What Every Employee Should Know about Cyber Security

Los Angeles Digital Government Summit September 4, 2013

Mario Balakgie Principal Security Consultant

Copyright 2013 World Wide Technology, Inc. All rights reserved.

Agenda.
1. Cyber Fraud 2. Advanced Persistent Threats (APTs) 3. APT Mitigation Strategy

Remember this? 1991 top personal productivity device

SPANS A SPECTRUM OF SIZE AND POWER

CYBER FRAUD THREAT LANDSCAPE

FOCUSED ON TARGETED ATTACKS

CYBERCRIME AND MALWARE

Information systems and data are exposed to a new set or risks and there is increased organization around exploitation (Cybercrime)
Exceeds drug trafficking in criminal activity from global loss exceeding $1 trillion a year Black markets exist bringing together buyers and sellers of services and tools Low barrier to entry with criminals operating from global safe havens

Cybercrime Industry

Sophistication of Malware & Attacks

Malware designed to infiltrate a network, identify vulnerabilities, and obtain sensitive information Data continues to be the #1 target

NEW THREATS AND RISKS

A Shift in Perspective Exponential increase in the sophistication, innovation and frequency of attacks The degree of required intruder skills continue to decrease Attacks tend to target the weakest link The motive of attacks is financial gain Infinite causes, limited effects.

IDENTIFY YOUR ORGANIZATIONS VALUE

AS A TARGET

WHO IS INTERESTED IN YOU, AND WHY?

UNDERSTANDING YOUR ROLE

Response to the threat landscape evolved as Americans began to understand their risk

Those Threatened Have a Role to Play in Protecting Themselves.

Improving the tools of protection

and using them.

FBI

THERE IS A LANDSCAPE OF CYBER FRAUD PROTECTION

LOCAL LAW ENFORCEMENT

NSA

US MILITARY CYBER COMMAND

CIA

But organizations still face an internal gap.

In other words, are you clicking your seatbelt?

ARE YOU PREPARED?

HOW WILL YOU STAND?

OR
ARE YOU PREPARED FOR THE NEW BREED OF ATTACKS KNOWN AS APTS?

ADVANCED PERSISTENT THREAT (APT)

Copyright 2013 World Wide Technology, Inc. All rights reserved.

Advanced Persistent Threat (APT)

83%

65%

of organizations believe they have been the victim of an Advanced Threats

of organizations dont believe they have sufficient resources to prevent Advanced Threats

Source: Ponemon Institute Survey titled The Growing Risk of Advanced Threats

99%
of breaches led to data compromise within days or less

85%
of breaches took weeks or more to discover
Source: Verizon 2012 Data Breach Investigations Report

Characteristics
of an APT
Group of People Intent and Capability Persistent and Adaptive (cover their tracks) Targeted and not Accidental

EXAMPLE OF AN APT I DONT FALL FOR PHISHING?

Phishing emails
John receives a email with a link to a compromised website designed as a trusted one

Drive-by download
John clicks on the link and gets infected by Trojan from drive-by download.
Johns machine

3
RDP

PASSWORD

Attacker gains access to a critical server

Trojan installs backdoor which allows reverse connection login to infected machine

Johns machine

Critical Server

Hacker gets password to gain access to a critical server via RDP.

Data Extraction begins

Attacker encrypts sensitive files found on the critical server and transfers out via FTP

APT MITIGATION STRATEGY

Copyright 2013 World Wide Technology, Inc. All rights reserved.

Your Role in Cyber Fraud Protection

Factor in your threat valuation. Understand the protection that exists. Consider whats missing from your current IT Security posture.

Humility & Trust

It can happen to you and anyone Believe that the threat is real and credible Put your money where your mouth is

Build Trust in Your Defense by Investing in Protection that Aligns with Your Vulnerability

INVEST IN THE TRUST AND REPUTATION OF YOUR BRAND.

Historical Security Investment Future Security Investment
Monitoring 15% Prevention 80% Response 5% Response 33% Prevention 33%

Monitoring 33%

Source: RSA Internal Analysis

Training & Awareness

Board members Motivational demonstrations LOB owners End user Security professionals IT professionals Key stake holders C-level

Be Prepared.
Test your defenses because you will be tested Breach Readiness Assessments People, Process and Technology Run breach drills similar to fire drills Goal of drills should be to improve detection time Technology solutions leveraging big data analytics work well

Key Takeaways
Understand your organizations value and your role in its protection APTs are real and the latest elements of cyber fraud Invest in your reputation and brand Be Prepared breach readiness

QUESTIONS?
THANK YOU