• No results found

Critical Controls for Cyber Security.

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "Critical Controls for Cyber Security."

Copied!
19
0
0

Loading.... (view fulltext now)

Download now ( 19 Page )

Full text

(1)

www.infogistic.com

(2)

Understanding Risk

Asset

(3)

Managing Risks

 Systematic Approach for Managing Risks

– Identify, characterize threats

– Assess the vulnerability of critical assets to specific threats

– Determine the risk

(4)

Enterprise IT Infrastructure

Key Loggers

Hacking

Weak Algorithms

Malicious code

Denial of Service

Natural Disasters

Access Controls

Social Engineering

Insider Threats

(5)

Implementation of Controls

 Controls are identified and applied to reduce the risk

 Controls can be of two types

– Technology Based

– Process Based

 Can be categorized across

– Technical (IPS, IDS, Firewall, DLP, IAM, SIEM, etc)

(6)

Balance of Technology & Process

(7)

20 Critical Controls for Cyber Security

 Background

 Joint Efforts of

– US Department of Defense

– Nuclear Laboratories of US Department of Energy

– US CERT

– US Department of Homeland Security

– Defense Signal Directorate – Australia

– Centre for Protection of Critical Infrastructure – UK

– National Institute of Standards & Technology (NIST)

– SANS Institute

(8)

20 Critical Controls for Cyber Security

 Critical Control 1: Inventory of Authorized and Unauthorized Devices  Critical Control 2: Inventory of Authorized and Unauthorized Software

 Critical Control 3: Secure Configurations for Hardware and Software on Mobile Devices, Laptops, Workstations, and Servers

 Critical Control 4: Continuous Vulnerability Assessment and Remediation  Critical Control 5: Malware Defenses

 Critical Control 6: Application Software Security  Critical Control 7: Wireless Device Control  Critical Control 8: Data Recovery Capability

 Critical Control 9: Security Skills Assessment and Appropriate Training to Fill Gaps

 Critical Control 10: Secure Configurations for Network Devices such as Firewalls, Routers, and Switches  Critical Control 11: Limitation and Control of Network Ports, Protocols, and Services

 Critical Control 12: Controlled Use of Administrative Privileges  Critical Control 13: Boundary Defense

 Critical Control 14: Maintenance, Monitoring, and Analysis of Audit Logs  Critical Control 15: Controlled Access Based on the Need to Know

 Critical Control 16: Account Monitoring and Control  Critical Control 17: Data Loss Prevention

 Critical Control 18: Incident Response and Management  Critical Control 19: Secure Network Engineering

(9)

Categorizing Critical Controls

Control

Process

Technology

Inventory of Authorized and

Unauthorized Devices

Inventory of Authorized and

Unauthorized Software

Secure Configurations for Hardware and

Software on Mobile Devices, Laptops,

Workstations, and Servers

Continuous Vulnerability Assessment and

Remediation

Malware Defenses

(10)

Categorizing Critical Controls

Control

Process

Technology

Data Recovery Capability

Security Skills Assessment and

Appropriate Training to Fill Gaps

Secure Configurations for Network

Devices such as Firewalls, Routers, and

Switches

Limitation and Control of Network Ports,

Protocols, and Services

Controlled Use of Administrative

Privileges

Boundary Defense

(11)

Categorizing Critical Controls

Control

Process

Technology

Controlled Access Based on the Need to

Know

Account Monitoring and Control

Data Loss Prevention

Incident Response and Management

Secure Network Engineering

(12)

Vulnerability Assessment & Continuous Remediation

Technology

– Acquire and Implement a

Vulnerability Scanning Tool

– Emphasis on database,

networks, web , servers,

applications, SCADA(if

applicable)

Process

– Frequency of scanning

– Reporting Mechanism

– Action Plans

– Contingency planning for patch

management

– Compare results with previous

scans

(13)

Application Software Security

Technology

– For Web Applications install

Web Application Firewall

– For other applications have a

Next Generation Firewall

Process

– In-house developed

applications must be tested

for security and code review.

– Test in-house-developed and

(14)

Security Skills Assessment

Technology

– Online Training Programs for

Security Awareness

Process

– Develop a Security Awareness

Program at all levels

– KPI must be defined

– Security awareness must be

enforced through HR

(15)

Data Loss Prevention

Technology

– Install and implement a Data

Loss Prevention Solution

Process

– Policies and Procedures

– Classification of Information

– Business Work Flow

(16)

Governance Risk & Compliance

Technology

– Implement a GRC suite

– Modules may include

• Policy Management

• Risk Management

• Incident Management

• Vendor Management

• Audit Management

Process

– Business Process Mapping

– Risk Management

(17)
(18)

Symptoms of Vulnerable Organizations

 I understand process, I understand technology, but how to

integrate them?

 Which best practices suit my organization?

 There are too many, I am confused?

 We are too busy in our day to day security operations?

 No one follows the process here?

(19)

References

Download now ( PDF - 19 Page - 814.07 KB )

Related documents

Making sense of data whether big or small

Professor Sharm Manwani - June 2014 Define Business Improvement Design Business Change Implement Business Change Direction Of Travel Align Business & IT Goals

Permeable Interlocking Concrete Pavements

9 Design Considerations for Pedestrians and Disabled Persons ...10 Infiltration Rates of Permeable Interlocking Concrete Pavement Systems ...10 Site Design Data ...11

CHEF SPRING & SUMMER MENU

comes with fresh baked challah with honey, chicken noodle soup, mixed green salad, choice of chicken schnitzel, grilled ¼ chicken or poached. lemon

Extending building integrated photovoltaics (BiPV) using distributed energy hubs. A case study in Cartigny, Switzerland

Peer-review under responsibility of the scientific committee of the scientific committee of the CISBAT 2017 International Conference – Future Buildings & Districts –

RETHINKING CYBER SECURITY Changing the Business Conversation

POLICY POLICY RISK ASSESSMENT RISK ASSESSMENT PERIMETER  SECURITY PERIMETER  SECURITY NETWORK  SECURITY NETWORK  SECURITY HOST & SERVER  BASED AGENTS

Development of the NTF-117S Semi-Span Balance

The balance was designed using beam relations/equations to compute the resultant loads and maximum stress values in each of the measurement flexure beams. This balance was designed

How Chief Information Officer Drives Innovation?

The study not only contributes to the literature in information systems and strategy management by addressing the association between CIO appointment and R&D investment

Border Security: Immigration Inspections at Ports of Entry

The Border Security, Economic Opportunity, and Immigration Modernization Act (S. 744), for example, would require carriers to collect electronic machine-readable biographic data