Upload
others
View
14
Download
0
Embed Size (px)
Citation preview
I. Introduction
i. Data Potential and Risks
ii. Changing Approach to Cybersecurity
II. Cybersecurity Overview
i. Best Practices
ii. Evaluating Your Cyber Risks
III. Cybersecurity and Analytics Initiatives
IV. Using Analytics to Achieve Better Cybersecurity
Discussion Overview
Cybersecurity Governance and Analytics Initiatives 2
Benefits and risks of big data are both growing and
maturing
Most organizations’ information volume doubles every 18-
24 months
Organizations are looking to take advantage of the
insights that can be gleaned from analytics initiatives
Cyber attacks are on the rise and the level of
sophistication and the frequency of attacks is increasing
Cybersecurity and the Big Data Era
Cybersecurity Governance and Analytics Initiatives 3
Big Data: Rewards and Risks
Cybersecurity Governance and Analytics Initiatives4Image and Headline Source:
https://thestack.com/
Cybersecurity Governance and Analytics Initiatives 5
Cybersecurity is “[t]he process of
protecting information and information
systems by preventing, detecting, and
responding to unauthorized access, use,
disclosure, disruption, modification, or
destruction in order to provide
confidentiality, integrity, and availability.”
Report on Securing and Growing the Digital Economy, Executive Office of
the President, United States Commission on Enhancing National
Cybersecurity (December 2016)
Cybersecurity at its Core
Data Breaches 2013-2016
Data Source: http://www.informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/
Cyber Threat Landscape: By the Numbers
Cybersecurity Governance and Analytics Initiatives 6
Stroz Friedberg: 2017 Cybersecurity Predictions Report (Jan. 2017)
Changing Approach to Cybersecurity
Perimeter defense is
not enough
- No wall can prevent a
determined, well-
resourced hacker
Organizations need to
protect from within
- Identify data assets
- Manage data assets
- Mitigate risks to data
assets
Cybersecurity Governance and Analytics Initiatives 7
Image Source: Getty Images
Analytics and Cybersecurity - Best Practices
Know Your Data
Understand Risks
Understand Legal
Obligations
Cybersecurity Governance and Analytics Initiatives 8
#1: Know Your Data
To Protect Your Data, You Have to Understand What Data You Have and Where it is Stored
Cybersecurity Governance and Analytics Initiatives 9
#1: Know Your Data – Asset Management
Cybersecurity Governance and Analytics Initiatives 10
NIST
Cybersecurity
Framework: Step 1
- Identify Data
Assets
#1: Know Your Data – Business Environment
Cybersecurity Governance and Analytics Initiatives 11
NIST
Cybersecurity
Framework: Step 1
– Identify Business
Needs
#2: Understand Risk
What are the crown jewels for your organization and
what are the risks of exposure?
Who must be guarded against?
What types of attacks
could impact your data?- Malware/Ransomware
- Phishing
- Zero Days
- DDoS Attacks
- Insider Threats
- Adversarial Examples
Cybersecurity Governance and Analytics Initiatives 12
#2: Understand Risk – Evaluating Cybersecurity
Cybersecurity Governance and Analytics Initiatives 13
Integrity
Avail-ability
Confiden-tiality
Sensitivity Analysis:
Breach Impact Score =
Confidentiality [H/M/L] +
Integrity [H/M/L]
+Availability [H/M/L]
A “Cybersecurity Event” includes any
circumstance that compromises either (i)
the availability, confidentiality, or integrity
of any Employee Data, Customer Data,
Intellectual Property Data, or Operational
Data; or (ii) the physical, technical,
administrative, or organizational
safeguards put in place by the Company
to protect such data. A Security Breach
could be unauthorized access to,
acquisition of, disclosure of, or loss of
Company data.
#3: Understand Legal Obligations – Requirements
Is the data subject to regulatory
oversight, generally? (e.g., PII
with the FTC or State AsG)
Is the data subject to specific
regulatory oversight? (e.g.,
HHS-OCR HIPPA or NYDFS
Cyber Regulation)
What safeguards, procedures,
or other minimum security
requirements, if any, are
required? Are others
recommended?
Cybersecurity Governance and Analytics Initiatives 14
#3: Understand Legal Obligations – Taking Action
Cybersecurity Governance and Analytics Initiatives
Draft policies and procedures
that fit your organization’s
needs
Test your policies and
procedures with tabletops and
audits
Applying policies and
procedures to third-parties and
contracts
Designating responsibility for
governing cybersecurity efforts
15
1. Consider the security concerns of
your users and stakeholders
2. Control access to data (including
analytics) sensibly
3. Require strong passwords and
authentication
4. Store sensitive information
securely and protect it during
transmission (e.g., encryption)
5. Segment your network and monitor
who is trying to get in
6. Secure remote access with multi-
factor authentication
7. Security-by-design when
developing new products/services
8. Make sure your third-party service
providers implement reasonable
security measures
9. Put procedures in place to keep
your current security posture and
address emerging cyber threats
10. Secure paper, physical media, and
devices
#3: Understand Legal Obligations – 10 Lessons from
the Regulators and Courts
Cybersecurity Governance and Analytics Initiatives 16
Approaches to Analytics
Goals of Analytics
Data Protection for Analytics
Cybersecurity Governance and Analytics Initiatives
Analytics Initiatives – Maximizing Value and Minimizing
Cybersecurity Risk
17
Simplistic Pre-Processing
- Normalization of data from different sources or databases
Aggregation or Summarization of Data
- Identify basic statistical characteristics (e.g., median, mean)
Data Correlation
- Identify relationships between data points or across sets of data
Sophisticated Predictive or Judgmental Analytics
- Identification of patterns in data using statistical variance;
machine learning; artificial intelligence
Cybersecurity Governance and Analytics Initiatives
Approaches to Analytics
18
Support Analytics
Protect Data
Satisfy Legal
Obligations
Minimize Risk & Cost
Cybersecurity Governance and Analytics Initiatives
Executing a Successful Analytics Initiative
19
IG as a Coordinating
Function:
- Establish a mechanism and
framework whereby you
elicit the perspective of
each facet
- Balance the competing
concerns and goals of each
facet
Information Governance (IG) and Analytics Initiatives
Cybersecurity Governance and Analytics Initiatives 20
Image Source: Information Governance Initiative – Annual Report 2015-2016
Cybersecurity Governance and Analytics Initiatives 21
Understanding Data Sources for Analytics
Data Source 1
Data Source 2
Data Source 3
Data Source 4
Aggregated Data for Analytics
When data is pooled together, the most highly sensitive data
must govern how the data is treated
- Protecting data at rest, data in transit, and data during processing
Consider encryption for highly sensitive data used in Analytics
Initiatives
- Decrypt to run analytics with unencrypted data and then re-encrypt after
analytics completed
Future State of Cybersecurity for Analytics Initiatives
- Homomorphic Encryption
- Blockchain Technology
- Quantum Computing Threats
Cybersecurity Governance and Analytics Initiatives
Data Protection for Data Subject to Analytics
22
Smarter security –
evidence/intel-based
action
- Identify network-
specific threats
- Heuristics vs.
Algorithms
- Orchestrate your
solutions and data
repositories
Triage and find the
signal in the noise
Automate processes
to handle new data
points and end-
points
Cybersecurity Governance and Analytics Initiatives
Using Analytics to Achieve Better Cybersecurity
23
Image Source: FireEye - https://www.fireeye.com/products/security-orchestrator.html