The New Sources of AttackInternal Threats: The New Sources of Attack
Internal Threats: The New Sources of AttackMekhi Da ‘Quay Daniels
 
How to Build a Successful Incident Response Program
How to Build a Successful Incident Response ProgramHow to Build a Successful Incident Response Program
How to Build a Successful Incident Response ProgramResilient Systems
 
Unintentional Insider Threat featuring Dr. Eric Cole
Unintentional Insider Threat featuring Dr. Eric ColeUnintentional Insider Threat featuring Dr. Eric Cole
Unintentional Insider Threat featuring Dr. Eric ColeDavid Mai, MBA
 
Recover your files from Ransomware - Ransomware Incident Response by Tictac
Recover your files from Ransomware - Ransomware Incident Response by TictacRecover your files from Ransomware - Ransomware Incident Response by Tictac
Recover your files from Ransomware - Ransomware Incident Response by TictacTicTac Data Recovery
 
Part 1: Identifying Insider Threats with Fidelis EDR Technology
Part 1: Identifying Insider Threats with Fidelis EDR Technology Part 1: Identifying Insider Threats with Fidelis EDR Technology
Part 1: Identifying Insider Threats with Fidelis EDR Technology Fidelis Cybersecurity
 
Chapter 15 incident handling
Chapter 15 incident handlingChapter 15 incident handling
Chapter 15 incident handlingnewbie2019
 
Cyber Risk in e-Discovery: What You Need to Know
Cyber Risk in e-Discovery: What You Need to KnowCyber Risk in e-Discovery: What You Need to Know
Cyber Risk in e-Discovery: What You Need to KnowkCura_Relativity
 
Tsc2021 cyber-issues
Tsc2021 cyber-issuesTsc2021 cyber-issues
Tsc2021 cyber-issuesErnest Staats
 
Data Security: Why You Need Data Loss Prevention & How to Justify It
Data Security: Why You Need Data Loss Prevention & How to Justify ItData Security: Why You Need Data Loss Prevention & How to Justify It
Data Security: Why You Need Data Loss Prevention & How to Justify ItMarc Crudgington, MBA
 
Data Security in Healthcare
Data Security in HealthcareData Security in Healthcare
Data Security in HealthcareQuick Heal Technologies Ltd.
 
Slide Deck CISSP Class Session 2
Slide Deck CISSP Class Session 2Slide Deck CISSP Class Session 2
Slide Deck CISSP Class Session 2FRSecure
 
CISSP-WEB
CISSP-WEBCISSP-WEB
CISSP-WEBMEHMET FATIH YALDIZ
 
Information security trends and steps for (OSAC) Middle East divsion
Information security trends and steps for (OSAC) Middle East divsion Information security trends and steps for (OSAC) Middle East divsion
Information security trends and steps for (OSAC) Middle East divsion Ernest Staats
 
Latihan6 comp-forensic-bab5
Latihan6 comp-forensic-bab5Latihan6 comp-forensic-bab5
Latihan6 comp-forensic-bab5sabtolinux
 
Insider Threat Detection Recommendations
Insider Threat Detection RecommendationsInsider Threat Detection Recommendations
Insider Threat Detection RecommendationsAlienVault
 
Malicious Insiders
Malicious InsidersMalicious Insiders
Malicious Insidersgjohansen
 

Mais conteúdo relacionado

Mais procurados

Insider threats and countermeasures
Insider threats and countermeasuresInsider threats and countermeasures
Insider threats and countermeasuresKAMRAN KHALID
 
How to Build an Insider Threat Program in 30 Minutes
How to Build an Insider Threat Program in 30 Minutes How to Build an Insider Threat Program in 30 Minutes
How to Build an Insider Threat Program in 30 Minutes ObserveIT
 
Proactive Measures to Defeat Insider Threat
Proactive Measures to Defeat Insider ThreatProactive Measures to Defeat Insider Threat
Proactive Measures to Defeat Insider ThreatAndrew Case
 
Insider Threat Summit - The Future of Insider Threat Detection
Insider Threat Summit - The Future of Insider Threat DetectionInsider Threat Summit - The Future of Insider Threat Detection
Insider Threat Summit - The Future of Insider Threat DetectionObserveIT
 
Internal Threats: The New Sources of Attack
Internal Threats: The New Sources of AttackInternal Threats: The New Sources of Attack
Internal Threats: The New Sources of AttackMekhi Da ‘Quay Daniels
 
How to Build a Successful Incident Response Program
How to Build a Successful Incident Response ProgramHow to Build a Successful Incident Response Program
How to Build a Successful Incident Response ProgramResilient Systems
 
Unintentional Insider Threat featuring Dr. Eric Cole
Unintentional Insider Threat featuring Dr. Eric ColeUnintentional Insider Threat featuring Dr. Eric Cole
Unintentional Insider Threat featuring Dr. Eric ColeDavid Mai, MBA
 
Recover your files from Ransomware - Ransomware Incident Response by Tictac
Recover your files from Ransomware - Ransomware Incident Response by TictacRecover your files from Ransomware - Ransomware Incident Response by Tictac
Recover your files from Ransomware - Ransomware Incident Response by TictacTicTac Data Recovery
 
Part 1: Identifying Insider Threats with Fidelis EDR Technology
Part 1: Identifying Insider Threats with Fidelis EDR Technology Part 1: Identifying Insider Threats with Fidelis EDR Technology
Part 1: Identifying Insider Threats with Fidelis EDR Technology Fidelis Cybersecurity
 
Chapter 15 incident handling
Chapter 15 incident handlingChapter 15 incident handling
Chapter 15 incident handlingnewbie2019
 
Cyber Risk in e-Discovery: What You Need to Know
Cyber Risk in e-Discovery: What You Need to KnowCyber Risk in e-Discovery: What You Need to Know
Cyber Risk in e-Discovery: What You Need to KnowkCura_Relativity
 
Tsc2021 cyber-issues
Tsc2021 cyber-issuesTsc2021 cyber-issues
Tsc2021 cyber-issuesErnest Staats
 
Data Security: Why You Need Data Loss Prevention & How to Justify It
Data Security: Why You Need Data Loss Prevention & How to Justify ItData Security: Why You Need Data Loss Prevention & How to Justify It
Data Security: Why You Need Data Loss Prevention & How to Justify ItMarc Crudgington, MBA
 
Slide Deck CISSP Class Session 2
Slide Deck CISSP Class Session 2Slide Deck CISSP Class Session 2
Slide Deck CISSP Class Session 2FRSecure
 
Information security trends and steps for (OSAC) Middle East divsion
Information security trends and steps for (OSAC) Middle East divsion Information security trends and steps for (OSAC) Middle East divsion
Information security trends and steps for (OSAC) Middle East divsion Ernest Staats
 
Latihan6 comp-forensic-bab5
Latihan6 comp-forensic-bab5Latihan6 comp-forensic-bab5
Latihan6 comp-forensic-bab5sabtolinux
 

Mais procurados (20)

Insider threats and countermeasures
Insider threats and countermeasuresInsider threats and countermeasures
Insider threats and countermeasures
 
The Accidental Insider Threat
The Accidental Insider ThreatThe Accidental Insider Threat
The Accidental Insider Threat
 
Insider Threat
Insider ThreatInsider Threat
Insider Threat
 
How to Build an Insider Threat Program in 30 Minutes
How to Build an Insider Threat Program in 30 Minutes How to Build an Insider Threat Program in 30 Minutes
How to Build an Insider Threat Program in 30 Minutes
 
Proactive Measures to Defeat Insider Threat
Proactive Measures to Defeat Insider ThreatProactive Measures to Defeat Insider Threat
Proactive Measures to Defeat Insider Threat
 
Insider Threat Summit - The Future of Insider Threat Detection
Insider Threat Summit - The Future of Insider Threat DetectionInsider Threat Summit - The Future of Insider Threat Detection
Insider Threat Summit - The Future of Insider Threat Detection
 
Internal Threats: The New Sources of Attack
Internal Threats: The New Sources of AttackInternal Threats: The New Sources of Attack
Internal Threats: The New Sources of Attack
 
How to Build a Successful Incident Response Program
How to Build a Successful Incident Response ProgramHow to Build a Successful Incident Response Program
How to Build a Successful Incident Response Program
 
Unintentional Insider Threat featuring Dr. Eric Cole
Unintentional Insider Threat featuring Dr. Eric ColeUnintentional Insider Threat featuring Dr. Eric Cole
Unintentional Insider Threat featuring Dr. Eric Cole
 
Recover your files from Ransomware - Ransomware Incident Response by Tictac
Recover your files from Ransomware - Ransomware Incident Response by TictacRecover your files from Ransomware - Ransomware Incident Response by Tictac
Recover your files from Ransomware - Ransomware Incident Response by Tictac
 
Part 1: Identifying Insider Threats with Fidelis EDR Technology
Part 1: Identifying Insider Threats with Fidelis EDR Technology Part 1: Identifying Insider Threats with Fidelis EDR Technology
Part 1: Identifying Insider Threats with Fidelis EDR Technology
 
Chapter 15 incident handling
Chapter 15 incident handlingChapter 15 incident handling
Chapter 15 incident handling
 
Cyber Risk in e-Discovery: What You Need to Know
Cyber Risk in e-Discovery: What You Need to KnowCyber Risk in e-Discovery: What You Need to Know
Cyber Risk in e-Discovery: What You Need to Know
 
Tsc2021 cyber-issues
Tsc2021 cyber-issuesTsc2021 cyber-issues
Tsc2021 cyber-issues
 
Data Security: Why You Need Data Loss Prevention & How to Justify It
Data Security: Why You Need Data Loss Prevention & How to Justify ItData Security: Why You Need Data Loss Prevention & How to Justify It
Data Security: Why You Need Data Loss Prevention & How to Justify It
 
Data Security in Healthcare
Data Security in HealthcareData Security in Healthcare
Data Security in Healthcare
 
Slide Deck CISSP Class Session 2
Slide Deck CISSP Class Session 2Slide Deck CISSP Class Session 2
Slide Deck CISSP Class Session 2
 
CISSP-WEB
CISSP-WEBCISSP-WEB
CISSP-WEB
 
Information security trends and steps for (OSAC) Middle East divsion
Information security trends and steps for (OSAC) Middle East divsion Information security trends and steps for (OSAC) Middle East divsion
Information security trends and steps for (OSAC) Middle East divsion
 
Latihan6 comp-forensic-bab5
Latihan6 comp-forensic-bab5Latihan6 comp-forensic-bab5
Latihan6 comp-forensic-bab5
 

Destaque

Insider Threat Detection Recommendations
Insider Threat Detection RecommendationsInsider Threat Detection Recommendations
Insider Threat Detection RecommendationsAlienVault
 
Malicious Insiders
Malicious InsidersMalicious Insiders
Malicious Insidersgjohansen
 
Insider threat event presentation
Insider threat event presentationInsider threat event presentation
Insider threat event presentationIISPEastMids
 
Insider Threats Webinar Final_Tyco
Insider Threats Webinar Final_TycoInsider Threats Webinar Final_Tyco
Insider Threats Webinar Final_TycoMatt Frowert
 
Snowden slides
Snowden slidesSnowden slides
Snowden slidesDavid West
 

Destaque (7)

Insider Threat Detection Recommendations
Insider Threat Detection RecommendationsInsider Threat Detection Recommendations
Insider Threat Detection Recommendations
 
Malicious Insiders
Malicious InsidersMalicious Insiders
Malicious Insiders
 
Multimedia Privacy
Multimedia PrivacyMultimedia Privacy
Multimedia Privacy
 
Insider threat event presentation
Insider threat event presentationInsider threat event presentation
Insider threat event presentation
 
Insider threat
Insider threatInsider threat
Insider threat
 
Insider Threats Webinar Final_Tyco
Insider Threats Webinar Final_TycoInsider Threats Webinar Final_Tyco
Insider Threats Webinar Final_Tyco
 
Snowden slides
Snowden slidesSnowden slides
Snowden slides
 

Semelhante a Insider Threat Final Powerpoint Prezi

CNIT 125 Ch 8. Security Operations
CNIT 125 Ch 8. Security OperationsCNIT 125 Ch 8. Security Operations
CNIT 125 Ch 8. Security OperationsSam Bowne
 
CISSP Prep: Ch 8. Security Operations
CISSP Prep: Ch 8. Security OperationsCISSP Prep: Ch 8. Security Operations
CISSP Prep: Ch 8. Security OperationsSam Bowne
 
7. Security Operations
7. Security Operations7. Security Operations
7. Security OperationsSam Bowne
 
Workshop incident response n handling-bssn 12 nop 2019-ignmantra
Workshop incident response n handling-bssn 12 nop 2019-ignmantraWorkshop incident response n handling-bssn 12 nop 2019-ignmantra
Workshop incident response n handling-bssn 12 nop 2019-ignmantraIGN MANTRA
 
It security the condensed version
It security the condensed version It security the condensed version
It security the condensed version Brian Pichman
 
CNIT 160 4e Security Program Management (Part 5)
CNIT 160 4e Security Program Management (Part 5)CNIT 160 4e Security Program Management (Part 5)
CNIT 160 4e Security Program Management (Part 5)Sam Bowne
 
The Datacenter Security Continuum
The Datacenter Security ContinuumThe Datacenter Security Continuum
The Datacenter Security ContinuumMartin Hingley
 
Incident response, Hacker Techniques and Countermeasures
Incident response, Hacker Techniques and CountermeasuresIncident response, Hacker Techniques and Countermeasures
Incident response, Hacker Techniques and CountermeasuresJose L. Quiñones-Borrero
 
2019-09-11 Workshop incident response n handling honeynet Universitas Indonesia
2019-09-11 Workshop incident response n handling honeynet Universitas Indonesia2019-09-11 Workshop incident response n handling honeynet Universitas Indonesia
2019-09-11 Workshop incident response n handling honeynet Universitas IndonesiaIGN MANTRA
 
CNIT 50: 9. NSM Operations
CNIT 50: 9. NSM OperationsCNIT 50: 9. NSM Operations
CNIT 50: 9. NSM OperationsSam Bowne
 
MIS: Information Security Management
MIS: Information Security ManagementMIS: Information Security Management
MIS: Information Security ManagementJonathan Coleman
 
Corporate Data Secruity Best Practices and Legal Compliance (00969538xBF97D)
Corporate Data Secruity Best Practices and Legal Compliance (00969538xBF97D)Corporate Data Secruity Best Practices and Legal Compliance (00969538xBF97D)
Corporate Data Secruity Best Practices and Legal Compliance (00969538xBF97D)Paul C. Van Slyke
 
Hunting: Defense Against The Dark Arts
Hunting: Defense Against The Dark ArtsHunting: Defense Against The Dark Arts
Hunting: Defense Against The Dark ArtsSpyglass Security
 
Privacies are coming
Privacies are comingPrivacies are coming
Privacies are comingErnest Staats
 
CNIT 125: Ch 2. Security and Risk Management (Part 1)
CNIT 125: Ch 2. Security and Risk Management (Part 1)CNIT 125: Ch 2. Security and Risk Management (Part 1)
CNIT 125: Ch 2. Security and Risk Management (Part 1)Sam Bowne
 
Computer security concepts
Computer security conceptsComputer security concepts
Computer security conceptsG Prachi
 
Lecture Data Classification And Data Loss Prevention
Lecture Data Classification And Data Loss PreventionLecture Data Classification And Data Loss Prevention
Lecture Data Classification And Data Loss PreventionNicholas Davis
 

Semelhante a Insider Threat Final Powerpoint Prezi (20)

Creating a Security Plan for Your Agency - Laird Rixford
Creating a Security Plan for Your Agency - Laird RixfordCreating a Security Plan for Your Agency - Laird Rixford
Creating a Security Plan for Your Agency - Laird Rixford
 
CNIT 125 Ch 8. Security Operations
CNIT 125 Ch 8. Security OperationsCNIT 125 Ch 8. Security Operations
CNIT 125 Ch 8. Security Operations
 
CISSP Prep: Ch 8. Security Operations
CISSP Prep: Ch 8. Security OperationsCISSP Prep: Ch 8. Security Operations
CISSP Prep: Ch 8. Security Operations
 
7. Security Operations
7. Security Operations7. Security Operations
7. Security Operations
 
Workshop incident response n handling-bssn 12 nop 2019-ignmantra
Workshop incident response n handling-bssn 12 nop 2019-ignmantraWorkshop incident response n handling-bssn 12 nop 2019-ignmantra
Workshop incident response n handling-bssn 12 nop 2019-ignmantra
 
Operations Security
Operations SecurityOperations Security
Operations Security
 
It security the condensed version
It security the condensed version It security the condensed version
It security the condensed version
 
CNIT 160 4e Security Program Management (Part 5)
CNIT 160 4e Security Program Management (Part 5)CNIT 160 4e Security Program Management (Part 5)
CNIT 160 4e Security Program Management (Part 5)
 
The Datacenter Security Continuum
The Datacenter Security ContinuumThe Datacenter Security Continuum
The Datacenter Security Continuum
 
Incident response, Hacker Techniques and Countermeasures
Incident response, Hacker Techniques and CountermeasuresIncident response, Hacker Techniques and Countermeasures
Incident response, Hacker Techniques and Countermeasures
 
2019-09-11 Workshop incident response n handling honeynet Universitas Indonesia
2019-09-11 Workshop incident response n handling honeynet Universitas Indonesia2019-09-11 Workshop incident response n handling honeynet Universitas Indonesia
2019-09-11 Workshop incident response n handling honeynet Universitas Indonesia
 
CNIT 50: 9. NSM Operations
CNIT 50: 9. NSM OperationsCNIT 50: 9. NSM Operations
CNIT 50: 9. NSM Operations
 
MIS: Information Security Management
MIS: Information Security ManagementMIS: Information Security Management
MIS: Information Security Management
 
Corporate Data Secruity Best Practices and Legal Compliance (00969538xBF97D)
Corporate Data Secruity Best Practices and Legal Compliance (00969538xBF97D)Corporate Data Secruity Best Practices and Legal Compliance (00969538xBF97D)
Corporate Data Secruity Best Practices and Legal Compliance (00969538xBF97D)
 
Hunting: Defense Against The Dark Arts
Hunting: Defense Against The Dark ArtsHunting: Defense Against The Dark Arts
Hunting: Defense Against The Dark Arts
 
Privacies are coming
Privacies are comingPrivacies are coming
Privacies are coming
 
CNIT 125: Ch 2. Security and Risk Management (Part 1)
CNIT 125: Ch 2. Security and Risk Management (Part 1)CNIT 125: Ch 2. Security and Risk Management (Part 1)
CNIT 125: Ch 2. Security and Risk Management (Part 1)
 
css ppt.ppt
css ppt.pptcss ppt.ppt
css ppt.ppt
 
Computer security concepts
Computer security conceptsComputer security concepts
Computer security concepts
 
Lecture Data Classification And Data Loss Prevention
Lecture Data Classification And Data Loss PreventionLecture Data Classification And Data Loss Prevention
Lecture Data Classification And Data Loss Prevention
 

Insider Threat Final Powerpoint Prezi

  • 1.
  • 2.
  • 3.
  • 4. • STAKEHOLDERS • Internal • External • RISK ASSESSMENT Assets Probability (P) Impact (I) Inherent Risk = P x I Compensating Controls Residual Risk Software Medium High High • Patch Management • White Listing Medium Databases Medium High High • Encryption Medium Hardware Low Medium Medium • Blocking External Devices Low Network Medium Medium Medium • Monitoring Low Human Factor Medium High High • Training & Awareness • Reporting Structure • Anti-Retaliation Policy • Open-Door Policy Medium Access Control Medium High High • Least User Privileges Medium
  • 5. • Patch Management • Whitelisting • Removal of RDP • Hardware-based Firewalls • Two-step authentication • Awareness • Training
  • 6. • Background Checks/Ongoing Employee Screening • Cyber Vetting • Monitoring user activity • Unauthorized use of personal devices • Security Information and Event Management • Policies on Confidential Reporting • Anti-retaliation Policy • Open-door Policy
  • 7. Plan and Protect • Create an Incident Response Team Containing the Incident • Isolate affected files or networks • Backup files on servers and hard drives • Remove access upon termination Communication to Stakeholders • Internal Stakeholders • Business Operations • Oversight • Board of Directors • External Stakeholders • Law Enforcement • Regulatory Agencies
  • 8. Technical Aspect: • Encryption • New Intrusion Prevention Systems • Anti-malware tools Third Party Involvement: • Legal and Insurance Assessments • Notifications of Incidents to: • S&E, FTC, FBI Behavioral: • Revamped Employee Training Modules Press Involvement: • Press Statements • Maintains the integrity of the company Looking Towards The Future!
  • 9. Current Topology Enhanced Topology • Eliminates Path to E-trading System • Redundancy • Smaller subsets allow for easy management
  • 10. Identify Place: • Red-Amber-Green Protect Street: • Hardware • Software • Employee Behavior Protection Detect Square: • Screening Process • Flagging Respond Park: • Incident Response Plan Recover Blvd: • Reassessment