thor: building a strong cyber defence · thor – building a strong cyber defence. gary hibberd -...
TRANSCRIPT
![Page 1: THOR: Building a strong Cyber defence · THOR – Building a strong Cyber Defence. Gary Hibberd - ghibberd@theagenci.com - (T ) 0845 4133 666 : (M ) 0744 7911 742 What does ‘Good’](https://reader035.vdocument.in/reader035/viewer/2022070702/5e6a67044b879035a53862fc/html5/thumbnails/1.jpg)
Gary Hibberd - [email protected] -(T) 0845 4133 666 : (M) 0744 7911 742
GARY HIBBERDManaging Director
THOR: Building a strong Cyber defence
![Page 3: THOR: Building a strong Cyber defence · THOR – Building a strong Cyber Defence. Gary Hibberd - ghibberd@theagenci.com - (T ) 0845 4133 666 : (M ) 0744 7911 742 What does ‘Good’](https://reader035.vdocument.in/reader035/viewer/2022070702/5e6a67044b879035a53862fc/html5/thumbnails/3.jpg)
Gary Hibberd - [email protected] -(T) 0845 4133 666 : (M) 0744 7911 742
• What does ‘Good’ cyber Security look like?
• Setting standards
• Identifying your own threats, vulnerabilities & risks
• THOR – Building a strong Cyber defence
THOR – Building a strong Cyber Defence
![Page 5: THOR: Building a strong Cyber defence · THOR – Building a strong Cyber Defence. Gary Hibberd - ghibberd@theagenci.com - (T ) 0845 4133 666 : (M ) 0744 7911 742 What does ‘Good’](https://reader035.vdocument.in/reader035/viewer/2022070702/5e6a67044b879035a53862fc/html5/thumbnails/5.jpg)
Gary Hibberd - [email protected] -(T) 0845 4133 666 : (M) 0744 7911 742
Good Security is a journey.Not a destination.
![Page 6: THOR: Building a strong Cyber defence · THOR – Building a strong Cyber Defence. Gary Hibberd - ghibberd@theagenci.com - (T ) 0845 4133 666 : (M ) 0744 7911 742 What does ‘Good’](https://reader035.vdocument.in/reader035/viewer/2022070702/5e6a67044b879035a53862fc/html5/thumbnails/6.jpg)
Gary Hibberd - [email protected] -(T) 0845 4133 666 : (M) 0744 7911 742
Defend Deter Develop
Our Vision:We are secure and resilient to cyber threats, prosperous and confident in our digital world.
National Cyber Security Strategy 2016 to 2021
![Page 7: THOR: Building a strong Cyber defence · THOR – Building a strong Cyber Defence. Gary Hibberd - ghibberd@theagenci.com - (T ) 0845 4133 666 : (M ) 0744 7911 742 What does ‘Good’](https://reader035.vdocument.in/reader035/viewer/2022070702/5e6a67044b879035a53862fc/html5/thumbnails/7.jpg)
Gary Hibberd - [email protected] -(T) 0845 4133 666 : (M) 0744 7911 742
![Page 8: THOR: Building a strong Cyber defence · THOR – Building a strong Cyber Defence. Gary Hibberd - ghibberd@theagenci.com - (T ) 0845 4133 666 : (M ) 0744 7911 742 What does ‘Good’](https://reader035.vdocument.in/reader035/viewer/2022070702/5e6a67044b879035a53862fc/html5/thumbnails/8.jpg)
Gary Hibberd - [email protected] -(T) 0845 4133 666 : (M) 0744 7911 742
![Page 9: THOR: Building a strong Cyber defence · THOR – Building a strong Cyber Defence. Gary Hibberd - ghibberd@theagenci.com - (T ) 0845 4133 666 : (M ) 0744 7911 742 What does ‘Good’](https://reader035.vdocument.in/reader035/viewer/2022070702/5e6a67044b879035a53862fc/html5/thumbnails/9.jpg)
Gary Hibberd - [email protected] -(T) 0845 4133 666 : (M) 0744 7911 742
• People
• Premises
• Processes
• PC’s
• Providers
‘Good’
![Page 11: THOR: Building a strong Cyber defence · THOR – Building a strong Cyber Defence. Gary Hibberd - ghibberd@theagenci.com - (T ) 0845 4133 666 : (M ) 0744 7911 742 What does ‘Good’](https://reader035.vdocument.in/reader035/viewer/2022070702/5e6a67044b879035a53862fc/html5/thumbnails/11.jpg)
Gary Hibberd - [email protected] -(T) 0845 4133 666 : (M) 0744 7911 742
![Page 13: THOR: Building a strong Cyber defence · THOR – Building a strong Cyber Defence. Gary Hibberd - ghibberd@theagenci.com - (T ) 0845 4133 666 : (M ) 0744 7911 742 What does ‘Good’](https://reader035.vdocument.in/reader035/viewer/2022070702/5e6a67044b879035a53862fc/html5/thumbnails/13.jpg)
Gary Hibberd - [email protected] -(T) 0845 4133 666 : (M) 0744 7911 742
Remember: No such thing as 100% Secure
![Page 14: THOR: Building a strong Cyber defence · THOR – Building a strong Cyber Defence. Gary Hibberd - ghibberd@theagenci.com - (T ) 0845 4133 666 : (M ) 0744 7911 742 What does ‘Good’](https://reader035.vdocument.in/reader035/viewer/2022070702/5e6a67044b879035a53862fc/html5/thumbnails/14.jpg)
Gary Hibberd - [email protected] -(T) 0845 4133 666 : (M) 0744 7911 742
![Page 16: THOR: Building a strong Cyber defence · THOR – Building a strong Cyber Defence. Gary Hibberd - ghibberd@theagenci.com - (T ) 0845 4133 666 : (M ) 0744 7911 742 What does ‘Good’](https://reader035.vdocument.in/reader035/viewer/2022070702/5e6a67044b879035a53862fc/html5/thumbnails/16.jpg)
Gary Hibberd - [email protected] -(T) 0845 4133 666 : (M) 0744 7911 742
Business buy-in; IT and Operations
![Page 18: THOR: Building a strong Cyber defence · THOR – Building a strong Cyber Defence. Gary Hibberd - ghibberd@theagenci.com - (T ) 0845 4133 666 : (M ) 0744 7911 742 What does ‘Good’](https://reader035.vdocument.in/reader035/viewer/2022070702/5e6a67044b879035a53862fc/html5/thumbnails/18.jpg)
Gary Hibberd - [email protected] -(T) 0845 4133 666 : (M) 0744 7911 742
• Clear Leadership
• There’s a Strategy
• Security Budget
• It’s an Enabler
• Risk Assessment
Do YOU have this?
• Risk Management
• ‘Some’ Awareness
• Business Buy-in
• Continually Improving
![Page 19: THOR: Building a strong Cyber defence · THOR – Building a strong Cyber Defence. Gary Hibberd - ghibberd@theagenci.com - (T ) 0845 4133 666 : (M ) 0744 7911 742 What does ‘Good’](https://reader035.vdocument.in/reader035/viewer/2022070702/5e6a67044b879035a53862fc/html5/thumbnails/19.jpg)
Gary Hibberd - [email protected] -(T) 0845 4133 666 : (M) 0744 7911 742
Score: 1 to 101 = Nothing in place10 = No further action required
![Page 20: THOR: Building a strong Cyber defence · THOR – Building a strong Cyber Defence. Gary Hibberd - ghibberd@theagenci.com - (T ) 0845 4133 666 : (M ) 0744 7911 742 What does ‘Good’](https://reader035.vdocument.in/reader035/viewer/2022070702/5e6a67044b879035a53862fc/html5/thumbnails/20.jpg)
Gary Hibberd - [email protected] -(T) 0845 4133 666 : (M) 0744 7911 742
• Clear Leadership
• There’s a Strategy
• Security Budget
• It’s an Enabler
• Risk Assessment
Do YOU have this?
• Risk Management
• Awareness in place
• Business Buy-in
• Continually Improving
![Page 21: THOR: Building a strong Cyber defence · THOR – Building a strong Cyber Defence. Gary Hibberd - ghibberd@theagenci.com - (T ) 0845 4133 666 : (M ) 0744 7911 742 What does ‘Good’](https://reader035.vdocument.in/reader035/viewer/2022070702/5e6a67044b879035a53862fc/html5/thumbnails/21.jpg)
Gary Hibberd - [email protected] -(T) 0845 4133 666 : (M) 0744 7911 742
Setting StandardsSetting Standards
![Page 22: THOR: Building a strong Cyber defence · THOR – Building a strong Cyber Defence. Gary Hibberd - ghibberd@theagenci.com - (T ) 0845 4133 666 : (M ) 0744 7911 742 What does ‘Good’](https://reader035.vdocument.in/reader035/viewer/2022070702/5e6a67044b879035a53862fc/html5/thumbnails/22.jpg)
Gary Hibberd - [email protected] -(T) 0845 4133 666 : (M) 0744 7911 742
Copyright © 2016 BSI. All rights reserved.
The Information Security Journey
CSA STARCertificationFor Cloud
Cyber Essentials
ISO/IEC 27001
Information Security Kitemarks
Above and beyond
Cyber Essentials PlusISO/IEC27018
PCI DSS
Not a sequential journey, but modular options basedon organisational needsLevels of complexity or specialism and requiredinputs by client increase from left to rightVulnerability scanning andpenetration testingBSI KitemarkTM Certification
System audits and certification
![Page 23: THOR: Building a strong Cyber defence · THOR – Building a strong Cyber Defence. Gary Hibberd - ghibberd@theagenci.com - (T ) 0845 4133 666 : (M ) 0744 7911 742 What does ‘Good’](https://reader035.vdocument.in/reader035/viewer/2022070702/5e6a67044b879035a53862fc/html5/thumbnails/23.jpg)
Gary Hibberd - [email protected] -(T) 0845 4133 666 : (M) 0744 7911 742
Increasing Requirements for Cyber /Information Security:
• From the 1st October 2014 all suppliersmust now be compliant with the newCyber Essentials controls if bidding forgovernment contracts which involve thehandling of sensitive or personal information.
![Page 24: THOR: Building a strong Cyber defence · THOR – Building a strong Cyber Defence. Gary Hibberd - ghibberd@theagenci.com - (T ) 0845 4133 666 : (M ) 0744 7911 742 What does ‘Good’](https://reader035.vdocument.in/reader035/viewer/2022070702/5e6a67044b879035a53862fc/html5/thumbnails/24.jpg)
Gary Hibberd - [email protected] -(T) 0845 4133 666 : (M) 0744 7911 742
Increasing Requirements for Cyber /Information Security:
• Secure Configuration• Boundary Firewalls and Internet Gateways• Access Control and Administrative Privilege
Management• Patch Management• Malware Protection
![Page 25: THOR: Building a strong Cyber defence · THOR – Building a strong Cyber Defence. Gary Hibberd - ghibberd@theagenci.com - (T ) 0845 4133 666 : (M ) 0744 7911 742 What does ‘Good’](https://reader035.vdocument.in/reader035/viewer/2022070702/5e6a67044b879035a53862fc/html5/thumbnails/25.jpg)
Gary Hibberd - [email protected] -(T) 0845 4133 666 : (M) 0744 7911 742
Increasing Requirements for Cyber /Information Security:
• A specification for an informationsecurity management system (ISMS).An ISMS is a framework of policies andprocedures that includes all legal,physical and technical controlsinvolved in an organisation'sinformation risk managementprocesses.
![Page 26: THOR: Building a strong Cyber defence · THOR – Building a strong Cyber Defence. Gary Hibberd - ghibberd@theagenci.com - (T ) 0845 4133 666 : (M ) 0744 7911 742 What does ‘Good’](https://reader035.vdocument.in/reader035/viewer/2022070702/5e6a67044b879035a53862fc/html5/thumbnails/26.jpg)
Gary Hibberd - [email protected] -(T) 0845 4133 666 : (M) 0744 7911 742
Copyright © 2016 BSI. All rights reserved.
112 212 322 329 435 552 712 814 14451064 1432
21723563
4800 52896379
7952 8663
10446
42105550
5807
7394
87889665
10422
1011610414
11994
383
519
839
1303
1328
1497
1668
2002
2251
2569
71
128
206
218
279
332
451
511
606
,0
5,000
10,000
15,000
20,000
25,000
30,000
2006 2007 2008 2009 2010 2011 2012 2013 2014 2015
ISO/IEC 27001 - Worldwide total
Middle East
Central and South Asia
East Asia and Pacific
Europe
North America
Central / South America
Africa
![Page 27: THOR: Building a strong Cyber defence · THOR – Building a strong Cyber Defence. Gary Hibberd - ghibberd@theagenci.com - (T ) 0845 4133 666 : (M ) 0744 7911 742 What does ‘Good’](https://reader035.vdocument.in/reader035/viewer/2022070702/5e6a67044b879035a53862fc/html5/thumbnails/27.jpg)
Gary Hibberd - [email protected] -(T) 0845 4133 666 : (M) 0744 7911 742
![Page 28: THOR: Building a strong Cyber defence · THOR – Building a strong Cyber Defence. Gary Hibberd - ghibberd@theagenci.com - (T ) 0845 4133 666 : (M ) 0744 7911 742 What does ‘Good’](https://reader035.vdocument.in/reader035/viewer/2022070702/5e6a67044b879035a53862fc/html5/thumbnails/28.jpg)
Gary Hibberd - [email protected] -(T) 0845 4133 666 : (M) 0744 7911 742
Information Security Management SystemISO27001:Annex A
Security Policies Organisation of InformationSecurity Asset Management
Access Control Communications Security Physical & Environment
Operations Security Cryptography Supplier Relationships
System Acquisition, development & maintenance Business Continuity Management
Security IncidentManagementHuman Resources Compliance
![Page 29: THOR: Building a strong Cyber defence · THOR – Building a strong Cyber Defence. Gary Hibberd - ghibberd@theagenci.com - (T ) 0845 4133 666 : (M ) 0744 7911 742 What does ‘Good’](https://reader035.vdocument.in/reader035/viewer/2022070702/5e6a67044b879035a53862fc/html5/thumbnails/29.jpg)
Gary Hibberd - [email protected] -(T) 0845 4133 666 : (M) 0744 7911 742
ISO27001:2013It is not just about IT!
• IT
• People
• Information
• Intellectual Property
• Infrastructure and Buildings
Security Protection could include for:
Copyright © 2016 BSI. All rights reserved.
![Page 30: THOR: Building a strong Cyber defence · THOR – Building a strong Cyber Defence. Gary Hibberd - ghibberd@theagenci.com - (T ) 0845 4133 666 : (M ) 0744 7911 742 What does ‘Good’](https://reader035.vdocument.in/reader035/viewer/2022070702/5e6a67044b879035a53862fc/html5/thumbnails/30.jpg)
Gary Hibberd - [email protected] -(T) 0845 4133 666 : (M) 0744 7911 742
![Page 31: THOR: Building a strong Cyber defence · THOR – Building a strong Cyber Defence. Gary Hibberd - ghibberd@theagenci.com - (T ) 0845 4133 666 : (M ) 0744 7911 742 What does ‘Good’](https://reader035.vdocument.in/reader035/viewer/2022070702/5e6a67044b879035a53862fc/html5/thumbnails/31.jpg)
Gary Hibberd - [email protected] -(T) 0845 4133 666 : (M) 0744 7911 742
![Page 32: THOR: Building a strong Cyber defence · THOR – Building a strong Cyber Defence. Gary Hibberd - ghibberd@theagenci.com - (T ) 0845 4133 666 : (M ) 0744 7911 742 What does ‘Good’](https://reader035.vdocument.in/reader035/viewer/2022070702/5e6a67044b879035a53862fc/html5/thumbnails/32.jpg)
Gary Hibberd - [email protected] -(T) 0845 4133 666 : (M) 0744 7911 742
Identifying your own threats, vulnerabilities & risksIdentifying your own threats, vulnerabilities & risks
![Page 33: THOR: Building a strong Cyber defence · THOR – Building a strong Cyber Defence. Gary Hibberd - ghibberd@theagenci.com - (T ) 0845 4133 666 : (M ) 0744 7911 742 What does ‘Good’](https://reader035.vdocument.in/reader035/viewer/2022070702/5e6a67044b879035a53862fc/html5/thumbnails/33.jpg)
Gary Hibberd - [email protected] -(T) 0845 4133 666 : (M) 0744 7911 742
![Page 34: THOR: Building a strong Cyber defence · THOR – Building a strong Cyber Defence. Gary Hibberd - ghibberd@theagenci.com - (T ) 0845 4133 666 : (M ) 0744 7911 742 What does ‘Good’](https://reader035.vdocument.in/reader035/viewer/2022070702/5e6a67044b879035a53862fc/html5/thumbnails/34.jpg)
Gary Hibberd - [email protected] -(T) 0845 4133 666 : (M) 0744 7911 742
We need to understand…
• What are we trying to protect?
• Where is the data?
• Who is the owner?
• Who has access to it?
• What are they doing with the data?
![Page 35: THOR: Building a strong Cyber defence · THOR – Building a strong Cyber Defence. Gary Hibberd - ghibberd@theagenci.com - (T ) 0845 4133 666 : (M ) 0744 7911 742 What does ‘Good’](https://reader035.vdocument.in/reader035/viewer/2022070702/5e6a67044b879035a53862fc/html5/thumbnails/35.jpg)
Gary Hibberd - [email protected] -(T) 0845 4133 666 : (M) 0744 7911 742
ACTION:Spend a few minutes reviewing these questions.
![Page 36: THOR: Building a strong Cyber defence · THOR – Building a strong Cyber Defence. Gary Hibberd - ghibberd@theagenci.com - (T ) 0845 4133 666 : (M ) 0744 7911 742 What does ‘Good’](https://reader035.vdocument.in/reader035/viewer/2022070702/5e6a67044b879035a53862fc/html5/thumbnails/36.jpg)
Gary Hibberd - [email protected] -(T) 0845 4133 666 : (M) 0744 7911 742
Your Business
What are we trying to protect?
Where is the data?
Who is the owner?
Who has access to it?
What are they doing with it?
![Page 37: THOR: Building a strong Cyber defence · THOR – Building a strong Cyber Defence. Gary Hibberd - ghibberd@theagenci.com - (T ) 0845 4133 666 : (M ) 0744 7911 742 What does ‘Good’](https://reader035.vdocument.in/reader035/viewer/2022070702/5e6a67044b879035a53862fc/html5/thumbnails/37.jpg)
Gary Hibberd - [email protected] -(T) 0845 4133 666 : (M) 0744 7911 742
THOR – Building your own plansTHOR – Building your own plans
![Page 38: THOR: Building a strong Cyber defence · THOR – Building a strong Cyber Defence. Gary Hibberd - ghibberd@theagenci.com - (T ) 0845 4133 666 : (M ) 0744 7911 742 What does ‘Good’](https://reader035.vdocument.in/reader035/viewer/2022070702/5e6a67044b879035a53862fc/html5/thumbnails/38.jpg)
Gary Hibberd - [email protected] -(T) 0845 4133 666 : (M) 0744 7911 742
THOR
Technical
Human
Operational
Regulatory
THOR
![Page 39: THOR: Building a strong Cyber defence · THOR – Building a strong Cyber Defence. Gary Hibberd - ghibberd@theagenci.com - (T ) 0845 4133 666 : (M ) 0744 7911 742 What does ‘Good’](https://reader035.vdocument.in/reader035/viewer/2022070702/5e6a67044b879035a53862fc/html5/thumbnails/39.jpg)
Gary Hibberd - [email protected] -(T) 0845 4133 666 : (M) 0744 7911 742
![Page 40: THOR: Building a strong Cyber defence · THOR – Building a strong Cyber Defence. Gary Hibberd - ghibberd@theagenci.com - (T ) 0845 4133 666 : (M ) 0744 7911 742 What does ‘Good’](https://reader035.vdocument.in/reader035/viewer/2022070702/5e6a67044b879035a53862fc/html5/thumbnails/40.jpg)
Gary Hibberd - [email protected] -(T) 0845 4133 666 : (M) 0744 7911 742
ACTION:Spend a few minutes considering the followingareas
![Page 41: THOR: Building a strong Cyber defence · THOR – Building a strong Cyber Defence. Gary Hibberd - ghibberd@theagenci.com - (T ) 0845 4133 666 : (M ) 0744 7911 742 What does ‘Good’](https://reader035.vdocument.in/reader035/viewer/2022070702/5e6a67044b879035a53862fc/html5/thumbnails/41.jpg)
Gary Hibberd - [email protected] -(T) 0845 4133 666 : (M) 0744 7911 742
Your Business
Technical
Human
Operational
Operational
Regulatory
![Page 42: THOR: Building a strong Cyber defence · THOR – Building a strong Cyber Defence. Gary Hibberd - ghibberd@theagenci.com - (T ) 0845 4133 666 : (M ) 0744 7911 742 What does ‘Good’](https://reader035.vdocument.in/reader035/viewer/2022070702/5e6a67044b879035a53862fc/html5/thumbnails/42.jpg)
Gary Hibberd - [email protected] -(T) 0845 4133 666 : (M) 0744 7911 742
Information security is not a technical issue
Finally…
![Page 43: THOR: Building a strong Cyber defence · THOR – Building a strong Cyber Defence. Gary Hibberd - ghibberd@theagenci.com - (T ) 0845 4133 666 : (M ) 0744 7911 742 What does ‘Good’](https://reader035.vdocument.in/reader035/viewer/2022070702/5e6a67044b879035a53862fc/html5/thumbnails/43.jpg)
Gary Hibberd - [email protected] -(T) 0845 4133 666 : (M) 0744 7911 742
People are our greatest threat
&
our greatest ally
![Page 44: THOR: Building a strong Cyber defence · THOR – Building a strong Cyber Defence. Gary Hibberd - ghibberd@theagenci.com - (T ) 0845 4133 666 : (M ) 0744 7911 742 What does ‘Good’](https://reader035.vdocument.in/reader035/viewer/2022070702/5e6a67044b879035a53862fc/html5/thumbnails/44.jpg)
Gary Hibberd - [email protected] -(T) 0845 4133 666 : (M) 0744 7911 742
• What does ‘Good’ cyber Security look like?
• Setting standards
• Identifying your own threats, vulnerabilities & risks
• THOR – Building a strong Cyber defence
THOR – Building a strong Cyber Defence
![Page 45: THOR: Building a strong Cyber defence · THOR – Building a strong Cyber Defence. Gary Hibberd - ghibberd@theagenci.com - (T ) 0845 4133 666 : (M ) 0744 7911 742 What does ‘Good’](https://reader035.vdocument.in/reader035/viewer/2022070702/5e6a67044b879035a53862fc/html5/thumbnails/45.jpg)
Gary Hibberd - [email protected] -(T) 0845 4133 666 : (M) 0744 7911 742
Protecting yourselvesFrom Cyber Bugs and Thugs! ©The Common Sense Guide - 2016By Gary Hibberd
![Page 46: THOR: Building a strong Cyber defence · THOR – Building a strong Cyber Defence. Gary Hibberd - ghibberd@theagenci.com - (T ) 0845 4133 666 : (M ) 0744 7911 742 What does ‘Good’](https://reader035.vdocument.in/reader035/viewer/2022070702/5e6a67044b879035a53862fc/html5/thumbnails/46.jpg)
Gary Hibberd - [email protected] -(T) 0845 4133 666 : (M) 0744 7911 742
1. Understand your threats and vulnerabilities
2. Getting the basics right
3. Anti-virus, Anti-Spam, Firewall/s Vulnerability &
Penetration testing
4. Security patching for everyone
5. Password Security
6. What is Encryption and Why it’s important?
7. Incident Management and Contingency plans
8. Look at your 3rd parties Suppliers
9. Education, Education, Education
10. ISO27001, PCI DSS or Cyber Essentials
11. Cyber Insurance & how it helps
Cyber Self-Defence
![Page 47: THOR: Building a strong Cyber defence · THOR – Building a strong Cyber Defence. Gary Hibberd - ghibberd@theagenci.com - (T ) 0845 4133 666 : (M ) 0744 7911 742 What does ‘Good’](https://reader035.vdocument.in/reader035/viewer/2022070702/5e6a67044b879035a53862fc/html5/thumbnails/47.jpg)
Gary Hibberd - [email protected] -(T) 0845 4133 666 : (M) 0744 7911 742
GARY HIBBERDManaging Director
Shúkran.Any Questions?