the darker value of your corporate data - starchapter › ... ›...
TRANSCRIPT
![Page 1: The Darker Value of Your Corporate Data - StarChapter › ... › the_darker_value_of_your_corporate_data.pdf2017 Verizon Data Breach Investigations Report Data Type Value Website](https://reader033.vdocument.in/reader033/viewer/2022060207/5f03c4cc7e708231d40aad68/html5/thumbnails/1.jpg)
The Darker Value of Your
Corporate Data
What Cyber Criminals are After and a Collaborative Approach
for Protecting it
This Photo by Unknown Author is licensed under CC BY-NC
![Page 2: The Darker Value of Your Corporate Data - StarChapter › ... › the_darker_value_of_your_corporate_data.pdf2017 Verizon Data Breach Investigations Report Data Type Value Website](https://reader033.vdocument.in/reader033/viewer/2022060207/5f03c4cc7e708231d40aad68/html5/thumbnails/2.jpg)
2
![Page 3: The Darker Value of Your Corporate Data - StarChapter › ... › the_darker_value_of_your_corporate_data.pdf2017 Verizon Data Breach Investigations Report Data Type Value Website](https://reader033.vdocument.in/reader033/viewer/2022060207/5f03c4cc7e708231d40aad68/html5/thumbnails/3.jpg)
Average Number of Days an Advanced Persistent Threat (APT) spends on a company network before being detected.
2017 Verizon Data Breach Investigations Report3
![Page 4: The Darker Value of Your Corporate Data - StarChapter › ... › the_darker_value_of_your_corporate_data.pdf2017 Verizon Data Breach Investigations Report Data Type Value Website](https://reader033.vdocument.in/reader033/viewer/2022060207/5f03c4cc7e708231d40aad68/html5/thumbnails/4.jpg)
And Then Someone Gets One of These
4
![Page 5: The Darker Value of Your Corporate Data - StarChapter › ... › the_darker_value_of_your_corporate_data.pdf2017 Verizon Data Breach Investigations Report Data Type Value Website](https://reader033.vdocument.in/reader033/viewer/2022060207/5f03c4cc7e708231d40aad68/html5/thumbnails/5.jpg)
Information Security – It’s Personal
5
National Security Agency• (Edward Snowden) Classified DATA loss
Office of Personnel Management• Highly Sensitive Security Clearance DATA loss• SF86 – 136 pages
![Page 6: The Darker Value of Your Corporate Data - StarChapter › ... › the_darker_value_of_your_corporate_data.pdf2017 Verizon Data Breach Investigations Report Data Type Value Website](https://reader033.vdocument.in/reader033/viewer/2022060207/5f03c4cc7e708231d40aad68/html5/thumbnails/6.jpg)
Once Inside The Network Bubble We’re Safe!
6
Firewall
IPS
Antivirus
![Page 7: The Darker Value of Your Corporate Data - StarChapter › ... › the_darker_value_of_your_corporate_data.pdf2017 Verizon Data Breach Investigations Report Data Type Value Website](https://reader033.vdocument.in/reader033/viewer/2022060207/5f03c4cc7e708231d40aad68/html5/thumbnails/7.jpg)
But… Boundaries Are Expanding
7
Work from Home
BYOD
Cloud
Vendors
Satellite Offices
Once Inside the Network We’re Safe! … Said the APT
![Page 8: The Darker Value of Your Corporate Data - StarChapter › ... › the_darker_value_of_your_corporate_data.pdf2017 Verizon Data Breach Investigations Report Data Type Value Website](https://reader033.vdocument.in/reader033/viewer/2022060207/5f03c4cc7e708231d40aad68/html5/thumbnails/8.jpg)
Who Are The Threats?
8 2017 Verizon Data Breach Investigations Report
Collusion3%
Internal25%
Nation States18%
Business Partners
2%
Organized Crime52%
• Well Organized• Well Funded• Smart• Dedicated• Fully Staffed
![Page 9: The Darker Value of Your Corporate Data - StarChapter › ... › the_darker_value_of_your_corporate_data.pdf2017 Verizon Data Breach Investigations Report Data Type Value Website](https://reader033.vdocument.in/reader033/viewer/2022060207/5f03c4cc7e708231d40aad68/html5/thumbnails/9.jpg)
How Does an Intrusion Occur?
• Reconnaissance
• Initial Exploitation
• Establish Persistence
• Install Tools
• Move Laterally
• Exploit
• Collect
• Exfiltrate
9
180 days
Finding and extracting your company’s most valuable information!
This is when an Incident becomes a Data Breach! Company Cost is $225 per record!
2017 Ponemon Report
Threat Attack Chain Sequence
![Page 10: The Darker Value of Your Corporate Data - StarChapter › ... › the_darker_value_of_your_corporate_data.pdf2017 Verizon Data Breach Investigations Report Data Type Value Website](https://reader033.vdocument.in/reader033/viewer/2022060207/5f03c4cc7e708231d40aad68/html5/thumbnails/10.jpg)
Costs of Crimeware Sold on the Dark Web
Product Price
Keylogger US $1-5
Xena RAT builder US $1-50 (Silver/Gold Tech Support)
Exploit US $1+
Botnet and/or Botnet builder US $5-50
Worm US $5-15
Ransomware US $10
Betabot DDoS tool US $75
10 2017 Verizon Data Breach Investigations Report
![Page 11: The Darker Value of Your Corporate Data - StarChapter › ... › the_darker_value_of_your_corporate_data.pdf2017 Verizon Data Breach Investigations Report Data Type Value Website](https://reader033.vdocument.in/reader033/viewer/2022060207/5f03c4cc7e708231d40aad68/html5/thumbnails/11.jpg)
Theft Targets and Motivation
11
Financial24%
Healthcare15%
Public Sector12%
All Other34%
Retail and Hospitality
15%
2017 Verizon Data Breach Investigations Report
• Personal Information/Medical Records• Identity Theft
• Tax Return Fraud
• Gossip Value
• Insider and Privilege Misuse• Data for cash
• Curiosity
• Espionage • Start a Competing Company
• Bring to New Employer
![Page 12: The Darker Value of Your Corporate Data - StarChapter › ... › the_darker_value_of_your_corporate_data.pdf2017 Verizon Data Breach Investigations Report Data Type Value Website](https://reader033.vdocument.in/reader033/viewer/2022060207/5f03c4cc7e708231d40aad68/html5/thumbnails/12.jpg)
Cyber Crime Is A Business
12
Espionage27%
Financial70%
Fun, Ideology, Grudge (FIG)
3%
2017 Verizon Data Breach Investigations Report
Data Type Value
Website Management Credentials: $3–5
Remote Desktop Credentials: $10–25
Credit Cards with CVV2:Plus Bank ID Number:Plus Full Card Owner details:
$5-$8$15$30
Bank Account Credentials with Balance of:$400-$1,000:$1,000-$2,500 Balance:$2,500-$5,000 Balance: $5,000-$8,000 Balance:
$20-$50$50-$120$120-$200$200-$300
Bundle of 10 Medicare numbers: $4700
![Page 13: The Darker Value of Your Corporate Data - StarChapter › ... › the_darker_value_of_your_corporate_data.pdf2017 Verizon Data Breach Investigations Report Data Type Value Website](https://reader033.vdocument.in/reader033/viewer/2022060207/5f03c4cc7e708231d40aad68/html5/thumbnails/13.jpg)
The Purpose of Information Security“The protection of information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide confidentiality, integrity, and availability”… Using People, Process and Technology.
• Confidentiality – protecting information from unauthorized access and disclosure.
• Integrity – protecting information from unauthorized modification.
• Availability – preventing disruption in information access.
13
![Page 14: The Darker Value of Your Corporate Data - StarChapter › ... › the_darker_value_of_your_corporate_data.pdf2017 Verizon Data Breach Investigations Report Data Type Value Website](https://reader033.vdocument.in/reader033/viewer/2022060207/5f03c4cc7e708231d40aad68/html5/thumbnails/14.jpg)
Castle Approach to Information Security
14
![Page 15: The Darker Value of Your Corporate Data - StarChapter › ... › the_darker_value_of_your_corporate_data.pdf2017 Verizon Data Breach Investigations Report Data Type Value Website](https://reader033.vdocument.in/reader033/viewer/2022060207/5f03c4cc7e708231d40aad68/html5/thumbnails/15.jpg)
A Day in the Life of a Security Analyst
1. SIEM (Security Information and Event Monitor)
2. Network IDS/IPS
3. Email Gateway security
4. Web proxy
5. Application White/Black List
6. Risk Management
7. RSA Token Manager
8. Endpoint protection
9. Patch Management
10. Vulnerability Scanning
11. DNS
12. Encryption (SSL Decrypt)
13. Firewall monitoring
14. Antivirus
15. Malware 15
RiskDashboard
Detail
Drill to Detial
EndpointDashboard
Detail
Drill to Detial
Net monitorDashboard
Detail
Drill to Detial
MEGDashboard
Detail
Drill to Detial
NSMDashboard
Detail
Drill to Detial
SIEMDashboard
SIEM Detail
Drill to Detial
AntivirusDashboard
Detail
Drill to Detial
Web proxyDashboard
Detail
Drill to Detial
White listDashboard
Detail
Drill to Detial
MalwareDashboard
Detail
Drill to Detial
FirewallDashboard
Detail
Drill to Detial
VADashboard
Detail
Drill to Detial
Security Analyst
![Page 16: The Darker Value of Your Corporate Data - StarChapter › ... › the_darker_value_of_your_corporate_data.pdf2017 Verizon Data Breach Investigations Report Data Type Value Website](https://reader033.vdocument.in/reader033/viewer/2022060207/5f03c4cc7e708231d40aad68/html5/thumbnails/16.jpg)
Information Security Concerns
People• Limited number of resources – 1 or 2 Security Analysts• In 2017 there were 780,000 cybersecurity jobs and approximately 350,000
open cybersecurity positions
Process• Overwhelmed by number of security incidents• Hard to prioritize what’s important
Technology• Lots of technology from many vendors• Little integration
Data• It’s all over the place
16Cybersecurity Business Report, 6/8/17
![Page 17: The Darker Value of Your Corporate Data - StarChapter › ... › the_darker_value_of_your_corporate_data.pdf2017 Verizon Data Breach Investigations Report Data Type Value Website](https://reader033.vdocument.in/reader033/viewer/2022060207/5f03c4cc7e708231d40aad68/html5/thumbnails/17.jpg)
Here is Our Corporate Data, Protect it!
17
![Page 18: The Darker Value of Your Corporate Data - StarChapter › ... › the_darker_value_of_your_corporate_data.pdf2017 Verizon Data Breach Investigations Report Data Type Value Website](https://reader033.vdocument.in/reader033/viewer/2022060207/5f03c4cc7e708231d40aad68/html5/thumbnails/18.jpg)
EnterpriseData
Level of Protection
DATA
Valu
e/R
isk
Current Data Protection Model -Treat All Data the Same
18
The Castle Approach
Customer Credit Card Data
Today’s Lunch Menu Specials
![Page 19: The Darker Value of Your Corporate Data - StarChapter › ... › the_darker_value_of_your_corporate_data.pdf2017 Verizon Data Breach Investigations Report Data Type Value Website](https://reader033.vdocument.in/reader033/viewer/2022060207/5f03c4cc7e708231d40aad68/html5/thumbnails/19.jpg)
Oh Look, a free pizza offer in my e-mail!…Click
19
![Page 20: The Darker Value of Your Corporate Data - StarChapter › ... › the_darker_value_of_your_corporate_data.pdf2017 Verizon Data Breach Investigations Report Data Type Value Website](https://reader033.vdocument.in/reader033/viewer/2022060207/5f03c4cc7e708231d40aad68/html5/thumbnails/20.jpg)
“The key to our success is knowing that network better
than the people who set it up”
“You know what technologies you intended to use. We
know the technologies actually in use.”
“Don't assume a crack is too small to be noticed or too
small to be exploited"
20 Usenix Enigma Security Conference 2016
Rob Joyce –Chief, Tailored Access Operations (TAO) NSA
![Page 21: The Darker Value of Your Corporate Data - StarChapter › ... › the_darker_value_of_your_corporate_data.pdf2017 Verizon Data Breach Investigations Report Data Type Value Website](https://reader033.vdocument.in/reader033/viewer/2022060207/5f03c4cc7e708231d40aad68/html5/thumbnails/21.jpg)
Twitter: @Hart_Jason
Jason Hart –World Visionary in Cyber Security and Ex Ethical Hacker
“Attack prevention is a broken model.”
“To me, prevention techniques like firewalls are just ‘speed bumps’…
…you’re just slowing me down”
21
“You must locate your sensitive data and protect it.”
Castle Approach to Information Security is flawed
![Page 22: The Darker Value of Your Corporate Data - StarChapter › ... › the_darker_value_of_your_corporate_data.pdf2017 Verizon Data Breach Investigations Report Data Type Value Website](https://reader033.vdocument.in/reader033/viewer/2022060207/5f03c4cc7e708231d40aad68/html5/thumbnails/22.jpg)
Museum Approach to Information Security
22
Monitor and Protect Data Based on Its Value and Risk To The Business
![Page 23: The Darker Value of Your Corporate Data - StarChapter › ... › the_darker_value_of_your_corporate_data.pdf2017 Verizon Data Breach Investigations Report Data Type Value Website](https://reader033.vdocument.in/reader033/viewer/2022060207/5f03c4cc7e708231d40aad68/html5/thumbnails/23.jpg)
Enterprise Data
Level of Protection
Valu
e/R
isk
Museum Approach
23
Restricted
Confidential
Everything Else
Discover and Classify based on Value to company and threats
Monitor and Protect based on Risk and Policy
Customer Credit Card Data
Today’s Lunch Menu Specials
DATA
![Page 24: The Darker Value of Your Corporate Data - StarChapter › ... › the_darker_value_of_your_corporate_data.pdf2017 Verizon Data Breach Investigations Report Data Type Value Website](https://reader033.vdocument.in/reader033/viewer/2022060207/5f03c4cc7e708231d40aad68/html5/thumbnails/24.jpg)
What Data Deserves to be Protected?
Information that can be used• To identify, contact, or locate a single person
• Identify an individual in context
• Distinguish or trace an individual's identity• name, social security number, date and place of birth, mother's maiden
name, or biometric records
• Other information that is linked or linkable to an individual• medical, educational, financial, and employment information.
24
Personally Identifiable Information (PII), or Sensitive Personal Information (SPI).
![Page 25: The Darker Value of Your Corporate Data - StarChapter › ... › the_darker_value_of_your_corporate_data.pdf2017 Verizon Data Breach Investigations Report Data Type Value Website](https://reader033.vdocument.in/reader033/viewer/2022060207/5f03c4cc7e708231d40aad68/html5/thumbnails/25.jpg)
Examples of Corporate Restricted versus Confidential Information
Restricted• Trade Secrets
• Intellectual Property
• Mergers and Acquisitions
• Social Security Number (SSN)
• Driver's license/state ID numbers
• Financial account numbers
• Credit card numbers
• Personal medical and medical insurance information
• Passwords
Confidential• Sales Projections
• Marketing Plans
• Home address and phone
• Birth date
• Gender
• Religious orientation
• Evaluations
• Sensitive research
25
![Page 26: The Darker Value of Your Corporate Data - StarChapter › ... › the_darker_value_of_your_corporate_data.pdf2017 Verizon Data Breach Investigations Report Data Type Value Website](https://reader033.vdocument.in/reader033/viewer/2022060207/5f03c4cc7e708231d40aad68/html5/thumbnails/26.jpg)
26
Change the Information Security View of Corporate Data
![Page 27: The Darker Value of Your Corporate Data - StarChapter › ... › the_darker_value_of_your_corporate_data.pdf2017 Verizon Data Breach Investigations Report Data Type Value Website](https://reader033.vdocument.in/reader033/viewer/2022060207/5f03c4cc7e708231d40aad68/html5/thumbnails/27.jpg)
…To This
27
![Page 28: The Darker Value of Your Corporate Data - StarChapter › ... › the_darker_value_of_your_corporate_data.pdf2017 Verizon Data Breach Investigations Report Data Type Value Website](https://reader033.vdocument.in/reader033/viewer/2022060207/5f03c4cc7e708231d40aad68/html5/thumbnails/28.jpg)
Data Architects Know Data
They know for each area of the business:
• What data is important
• Who is the owner
• Where it is located
• How it’s accessed
Throughout the enterprise
28
Monitor
Protect
Fin
ance
Hu
man
Re
sou
rce
s
IT
Pat
ien
t Sa
fety
Un
de
rwri
tin
g
Business Units
Discover
Classify
Sensitive Information
Define Acceptable
RiskPosture
![Page 29: The Darker Value of Your Corporate Data - StarChapter › ... › the_darker_value_of_your_corporate_data.pdf2017 Verizon Data Breach Investigations Report Data Type Value Website](https://reader033.vdocument.in/reader033/viewer/2022060207/5f03c4cc7e708231d40aad68/html5/thumbnails/29.jpg)
Data Architects role in Information Security: Find and Protect Valuable Data Assets• Discover and Classify sensitive data
assets
• What data is out there?
• How sensitive is it?
• Document the flow
• What data is being accessed?
• How often is the data accessed?
• Who’s using the data?
• Determine the risk
• How exposed is it?
• What data is being extracted?
• How secure is the repository?
• Is it fully patched?
• Are configuration best practices being used?
• Reduce the risk
• Is the data protected at the right level based on value/risk?
29
![Page 30: The Darker Value of Your Corporate Data - StarChapter › ... › the_darker_value_of_your_corporate_data.pdf2017 Verizon Data Breach Investigations Report Data Type Value Website](https://reader033.vdocument.in/reader033/viewer/2022060207/5f03c4cc7e708231d40aad68/html5/thumbnails/30.jpg)
Leverage Existing Knowledge
Utilize the information you already have to help improve security:
• Business Requirements
• Documents provide intelligence and insight into what’s information is valuable to a given business unit
• Source to Target Mappings
• Provides location of important and valuable information
• Databases, flat files, landing areas, 3rd party info
• Provides target location for sensitive and valuable information
• ETL Flows
• Provides intermediate landing areas where sensitive data resides for short periods of time –Advanced Persistent Threats
• Data lineage
• Reporting
• Sensitive data in reports that can be masked or redacted for specific groups
30
![Page 31: The Darker Value of Your Corporate Data - StarChapter › ... › the_darker_value_of_your_corporate_data.pdf2017 Verizon Data Breach Investigations Report Data Type Value Website](https://reader033.vdocument.in/reader033/viewer/2022060207/5f03c4cc7e708231d40aad68/html5/thumbnails/31.jpg)
Source To Target Mapping
Data Source ETL Target
System Name
Table Name
Column Name Data Type
Sensitive Data InfoSec Transform Table Column Data Type
Sensitive Data InfoSec Access Rights
CRM Cust fname char(80) Y PIITrim Leading/Trailing spaces DIM_CUSTOMER First_Name varchar2(80) Y PII Sales Role
Cust lname char(80) Y PIITrim Leading/Trailing spaces DIM_CUSTOMER Last_Name varchar2(80) Y PII Sales Role
Cust addr1 char(80) Y PIITrim Leading/Trailing spaces DIM_CUSTOMER Address_Ln1 varchar2(180) Y PII Sales Role
Cust addr2 char(80) Y PIITrim Leading/Trailing spaces DIM_CUSTOMER Address_Ln2 varchar2(180) Y PII Sales Role
Cust city char(80) Y PIITrim Leading/Trailing spaces DIM_CUSTOMER City varchar2(180) Y PII Sales Role
Cust state char(2) Y PII Uppercase DIM_CUSTOMER State varchar2(2) Y PII Sales Role
Cust zip char(10) Y PII Left(5) DIM_CUSTOMER Zip_Code varchar2(5) Y PII Sales Role
Cust zip char(10) Y PIICheck for '-'; 4 digits after DIM_CUSTOMER Zip_4 varchar2(4) Y PII Sales Role
Cust ssn char(11) Y PII format as xx-xxx-xxxx DIM_CUSTOMER SSN varchar2(11) Y PII Sales Role
OM CustCC cc_num varchar2(80) Y PCI Remove white space DIM CREDIT_CARD Card_Number varchar2(16) Y PCI Sales Order Role
CustCC cvv varchar2(10) Y PCI DIM_CREDIT_CARD CVV_CODE varchar2(10) Y PCI Sales Order Role
31
![Page 32: The Darker Value of Your Corporate Data - StarChapter › ... › the_darker_value_of_your_corporate_data.pdf2017 Verizon Data Breach Investigations Report Data Type Value Website](https://reader033.vdocument.in/reader033/viewer/2022060207/5f03c4cc7e708231d40aad68/html5/thumbnails/32.jpg)
Provide Data Lineage
32
![Page 33: The Darker Value of Your Corporate Data - StarChapter › ... › the_darker_value_of_your_corporate_data.pdf2017 Verizon Data Breach Investigations Report Data Type Value Website](https://reader033.vdocument.in/reader033/viewer/2022060207/5f03c4cc7e708231d40aad68/html5/thumbnails/33.jpg)
Rob Joyce –Chief, Tailored Access Operations (TAO) NSA
“Enable those logs but also look at those logs.”
“One of our worst nightmares is that ‘out of band’ network tap that really is capturing all the data”
33 Usenix Enigma Security Conference 2016
![Page 34: The Darker Value of Your Corporate Data - StarChapter › ... › the_darker_value_of_your_corporate_data.pdf2017 Verizon Data Breach Investigations Report Data Type Value Website](https://reader033.vdocument.in/reader033/viewer/2022060207/5f03c4cc7e708231d40aad68/html5/thumbnails/34.jpg)
SIEMDashboard
SIEM Detail
Drill to Detial
DAMDashboard
SIEM Detail
Drill to Detial
RiskDashboard
Detail
Drill to Detial
EndpointDashboard
Detail
Drill to Detial
Net monitorDashboard
Detail
Drill to Detial
MEGDashboard
Detail
Drill to Detial
NSMDashboard
Detail
Drill to Detial
AntivirusDashboard
Detail
Drill to Detial
Web proxyDashboard
Detail
Drill to Detial
White listDashboard
Detail
Drill to Detial
MalwareDashboard
Detail
Drill to Detial
FirewallDashboard
Detail
Drill to Detial
VADashboard
Detail
Drill to Detial
Museum Approach Plus Castle Approach
34Security Analyst
Efficiency InsightUser Behavior Analytics
![Page 35: The Darker Value of Your Corporate Data - StarChapter › ... › the_darker_value_of_your_corporate_data.pdf2017 Verizon Data Breach Investigations Report Data Type Value Website](https://reader033.vdocument.in/reader033/viewer/2022060207/5f03c4cc7e708231d40aad68/html5/thumbnails/35.jpg)
Museum Approach Advantages
• Data Access Control• Data Classification• Define Roles • Fine Grained Data Access based on need
• Audit Trails• Who • What • When • Where
• Enables Actions on Data• Alert• Block/Terminate• Redact• Filter
35
![Page 36: The Darker Value of Your Corporate Data - StarChapter › ... › the_darker_value_of_your_corporate_data.pdf2017 Verizon Data Breach Investigations Report Data Type Value Website](https://reader033.vdocument.in/reader033/viewer/2022060207/5f03c4cc7e708231d40aad68/html5/thumbnails/36.jpg)
Protect Data through blocking, masking and alerting based on role based security policy models
36
Protect Databases and BigData platforms
Row-Level Masking (only dept #20)
Column-Level Masking (only dept#)
![Page 37: The Darker Value of Your Corporate Data - StarChapter › ... › the_darker_value_of_your_corporate_data.pdf2017 Verizon Data Breach Investigations Report Data Type Value Website](https://reader033.vdocument.in/reader033/viewer/2022060207/5f03c4cc7e708231d40aad68/html5/thumbnails/37.jpg)
Museum Approach Breaks the Attack Chain
• Reconnaissance
• Initial Exploitation
• Establish Persistence
• Install Tools
• Move Laterally
• Exploit
• Collect
• Exfiltrate
37
180 daysWandering around your network…
But not taking your sensitive information!
Just Today’s Lunch Specials.
![Page 38: The Darker Value of Your Corporate Data - StarChapter › ... › the_darker_value_of_your_corporate_data.pdf2017 Verizon Data Breach Investigations Report Data Type Value Website](https://reader033.vdocument.in/reader033/viewer/2022060207/5f03c4cc7e708231d40aad68/html5/thumbnails/38.jpg)
Information Security and Compliance Leadership and Staff• CISO - responsible for establishing and maintaining the enterprise vision, strategy, and
program to ensure information assets and technologies are adequately protected.
• Information Risk Manager – assess and identify the potential risks that may hinder the reputation, safety, security, and financial prosperity of a company.
• Compliance Officer – responsible for ensuring the company complies with its outside regulatory requirements and internal policies.
• Security Engineer – responsible for building security architecture and engineering security systems.
• Security Analyst – detect, investigate, and respond to incidents.
38
![Page 39: The Darker Value of Your Corporate Data - StarChapter › ... › the_darker_value_of_your_corporate_data.pdf2017 Verizon Data Breach Investigations Report Data Type Value Website](https://reader033.vdocument.in/reader033/viewer/2022060207/5f03c4cc7e708231d40aad68/html5/thumbnails/39.jpg)
Information Security Legal and Regulatory RequirementsCompliance
• Payment Card Industry Data Security Standard (PCI-DSS)
• SOX
• Health Insurance Portability and Accountability Act of 1996 (HIPAA)
• Health Information Technology for Economic and Clinical Health Act (HITEC)
• FFIEC, CAT
• NERC CIP
• NIST SP 800-37 and 800-53
• NY DFS 23 NYCRR Part 500
Privacy
• Privacy Shield
• EU GDPR
Audit
• SSAE 16
• SOC 2
• ISO 27001
• FISMA and FedRAMP
• NIST SP 800-53A
• COSO
39
![Page 40: The Darker Value of Your Corporate Data - StarChapter › ... › the_darker_value_of_your_corporate_data.pdf2017 Verizon Data Breach Investigations Report Data Type Value Website](https://reader033.vdocument.in/reader033/viewer/2022060207/5f03c4cc7e708231d40aad68/html5/thumbnails/40.jpg)
General Data Protection Regulation (GDPR)
• Protect any information related to a natural person or ‘Data Subject’ residing in the EU, that can be used to directly or indirectly identify the person.
• It can be anything from a name, a photo, an email address, bank details, posts on social networking websites, medical information, or a computer IP address.
• Provides the right to be forgotten
• Provides the right to ask for an individuals information
• Data Subjects must consent by ‘OPT IN’ for each specific use
• Data Breach notification within 72 hours
• Privacy violations can result in fines of €20M or up to 4% of Global Sales Revenue whichever is higher
Must be compliant by May 25, 2018
40
![Page 41: The Darker Value of Your Corporate Data - StarChapter › ... › the_darker_value_of_your_corporate_data.pdf2017 Verizon Data Breach Investigations Report Data Type Value Website](https://reader033.vdocument.in/reader033/viewer/2022060207/5f03c4cc7e708231d40aad68/html5/thumbnails/41.jpg)
NY DFS23 NYCRR Part 500 Requirements
• Utilize Audit Trails – 500.06
• Develop Access Privileges – 500.07
• Implement Application Development Security – 500.08
• Perform periodic Risk Assessments – 500.09
• Dedicated Cybersecurity Personnel and Intelligence – 500.10
• Implement Data Retention Policy – 500.13
• Train and Monitor Users – 500.14
• Notify Superintendent within 72 hours of ‘reportable’ Cybersecurity event – 500.17
First Deadline September 3, 2018
41
![Page 42: The Darker Value of Your Corporate Data - StarChapter › ... › the_darker_value_of_your_corporate_data.pdf2017 Verizon Data Breach Investigations Report Data Type Value Website](https://reader033.vdocument.in/reader033/viewer/2022060207/5f03c4cc7e708231d40aad68/html5/thumbnails/42.jpg)
Call To Action
• Remember not all data has the same value.• Discover • Classify• Monitor• Protect
• Gain an understanding of Compliance and Regulations your company needs to meet.
• Annotate Sensitive Information when developing source to target data• Document Information Flow• Get to know and share information with Information Security Team
42
![Page 43: The Darker Value of Your Corporate Data - StarChapter › ... › the_darker_value_of_your_corporate_data.pdf2017 Verizon Data Breach Investigations Report Data Type Value Website](https://reader033.vdocument.in/reader033/viewer/2022060207/5f03c4cc7e708231d40aad68/html5/thumbnails/43.jpg)
Average Number of Days and Advanced Persistent Threat (APT) spends on a company network before being detected.
2017 Verizon Data Breach Investigations Report
And those were the ones that were reported!
43
![Page 44: The Darker Value of Your Corporate Data - StarChapter › ... › the_darker_value_of_your_corporate_data.pdf2017 Verizon Data Breach Investigations Report Data Type Value Website](https://reader033.vdocument.in/reader033/viewer/2022060207/5f03c4cc7e708231d40aad68/html5/thumbnails/44.jpg)
Thank YouMike Czerniawski
DataCraft Partners
@mikeczern
44