Upload File

broadening your cybersecurity mindset

9
1 © Copyright 2015. Computer Services, Inc.

Upload: kacyn-goranson

Post on 18-Jan-2017

1.367 views

Category:

Technology


0 download

Report

TRANSCRIPT

Page 1: Broadening Your Cybersecurity Mindset

1© Copyright 2015. Computer Services, Inc.

Page 2: Broadening Your Cybersecurity Mindset

2© Copyright 2015. Computer Services, Inc.

Watch Out For These Cybersecurity Risks

• System Outages• Human Error• Systems Error• Data Breaches• Distributed Denial of Service (DDoS)

Page 3: Broadening Your Cybersecurity Mindset

3© Copyright 2015. Computer Services, Inc.

But…The Threats Are Always ChangingKeep your organization up-to-date on the ever-evolving risks by staying PLUGGED IN:

• Sign up to receive alerts from federal regulators• Subscribe to active email lists from respected security

organizations• Follow leading security authorities• Subscribe to a collaboration service such as FS-ISAC

This is highly encouraged by regulatory agencies

Page 4: Broadening Your Cybersecurity Mindset

4© Copyright 2015. Computer Services, Inc. 4© Copyright 2015. Computer Services, Inc.

HOW ARE YOU MANAGING AND OVERSEEING CYBERSECURITY RISK?

1. Policies and Procedures

2. RiskManagement

3. Training and Resources

4. Culture

• Do you have governing documents?

• These allow implementation of steps 2, 3 and 4

• Have you performed assessments of your institution and its risk environment?

• Consider the use of a Cybersecurity Risk Assessment partner

• Review and update regularly

• How are you training your employees on the latest threats?

• Adequate training can reduce the cost of clean-up after an incident by as much as 12 times

• Ensure allocations in your budget for the resources (personnel, devices)

• Is cybersecurity embedded in your culture?

• This area is most ripe for change

• Starts with engagement from the top: Senior Management and the board

Page 5: Broadening Your Cybersecurity Mindset

5© Copyright 2015. Computer Services, Inc.

KEEP THESE CONTROLS IN MINDPhysical access is the easiest way to compromise a system. Some physical controls come in the form of:

• Perimeter Building Security• Limiting Access to Server Rooms• Environmental Controls

This is the first line of defense if a hacker breaches your physical controls. Logical security controls can include:

• Updated Patches• Multifactor Authentication Tools

Other controls involve front-end actions that are a part of an institution’s culture and preparedness, and include:

• Policies & Procedures• Employee Training & Education

Other Controls

Logical Security Controls

Physical Security Controls

© Copyright 2015. Computer Services, Inc.

Page 6: Broadening Your Cybersecurity Mindset

6© Copyright 2015. Computer Services, Inc.

Have You Considered External DependencyManagement?

Use these external dependency tools as part of your cybersecurity risk management strategy:

1. Business Impact Analysis (BIA) – This helps you determine the impact to your institution if anything ceased to exist or function properly.

2. Risk Assessment – This follows the BIA and identifies the risk for a particular vendor or service as well as the likelihood of each risk affecting that vendor relationship.

3. Vendor Management – This is the most important aspect and should receive the most attention. Every institution ought to be well versed in Appendix J from the FFIEC’s Business Continuity Handbook to be able to determine if adequate controls are in place.

Page 7: Broadening Your Cybersecurity Mindset

7© Copyright 2015. Computer Services, Inc.

AND IF THE WORST SHOULD HAPPEN…

Information and Correlation: Collect and correlate information through logs and other events

Investigation: Determine the significance of the event

Escalation: Escalate the event internally and to the appropriate authorities

Application: Apply what you’ve learned to set remediation in motion

01

02

03

04

05 Communication: Communicate the event to the public and the affected customer base

Observation: Closely watch the affected systems to ensure all issues were properly and completely remediated06

Institutions should consistently update their Business Continuity Plan and go through incident response simulations to prepare. If a cyber incident occurs, follow this process:

Page 8: Broadening Your Cybersecurity Mindset

8© Copyright 2015. Computer Services, Inc.

IN THE END …SEEK ASSISTANCE WHEN NECESSARY

• Remember you aren’t alone• A third-party provider can be a tremendous help in addressing

and managing key cybersecurity risks and issues• Information security management solutions can accomplish

your main goal of keeping customers’ data secure

Page 9: Broadening Your Cybersecurity Mindset

9© Copyright 2015. Computer Services, Inc. 9© Copyright 2015. Computer Services, Inc.

To get a more detailed version of this information,

download a complimentary white paper

“Broadening Your Cybersecurity Mindset.”

Visit www.csiweb.com/resources/white-papers now!

http://www.csiweb.com/resources/white-papers

Broadening Teachers Perspective

Broadening design

STC Broadening Participation Workshop

Broadening, Deepening, Scaling Up

Mindset- Growth Mindset V Fixed Mindset

The State of Cybersecurity and Digital Trust 2016...not on technology state-of-the-art, but instead on state-of-the-art cybersecurity as an organizational mindset—one that continually

Broadening Our Horizons

Broadening the Battlelines

Broadening Horizonsbroadeninghorizonsky.com/.../03/Broadening-Horizons... · Broadening Horizons INC Exploring New Horizons Our Mission Broadening Horizons is on a mission for excellence

Broadening Creativity

Broadening teaching perspectives

BROADENING PARTICIPATION IN COMPUTING

Line Broadening - XRD

Employee mindset vs entrepreneur mindset (1)

L&P 07 Broadening

BROADENING HORIZONS CREATING VALUE

A DETERMINISTIC APPROACH FOR CYBERSECURITY … · A roadmap for cybersecurity investments can create long-term strategic value, if approached with a holistic mindset. Depending on

Broadening Impact Through Innovation

BROADENING Our Impact

Broadening horizons - AVCA

Broadening CDE’s Reach

Broadening Horizons 2013-14

Broadening teaching perspective

Objectives: Materialsbetween a Fixed Mindset and a Growth Mindset.” • *Play Video: Growth Mindset vs. Fixed Mindset (5:03)* Activity - Perspective Taking Fixed Mindset vs. Growth

Broadening the Scope ofPractice in Pediatric Oncologycpancf.com/pdf/broadening scope of practice in pediatric oncoloy.pdf · Broadening the Scope ofPractice in Pediatric Oncology:

Line Broadening Analysis

Broadening Participation

Broadening Horizons

Broadening the Scope Jolson.pdf

Fixed Mindset and Growth Mindset

Broadening Participation in Engineering

Broadening Bioethics - WordPress.com

DEVELOPING A CYBERSECURITY MINDSET IN THE C-SUITE€¦ · CYBERSECURITY MINDSET FOR THE C-SUITE s the President and CEO of a manufacturing company involved with the Internet of Things

Broadening Global Perspectives - ECCSSA

Broadening the Debate