2012 cwag annual meeting state agency data breaches loss prevention, response and remediation...

2012 CWAG Annual Meeting

State Agency Data BreachesLoss prevention, response and remediation strategies

Employees

Job Seekers

Mortgagees

Identity Exploitations: 12+ years of our cases

Insured

The Scams Persist and This is Now an Industry

+ Prevention

+ Detection

+ Analysis & Response

Prevention

Data Loss Prevention: Comprehensive Approach People, Processes and Systems to Identify, Monitor and Protect Data...

+ In Use (endpoints, devices)

+ In Motion (network)

+ At Rest (storage)

Data Loss Prevention: Conduct Gap Analysis

+ Your Current Security System Versus What You Need to Have in Place

+ What Other Service Providers or Counter-Party are Points of Vulnerability?

+ What Other Data Do You Hold That Could Become Valuable?

+ What Processes (Internal and/or External) Can be Tightened Up?

Detection

Analysis

Data Theft Is Preceded by Smaller Intrusions...Catch Me if You Can

+ We Can Home In On Who Is Attacking

+ We Can Identify How Much Data Went Out

+ What Data Went Out, Where It Went

+ Stop the Bleeding

State Agency

State Agency

Supplier

Analytics: Real-time..or post-mortem

Analysis

An Incident Response Function and Plan Must be In Place

+ Discover Attack and Exfiltration

+ Identify Data Which Has Gone Out and Where It Went

+ Contain Damage

+ Eradicate Perpetrator’s Presence

+ Recover System and Data Protection in Secure Manner

+ Conduct in Forensically Sound Manner

+ Identify What Led to Intrusion to Prevent

Monitoring, Detection and Remediation Providers:

www.krollfraudsolutions.com

www.intersections.com

www.idanalytics.com

www.inguardians.com

www.mandiant.com

www.mantech.com

Self-help resource

http://www.sans.org/critical-security-controls/

+ 20 Security Controls For Effective Cyber Defense - The SANS Institute

+ Consortium-led Approach to Determining Best Practices and Most Cost Effective Security Across Government Bodies

Wireless Access Code: 9166703926