Upload
erick-price
View
215
Download
0
Embed Size (px)
Citation preview
People Who Change the World Need the Tools to Do it!www.nten.org
Holly Ross, Executive [email protected]
Security MattersIt’s not about the network
People Who Change the World Need the Tools to Do it!www.nten.org
Holly Ross, Executive [email protected]
What’s Your Biggest Threat?
http://flickr.com/photos/mikeygottawa/533355476/
People Who Change the World Need the Tools to Do it!www.nten.org
Holly Ross, Executive [email protected]
The Top 12 Security ThreatsReported by CTOs
• 12. Extortion• 11. Denial of Service (DoS)• 10. Vandalism• 9. Pharming• 8. Phishing• 7. Fraudulent Transaction
People Who Change the World Need the Tools to Do it!www.nten.org
Holly Ross, Executive [email protected]
The Top 12 Security ThreatsReported by CTOs
• 6. Physical Loss• 5. Unauthorized Access by Outsiders• 4. Malware• 3. Spam• 2. Unauthorized Access by Insiders• 1. Insider Misuse
– Source: http://www.computereconomics.com/article.cfm?id=1214
People Who Change the World Need the Tools to Do it!www.nten.org
Holly Ross, Executive [email protected]
The Top 2 (and #6) Security Threats
The Cost of an “Inside Job”• Four in ten IT managers report
incidents involving non-compliance while another 27 percent have seen unintentional release of corporate information.
• A typical incident requires 22 IT employee hours to remediate.
People Who Change the World Need the Tools to Do it!www.nten.org
Holly Ross, Executive [email protected]
Security PhilosophyControl What You Can
• 0’s and 1’s, not people. • Network, workstations, devices,
applications, files.
People Who Change the World Need the Tools to Do it!www.nten.org
Holly Ross, Executive [email protected]
Control What You CanNetworks
• NAT Routers• Integrated VPN• Dynamic IP
addresses• Wireless - closed
http://flickr.com/photos/abbyladybug/930518276/
People Who Change the World Need the Tools to Do it!www.nten.org
Holly Ross, Executive [email protected]
Control What You CanWorkstations
• Firewalls• Antivirus• Anti-spyware• Spam filtering• Internet filtering
(?)• Backups
http://flickr.com/photos/53088165@N00/579761138/
People Who Change the World Need the Tools to Do it!www.nten.org
Holly Ross, Executive [email protected]
Control What You CanIn the Cloud
• Enough seats for all users
• Independent passwords
• Automatic logout• Required
password changeshttp://flickr.com/photos/86778817@N00/88641569/
People Who Change the World Need the Tools to Do it!www.nten.org
Holly Ross, Executive [email protected]
Control What You CanDevices / Drives
• Passwords for all devices and drives
• Encryption for files stored on devices and driveshttp://flickr.com/photos/ian-s/2152798588/
People Who Change the World Need the Tools to Do it!www.nten.org
Holly Ross, Executive [email protected]
Security PhilosophyIT’s More than Digital
• In 2008…each man, woman, and child will use 4,847 sheets of the office paper, 36 sheets fewer than 2007.
– Source: http://www.entrepreneur.com/tradejournals/article/184744007.html
People Who Change the World Need the Tools to Do it!www.nten.org
Holly Ross, Executive [email protected]
Security PhilosophyPlug the Biggest Holes
• Prioritize!
– Risk = Value of Asset x Severity of Vulnerability x Likelihood of Attack
–Source: http://h71028.www7.hp.com/ERC/cache/568165-0-0-0-121.html
People Who Change the World Need the Tools to Do it!www.nten.org
Holly Ross, Executive [email protected]
Security PhilosophyPlan for Failure
• Know how you will respond to security breaches in terms of IT
• Plan for notifying important parties - it’s the law!
People Who Change the World Need the Tools to Do it!www.nten.org
Holly Ross, Executive [email protected]
Security PhilosophyTrain for Success
• Ultimately, your success relies on your people
• Try Disaster Days trainings (make it fun!)
• Make security issues part of your regular communications
People Who Change the World Need the Tools to Do it!www.nten.org
Holly Ross, Executive [email protected]
Security Resources
• HP Security Risk Assessment– http://h71028.www7.hp.com/ERC/cache/568165-0-0-0-121.html
• TechSoup Healthy and Secure Computing– http://www.techsoup.org/hsc/
• CERT Octave– http://www.cert.org/octave/
• SANS Reading Room– http://sans.org/
• Security Focus– http://www.securityfocus.com/
• NSA Security Confirguration Guides– http://www.nsa.gov/snac/
People Who Change the World Need the Tools to Do it!www.nten.org
Holly Ross, Executive [email protected]
As we look ahead into the next century, leaders will be those
who empower others.- Bill Gates, founder Microsoft