![Page 1: Cybersecurity - The ever evolving business challengecyberops.com.au/wp-content/uploads/2016/08/CyberSecurity-V6.pdf · •This includes mobile and other devices •Ensure you have](https://reader036.vdocuments.us/reader036/viewer/2022081402/5f1735804e4a5c19b64f866d/html5/thumbnails/1.jpg)
Cybersecurity T HE EVER EVOLVING BUSINESS CHALLENGE
Derek GrockeCyberOps
![Page 2: Cybersecurity - The ever evolving business challengecyberops.com.au/wp-content/uploads/2016/08/CyberSecurity-V6.pdf · •This includes mobile and other devices •Ensure you have](https://reader036.vdocuments.us/reader036/viewer/2022081402/5f1735804e4a5c19b64f866d/html5/thumbnails/2.jpg)
Agenda
• Cyber Threat Trends
• The Hacker Motivation
• The Virus Threat Explosion
• Online Hacking Tools and Techniques
• Hacker Search Engine
• The DarkNet, DarkWeb or TOR
• The four golden rules of cyber security
• Cyber Penetration Hardware
• What Can Be Done
![Page 3: Cybersecurity - The ever evolving business challengecyberops.com.au/wp-content/uploads/2016/08/CyberSecurity-V6.pdf · •This includes mobile and other devices •Ensure you have](https://reader036.vdocuments.us/reader036/viewer/2022081402/5f1735804e4a5c19b64f866d/html5/thumbnails/3.jpg)
Cyber ThreatTrends
![Page 4: Cybersecurity - The ever evolving business challengecyberops.com.au/wp-content/uploads/2016/08/CyberSecurity-V6.pdf · •This includes mobile and other devices •Ensure you have](https://reader036.vdocuments.us/reader036/viewer/2022081402/5f1735804e4a5c19b64f866d/html5/thumbnails/4.jpg)
The HackerMotivation
![Page 5: Cybersecurity - The ever evolving business challengecyberops.com.au/wp-content/uploads/2016/08/CyberSecurity-V6.pdf · •This includes mobile and other devices •Ensure you have](https://reader036.vdocuments.us/reader036/viewer/2022081402/5f1735804e4a5c19b64f866d/html5/thumbnails/5.jpg)
The Virus Threat Explosion
![Page 6: Cybersecurity - The ever evolving business challengecyberops.com.au/wp-content/uploads/2016/08/CyberSecurity-V6.pdf · •This includes mobile and other devices •Ensure you have](https://reader036.vdocuments.us/reader036/viewer/2022081402/5f1735804e4a5c19b64f866d/html5/thumbnails/6.jpg)
Social Media& Profiling
http://www.social-searcher.com/• Facebook• Twitter• Google +• Flickr• Tumblr• Reddithttp://socialmention.com/http://www.whostalkin.com/
![Page 7: Cybersecurity - The ever evolving business challengecyberops.com.au/wp-content/uploads/2016/08/CyberSecurity-V6.pdf · •This includes mobile and other devices •Ensure you have](https://reader036.vdocuments.us/reader036/viewer/2022081402/5f1735804e4a5c19b64f866d/html5/thumbnails/7.jpg)
Twitter and Flickr GPS Location Tracking
https://app.echosec.net
![Page 8: Cybersecurity - The ever evolving business challengecyberops.com.au/wp-content/uploads/2016/08/CyberSecurity-V6.pdf · •This includes mobile and other devices •Ensure you have](https://reader036.vdocuments.us/reader036/viewer/2022081402/5f1735804e4a5c19b64f866d/html5/thumbnails/8.jpg)
Active Internet Attack
http://map.norsecorp.com/
![Page 9: Cybersecurity - The ever evolving business challengecyberops.com.au/wp-content/uploads/2016/08/CyberSecurity-V6.pdf · •This includes mobile and other devices •Ensure you have](https://reader036.vdocuments.us/reader036/viewer/2022081402/5f1735804e4a5c19b64f866d/html5/thumbnails/9.jpg)
Hacker Search Engine
Provides system information, which other Search Engines excludehttps://www.shodan.io
![Page 10: Cybersecurity - The ever evolving business challengecyberops.com.au/wp-content/uploads/2016/08/CyberSecurity-V6.pdf · •This includes mobile and other devices •Ensure you have](https://reader036.vdocuments.us/reader036/viewer/2022081402/5f1735804e4a5c19b64f866d/html5/thumbnails/10.jpg)
DarkNet, Deep Web or TOR
Red Onion Tor Browser for Apple- anonymous browsing and DarkNet- https://itunes.apple.com/au/app/red-onion-tor-powered-web/id829739720?mt=8
![Page 11: Cybersecurity - The ever evolving business challengecyberops.com.au/wp-content/uploads/2016/08/CyberSecurity-V6.pdf · •This includes mobile and other devices •Ensure you have](https://reader036.vdocuments.us/reader036/viewer/2022081402/5f1735804e4a5c19b64f866d/html5/thumbnails/11.jpg)
Cyber Penetration Hardware• WiFi Pineapple
• Mimics any wireless hotspot to attack vulnerable devices.
• Provides a network wiretap.
• Wireless network jammer.
• USB Rubber Ducky
• Simulates a keyboard.
• Captures keystrokes, gathering intelligence, installing backdoors and extracting data.
• LAN Turtle
• Covert Systems Administration and Penetration Testing tool providing stealth remote access, network intelligence gathering, and man-in-the-middle monitoring capabilities.
• UberTooth
• Hacks Bluetooth devices and listen to Bluetooth conversations.
http://hakshop.myshopify.com/
![Page 12: Cybersecurity - The ever evolving business challengecyberops.com.au/wp-content/uploads/2016/08/CyberSecurity-V6.pdf · •This includes mobile and other devices •Ensure you have](https://reader036.vdocuments.us/reader036/viewer/2022081402/5f1735804e4a5c19b64f866d/html5/thumbnails/12.jpg)
The four golden rules of cyber security
• Get the basics right. • Over 75 percent of attacks exploit the lack of basic controls.
• Look after your crown jewels. • You have to prioritise where you spend your money to defend yourself, so build a fortress around
your most critical assets.
• Do your homework on your enemies. • Invest in understanding who might attack you, why and how, so that you can anticipate the most
likely scenarios and defend those assets that are most likely to get attacked.
• Treat cyber risk as an opportunity to look closely at your business. • Security and resilience can affect nearly every part of an organization. Strategies to protect IT
security and business resiliency should align with an organisation’s broader goals — from protecting intellectual property to maximising productivity to finding new ways to delight customers.
http://www.kpmg.com/SG/en/IssuesAndInsights/ArticlesPublications/Documents/Advisory-CS-Cyber-security-A-failure-of-imagination-by-CEO-2.pdf
![Page 13: Cybersecurity - The ever evolving business challengecyberops.com.au/wp-content/uploads/2016/08/CyberSecurity-V6.pdf · •This includes mobile and other devices •Ensure you have](https://reader036.vdocuments.us/reader036/viewer/2022081402/5f1735804e4a5c19b64f866d/html5/thumbnails/13.jpg)
The SkillsGap
![Page 14: Cybersecurity - The ever evolving business challengecyberops.com.au/wp-content/uploads/2016/08/CyberSecurity-V6.pdf · •This includes mobile and other devices •Ensure you have](https://reader036.vdocuments.us/reader036/viewer/2022081402/5f1735804e4a5c19b64f866d/html5/thumbnails/14.jpg)
How to improve your Cyber Security
• Incorporate cyber risks into existing risk management and governance processes.
• Implement industry standards and best practices, don’t rely on compliance.
• Evaluate and manage your organisation’s specific cyber risks.
• Provide oversight and review.
• Develop and test incident response plans and procedures.
• Coordinate cyber incident response planning across the enterprise.
• Maintain situational awareness of cyber threats.
http://www.belden.com/blog/industrialsecurity/Industrial-Cyber-Security-Understanding-the-CEO-Perspective.cfm
![Page 15: Cybersecurity - The ever evolving business challengecyberops.com.au/wp-content/uploads/2016/08/CyberSecurity-V6.pdf · •This includes mobile and other devices •Ensure you have](https://reader036.vdocuments.us/reader036/viewer/2022081402/5f1735804e4a5c19b64f866d/html5/thumbnails/15.jpg)
If You Do Nothing Else
• Patch or upgrade all Operating Systems and Applications
• This includes mobile and other devices
• Ensure you have a an Active and Up-To-Date Virus/Malware Scanner
• This includes Android and Windows mobile devices
• Consider a internet security suite (virus, firewall, and network)
• Ensure System and Network Firewalls are Enabled
• Engage a security professional to Conduct a Security Review
![Page 16: Cybersecurity - The ever evolving business challengecyberops.com.au/wp-content/uploads/2016/08/CyberSecurity-V6.pdf · •This includes mobile and other devices •Ensure you have](https://reader036.vdocuments.us/reader036/viewer/2022081402/5f1735804e4a5c19b64f866d/html5/thumbnails/16.jpg)
Useful Links
• Report Cyber Incidents• http://www.acorn.gov.au/
• http://www.asd.gov.au/infosec/reportincident.htm
• https://www.cert.gov.au/incidents
• Australian Guidelines and Advice• http://www.asd.gov.au/partners/cybersecurity.htm
• https://www-304.ibm.com/easyaccess/fileserve?contentid=224109
• http://www2.deloitte.com/content/dam/Deloitte/sg/Documents/risk/sea-risk-cyber-security-changing-role-in-audit-noexp.pdf
• Cyber Defences• http://www.asd.gov.au/infosec/mitigationstrategies.htm
• Certified Testers• http://www.crestaustralia.org/approved.html
• Security Standards• https://www.cisecurity.org/
• http://blog.trendmicro.com/category/azure/
• http://blog.trendmicro.com/category/aws/
• http://www.nist.gov/cyberframework/cybersecurity-framework-industry-resources.cfm
• https://www.sans.org/media/critical-security-controls/critical-controls-poster-2016.pdf
• Training and Guidelines• https://www.sans.edu/
• http://www.isaca.org/CYBER/Pages/default.aspx
![Page 18: Cybersecurity - The ever evolving business challengecyberops.com.au/wp-content/uploads/2016/08/CyberSecurity-V6.pdf · •This includes mobile and other devices •Ensure you have](https://reader036.vdocuments.us/reader036/viewer/2022081402/5f1735804e4a5c19b64f866d/html5/thumbnails/18.jpg)
When To Involve The Security Team
Involve Security Advisors Early !!!
• Security Activities
• Threat Prevention
• Threat Detection
• Incident Management
• Identify Management
• Governance
• Budget process
• Business initiatives
• Project development and delivery lifecycle
• Security architecture
• Compliance and Audits
• Legal and Human Services
![Page 19: Cybersecurity - The ever evolving business challengecyberops.com.au/wp-content/uploads/2016/08/CyberSecurity-V6.pdf · •This includes mobile and other devices •Ensure you have](https://reader036.vdocuments.us/reader036/viewer/2022081402/5f1735804e4a5c19b64f866d/html5/thumbnails/19.jpg)
Cyber Security Questions From The Auditor
• How frequently do you review and update policies and procedures related to detection and response of cybersecurity incidents?
• How will you maintain business continuity in the event of a cybersecurity incident?
• Within your function, what is the cascade of events if a cybersecurity incident occurs?
• How do you ensure contractors, consultants, and other third parties only have access to the minimum necessary relevant data?
• What policies are in place to change or remove data privileges in the event of employee role changes or contract termination?
![Page 20: Cybersecurity - The ever evolving business challengecyberops.com.au/wp-content/uploads/2016/08/CyberSecurity-V6.pdf · •This includes mobile and other devices •Ensure you have](https://reader036.vdocuments.us/reader036/viewer/2022081402/5f1735804e4a5c19b64f866d/html5/thumbnails/20.jpg)
5 Management Questions For Cyber Staff
1. How Is Our Executive Leadership Informed About the Current Level and Business Impact of Cyber Risks to Our Company?
2. What Is the Current Level and Business Impact of Cyber Risks to Our Company? What Is Our Plan to Address Identified Risks?
3. How Does Our Cybersecurity Program Apply Industry Standards and Best Practices?
4. How Many and What Types of Cyber Incidents Do We Detect In a Normal Week? What is the Threshold for Notifying Our Executive Leadership?
5. How Comprehensive Is Our Cyber Incident Response Plan? How Often Is It Tested?
https://www.us-cert.gov/sites/default/files/publications/DHS-Cybersecurity-Questions-for-CEOs.pdf
![Page 21: Cybersecurity - The ever evolving business challengecyberops.com.au/wp-content/uploads/2016/08/CyberSecurity-V6.pdf · •This includes mobile and other devices •Ensure you have](https://reader036.vdocuments.us/reader036/viewer/2022081402/5f1735804e4a5c19b64f866d/html5/thumbnails/21.jpg)
Additional Links• Personal Virus Protection
• http://www.tomsguide.com/us/best-antivirus,review-2588.html
• Data breach notification — A guide to handling personal information security breaches
• https://www.oaic.gov.au/agencies-and-organisations/guides/data-breach-notification-a-guide-to-handling-personal-information-security-breaches
• Cyber Security Tips and Tricks
• https://www.us-cert.gov/ncas/tips
• Cyber Security Incident Plan
• http://www.cio.ca.gov/ois/government/library/documents/incident_response_plan_example.doc
• http://www.crest-approved.org/wp-content/uploads/CSIR-Procurement-Guide.pdf
• https://www.sans.org/reading-room/whitepapers/incident/incident-handlers-handbook-33901
• https://technet.microsoft.com/en-us/library/cc700825.aspx
• http://www.int-comp.org/media/2070/cyber-security-incident-response-plan2.xls