Upload
elfrieda-russell
View
223
Download
6
Embed Size (px)
Citation preview
Oklahoma Chapter
Information Systems Security AssociationInformation Systems Security Association
Oklahoma Chapter, TulsaOklahoma City Chapter, OKC
Student Chapter, Okmulgee
Oklahoma Chapter, TulsaOklahoma City Chapter, OKC
Student Chapter, Okmulgee
Oklahoma Chapter
What is ISSA ?What is ISSA ?
• A not-for-profit international organization of information security professionals
• Local chapter for Tulsa’s cyber security and data protection professionals and students
• Educational forums, publications, peer interaction opportunities
• Free exchange of information security techniques, approaches and problem solving
• Education outreach to local security programs
• Frequent newsletters and podcasts
• A not-for-profit international organization of information security professionals
• Local chapter for Tulsa’s cyber security and data protection professionals and students
• Educational forums, publications, peer interaction opportunities
• Free exchange of information security techniques, approaches and problem solving
• Education outreach to local security programs
• Frequent newsletters and podcasts
2
Oklahoma Chapter
ISSA Oklahoma Chapter in TulsaISSA Oklahoma Chapter in Tulsa
• Local Tulsa meetings:– Monthly meetings to network and exchange ideas held second
Monday of each month– We support local tech events like TechFest and TechJunction– Participation in and sponsorship of regional security events:
Information Warfare Summit, October in OKC BSidesOK, coming to Tulsa in April!
• Email: [email protected]• Visit http://oklahoma.issa.org for more details
• Local Tulsa meetings:– Monthly meetings to network and exchange ideas held second
Monday of each month– We support local tech events like TechFest and TechJunction– Participation in and sponsorship of regional security events:
Information Warfare Summit, October in OKC BSidesOK, coming to Tulsa in April!
• Email: [email protected]• Visit http://oklahoma.issa.org for more details
3
Oklahoma Chapter
See Clearly Through the Fog of WarSee Clearly Through the Fog of War
How to better prepare for a cyber attack, respond effectively, and recovery completely.
Michael HaneyPresident, ISSA Oklahoma
How to better prepare for a cyber attack, respond effectively, and recovery completely.
Michael HaneyPresident, ISSA Oklahoma
Oklahoma Chapter
Michael HaneyMichael HaneyOver 15 years as an infosec professional
11 years as information security consultant:
1 year as Walmart Stores Digital Forensics Lab QMSANS Institute MentorCISSP, GSEC, GCIA, GCIH, GCFA, and former PCI QSA
Currently full-time Ph.D. student at TU:
Over 15 years as an infosec professional
11 years as information security consultant:
1 year as Walmart Stores Digital Forensics Lab QMSANS Institute MentorCISSP, GSEC, GCIA, GCIH, GCFA, and former PCI QSA
Currently full-time Ph.D. student at TU:
BE PREPAREDBE PREPARED
6
Oklahoma Chapter
Be PreparedBe Prepared• Quality Information Security Policies
– Disaster Recovery Plan– Incident Response Plan– Communications Plan(s)
• Awareness, Training, and Education– Appropriate for the Appropriate Level– Everyone should know the policy
• Outside Assistance: – Know who to call– Know when to call
• Exercises– Table Top Exercises– Fire Drills– Lessons Learned
• Quality Information Security Policies– Disaster Recovery Plan– Incident Response Plan– Communications Plan(s)
• Awareness, Training, and Education– Appropriate for the Appropriate Level– Everyone should know the policy
• Outside Assistance: – Know who to call– Know when to call
• Exercises– Table Top Exercises– Fire Drills– Lessons Learned
BE PREPAREDBE PREPARED
8
VULNERABILITYINTELLIGENCE
VULNERABILITYINTELLIGENCE
9
Oklahoma Chapter
Vulnerability IntelligenceVulnerability Intelligence• Inventory Management
• Configuration Management
• Patch Management
• Log Management
• Secure Code Reviews
• Vulnerability Scanning and Remediation Lifecycle
• Penetration Testing– Trusted Security Vendor– White Box and Black Box Testing
• Inventory Management
• Configuration Management
• Patch Management
• Log Management
• Secure Code Reviews
• Vulnerability Scanning and Remediation Lifecycle
• Penetration Testing– Trusted Security Vendor– White Box and Black Box Testing
11
VULNERABILITYINTELLIGENCE
VULNERABILITYINTELLIGENCE
THREATINTELLIGENCE
THREATINTELLIGENCE
12
Oklahoma Chapter
Threat IntelligenceThreat Intelligence
• Malware Outbreaks (Rogue Actors and Criminals)
• Targeted Attacks (Enemy Nations and Terrorists)
• Insider Threats, Negligent Users, Social Engineers
• Know the Stages of Attack and Compromise
• Well-tuned Intrusion Detection Systems
• HONEYPOTS!
• Time to Go Hunting– Know the threats– Know your vulnerabilities– Don’t Wait for Alerts
• Malware Outbreaks (Rogue Actors and Criminals)
• Targeted Attacks (Enemy Nations and Terrorists)
• Insider Threats, Negligent Users, Social Engineers
• Know the Stages of Attack and Compromise
• Well-tuned Intrusion Detection Systems
• HONEYPOTS!
• Time to Go Hunting– Know the threats– Know your vulnerabilities– Don’t Wait for Alerts
14
THREATINTELLIGENCE
THREATINTELLIGENCE
COLLECTIVEINTELLIGENCECOLLECTIVE
INTELLIGENCE
15
Oklahoma Chapter
Collective IntelligenceCollective Intelligence• Publicly Available Information Sources:
– Internet Storm Center: isc.sans.edu– SANS NewsBytes and @RISK– The Hacker News, Krebs On Security– Lots of good blogs out there (and some bad ones, too)
• Vendors:– Verizon Data Breach Investigations Report– Mandiant APT1 and IOC– Symantec Deep Insight
• Organizations:– FS-ISAC, ES-ISAC, MS-ISAC, REN-ISAC, etc.– CERT/CC, US-CERT, ICS-CERT– ISSA, InfraGard
• PEERS!
• READ, LEARN, and SHARE!
• Publicly Available Information Sources:– Internet Storm Center: isc.sans.edu– SANS NewsBytes and @RISK– The Hacker News, Krebs On Security– Lots of good blogs out there (and some bad ones, too)
• Vendors:– Verizon Data Breach Investigations Report– Mandiant APT1 and IOC– Symantec Deep Insight
• Organizations:– FS-ISAC, ES-ISAC, MS-ISAC, REN-ISAC, etc.– CERT/CC, US-CERT, ICS-CERT– ISSA, InfraGard
• PEERS!
• READ, LEARN, and SHARE!
17
COLLECTIVEINTELLIGENCECOLLECTIVE
INTELLIGENCE
18
PRIVACYPRIVACY
Oklahoma Chapter
PrivacyPrivacy
• Know the Law
• Know the Policies and Culture
• Share information, but do so securely
• Be cautious of increasing liability and risk
• Do the Right Thing
• Know the Law
• Know the Policies and Culture
• Share information, but do so securely
• Be cautious of increasing liability and risk
• Do the Right Thing
20
PRIVACYPRIVACY
21
COLLECTIVEINTELLIGENCECOLLECTIVE
INTELLIGENCE
22
THREATINTELLIGENCE
THREATINTELLIGENCE
23
VULNERABILITYINTELLIGENCE
VULNERABILITYINTELLIGENCE
BE PREPAREDBE PREPARED
24
Oklahoma Chapter
Thanks and Good Luck!Thanks and Good Luck!