CISO-In-ResidenceSM Ask-A-CISOSM CISO-As-A-ServiceSM …...Briefing Customization Participant Profile –C-Suite (i.e., Senior Business and IT Leadership) –Public/Private Mix –Industries

FEI Systems Inc. Copyright 2015-2017 - All Rights Reserved

Cyber Intelligence Briefing

Prepared by:

CISO-In-ResidenceSM

Ask-A-CISOSM

CISO-As-A-ServiceSM

The Virtual CISOSM

CISO Advisory Services

Jason TauleChief Security Officer / Chief Privacy OfficerC|CISO, CDPS, CGEIT, CHSIII, CISM, CRISC, CMC, CPCM, HCISPP, NSA-IAM

Version 2.2September 17, 2016

WELCOME!

Safeguarding Your Business: How to Reduce IT Security

Risks in the Real World


Introductions

“Coming together is a beginning; keeping together is progress; working together is success.”

Henry Ford


What will we be discussing?

Agenda

Introductions

Context

Briefing Topics:

– Understand the case for cyber

– Appreciate new & emerging threats from popular disruptive technologies

– Differentiate between the deep web and the dark web

– Be better able to protect yourself and your company

Summary & Conclusion

Q&A

10/19/2017 5


FEi Systems

10/19/2017 6


Help us tailor the content to your needs…

Briefing Customization

Participant Profile

– C-Suite (i.e., Senior Business and IT Leadership)

– Public/Private Mix

– Industries Represented

– Company Size

Business Drivers:

– Regulation

– Customer Demand

– Internal Compass

– Strategy

Objectives:

– What has to happen to say this was time well spent?

10/19/2017 7


Context

“The truth does not change according to our ability to stomach it.”

Flannery O’Connor


But first, the legal mumbo jumbo…

Disclaimer / Warning

• This presentation is not intended, nor should it be used, as a substitute for specific legal advice as legal counsel may only be given in response to inquiries regarding particular situations.

• These opinions are not meant to defame, purge, humiliate, or injure anyone should you decide to act upon or reuse any information provided.

• All trademarks, service marks, collective marks, design rights, personality rights, copyrights, registered names, mottos, logos, avatars, insignias and marks used are the property of their respective owners.

• I the author of the content found herein assure you that any of the opinions expressed are my own and are the result of the way in which a mind uniquely wired as my own singularly interprets things.

• Do not listen to anything said if you are young, elderly, have a history of heart attack, stroke, or blood clot, are feeling dizzy, lightheaded or nauseated.

• Objects in the mirror may be closer than they appear

• Those of you with the home version, please feel free to follow along

• As Dennis Miller used to say, this is just my opinion, I could be mistaken

• As always, no wagering

• Stay alert as this performance may feature loud noises, pyrotechnics, strobe lights, or indiscriminately thrown air-borne projectiles.

This presentation is not intended, nor should it be used, as a substitute for specific legal advice as legal counsel may only be given in response to inquiries regarding particular situations.

These opinions are not meant to defame, purge, humiliate, or injure anyone should you decide to act upon or reuse any information provided.

All trademarks, service marks, collective marks, design rights, personality rights, copyrights, registered names, mottos, logos, avatars, insignias and marks used are the property of their respective owners.

I the author of the content found herein assure you that any of the opinions expressed are my own and are the result of the way in which a mind uniquely wired as my own singularly interprets things.

Do not listen to anything said if you are young, elderly, have a history of heart attack, stroke, or blood clot, are feeling dizzy, lightheaded or nauseated.

Objects in the mirror may be closer than they appear.

Those of you with the home version, please feel free to follow along.

As Dennis Miller used to say, this is just my opinion, I could be mistaken.

As always, no wagering.

Stay alert as this performance may feature loud noises, pyrotechnics, strobe lights, or indiscriminately thrown air-borne projectiles.

10/19/2017 9


MODIFICATION or REPLACEMENT

DESTRUCTION INTERFERENCE

MISREPRESENTATION or REPUDIATION

ACCESS

FAILURE to USE or MISUSE

THEFT or DUPLICATION

OBSERVATION or DISCLOSURE

INFOASSETS

Malware & Spam

SoftwareFailure

PREVENT

DE

TE

CT

CORRECT

RE

FLE

CT

What is this all about?

Context


How did we get here?

Security Exposure

11

Time

Security

Postu

re

Mainframe Era PC LAN C/S Internet Virtual

Due

Care


Discussion Top 1:The Case for Cyber

“The pessimist complains about the wind; the optimist expects it to change; the realist adjusts the sails.”

William Arthur Ward


Who is responsible for things?

Data Custodianship

10/19/2017 13


Why do hackers hack?

Value of a Pwned Computer

10/19/2017 14Source: Brian Krebs


This really matters…

Consequences

Cyber-risks are a top priority for key stakeholders including your customers, the media, investors, regulators, and legislators – all of whom are increasingly asking, “Where was the board?”

10/19/2017 15


Participation Time

Candid Conversation

Who believes that they…

– Would know if their computers were being attacked?

– Have allocated sufficient resources to protect their operations?

– Have reduced business risk to an acceptable level?

– Have considered the full breadth of your exposure?

Who is sure?

10/19/2017 16


What questions should I be asking?

Management Oversight

1. What was our most significant cybersecurity incident of the past year and what was our response?

2. What was our most significant near miss and how was it discovered?

3. What is our security posture relative to where we’re supposed to be?

4. Do we have relationships with law enforcement and the FBI?

5. What is our process for promptly escalating matters of risk to senior leadership?

10/19/2017 17


What is reasonable and appropriate mean?

Executive Summary

What if?

– Unauthorized personnel gain access to data entrusted to you?

– Systems are unavailable for an extended period?

– Data is changed so that it can no longer be trusted?

– Employee failed to exercise proper care?

– Trading partner was breached?

Response?

– All businesses require access to customers and capital.

– Risk must be considered as part of all major business decisions

• Carefully reasoned and defensible

• Industry benchmark (51% test)

– Regulated industries have unique requirements:

• Risk Assessment

• Named Resource

• Adopted Framework

• Core Program or Remediation Plan


Give me an example of other areas where you can help

Indirect Business Needs

Mergers and Acquisitions:

– Understanding what’s being acquired

– Valuations that reflect target cyber posture

– Systems interconnection and/or boundary segmentation strategy

Cyber Insurance:

– Underwriters

• Input to decision to offer coverage

• Pricing to risk

– Policy Holders

• Posture Improvement

• Premium reductions

Third Party & Vendor Management:

– Ensure trading partner program sufficiency

– Evaluate software before installing it

– Recognizing external provider/partner and supply chain exposures

– Examine non-traditional IP devices before connecting to the network

– Demonstrate sufficiency of our program to customers and partners

19


Use the right tool for the right job

Match Game

10/19/2017 20

CISO

•Contracts

• Litigation

•Negotiations

• Startups

•Exit Planning

•E&O

•Disputes

•Bookkeeping

•Taxes

•Payroll

• Financial Statements

•Expense Reporting

•Payables & Receivables

•Computer Theft

• Intellectual Property

•Cloud

•Resiliency / Recovery

•Vulnerabilities / Configuration

•Endpoints / Malware / Phishing

•Wi-Fi / Mobile / Portable

•Encryption

•Network Penetration

•User Training

LEGAL RISK FINANCIAL RISK INFORMATION RISK


Discussion Top 2:Emerging Threats

“The future started yesterday and we’re already late.”

John Legend


What are we going to talk about today?

Agenda

Drivers:

– The year that is and was

– The only 3 reasons Hackers Hack

– Predictions.

Disruptive Technologies:

– Artificial Intelligence & Machine Learning

– IOT & Wearables

– Voice Recognition & Always On Devices

– Biometric Data / Facial Recognition

– Regulatory Changes and Legal Precedents

– Government Enforcement

– Geolocation & Global Positioning

– Big Data & Big Brother.

Issues and Answers.

10/19/2017 22

The Law of Unintended Consequences


And you know most are NOT secured!!

More Devices than People!

10/19/2017 23

https://d28wbuch0jlv7v.cloudfront.net/images/infografik/normal/chartoftheday_4022_mobile_subscriptions_and_world_population_n.jpg


Are we over our tips?

Precision Medicine Initiative

Concept

– Long term research initiative involving NIH and many other research centers.

– Determine the best approach to disease prevention and treatment

– Based on genetics and environment

Specifics

– Cohort of 1 Million+ individuals from around the US

– Submit genetic data, biological samples, and other data

Questions:

– Consent?

– What if?

10/19/2017 24


Audience Participation – What concerns you most?

Disruptive Technologies

10/19/2017 25

Biometric & Facial Recognition

Government Enforcement

Geolocation & GPSBig Data & Big

Brother

AI & Machine Learning

IOT & WearablesVoice Recognition

& Always OnCourt Cases


Disruptive Technology #1

Artificial Intelligence & Machine Learning

Description:

– AI & Machine learning have amazing potential.

– Enterprises are investing in solutions that collect and analyze data from countless endpoint, network devices and attack sensors across organizations, industries and geographies.

– Civil engineering is bounded by laws of physics and nature

– No such anchors for decisions increasingly being made by computers

Issues:

– Black box machine learning we don’t fully understand, could have built in, legitimately derived, inherent biases without any checks.

– Business decisions being made when we don’t understand why exposes us to legal and regulatory liability.

– Attackers are also beginning to use AI capability:

• To wield highly sophisticated and persistent attacks with malware designed with adaptive, success-based learning to improve the efficacy of attacks.

• The next generation AI-powered attack that will emerge involve customized code that will emulate the behaviors of specific users to fool even skilled security personnel.



IOT & Wearables

Description:

– Internetworking of physical devices, vehicles, buildings, etc. embedded with electronics, software, sensors, actuators, and network connectivity that enable these objects to collect and exchange data.

– Ponemon 2017 Study on Mobile and IOT Security found 80 percent of IOT apps aren't tested for vulnerabilities and there is still a lack of urgency to address the risk

– Provide innovative and potentially beneficial functionality, but again…

10/19/2017 27

https://media.scmagazine.com/documents/282/2017_study_mobile_and_iot_70394.pdf

Issues:

– Consent: Where and how to give it?

– Not covered by cyber insurance

– Uncertainty over collecting and sharing

– Undisclosed back channels

– Ownership and control of data as different devices connect with one another.

– Access Control – Users often use default, weak, or no passwords

– Misuse of data (i.e., is this where you work?)

– Lack of Policy



Voice Recognition & Always On Devices

Description:

– These “assistant” devices are meant to help by listening for voice commands.

– Data is recorded locally on the devices themselves and data is fed to company servers

Issues:

– To listen for it’s “wake word” it has to be listening ALL the time.

– Recording starts a few seconds before the wake word and for about 60 seconds thereafter.

10/19/2017 28

https://www.theinformation.com/amazon-echo-and-the-hot-tub-murder?eu=JnmYMZlQZHz7uehZk0Lvtg



Biometric Data / Facial Recognition

Description:

– Increasing use of biometrics as access control mechanisms (as well as for other government “purposes”) raise serious questions about the capture, storage, and retention of your unique physical particulars.

– Ghost profiles, Social Media, Cloud Storage augment the problem.

Notable Legal Cases:

– IL & TX only two states to regulate private company use of biometric data

– Shutterfly -- $5m lawsuit for violating permission restrictions

– Facebook – Facial Recognition software violates law

– Google – Unlawful collection of “faceprints”

Issues:

– Your information is being collected, used, and sold

– Same questions prevail with respect to consent

– But also raise questions about third party consent

• What if you get tagged in someone else’s picture

• What if they get it wrong?

10/19/2017 29


Disruption #4

Regulatory Changes and Legal Precedents

Description:

– Increased involvement of FTC

– Spokeo to pay $800,000 to Settle FTC charges it marketed information to employers and recruiters in violation of FCRA

• Plaintiffs do have to show more than a technical violation of consumer protection law to establish standing, but, in some circumstances, the breach of a “procedural right” amounts to a concrete injury.

• Increase in number of cases proceeding to merits and less cases ending at MTD or SJ.

• https://www.ftc.gov/news-events/press-releases/2012/06/spokeo-pay-800000-settle-ftc-charges-company-allegedly-marketed

– Opperman v. Path Inc., -- How clear does consent language need to be?

• http://www.leagle.com/decision/In%20FDCO%2020150324B42/OPPERMAN%20v.%20PATH,%20INC.

Issues:

– Notions of user consent are shifting to terms of use and privacy policy

– Increase reliance on just-in-time notices (good thing)

– Use of facial recognition for consent (or at least non-repudiation)

– We have historically limited our scope to HIPAA. Need to expand focus to include FERPA, COPPA, and even VPPA.

10/19/2017 30

https://www.ftc.gov/news-events/press-releases/2012/06/spokeo-pay-800000-settle-ftc-charges-company-allegedly-marketed

http://www.leagle.com/decision/In FDCO 20150324B42/OPPERMAN v. PATH, INC


Disruption #6

Government Enforcement

Description:

– Annual NIST/OCR HIPAA Conference

– Safeguarding Health Information: Building Assurance through HIPAA Security

– On Capital Hill each October

10/19/2017 31

Issues:

– Ransomware Guidance – P.S. It’s a reportable breach merely by exposure whether or not data was exfiltrated.

– Cloud Computing Clarifying Guidance:

• OCR released guidance clarifying that a CSP is a business associate – and therefore required to comply with applicable HIPAA regulations

• When a CSP stores and/or processes ePHI for a covered entity or business associate, that CSP is a business associate under HIPAA, even if the CSP stores the ePHI in encrypted form and does not have the key.

• CSPs are not likely to be considered “conduits,” because their services typically involve storage of ePHI on more than a temporary basis.



Geolocation & Global Positioning

Issues:

– Enormous dependency on GPS for increasingly important activities.

– No backup to GPS anymore LORAN gone and light houses haven’t been maintained in decades.

– Tracking for both good and nefarious purposes.

– Wave Bubble – GPS Jammer created at MIT to reclaim personal space. Now Illegal in the US because it’s range isn’t small and it can block legitimate GPS receivers.

– GPS Spoofing – Broadcast a fake location

– Laws haven’t even come close to keeping up.

10/19/2017

Description:

– May 2, 2000 – President Clinton switches off GPS Selective Availability.

– Jan 7, 2010 – DHS discontinues LORAN-C operation

– April 25, 2016 – GPS accuracy tested to within 38 mm (14.9 in)



Big Data & Big Brother

10/19/2017 33


Description:

– In addition to online criminals, hackers, and hacktivists, we need to be concerned about Big Brother, Big Neighbor, Big Company, to say nothing of what we ourselves are posting.

– Facebook, twitter, google, LinkedIn, cell phones, GPS, TVs, foursquare, yelp, travel advisor, EZPass, Speedpass, security cameras, Wikipedia, amazon, credit cards…

Issues:

– What is collected

– What is done with it

– With whom is it shared

– Who get’s to decide

– Even if you consent now, how might this change later

– Once it’s out there it is effectively an electronic tattoo that is harder to remove than a real one.


Big Data & Big Brother

10/19/2017 34


Are there particular products or solutions we should be seriously considering?

Kewl Tools

The Onion Router (Tor) – Anonymous communication software that uses relays to conceal a user’s location and usage from anyone conducting network surveillance or traffic analysis. https://torproject.org/

DuckDuckGo – An Internet search engine that protects searchers' privacy, doesn’t store personal information, and doesn’t filter personalized search results. Does not profile users and shows all users the same search results for a given search term. https://duckduckgo.com/

10/19/2017 35

https://torproject.org/

https://duckduckgo.com/


Anything else?

More Kewl Tools

Proton Mail – An end-to-end encrypted email service founded in 2013 at the CERN research facility that uses client-side encryption to protect email contents and user data before they are sent to ProtonMail servers. https://protonmail.com/

CuckooSandbox – An advanced, modular, open malware analysis system that can be used to analyze malicious files and websites. https://www.cuckoosandbox.org/

Audience Picks?

10/19/2017 36

https://protonmail.com/

https://www.cuckoosandbox.org/


Who are you really?

MFA

Second Factor Authentication:

– Even if someone learns your password they still won’t be able to log in

– Readily added to many online accounts

– Should be used for all privileged accounts

– Should also be used for all remote access

Examples:

– OTP

10/19/2017 37

– U2F

• Offers strong authentication with a simple touch of a button

• No need to re-type passcodes -- replacing SMS texts and authenticator apps

• No client software or drivers needed, no batteries, no moving parts

• Crush- and water-resistant, weighs only 3g, and attaches to your keychain.

• https://fidoalliance.org/specs/fido-u2f-v1.1-id-20160915/fido-u2f-overview-v1.1-id-20160915.pdf

https://fidoalliance.org/specs/fido-u2f-v1.1-id-20160915/fido-u2f-overview-v1.1-id-20160915.pdf


Could this happen to me?

Maybe it already has

Find out if you’ve been….

– Have I been pwned?

• Check if you have an account that has been compromised in a data breach

• https://haveibeenpwned.com/

– BreachAlarm:

• Service that allows you to check anonymously if your password has been posted online, and sign up for email notifications about future password hacks that affect you

• https://breachalarm.com/

https://haveibeenpwned.com/


And a personal recommendation…

Security Freeze

What is it:

– A security freeze is designed to prevent credit, loans and services from being approved in your name without your consent.

– Freezing your credit report means no one can access it or make changes to it. For example, if you apply for an auto loan, the lender won’t be able to check your credit until you unfreeze your account.

– But it also means no one else can open credit in your name without you knowing about it!

Resources:

– Experian:

• https://www.experian.com/freeze/center.html

– Equifax:

• https://www.freeze.equifax.com/Freeze/jsp/SFF_PersonalIDInfo.jsp

– TransUnion:

• https://freeze.transunion.com/sf/securityFreeze/landingPage.jsp

https://www.experian.com/freeze/center.html

https://www.freeze.equifax.com/Freeze/jsp/SFF_PersonalIDInfo.jsp

https://freeze.transunion.com/sf/securityFreeze/landingPage.jsp


Now’s when you need that higher math you ignored in the real world.

Encryption

Current Minimum Standard:

– AES-128 encryption and/or whole disk encryption are sufficient to be compliant, but are NO longer enough to be secure and keep data private.

Old School Challenges Still Exist:

– Power State

– Memory Freeze Recovery

– Key Stroke Loggers

– Rainbow Pads

– Wi-Fi Intercepts

New Threats:

– PKI trapdoor function is subject to specialized algorithms that are faster and less compute intensive than the naïve approach to guessing primes

– Quantum Computing

• Millions of computations at once vs. only 1

• Theoretically 100 billion times faster than a single-core CPU.

Response:

– Elliptic Curve Crypto, which provides a significantly more secure foundation than first-generation public key cryptography

10/19/2017 40


Discussion Top 3:Proactive Threat Hunting

“I have always found that plans are useless, but planning is indispensable.”

Dwight Eisenhower


Anyone beginning to think what we’re doing is never enough?

The Need Continued

Telling Statistics:

– 53% of breaches use no malware (Verizon 2016 DBIR)

– 65% of breaches happen on endpoints

Where do we need to be looking to identify cyber threats?

– Applications

– Servers

– Endpoints

– Network Devices

– Wireless Infrastructure

– Printers

– Cloud Hosts

– Embedded Systems

– Interconnected IoT Devices

– Smart Phones

10/19/2017 42

✓

✓

✓

✓

✓

???


So how’s that working for you?

How We’ve All Responded

NOC

SOC

IOCs

Problem? Lack of actionable threat intel

– Still looking in the past

– Needle in the needle stack

– Even in real time doesn’t afford time to respond

10/19/2017 43


EVENTS + INTELLIGENCEEVENTSEVENTS + INTELLIGENCE + RISKEVENTS + INTELLIGENCE + RISK + RELATIONSHIPS

Stop sending me information and start getting me some.

Threat Hunting

Early Detection and effective Incident Response is NOT enough

We must expand detection beyond the moment of compromise

10/19/2017 44


First:

– The Hidden Wiki

– Search Engines

• Duck Duck Go

• AHMIA

• Not Evil

• Torch

• GRAMS

Larger Players:

– Dream Market

– AlphaBay*

– Outlaw

– East India

Smaller/Specialty Markets:

– Agora

– Abraxas

– Crypto Market

– TheRealDeal

– RAMP

Where do I even start?

Deep Web Marketplaces

10/19/2017 45

*Along with HANSA taken down by FBI/DEA on July 20, 2017


So what do they look like?

Benign Marketplaces

10/19/2017 46


No, not all marketplaces are alike…

Dubious Markets

10/19/2017 47


But what about hacking sites?

Cyber Markets

10/19/2017 48


Where else could one look for threat intel?

By Invitation Only

10/19/2017 49


But this exploration has a purpose right?

Exploit Identification

MacSpy

– Most sophisticated malware for Mac OS-x to date.

– Hackers are not selling it, they’re giving it away at no cost.

– SW combines with a provided TOR portal to enable users to hack into and obtain surveillance information from targeted MAC computers.

– MacSpy is designed to monitor Apple users, record data on the Mac system and then covertly spin it back to the controller who launched the attacks.

Other capabilities:

– Captures screen images

– Has an embedded keylogger.

– Captures ICloud synced data such as photos

– Provides voice recording surveillance

– Extracts clipboard contents and downloads browser information

10/19/2017 50

Credit: AlienVault


How do you put a price on intelligence?

Bad Actors = Bad Activity

The Shadow Brokers (TSB)

– Hacker group who has published several leaks containing tools from the NSA including o-day exploits

– Announced the launch of a monthly subscription model for its data dumps,

– Zero-Day Exploit Subscriptions goes for $21,000 per month.

– First round of exploits distributed to the subscribers of its service

10/19/2017 51

ZEC = Zcash ($291.10); XMR = Monero ($42.29)

TSB “VIP Service”

– For subscribers interested in specific vulnerabilities or intel on a certain organization.

– One-time payment of 400 ZEC (roughly $130,000), and according to the hacker group, there are already members of this exclusive club.

http://securityaffairs.co/wordpress/59565/uncategorized/shadow-brokers-zero-day-service.html


And what if you discovered bad actors were making it easy to be bad?

RAAS

Ransomware As A Service

– Simple site for creating ransomware

– Wannabe criminals provide the size of the ransom demand, a Bitcoin address to handle victims’ payments and then they have to solve a CAPTCHA challenge and press a button.

10/19/2017 52


And what if you learned that we had an offensive weapons leak?

Early Notification

WikiLeaks:

– International non-profit that publishes secret information provided by anonymous sources.

– Operates a Tor hidden service to access the website

– Released a new batch of documents detailing the CIA tool OutlawCountry used to remotely spy on computers running Linux operating systems.

10/19/2017 53

OutlawCountry loads itself onto a vulnerable system as a Linux kernel module (nf_table_6_64.ko) and then creates a new exemption in the IPtables firewall protocol and then it deletes itself. When all is said and done, the attacker can exploit the system to re-route all traffic to designated CIA servers.


And better still, what if you knew how they were going to break in?

Proactive Threat Intelligence

10/19/2017 54


Conclusion

“In human affairs of danger and delicacy successful conclusion is sharply limited by hurry.”

John Steinbeck, East of Eden


Summary:– Success is increasingly dependent on earning and keeping investors

confidence and customer trust.

– All organizations are subject to risk

– The consequences of getting this wrong are increasingly severe

– Risk varies but all organizations need a carefully reasoned and defensible response consistent with their own appetite and culture

Who has the first question?

Thank you for your time!

Conclusion

10/19/2017 56


Who has the first question?

Questions & Answers

Let’s continue the conversation…

Contact Information:

Jason B. Taule C|CISO, CDPS, CGEIT, CHSIII, CISM, CRISC, CMC, CPCM, HCISPP, NSA-IAMChief Security Officer / Chief Privacy Officer

9755 Patuxent Woods Drivep: +1-443.393.2686 | m: +1-410.340.5385 | f: +1-410.715.6538 [email protected] | www.feisystems.com

57

mailto:[email protected]

http://www.feisystems.com/


Jason B. Taule C|CISO, CDPS, CGEIT, CHSIII, CISM, CRISC, CMC, CPCM, HCISPP, NSA-IAM

Reasoned:

– Industry Luminary and 25+ year career information security specialist

– Concentration in Healthcare and Cyber Industries

– Numerous certifications, published, and oft cited by media

– Graduate of the FBI Citizen’s Academy

– BBA College of William & Mary; MS Johns Hopkins University.

Industry Contributor:

– White House Invitee to sit on President’s Precision Medicine Initiative Security Policy Roundtable

– Health IT Standards Committee Transport & Security Workgroup Member

– HITRUST Infosec Security and Privacy Award Winner; Member Leadership Council

– Board Member Howard County Economic Development Authority Technology Council

– Leader of the HTC HACKIT Cyber Affinity Group and Driving force behind the HoCo CISO “CISO-In-Residencesm” program

– Information Security Executive of the Year Finalist

– Member of MD Governor's Internet Privacy Committee; Contributed to MD Data Security & Privacy Law

– Former Member Colorado State Privacy Committee

– National Advisory Council of CSO Executive Network

– DOJ invitee to annual economic crimes & new technology offenses symposium

– Member of the Homeland Security Preparation and Response Team

– Author and lead developer of the Security Maturity Model©.

– Member of ISACA’s National Information Security Metrics Subcommittee

– Field Editor of the IT Unified Compliance Framework

Seasoned:

– Currently serve as Chief Security and Privacy Officer at FEi Systems

– Principal Systems Security Officer for all FEi Medicare & Medicaid Business

– Former CISO and CPO for healthcare business unit of a large Federal Systems Integrator

– Former CISO and CPO for healthcare business unit of a large Federal Defense Contractor

– Former Chief Information Security Officer for State Government

– Former Principal in charge of information security practice of a large international IT consulting firm.

58

System Source & Barracuda:

Barracuda Partner since 2013

Why Barracuda Backup:

Combines onsite & cloud backup

Comprehensive, cost-effective local & offsite backups

DR solutions

Deduplication and compression

Easy deployment and administration

Small, Mid-size and Larger organizations

Security Strategies in the Cloud Era

Presenter:

Brad Pitt

Regional Vice President

Barracuda Networks

October 2017

Today’s topics

- Email Security

- Security in the Public Cloud

- Spear-phishing and Domain Fraud

“90% of intrusions worldwide are started by email.”

Brad Smith

President, Chief Legal Officer

Today’s threat landscape

Email Security Solutions for the Cloud Era

Sentinel

Email Security Gateway

Email Security Service

Global Threat Intelligence

Move to the Public Cloud

“The emergence of public cloud computing has rendered

traditional enterprise WAN architectures to be suboptimal, from a

price and performance perspective.”

Technology Overview for SD-WAN

Our Security Solutions for the Cloud Era

Enable private and public

cloud infrastructures

Spear Phishing: Growing Exponentially

$5BLosses from

spear phishing

2,370%Increase from

2015 to 2016

Source: FBI, 2017

Barracuda Sentinel

Comprehensive Spear Phishing Protection

AI for Real-

Time Spear

Phishing

Prevention

Domain Fraud

Visibility and

Protection

with DMARC

Fraud

Simulation for

High-Risk

Individuals

Moving forward

Ask your Barracuda partner for an Email Threat Scan and Web Application Vulnerability Scan.

If you’re moving to the Public Cloud, bring Barracuda along.

Ask your Barracuda partner for a demo of Sentinel.

Thank You

THANKS!

Evaluations & Door Prizes

Documents

CISO-In-ResidenceSM Ask-A-CISOSM CISO-As-A-ServiceSM …...Briefing Customization Participant Profile –C-Suite (i.e., Senior Business and IT Leadership) –Public/Private Mix –Industries