2012 cwag annual meeting state agency data breaches loss prevention, response and remediation...
TRANSCRIPT
2012 CWAG Annual Meeting
State Agency Data BreachesLoss prevention, response and remediation strategies
Employees
Job Seekers
Mortgagees
Identity Exploitations: 12+ years of our cases
Insured
The Scams Persist and This is Now an Industry
+ Prevention
+ Detection
+ Analysis & Response
Prevention
Data Loss Prevention: Comprehensive Approach People, Processes and Systems to Identify, Monitor and Protect Data...
+ In Use (endpoints, devices)
+ In Motion (network)
+ At Rest (storage)
Data Loss Prevention: Conduct Gap Analysis
+ Your Current Security System Versus What You Need to Have in Place
+ What Other Service Providers or Counter-Party are Points of Vulnerability?
+ What Other Data Do You Hold That Could Become Valuable?
+ What Processes (Internal and/or External) Can be Tightened Up?
Detection
Analysis
Data Theft Is Preceded by Smaller Intrusions...Catch Me if You Can
+ We Can Home In On Who Is Attacking
+ We Can Identify How Much Data Went Out
+ What Data Went Out, Where It Went
+ Stop the Bleeding
State Agency
State Agency
Supplier
Analytics: Real-time..or post-mortem
Analysis
An Incident Response Function and Plan Must be In Place
+ Discover Attack and Exfiltration
+ Identify Data Which Has Gone Out and Where It Went
+ Contain Damage
+ Eradicate Perpetrator’s Presence
+ Recover System and Data Protection in Secure Manner
+ Conduct in Forensically Sound Manner
+ Identify What Led to Intrusion to Prevent
Monitoring, Detection and Remediation Providers:
www.krollfraudsolutions.com
www.intersections.com
www.idanalytics.com
www.inguardians.com
www.mandiant.com
www.mantech.com
Self-help resource
http://www.sans.org/critical-security-controls/
+ 20 Security Controls For Effective Cyber Defense - The SANS Institute
+ Consortium-led Approach to Determining Best Practices and Most Cost Effective Security Across Government Bodies
Wireless Access Code: 9166703926