cybersecurity : enterprise readiness · 2018-05-30 · ©2018 galaxe.solutions strictly private,...
TRANSCRIPT
![Page 1: CYBERSECURITY : ENTERPRISE READINESS · 2018-05-30 · ©2018 GalaxE.Solutions Strictly Private, Proprietary & Confidential 3 Formal Written Apology: I, Dave Trader, being of sound](https://reader033.vdocument.in/reader033/viewer/2022060501/5f1b7329267f1806db260b6c/html5/thumbnails/1.jpg)
CYBERSECURITY: ENTERPRISE READINESS 2018 Michigan InfraGard Annual Conference
![Page 2: CYBERSECURITY : ENTERPRISE READINESS · 2018-05-30 · ©2018 GalaxE.Solutions Strictly Private, Proprietary & Confidential 3 Formal Written Apology: I, Dave Trader, being of sound](https://reader033.vdocument.in/reader033/viewer/2022060501/5f1b7329267f1806db260b6c/html5/thumbnails/2.jpg)
2 ©2018 GalaxE.Solutions, Inc. Strictly Private, Proprietary & Confidential
DAVE TRADER CISO & VP of Infrastructure Services
www.linkedin.com/in/dtrader
![Page 3: CYBERSECURITY : ENTERPRISE READINESS · 2018-05-30 · ©2018 GalaxE.Solutions Strictly Private, Proprietary & Confidential 3 Formal Written Apology: I, Dave Trader, being of sound](https://reader033.vdocument.in/reader033/viewer/2022060501/5f1b7329267f1806db260b6c/html5/thumbnails/3.jpg)
3 ©2018 GalaxE.Solutions Strictly Private, Proprietary & Confidential
Formal Written Apology:
I, Dave Trader, being of sound mind and body to hereby officially apologize for the events and remarks
during the breakout session entitled CyberSecurity: Enterprise Readiness at the 2018 InfraGard Annual
Meeting. I meant no harm to any particular group of people nor did I mean to offend the senses of
anyone in particular.
In an effort to make the most efficient use of everyone’s time, I do hereby render this written apology in
advance of my session.
Sincerely,
-Dave T.
![Page 4: CYBERSECURITY : ENTERPRISE READINESS · 2018-05-30 · ©2018 GalaxE.Solutions Strictly Private, Proprietary & Confidential 3 Formal Written Apology: I, Dave Trader, being of sound](https://reader033.vdocument.in/reader033/viewer/2022060501/5f1b7329267f1806db260b6c/html5/thumbnails/4.jpg)
4 ©2018 GalaxE.Solutions, Inc. Strictly Private, Proprietary & Confidential
AGENDA
THE CHALLENGES WE FACE AIR SUPPORT CYBERSECURITY INSURANCE
WARRIOR MINDSET
SEE SOMETHING, SAY SOMETHING PROTECTIVE MEASURES THREATS
THE FUTURE LANDSCAPE INTELLIGENCE
![Page 5: CYBERSECURITY : ENTERPRISE READINESS · 2018-05-30 · ©2018 GalaxE.Solutions Strictly Private, Proprietary & Confidential 3 Formal Written Apology: I, Dave Trader, being of sound](https://reader033.vdocument.in/reader033/viewer/2022060501/5f1b7329267f1806db260b6c/html5/thumbnails/5.jpg)
5 ©2018 GalaxE.Solutions, Inc. Strictly Private, Proprietary & Confidential
Technology is constantly evolving
Private communications are a priority
• WikrMe
• SnapChat
While these applications were not designed for criminal activity, criminals capitalize on their effectiveness
Reactive vs. Proactive Response – Law Enforcement responds to reports
THE CHALLENGE WE FACE “THE BAD GUYS ALWAYS HAVE THE ADVANTAGE”
![Page 6: CYBERSECURITY : ENTERPRISE READINESS · 2018-05-30 · ©2018 GalaxE.Solutions Strictly Private, Proprietary & Confidential 3 Formal Written Apology: I, Dave Trader, being of sound](https://reader033.vdocument.in/reader033/viewer/2022060501/5f1b7329267f1806db260b6c/html5/thumbnails/6.jpg)
6 ©2018 GalaxE.Solutions, Inc. Strictly Private, Proprietary & Confidential
• Ransomware (What we did…controlled folder access)
• Business Email Compromise (BEC)
• State Sponsored Attacks
• Doxxing
• Phishing ($$$$$)
• CEO to CFO Wire Transfer ($$$$$)
• Princess from Uganda with sick parents
• Catfishing (Romantic Scams)
• Whaling
• IP and PII Theft
CURRENT THREATS:
![Page 7: CYBERSECURITY : ENTERPRISE READINESS · 2018-05-30 · ©2018 GalaxE.Solutions Strictly Private, Proprietary & Confidential 3 Formal Written Apology: I, Dave Trader, being of sound](https://reader033.vdocument.in/reader033/viewer/2022060501/5f1b7329267f1806db260b6c/html5/thumbnails/7.jpg)
7 ©2018 GalaxE.Solutions, Inc. Strictly Private, Proprietary & Confidential
2018 STATISTICS
![Page 8: CYBERSECURITY : ENTERPRISE READINESS · 2018-05-30 · ©2018 GalaxE.Solutions Strictly Private, Proprietary & Confidential 3 Formal Written Apology: I, Dave Trader, being of sound](https://reader033.vdocument.in/reader033/viewer/2022060501/5f1b7329267f1806db260b6c/html5/thumbnails/8.jpg)
8 ©2018 GalaxE.Solutions Strictly Private, Proprietary & Confidential
Private Sector CISO
Default
![Page 9: CYBERSECURITY : ENTERPRISE READINESS · 2018-05-30 · ©2018 GalaxE.Solutions Strictly Private, Proprietary & Confidential 3 Formal Written Apology: I, Dave Trader, being of sound](https://reader033.vdocument.in/reader033/viewer/2022060501/5f1b7329267f1806db260b6c/html5/thumbnails/9.jpg)
9 ©2018 GalaxE.Solutions, Inc. Strictly Private, Proprietary & Confidential
• ISP’s/Law Enforcement/FBI/NSA/IC3/Private/Corporate – We all know
where to go (kind of)…but we don’t know when to go. When should we
report? When we block a network scan from an unknown IP? When an
intruder connects through the firewall? When an account is accessed from
an unknown IP?
• Currently we dial 911 for a crime in progress, but what happens when we
call 911 for an network intrusion?
• What does the future of response/response-time/reactive look like? Is it
proactive, real-time, investigation? Should we be tracking to that goal?
• When do we report? When should we report?
AIR SUPPORT
![Page 10: CYBERSECURITY : ENTERPRISE READINESS · 2018-05-30 · ©2018 GalaxE.Solutions Strictly Private, Proprietary & Confidential 3 Formal Written Apology: I, Dave Trader, being of sound](https://reader033.vdocument.in/reader033/viewer/2022060501/5f1b7329267f1806db260b6c/html5/thumbnails/10.jpg)
10 ©2018 GalaxE.Solutions, Inc. Strictly Private, Proprietary & Confidential
• We need a set of rules or expectations that can be implemented on business for the exchange of breach coverage.
• Premiums would be affected by the risk associated with each business.
• Like other insurance coverage today, CyberSecurity Insurance needs to reward those who place the proper protections and encourage, by way of increased premiums, others to meet industry standards.
CYBERSECURITY INSURANCE
![Page 11: CYBERSECURITY : ENTERPRISE READINESS · 2018-05-30 · ©2018 GalaxE.Solutions Strictly Private, Proprietary & Confidential 3 Formal Written Apology: I, Dave Trader, being of sound](https://reader033.vdocument.in/reader033/viewer/2022060501/5f1b7329267f1806db260b6c/html5/thumbnails/11.jpg)
11 ©2018 GalaxE.Solutions, Inc. Strictly Private, Proprietary & Confidential
EQUIFAX CASE STUDY
![Page 12: CYBERSECURITY : ENTERPRISE READINESS · 2018-05-30 · ©2018 GalaxE.Solutions Strictly Private, Proprietary & Confidential 3 Formal Written Apology: I, Dave Trader, being of sound](https://reader033.vdocument.in/reader033/viewer/2022060501/5f1b7329267f1806db260b6c/html5/thumbnails/12.jpg)
12 ©2018 GalaxE.Solutions, Inc. Strictly Private, Proprietary & Confidential
• AV
• MFA
• IAM
• VPN
• Encryption
• DLP
• Data Classification
• Vulnerability Detection
• AppSEC
• Secure Coding
• SOC Operations
• NOC Operations
PROTECTIVE MEASURES
![Page 13: CYBERSECURITY : ENTERPRISE READINESS · 2018-05-30 · ©2018 GalaxE.Solutions Strictly Private, Proprietary & Confidential 3 Formal Written Apology: I, Dave Trader, being of sound](https://reader033.vdocument.in/reader033/viewer/2022060501/5f1b7329267f1806db260b6c/html5/thumbnails/13.jpg)
13 ©2018 GalaxE.Solutions, Inc. Strictly Private, Proprietary & Confidential
REDTEAM/BLUETEAM
• Iron sharpens iron
• Implementing this philosophy will harden
your networks and keep them up to date
against the latest and greatest attacks.
• Find the areas of weakness in your network
and protect against them.
• Do not wait for a real-world attack to find out
you have a port open that you shouldn’t.
Proactively and constantly test.
![Page 14: CYBERSECURITY : ENTERPRISE READINESS · 2018-05-30 · ©2018 GalaxE.Solutions Strictly Private, Proprietary & Confidential 3 Formal Written Apology: I, Dave Trader, being of sound](https://reader033.vdocument.in/reader033/viewer/2022060501/5f1b7329267f1806db260b6c/html5/thumbnails/14.jpg)
14 ©2018 GalaxE.Solutions, Inc. Strictly Private, Proprietary & Confidential
What does AI look like?
ARTIFICIAL INTELLIGENCE
![Page 15: CYBERSECURITY : ENTERPRISE READINESS · 2018-05-30 · ©2018 GalaxE.Solutions Strictly Private, Proprietary & Confidential 3 Formal Written Apology: I, Dave Trader, being of sound](https://reader033.vdocument.in/reader033/viewer/2022060501/5f1b7329267f1806db260b6c/html5/thumbnails/15.jpg)
15 ©2018 GalaxE.Solutions, Inc. Strictly Private, Proprietary & Confidential
BLOCKCHAIN
![Page 16: CYBERSECURITY : ENTERPRISE READINESS · 2018-05-30 · ©2018 GalaxE.Solutions Strictly Private, Proprietary & Confidential 3 Formal Written Apology: I, Dave Trader, being of sound](https://reader033.vdocument.in/reader033/viewer/2022060501/5f1b7329267f1806db260b6c/html5/thumbnails/16.jpg)
16 ©2018 GalaxE.Solutions, Inc. Strictly Private, Proprietary & Confidential
• This is illegal.
• Gathering data on an intruder has to be completed on your side of the firewall; leaving you with a public IP Address.
• Resist the urge to pursue beyond your network.
• We (the private sector) cannot retaliate.
HACKBACK
![Page 17: CYBERSECURITY : ENTERPRISE READINESS · 2018-05-30 · ©2018 GalaxE.Solutions Strictly Private, Proprietary & Confidential 3 Formal Written Apology: I, Dave Trader, being of sound](https://reader033.vdocument.in/reader033/viewer/2022060501/5f1b7329267f1806db260b6c/html5/thumbnails/17.jpg)
17 ©2018 GalaxE.Solutions, Inc. Strictly Private, Proprietary & Confidential
HUMINT
• There is no substitute for HUMINT.
• We need to partner with our communities to help us better understand when something is unusual or out of place.
• They know the ordinary. We need them to help us identify potential threats.
![Page 18: CYBERSECURITY : ENTERPRISE READINESS · 2018-05-30 · ©2018 GalaxE.Solutions Strictly Private, Proprietary & Confidential 3 Formal Written Apology: I, Dave Trader, being of sound](https://reader033.vdocument.in/reader033/viewer/2022060501/5f1b7329267f1806db260b6c/html5/thumbnails/18.jpg)
18 ©2018 GalaxE.Solutions, Inc. Strictly Private, Proprietary & Confidential
MCMAP
WARRIOR MINDSET
• You go to work every day and you access systems and restricted areas that a terrorist or hacker would love to get their hands on. If you weren’t a good wholesome individual and you meant to do harm, how would you stop you?
• These are the thoughts we, as good people, dismiss, but we need to visit them. We never imagined a commercial airliner becoming a weapon and we were unprepared.
• What is intelligence? – Factual, Credible, and Verifiable Information – That’s it. We are all Intelligence Analysts – If you see something, say something. How much time is wasted or lost in translation? A picture is worth a million words that we can all understand.
THINK LIKE THE ENEMY…THINK LIKE A TERRORIST…THINK LIKE A HACKER.
![Page 19: CYBERSECURITY : ENTERPRISE READINESS · 2018-05-30 · ©2018 GalaxE.Solutions Strictly Private, Proprietary & Confidential 3 Formal Written Apology: I, Dave Trader, being of sound](https://reader033.vdocument.in/reader033/viewer/2022060501/5f1b7329267f1806db260b6c/html5/thumbnails/19.jpg)
19 ©2018 GalaxE.Solutions, Inc. Strictly Private, Proprietary & Confidential
IF YOU SEE SOMETHING, SAY SOMETHING…
• There are contributing factors that delay the collection process of valuable intelligence.
• What does the future of this idea look like?
![Page 20: CYBERSECURITY : ENTERPRISE READINESS · 2018-05-30 · ©2018 GalaxE.Solutions Strictly Private, Proprietary & Confidential 3 Formal Written Apology: I, Dave Trader, being of sound](https://reader033.vdocument.in/reader033/viewer/2022060501/5f1b7329267f1806db260b6c/html5/thumbnails/20.jpg)
20 ©2018 GalaxE.Solutions, Inc. Strictly Private, Proprietary & Confidential
https://fedvte.usalearning.gov/
https://hireourheroes.org/veterans-training/
FEDVTE – FEDERAL VIRTUAL TRAINING ENVIRONMENT
![Page 21: CYBERSECURITY : ENTERPRISE READINESS · 2018-05-30 · ©2018 GalaxE.Solutions Strictly Private, Proprietary & Confidential 3 Formal Written Apology: I, Dave Trader, being of sound](https://reader033.vdocument.in/reader033/viewer/2022060501/5f1b7329267f1806db260b6c/html5/thumbnails/21.jpg)
21 ©2018 GalaxE.Solutions, Inc. Strictly Private, Proprietary & Confidential
TOP 10 COMMENT CARDS AT THE CONFERENCE…
10. Please increase our security clearance so we get juicier Flash Warnings.
9. I miss being read-in. Please CC me on the PDB (Presidential Daily Briefing)
8. Could we change the unclassified color to orange or purple so I at least FEEL like I’m getting TS/SCI data again?
7. Can we incorporate the code-word Sagittarius a little more often?
6. Will my selfie and check-in with the Designated Survivor show up on the FBI Facebook Page?
5. Please announce the issue point for the InfraGard badge and a gun I was promised.
4. Where can I get a Title 3 (WireTap) on my Ex’s phone?
3. Which vendor gets me 100% secure from hackers?
2. Are there any more “I’m from the Government. I’m here to help.” t-shirts available?
1. Are all the ex-directors’ audio books available in the gift shop?
![Page 22: CYBERSECURITY : ENTERPRISE READINESS · 2018-05-30 · ©2018 GalaxE.Solutions Strictly Private, Proprietary & Confidential 3 Formal Written Apology: I, Dave Trader, being of sound](https://reader033.vdocument.in/reader033/viewer/2022060501/5f1b7329267f1806db260b6c/html5/thumbnails/22.jpg)
THANK YOU