2012 CWAG Annual Meeting

State Agency Data BreachesLoss prevention, response and remediation strategies

Employees

Job Seekers

Mortgagees

Identity Exploitations: 12+ years of our cases

Insured

The Scams Persist and This is Now an Industry

+ Prevention

+ Detection

+ Analysis & Response

Prevention

Data Loss Prevention: Comprehensive Approach People, Processes and Systems to Identify, Monitor and Protect Data...

+ In Use (endpoints, devices)

+ In Motion (network)

+ At Rest (storage)

Data Loss Prevention: Conduct Gap Analysis

+ Your Current Security System Versus What You Need to Have in Place

+ What Other Service Providers or Counter-Party are Points of Vulnerability?

+ What Other Data Do You Hold That Could Become Valuable?

+ What Processes (Internal and/or External) Can be Tightened Up?

Detection

Analysis

Data Theft Is Preceded by Smaller Intrusions...Catch Me if You Can

+ We Can Home In On Who Is Attacking

+ We Can Identify How Much Data Went Out

+ What Data Went Out, Where It Went

+ Stop the Bleeding

State Agency

State Agency

Supplier

Analytics: Real-time..or post-mortem

Analysis

An Incident Response Function and Plan Must be In Place

+ Discover Attack and Exfiltration

+ Identify Data Which Has Gone Out and Where It Went

+ Contain Damage

+ Eradicate Perpetrator’s Presence

+ Recover System and Data Protection in Secure Manner

+ Conduct in Forensically Sound Manner

+ Identify What Led to Intrusion to Prevent

Monitoring, Detection and Remediation Providers:

www.krollfraudsolutions.com

www.intersections.com

www.idanalytics.com

www.inguardians.com

www.mandiant.com

www.mantech.com

Self-help resource

http://www.sans.org/critical-security-controls/

+ 20 Security Controls For Effective Cyber Defense - The SANS Institute

+ Consortium-led Approach to Determining Best Practices and Most Cost Effective Security Across Government Bodies

Wireless Access Code: 9166703926