Definitions Information Security –The protection of information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide confidentiality, integrity, and availability. Cybersecurity –The ability to protect or defend the use of cyberspace from cyber attacks
Citation preview
Cybersecurity Risk, Remediation, Response Nathan Gibson, CCE,
CEH Todays Presentation Introduction Governance Cyber Risk
Remediation Strategies Passwords Phishing Security Updates Incident
Response Challenge Summary Definitions Information Security The
protection of information and information systems from unauthorized
access, use, disclosure, disruption, modification, or destruction
in order to provide confidentiality, integrity, and availability.
Cybersecurity The ability to protect or defend the use of
cyberspace from cyber attacks Terms Phishing Threat Actor Malware
OCR Governance Leadership Executive Leadership Board Accountability
Incident Response Team Confidentiality & Security Team (CST)
Computer Emergency Response Team (CERT) Frameworks NIST
Cybersecurity Framework NIST 800-Series Guidance SANS 20 Critical
Security Controls Compliance Secure Next Steps Cyber Risk Risk
Remediation Response Cyber Risk Criminal Attacks Up 125% Medical
Identity Theft Doubled 1.4M to more than 2.3M Average of $13,500 to
Restore Credit Cyber Risk The Numbers... Medical record: $10 - $50
Mothers Maiden Name: $6 Social Security Number: $3 Date of Birth:
$3 Credit Card: $1.00 Risks Patient safety (medical record)
Coverage (routine physical to major surgery) Fraudulent claims
Credit accounts Cyber Risk Phishing Phishing (TBD) Phishing Cyber
Risk OCR Breach Portal: October, Breaches (Hacking), >115M
Patients Cyber Risk Verizon Data Breach Report 23% of recipients
open phishing messages 11% click on attachments 97% of exploits
target 10 CVEs Mobile malware not a primary threat Threat Actors
80% of breaches reviewed (external) 17% of breaches reviewed
(internal) 3% of breaches reviewed (partners) Cyber Risk Risk
Assessment NIST Rev. 1 Conducting Risk Assessments NIST Managing
Information Security Risk Vulnerability Assessments Stored and
Transmitted Cyber Risk Stored Databases Thumbdrives Workstations
File Servers Medical Devices Transmitted VPN (clients) Site-to-Site
VPN Tunnel Secure Web Front-End Know your data! Dont overlook
non-sensitive systems Cyber Risk Tools Security Risk Assessment
(SRA Tool) https://www.healthit.gov/providers-
professionals/security-risk-assessment-tool Additional resources
oTop 10 Tips for Cybersecurity in Health Care HIPAA Security Rule
Toolkit Next Steps Remediation Strategies Risk Remediation Response
Remediation Strategies Accept Within organizational risk tolerance
Avoid Risk exceeds organizational risk tolerance Mitigate NIST 20
Critical Security Controls Share or Transfer Outsourcing Cyber
Insurance Remediation Strategies Cyber Insurance Breach Costs
(forensics, notification, identity protection) Privacy Protection
(regulatory) Multimedia Protection Cyber Extortion Analysis
Incident History Ponemon Study: $204 per record Verizon Data Breach
Report Remediation Strategies Verizon Data Breach Report Cost Per
Record Remediation Strategies Example Safeguards Encryption Malware
Protection Microsoft & Third Party Updates Physical Access
Controls Intrusion Detection & Prevention Policies &
Procedures Disaster Recovery & Business Continuity Incident
Response Two-Factor Authentication Strong Password Enforcement Next
Steps Video Passwords Which one is more secure? take the survey
Xq!5#7pK 8 characters 3 days to crack 15 characters 49 million
years to crack Passwords Passwords Minimum of 8 characters (10-52
seconds) Upper & lower case ( minutes) Numbers (3-15 hours)
Special characters (3-5 days) Passphrases Minimum of 15 characters
(13,000 years) Upper & lower case (435 million years) Numbers
(6 billon years) Special characters (157 billion years) Passwords
Two-Factor Authentication Password, Pin Hard Token, Soft Token,
Certificate Phishing Security awareness and training Phishing
Phishing tests Social Engineering Toolkit (SET) Simple Phishing
Toolkit SpearPhisher Phishing Test Security Updates Windows Updates
120 Windows Updates, Per Server, Per Year 12,000 Windows Updates
Per Year (per 100 Servers) Microsoft Updates Office SQL Third Party
Updates Adobe Oracle (Java) Next Steps Incident Response Risk
Remediation Response Incident Response Incident Response Team
Reporting & Tracking Breach Assessment Notification
Requirements Law Enforcement & NCCIC Disaster and Contingency
Planning Incident Response National Cybersecurity and
Communications Integration Center (NCCIC) US-CERT (United States
Computer Emergency Readiness Team) ICS-CERT (Industrial Control
Systems Cyber Emergency Response Team) NCC (National Coordinating
Center) COC (NCCIC Cyber Operations Center) DTA (Discovery and
Technical Analysis) MM (Mission Management) Challenge #1
Vulnerability Assessment Report US-CERT: Top 30 Targeted High Risk
Vulnerabilities https://www.us-cert.gov/ncas/alerts/TA15-119A
Challenge #2 Malware Report Virus definitions Detection history
Rogue system detection Challenge #3 Security Update Status Report
Microsoft updates Third party software Challenge #4 Security
Awareness and Training Training certifications/verification
Review/update content Phishing test Free Resources CyberAwareness
Challenge (Federal Version)Identifying and Safeguarding PIIPrivacy
and Security Training Games
https://www.healthit.gov/providers-professionals/privacy-security-training-games
Summary Risk Remediation Response Additional Information Verizon
Data Breach Report (2015)
http://www.verizonenterprise.com/DBIR/2015/ National Institute of
Standards and Technology (NIST) http://www.nist.gov 800-Series
Guidance: OCR Breach Portal
https://ocrportal.hhs.gov/ocr/breach/breach_report.jsf NCCIC
http://www.dhs.gov/about-national-cybersecurity-communications-
integration-center US-CERT https://www.us-cert.gov/ Incident
Reporting: https://www.us-cert.gov/forms/report Additional
Information Cybercrime and the Healthcare Industry (EMC & RSA)
http://www.emc.com/collateral/white-papers/h12105-cybercrime-
healthcare-industry-rsa-wp.pdf Fifth Annual Benchmark Study on
Privacy and Security of Healthcare Data (Ponemon Institute)
https://www2.idexpertscorp.com/fifth-annual-ponemon-study-on-
privacy-security-incidents-of-healthcare-data Cyber-Risk Oversight
Handbook
https://www.nacdonline.org/Resources/Article.cfm?ItemNumber=1068 8
Contact Information Have a question, comment, or suggestion?
Contact Nathan Gibson at: ext. 2236
