fighting the war against cyber crime: a cio’s perspective the war on cyber crime.pdf · identity...
TRANSCRIPT
![Page 1: Fighting the War Against Cyber Crime: A CIO’s Perspective the War on Cyber Crime.pdf · Identity Theft •Growing sophistication of phishing emails •Exploitation of Banking System](https://reader035.vdocuments.us/reader035/viewer/2022063022/5fea5861f34fe6600a46304a/html5/thumbnails/1.jpg)
Fighting the War Against Cyber Crime: A CIO’s Perspective
Presented by :
LegalTech West Coast June 22, 2005
![Page 2: Fighting the War Against Cyber Crime: A CIO’s Perspective the War on Cyber Crime.pdf · Identity Theft •Growing sophistication of phishing emails •Exploitation of Banking System](https://reader035.vdocuments.us/reader035/viewer/2022063022/5fea5861f34fe6600a46304a/html5/thumbnails/2.jpg)
Moderator: Kristen Zarcadoolas, Director
Panelists: Judi Flournoy, CIO
Don Jaycox, US CIO
Kenneth G. McGuire, Supervisory Special Agent
Jim Soenksen, CEO
![Page 3: Fighting the War Against Cyber Crime: A CIO’s Perspective the War on Cyber Crime.pdf · Identity Theft •Growing sophistication of phishing emails •Exploitation of Banking System](https://reader035.vdocuments.us/reader035/viewer/2022063022/5fea5861f34fe6600a46304a/html5/thumbnails/3.jpg)
Discussion Objectives
• Firm Dynamics, IT Environment, and Major IT Initiatives
• 2005 Information Security Initiatives, Solutions, and Recommendations
• Cyber Crime Incident Handling and How to Work with Law Enforcement
• Top Ten Law Firm Security Issues• How to Make Information Security a
Business Enabler for Your Firm through Best Practices
![Page 4: Fighting the War Against Cyber Crime: A CIO’s Perspective the War on Cyber Crime.pdf · Identity Theft •Growing sophistication of phishing emails •Exploitation of Banking System](https://reader035.vdocuments.us/reader035/viewer/2022063022/5fea5861f34fe6600a46304a/html5/thumbnails/4.jpg)
Loeb & Loeb LLP
Judi FlournoyCIO
![Page 5: Fighting the War Against Cyber Crime: A CIO’s Perspective the War on Cyber Crime.pdf · Identity Theft •Growing sophistication of phishing emails •Exploitation of Banking System](https://reader035.vdocuments.us/reader035/viewer/2022063022/5fea5861f34fe6600a46304a/html5/thumbnails/5.jpg)
Firm Demographics
• 200 Attorneys, 500+ Users• Four locations
• Los Angeles – main office• New York – second largest office
• Chicago• Nashville
![Page 6: Fighting the War Against Cyber Crime: A CIO’s Perspective the War on Cyber Crime.pdf · Identity Theft •Growing sophistication of phishing emails •Exploitation of Banking System](https://reader035.vdocuments.us/reader035/viewer/2022063022/5fea5861f34fe6600a46304a/html5/thumbnails/6.jpg)
IT Environment
• Windows 2000/2003 Server• Windows 2000 Professional• Office XP• Postini – Spam & Anti-Virus• Trend – Anti-Virus and Personal Firewall• AdAware/AdWatch• RSA Server 6.0
![Page 7: Fighting the War Against Cyber Crime: A CIO’s Perspective the War on Cyber Crime.pdf · Identity Theft •Growing sophistication of phishing emails •Exploitation of Banking System](https://reader035.vdocuments.us/reader035/viewer/2022063022/5fea5861f34fe6600a46304a/html5/thumbnails/7.jpg)
Major IT Initiatives
• EMC Storage Area Network• FalconStor • Electronic Records Management• Disaster Recovery• Wireless LAN
![Page 8: Fighting the War Against Cyber Crime: A CIO’s Perspective the War on Cyber Crime.pdf · Identity Theft •Growing sophistication of phishing emails •Exploitation of Banking System](https://reader035.vdocuments.us/reader035/viewer/2022063022/5fea5861f34fe6600a46304a/html5/thumbnails/8.jpg)
2005 Security Initiatives
• Citrix MetaFrameXP• Juniper NetScreen 1010• Firewall Upgrades
• Cisco PIX or Juniper
![Page 9: Fighting the War Against Cyber Crime: A CIO’s Perspective the War on Cyber Crime.pdf · Identity Theft •Growing sophistication of phishing emails •Exploitation of Banking System](https://reader035.vdocuments.us/reader035/viewer/2022063022/5fea5861f34fe6600a46304a/html5/thumbnails/9.jpg)
“Security” @ Loeb
• Security is something we take seriously• Users are expected to partner with us in
assuring our resources are secure• Firm policies support the concept of
network security• We are conscious of the profile of some of
our clients and are particularly sensitive to the need to protect them
![Page 10: Fighting the War Against Cyber Crime: A CIO’s Perspective the War on Cyber Crime.pdf · Identity Theft •Growing sophistication of phishing emails •Exploitation of Banking System](https://reader035.vdocuments.us/reader035/viewer/2022063022/5fea5861f34fe6600a46304a/html5/thumbnails/10.jpg)
Additional Tools We Use
• Snort• http://www.snort.org
• QualysGuard Enterprise• http://www.qualys.com
• Nessus• http://www.nessus.org
![Page 11: Fighting the War Against Cyber Crime: A CIO’s Perspective the War on Cyber Crime.pdf · Identity Theft •Growing sophistication of phishing emails •Exploitation of Banking System](https://reader035.vdocuments.us/reader035/viewer/2022063022/5fea5861f34fe6600a46304a/html5/thumbnails/11.jpg)
Wireless @ Loeb
• Treo 600 & Treo 650• GoodLink 100• Blackberry
![Page 12: Fighting the War Against Cyber Crime: A CIO’s Perspective the War on Cyber Crime.pdf · Identity Theft •Growing sophistication of phishing emails •Exploitation of Banking System](https://reader035.vdocuments.us/reader035/viewer/2022063022/5fea5861f34fe6600a46304a/html5/thumbnails/12.jpg)
Connecting Remotely
• Via Internet• Via Dial-up using iPass or 802.11x via
iPass Hot Spots• Two factor authentication• SSL Encryption
![Page 13: Fighting the War Against Cyber Crime: A CIO’s Perspective the War on Cyber Crime.pdf · Identity Theft •Growing sophistication of phishing emails •Exploitation of Banking System](https://reader035.vdocuments.us/reader035/viewer/2022063022/5fea5861f34fe6600a46304a/html5/thumbnails/13.jpg)
Remote Access @ LoebUser accesses Loeb remote
User is prompted for credentials
http://
User obtains token
User is authenticated
User accesses resources
![Page 14: Fighting the War Against Cyber Crime: A CIO’s Perspective the War on Cyber Crime.pdf · Identity Theft •Growing sophistication of phishing emails •Exploitation of Banking System](https://reader035.vdocuments.us/reader035/viewer/2022063022/5fea5861f34fe6600a46304a/html5/thumbnails/14.jpg)
Future Wireless LAN
• WiFi access points on all floors• Authentication via Certificate Based• Use of VLAN’s to segregate visitor traffic
![Page 15: Fighting the War Against Cyber Crime: A CIO’s Perspective the War on Cyber Crime.pdf · Identity Theft •Growing sophistication of phishing emails •Exploitation of Banking System](https://reader035.vdocuments.us/reader035/viewer/2022063022/5fea5861f34fe6600a46304a/html5/thumbnails/15.jpg)
Security & Recommendations
• Have someone on staff responsible for security or hire a third party
• Force password changes• Force strong passwords• Use 2 Factor Authentication• Periodically test vulnerability• Do not permit outsiders on your network
• Secure your wireless
![Page 16: Fighting the War Against Cyber Crime: A CIO’s Perspective the War on Cyber Crime.pdf · Identity Theft •Growing sophistication of phishing emails •Exploitation of Banking System](https://reader035.vdocuments.us/reader035/viewer/2022063022/5fea5861f34fe6600a46304a/html5/thumbnails/16.jpg)
What QuestionsDo You Have?
![Page 17: Fighting the War Against Cyber Crime: A CIO’s Perspective the War on Cyber Crime.pdf · Identity Theft •Growing sophistication of phishing emails •Exploitation of Banking System](https://reader035.vdocuments.us/reader035/viewer/2022063022/5fea5861f34fe6600a46304a/html5/thumbnails/17.jpg)
DLA Piper Rudnick Gray Cary US LLP
Don JaycoxUS CIO
![Page 18: Fighting the War Against Cyber Crime: A CIO’s Perspective the War on Cyber Crime.pdf · Identity Theft •Growing sophistication of phishing emails •Exploitation of Banking System](https://reader035.vdocuments.us/reader035/viewer/2022063022/5fea5861f34fe6600a46304a/html5/thumbnails/18.jpg)
DLA Piper Rudnick Gray Cary Firm Demographics
• Result of 3-way merger on Jan 1, 2005• 1400 attys, 3100 people in the US• 2800 attys, 6000 people worldwide• 26 US offices, 50 Worldwide offices
• Large centers in: Chicago, Baltimore, San Diego, New York, DC, Palo Alto, San Francisco, London, Leeds, Manchester
![Page 19: Fighting the War Against Cyber Crime: A CIO’s Perspective the War on Cyber Crime.pdf · Identity Theft •Growing sophistication of phishing emails •Exploitation of Banking System](https://reader035.vdocuments.us/reader035/viewer/2022063022/5fea5861f34fe6600a46304a/html5/thumbnails/19.jpg)
IT Environment
• Win 2K / Win2K3 Server, AIX (Unix)• 1000’s of servers worldwide
• Win XP (SP1/SP2) desktop / laptop• Most attorneys carry laptops
• Office 2003 w/ mixed Worksite / PC Docs• Support 600+ home offices in US• Support 1000+ roaming users• Heavy use of Collaboration systems
![Page 20: Fighting the War Against Cyber Crime: A CIO’s Perspective the War on Cyber Crime.pdf · Identity Theft •Growing sophistication of phishing emails •Exploitation of Banking System](https://reader035.vdocuments.us/reader035/viewer/2022063022/5fea5861f34fe6600a46304a/html5/thumbnails/20.jpg)
DLAPRGC Security Environment
• Postini / FrontBridge anti Spam• Trend eWall (SMTP GW policy server)• Checkpoint & Cisco firewalls, VPN/PFW• McAfee w/ EPO virus protection• PestPatrol - Spyware• Rolling out Cisco Security Agent (CSA)• Managed Security Services thru LURHQ
• FW, IDS, IPS, advisories, threat assessment
![Page 21: Fighting the War Against Cyber Crime: A CIO’s Perspective the War on Cyber Crime.pdf · Identity Theft •Growing sophistication of phishing emails •Exploitation of Banking System](https://reader035.vdocuments.us/reader035/viewer/2022063022/5fea5861f34fe6600a46304a/html5/thumbnails/21.jpg)
Wireless
• Most attorneys (90%) carry BB 7230 o.e.• 4 BES servers, email, web / intranet access
• 35%+ home offices have wireless• 500+ attorneys use roaming WiFi Hspots
• TMobile, Boingo, Wayport mostly
• All large offices wired for guest WiFi• Most other offices in lobby & conf rooms
• Must be running Checkpoint or Cisco VPN/PFW to get WiFi access
![Page 22: Fighting the War Against Cyber Crime: A CIO’s Perspective the War on Cyber Crime.pdf · Identity Theft •Growing sophistication of phishing emails •Exploitation of Banking System](https://reader035.vdocuments.us/reader035/viewer/2022063022/5fea5861f34fe6600a46304a/html5/thumbnails/22.jpg)
Remote Access
• Broadband - Home, hotel, client sites• Wireless - Home, wifi hotspot, client wifi• Dialup - Cisco modem server w/ RSA• Checkpoint & Cisco SW VPN• Some NS5XP appliances (phasing out)• Citrix• OWA (mixed -- may phase out)
![Page 23: Fighting the War Against Cyber Crime: A CIO’s Perspective the War on Cyber Crime.pdf · Identity Theft •Growing sophistication of phishing emails •Exploitation of Banking System](https://reader035.vdocuments.us/reader035/viewer/2022063022/5fea5861f34fe6600a46304a/html5/thumbnails/23.jpg)
IT Priorities - 2005+• Merger, Merger, Merger...
• Many differences in policy & practice• New offices, New laterals
• Consolidate systems ...• Elite, HR, email, AD, DMS, RMS, docket, etc.
• Data center consolidation• From 25 US locations down to 3• SAN & over-the-wire backups
• Major Expansion of ...• Collaboration systems, remote access
![Page 24: Fighting the War Against Cyber Crime: A CIO’s Perspective the War on Cyber Crime.pdf · Identity Theft •Growing sophistication of phishing emails •Exploitation of Banking System](https://reader035.vdocuments.us/reader035/viewer/2022063022/5fea5861f34fe6600a46304a/html5/thumbnails/24.jpg)
Security Posture
• Educated user community: best weapon• Skepticism: most important tool
• Security is everyone’s responsibility• Mobile work force invalidates “citadel”
model - Alternative: “cargo net” model• User communication / Policies -
• Passwords, Phishing, email scams, encryption, confidentiality
![Page 25: Fighting the War Against Cyber Crime: A CIO’s Perspective the War on Cyber Crime.pdf · Identity Theft •Growing sophistication of phishing emails •Exploitation of Banking System](https://reader035.vdocuments.us/reader035/viewer/2022063022/5fea5861f34fe6600a46304a/html5/thumbnails/25.jpg)
What QuestionsDo You Have?
![Page 26: Fighting the War Against Cyber Crime: A CIO’s Perspective the War on Cyber Crime.pdf · Identity Theft •Growing sophistication of phishing emails •Exploitation of Banking System](https://reader035.vdocuments.us/reader035/viewer/2022063022/5fea5861f34fe6600a46304a/html5/thumbnails/26.jpg)
Cyber CrimeFederal Bureau of Investigation
Kenneth G. McGuireSupervisory Special Agent
![Page 27: Fighting the War Against Cyber Crime: A CIO’s Perspective the War on Cyber Crime.pdf · Identity Theft •Growing sophistication of phishing emails •Exploitation of Banking System](https://reader035.vdocuments.us/reader035/viewer/2022063022/5fea5861f34fe6600a46304a/html5/thumbnails/27.jpg)
Topic Overview
1. Current Security Threats & Cases
2. Cyber Crime Incident Handling
3. Working With Law Enforcement
![Page 28: Fighting the War Against Cyber Crime: A CIO’s Perspective the War on Cyber Crime.pdf · Identity Theft •Growing sophistication of phishing emails •Exploitation of Banking System](https://reader035.vdocuments.us/reader035/viewer/2022063022/5fea5861f34fe6600a46304a/html5/thumbnails/28.jpg)
Security Threats & Cases
1. TYPES OF PERPETRATORS2. INTERNET FRAUD - Identity Theft, Phishing
Schemes, Remailer Schemes3. COMPUTER INTRUSIONS &
DISRUPTIONS –1. RATs (Remote Access Trojans), 2. Extortion by DDoS (distributed denial of service), 3. “Hacker for Hire” Investigation,4. Wireless Networks Concerns
4. INTELLECTUAL PROPERTY RIGHTS CRIMES –Warez/Movie Servers
![Page 29: Fighting the War Against Cyber Crime: A CIO’s Perspective the War on Cyber Crime.pdf · Identity Theft •Growing sophistication of phishing emails •Exploitation of Banking System](https://reader035.vdocuments.us/reader035/viewer/2022063022/5fea5861f34fe6600a46304a/html5/thumbnails/29.jpg)
How Severe is the Threat?
THREAT
•Professional Cyber Criminals & Terrorists (hard to detect)
•Disgruntled Employees
•Competitors
•Hacktivists
•Script Kiddies(Advertises Actions)
![Page 30: Fighting the War Against Cyber Crime: A CIO’s Perspective the War on Cyber Crime.pdf · Identity Theft •Growing sophistication of phishing emails •Exploitation of Banking System](https://reader035.vdocuments.us/reader035/viewer/2022063022/5fea5861f34fe6600a46304a/html5/thumbnails/30.jpg)
Identity Theft
•Growing sophistication of phishing emails
•Exploitation of Banking System
•Keystroke Loggers deployed by worms
•Exploding International Market for Stolen Credit Card Databases and Identity Data
•FTC - $50B lost in Identity Theft in 2003
•300M man-hours devoted to repairing damage caused by this theft
![Page 31: Fighting the War Against Cyber Crime: A CIO’s Perspective the War on Cyber Crime.pdf · Identity Theft •Growing sophistication of phishing emails •Exploitation of Banking System](https://reader035.vdocuments.us/reader035/viewer/2022063022/5fea5861f34fe6600a46304a/html5/thumbnails/31.jpg)
Growing Trends
•Virus/Worm Payloads Used to Facilitate Intrusion/Fraud Schemes
•Mercenary Distributed Denial Of Service Attacks
•Extortion Schemes Fueled by DDOS and Intrusion
•Identity Theft Underpins Most Computer Crime
•Overall increase in sophistication by a geographically diverse criminal element
![Page 32: Fighting the War Against Cyber Crime: A CIO’s Perspective the War on Cyber Crime.pdf · Identity Theft •Growing sophistication of phishing emails •Exploitation of Banking System](https://reader035.vdocuments.us/reader035/viewer/2022063022/5fea5861f34fe6600a46304a/html5/thumbnails/32.jpg)
Banking and Brokerage Account Compromise
•Driven by worm propagation with keystroke logger in payload
•U.S. citizens recruited to open bank accounts for 30% fee
•Funds first transmitted to other U.S. accounts, then to the Eastern bloc.
![Page 33: Fighting the War Against Cyber Crime: A CIO’s Perspective the War on Cyber Crime.pdf · Identity Theft •Growing sophistication of phishing emails •Exploitation of Banking System](https://reader035.vdocuments.us/reader035/viewer/2022063022/5fea5861f34fe6600a46304a/html5/thumbnails/33.jpg)
REMOTE ACCESS TROJANS (RATs)
• HACKER versions –
Subseven, Backorifice, Netbus
•Sometimes contained in email or programs downloads, i.e. P2P programs like Kazaa
• COMMERCIAL PROGRAMS –
GotomyPC, PC Anywhere, Laplink
• OPERATING SYSTEMS PROGRAMS –
Telnet, ftp, Secure Shell (SSH), rlogin
![Page 34: Fighting the War Against Cyber Crime: A CIO’s Perspective the War on Cyber Crime.pdf · Identity Theft •Growing sophistication of phishing emails •Exploitation of Banking System](https://reader035.vdocuments.us/reader035/viewer/2022063022/5fea5861f34fe6600a46304a/html5/thumbnails/34.jpg)
World ’s Largest Computer Equipment Supplier
•A union of computer intrusion and wire fraud
•Subjects have placed at least $10M in fraudulent orders
•Subjects use work-from-home web sites to recruit unwitting U.S. participants
•11 convictions to date in the U.S., at least a dozen to follow
![Page 35: Fighting the War Against Cyber Crime: A CIO’s Perspective the War on Cyber Crime.pdf · Identity Theft •Growing sophistication of phishing emails •Exploitation of Banking System](https://reader035.vdocuments.us/reader035/viewer/2022063022/5fea5861f34fe6600a46304a/html5/thumbnails/35.jpg)
Extortion By DDOSExtortion By DDOS
• Hiring hackers to create distributed denial of service (DDOS) attacks
![Page 36: Fighting the War Against Cyber Crime: A CIO’s Perspective the War on Cyber Crime.pdf · Identity Theft •Growing sophistication of phishing emails •Exploitation of Banking System](https://reader035.vdocuments.us/reader035/viewer/2022063022/5fea5861f34fe6600a46304a/html5/thumbnails/36.jpg)
CountermeasuresCountermeasures
• Practice good computer security• Invest in a personal shredder• Examine your credit report annually• Scrutinize credit card statements• 1-888-5-OPTOUT (1-888-567-8688) • Use caution supplying wire transfer info• Be alert to anomalous personal info requests• http://www.consumer.gov/idtheft/
![Page 37: Fighting the War Against Cyber Crime: A CIO’s Perspective the War on Cyber Crime.pdf · Identity Theft •Growing sophistication of phishing emails •Exploitation of Banking System](https://reader035.vdocuments.us/reader035/viewer/2022063022/5fea5861f34fe6600a46304a/html5/thumbnails/37.jpg)
1) Availability of free
WAP detection and
logging tools like
Netstumbler and Kismet
2) War Driving-where
individuals drive (or walk)
Around to find
unprotected and
accessible WAPs
3) Consumer and even
system administrators
fail to configure their
systems adequately
Wireless Security Concerns
![Page 38: Fighting the War Against Cyber Crime: A CIO’s Perspective the War on Cyber Crime.pdf · Identity Theft •Growing sophistication of phishing emails •Exploitation of Banking System](https://reader035.vdocuments.us/reader035/viewer/2022063022/5fea5861f34fe6600a46304a/html5/thumbnails/38.jpg)
1. Uses 128-bit encryption
2. WEP uses weak algorithm that has been broken and is available to
hackers
3. Replacement for WEP called WiFi Protected Access (WPA) not
widely implemented
4. WEP is not configured out of the box and therefore, not protecting
the system
5. When WEP is configured by owner the default password is used -
ADMIN
Wireless Encryption
Protocol
or
Wireless
Equivalency
Protection (WEP)
Wireless Security Measures
![Page 39: Fighting the War Against Cyber Crime: A CIO’s Perspective the War on Cyber Crime.pdf · Identity Theft •Growing sophistication of phishing emails •Exploitation of Banking System](https://reader035.vdocuments.us/reader035/viewer/2022063022/5fea5861f34fe6600a46304a/html5/thumbnails/39.jpg)
Preventing Disgruntled Employee Problems
• Terminating System Access BEFORE TERMINATED EMPLOYEES ARE WALKING OUT THE DOOR
• Well Documented and Proliferated Non-Disclosure and Authorized Activity Agreements/Notifications
• Review Adequate Logging/Tracking• Enforce Your Rules• PRACTICE EXCERCISE – “RED
TEAMING”• BANNER during Log-in of company
computers
![Page 40: Fighting the War Against Cyber Crime: A CIO’s Perspective the War on Cyber Crime.pdf · Identity Theft •Growing sophistication of phishing emails •Exploitation of Banking System](https://reader035.vdocuments.us/reader035/viewer/2022063022/5fea5861f34fe6600a46304a/html5/thumbnails/40.jpg)
CYBER CRIME INCIDENT HANDLING
1. Continuing Operations v. Preservation of Evidence
2. Identify the Incident Manager and Team –usually department heads or officers
3. Assess Systems Impaired and Damages 4. Review Adequate Logging/Tracking
5. Note Unusual Activities By Employees or on Computer Network
![Page 41: Fighting the War Against Cyber Crime: A CIO’s Perspective the War on Cyber Crime.pdf · Identity Theft •Growing sophistication of phishing emails •Exploitation of Banking System](https://reader035.vdocuments.us/reader035/viewer/2022063022/5fea5861f34fe6600a46304a/html5/thumbnails/41.jpg)
WORKING WITH LAW ENFORCEMENT
• Identify your LOSS, HARM, or DAMAGE – lost asset, revenues, expenses, repair cost
• Identify Capture or Quarantine Electronic or Computerized Equipment, Logs and Files
• Maintain a “Chain of Custody” for Evidence• Begin a written chronology of events• Who may have to testify• Identify one or two individuals to be your main
point of contact with LEOs• Alert Your General Counsel or Atty
![Page 42: Fighting the War Against Cyber Crime: A CIO’s Perspective the War on Cyber Crime.pdf · Identity Theft •Growing sophistication of phishing emails •Exploitation of Banking System](https://reader035.vdocuments.us/reader035/viewer/2022063022/5fea5861f34fe6600a46304a/html5/thumbnails/42.jpg)
WORKING WITH LAW ENFORCEMENT
• CRIMINAL LAWS THAT APPLY:– ECPA (Electronic Communications and
Privacy Act)– 4th Amendment – Search & Seizure
– Interception of Communications (Wiretapping)
– Court Orders – FGJ Subpoenas, Search Warrants, Pen Registers, Trap & Trace Orders, 2703(d) Orders, Title 3 Orders
![Page 43: Fighting the War Against Cyber Crime: A CIO’s Perspective the War on Cyber Crime.pdf · Identity Theft •Growing sophistication of phishing emails •Exploitation of Banking System](https://reader035.vdocuments.us/reader035/viewer/2022063022/5fea5861f34fe6600a46304a/html5/thumbnails/43.jpg)
Prepare for Incident Response
• Have A Disaster Plan for Human-made and Natural Disasters– Need some ideas, try Risk Management
Organizations
• Practice The Plan!• Review The Plan Annually!
– Include contacts with law enforcement or disaster officials
![Page 44: Fighting the War Against Cyber Crime: A CIO’s Perspective the War on Cyber Crime.pdf · Identity Theft •Growing sophistication of phishing emails •Exploitation of Banking System](https://reader035.vdocuments.us/reader035/viewer/2022063022/5fea5861f34fe6600a46304a/html5/thumbnails/44.jpg)
INFRAGARD PROGRAM
![Page 45: Fighting the War Against Cyber Crime: A CIO’s Perspective the War on Cyber Crime.pdf · Identity Theft •Growing sophistication of phishing emails •Exploitation of Banking System](https://reader035.vdocuments.us/reader035/viewer/2022063022/5fea5861f34fe6600a46304a/html5/thumbnails/45.jpg)
Contact
INFRAGARD COORDINATOR
Regina Miles-Canales
310-477-6565
![Page 47: Fighting the War Against Cyber Crime: A CIO’s Perspective the War on Cyber Crime.pdf · Identity Theft •Growing sophistication of phishing emails •Exploitation of Banking System](https://reader035.vdocuments.us/reader035/viewer/2022063022/5fea5861f34fe6600a46304a/html5/thumbnails/47.jpg)
What QuestionsDo You Have?
![Page 48: Fighting the War Against Cyber Crime: A CIO’s Perspective the War on Cyber Crime.pdf · Identity Theft •Growing sophistication of phishing emails •Exploitation of Banking System](https://reader035.vdocuments.us/reader035/viewer/2022063022/5fea5861f34fe6600a46304a/html5/thumbnails/48.jpg)
Pivot GroupCrystal Ball Wrap-Up
Jim SoenksenCEO
![Page 49: Fighting the War Against Cyber Crime: A CIO’s Perspective the War on Cyber Crime.pdf · Identity Theft •Growing sophistication of phishing emails •Exploitation of Banking System](https://reader035.vdocuments.us/reader035/viewer/2022063022/5fea5861f34fe6600a46304a/html5/thumbnails/49.jpg)
Top Ten Security Concerns
1. Security Updates2. Spam3. Spyware4. Remote Access5. Wireless6. Roaming Laptops7. VOIP8. Data Privacy and Protection9. Proactive Security Program10. Training & Education
![Page 50: Fighting the War Against Cyber Crime: A CIO’s Perspective the War on Cyber Crime.pdf · Identity Theft •Growing sophistication of phishing emails •Exploitation of Banking System](https://reader035.vdocuments.us/reader035/viewer/2022063022/5fea5861f34fe6600a46304a/html5/thumbnails/50.jpg)
Defense In-Depth• Defensive Wall 1:
Blocking Network Attacks• Defensive Wall 2:
Blocking Host Attacks• Defensive Wall 3:
Eliminating Security Vulnerabilities• Defensive Wall 4:
Safely Supporting Authorized Users• Defensive Wall 5:
Tools to Minimize Business Losses & Maximize Effectiveness
![Page 51: Fighting the War Against Cyber Crime: A CIO’s Perspective the War on Cyber Crime.pdf · Identity Theft •Growing sophistication of phishing emails •Exploitation of Banking System](https://reader035.vdocuments.us/reader035/viewer/2022063022/5fea5861f34fe6600a46304a/html5/thumbnails/51.jpg)
Embrace Best Practices
look, plan, act, repeat
Proactive Security is Less Expensive than Reactive Security!
![Page 52: Fighting the War Against Cyber Crime: A CIO’s Perspective the War on Cyber Crime.pdf · Identity Theft •Growing sophistication of phishing emails •Exploitation of Banking System](https://reader035.vdocuments.us/reader035/viewer/2022063022/5fea5861f34fe6600a46304a/html5/thumbnails/52.jpg)
Emerging Security Technologies
• Biometrics• Behavioral Based• VOIP Protection• Regulatory Compliance • Business Back Up & Recovery• Wireless Protection• Forensics• e Discovery• Privacy
![Page 53: Fighting the War Against Cyber Crime: A CIO’s Perspective the War on Cyber Crime.pdf · Identity Theft •Growing sophistication of phishing emails •Exploitation of Banking System](https://reader035.vdocuments.us/reader035/viewer/2022063022/5fea5861f34fe6600a46304a/html5/thumbnails/53.jpg)
Helpful Sites
• http://www.sans.org/top20/• http://cert.org/• http://www.infragard.net• http://www.gosci.com• http://www.pivotgroup.net
![Page 54: Fighting the War Against Cyber Crime: A CIO’s Perspective the War on Cyber Crime.pdf · Identity Theft •Growing sophistication of phishing emails •Exploitation of Banking System](https://reader035.vdocuments.us/reader035/viewer/2022063022/5fea5861f34fe6600a46304a/html5/thumbnails/54.jpg)
Final Questions
![Page 55: Fighting the War Against Cyber Crime: A CIO’s Perspective the War on Cyber Crime.pdf · Identity Theft •Growing sophistication of phishing emails •Exploitation of Banking System](https://reader035.vdocuments.us/reader035/viewer/2022063022/5fea5861f34fe6600a46304a/html5/thumbnails/55.jpg)
Thank Youfrom
Judi Flournoy, Don Jaycox, Ken McGuire, Jim Soenksen, and
Kristen Zarcadoolas