cs11 rsm formatted - amazon s3 · •compliance ≠ security –compliance = you have built the...
TRANSCRIPT
![Page 1: CS11 RSM FORMATTED - Amazon S3 · •Compliance ≠ Security –Compliance = You have built the foundation to get secure •Security is not bought. –Tools are tools, not solutions](https://reader035.vdocuments.net/reader035/viewer/2022070713/5ed2e80a4e7ab45be80ceda0/html5/thumbnails/1.jpg)
©2015 RSM US LLP All Rights Reserved
NASACT CONFERENCE
©2015 RSM US LLP. All Rights Reserved.
Information Security Trends
August 16, 2016
![Page 2: CS11 RSM FORMATTED - Amazon S3 · •Compliance ≠ Security –Compliance = You have built the foundation to get secure •Security is not bought. –Tools are tools, not solutions](https://reader035.vdocuments.net/reader035/viewer/2022070713/5ed2e80a4e7ab45be80ceda0/html5/thumbnails/2.jpg)
Introduction
2
Jay SchulmanPrincipal
Great Lakes Leader for Security and Privacy
• Work with State and Local Governments ranging from tollways to schools
• Helped secure everything from welding machines to medical devices to web applications
![Page 3: CS11 RSM FORMATTED - Amazon S3 · •Compliance ≠ Security –Compliance = You have built the foundation to get secure •Security is not bought. –Tools are tools, not solutions](https://reader035.vdocuments.net/reader035/viewer/2022070713/5ed2e80a4e7ab45be80ceda0/html5/thumbnails/3.jpg)
©2015 RSM US LLP All Rights Reserved
MisconceptionsThreat Overview
![Page 4: CS11 RSM FORMATTED - Amazon S3 · •Compliance ≠ Security –Compliance = You have built the foundation to get secure •Security is not bought. –Tools are tools, not solutions](https://reader035.vdocuments.net/reader035/viewer/2022070713/5ed2e80a4e7ab45be80ceda0/html5/thumbnails/4.jpg)
Misconceptions
• “If I’m not a top‐tier financial organization, retailer or contain military secrets, they don’t care about me.”
– You will be hard pressed to make appropriate risk management decisions until you understand who they are and why they act.
– “Attackers” are not a vague, all‐encompassing, generic horde.
4
![Page 5: CS11 RSM FORMATTED - Amazon S3 · •Compliance ≠ Security –Compliance = You have built the foundation to get secure •Security is not bought. –Tools are tools, not solutions](https://reader035.vdocuments.net/reader035/viewer/2022070713/5ed2e80a4e7ab45be80ceda0/html5/thumbnails/5.jpg)
Misconceptions (continued)
– Think of attackers as a spectrum rather than a generic entity.
– Recognize that attackers have differing, shifting motives.• Targets of opportunity• Hacktivism• Financial data and intellectual property
– #1 asset on underground market
• Revenge and retribution• None of the above
5
![Page 6: CS11 RSM FORMATTED - Amazon S3 · •Compliance ≠ Security –Compliance = You have built the foundation to get secure •Security is not bought. –Tools are tools, not solutions](https://reader035.vdocuments.net/reader035/viewer/2022070713/5ed2e80a4e7ab45be80ceda0/html5/thumbnails/6.jpg)
Misconceptions (continued)
• Compliance ≠ Security– Compliance = You have built the foundation to get secure
• Security is not bought. – Tools are tools, not solutions.– Security cannot be successful unless it is embedded in a variety of enterprise policies and processes.
![Page 7: CS11 RSM FORMATTED - Amazon S3 · •Compliance ≠ Security –Compliance = You have built the foundation to get secure •Security is not bought. –Tools are tools, not solutions](https://reader035.vdocuments.net/reader035/viewer/2022070713/5ed2e80a4e7ab45be80ceda0/html5/thumbnails/7.jpg)
©2015 RSM US LLP All Rights Reserved
SECURITY STATISTICS
![Page 8: CS11 RSM FORMATTED - Amazon S3 · •Compliance ≠ Security –Compliance = You have built the foundation to get secure •Security is not bought. –Tools are tools, not solutions](https://reader035.vdocuments.net/reader035/viewer/2022070713/5ed2e80a4e7ab45be80ceda0/html5/thumbnails/8.jpg)
Security StatisticsCompiled from:‐ NetDiligence/McGladrey 2015 Annual Cyber Claims Study
![Page 9: CS11 RSM FORMATTED - Amazon S3 · •Compliance ≠ Security –Compliance = You have built the foundation to get secure •Security is not bought. –Tools are tools, not solutions](https://reader035.vdocuments.net/reader035/viewer/2022070713/5ed2e80a4e7ab45be80ceda0/html5/thumbnails/9.jpg)
Security statistics (continued)Trouble with mathCompiled from:
‐ NetDiligence/McGladrey 2015 Annual Cyber Claims Study
![Page 10: CS11 RSM FORMATTED - Amazon S3 · •Compliance ≠ Security –Compliance = You have built the foundation to get secure •Security is not bought. –Tools are tools, not solutions](https://reader035.vdocuments.net/reader035/viewer/2022070713/5ed2e80a4e7ab45be80ceda0/html5/thumbnails/10.jpg)
Security Statistics
10
Compiled from:‐ NetDiligence/McGladrey 2015 Annual Cyber Claims Study
This will never happen to me –We are too small!!
![Page 11: CS11 RSM FORMATTED - Amazon S3 · •Compliance ≠ Security –Compliance = You have built the foundation to get secure •Security is not bought. –Tools are tools, not solutions](https://reader035.vdocuments.net/reader035/viewer/2022070713/5ed2e80a4e7ab45be80ceda0/html5/thumbnails/11.jpg)
©2015 RSM US LLP All Rights Reserved
THREAT OVERVIEW
![Page 12: CS11 RSM FORMATTED - Amazon S3 · •Compliance ≠ Security –Compliance = You have built the foundation to get secure •Security is not bought. –Tools are tools, not solutions](https://reader035.vdocuments.net/reader035/viewer/2022070713/5ed2e80a4e7ab45be80ceda0/html5/thumbnails/12.jpg)
Threat overview1.Hacking • Current methods focus on web apps and browser plug‐ins
• Transitioning to Internet of Things
2. Malware • Finding and purchasing non‐detectable malware in the underground market is trivial
• Modern anti‐virus is an 80‐20 proposition at best
3. Social Engineering
• Why bother to do all the heavy lifting involved with “hacking” when you can just ask someone to do something for you?
• While there is a technical component, the attack is against human nature
<examples next>
4. Physical Loss • Rare occurrence but significant impact
![Page 13: CS11 RSM FORMATTED - Amazon S3 · •Compliance ≠ Security –Compliance = You have built the foundation to get secure •Security is not bought. –Tools are tools, not solutions](https://reader035.vdocuments.net/reader035/viewer/2022070713/5ed2e80a4e7ab45be80ceda0/html5/thumbnails/13.jpg)
Threat overview (continued)• Vendor Fraud aka Invoice Fraud aka Supply Chain
Fraud:• Attacker identifies a vendor of the organization• Attacker attempts to convince the organization to make a
normal or additional payment to a new account• Organization unaware of fraud until notified by the vendor• Typical example:
To: [Someone in finance] From: [email protected]: Mon, Oct 5, 2015 at 2:01am
Mr/Mrs. Someone, please be aware that we have recently changed banking providers. Our new account and routing numbers are in the attached pdf.Respectfully, Mr. Vendor Executive
![Page 14: CS11 RSM FORMATTED - Amazon S3 · •Compliance ≠ Security –Compliance = You have built the foundation to get secure •Security is not bought. –Tools are tools, not solutions](https://reader035.vdocuments.net/reader035/viewer/2022070713/5ed2e80a4e7ab45be80ceda0/html5/thumbnails/14.jpg)
Threat overview (continued)• Fake executives:
• Often create entire fake email chains, includingsupposed communications with other executives
• May tie to fake vendor claims, but also tax payments, legal fines, issuing corporate credit cards, fake checks, etc.
• Utilizes organizational and positional pressure to succeed• Typical Example:
To: [Someone in finance]From: [email protected] Sent: Mon, Oct 5, 2015 at 2:01am
Hey, [nickname]. I was just contacted by one of our key vendors and it looks like we missed a payment last month. We are currently negotiating next year’s contract so this is VERY sensitive. Immediately wire $xxx,xxx to the attached account information or there will be hell to pay for all of us.Respectfully, CEO Executive
![Page 15: CS11 RSM FORMATTED - Amazon S3 · •Compliance ≠ Security –Compliance = You have built the foundation to get secure •Security is not bought. –Tools are tools, not solutions](https://reader035.vdocuments.net/reader035/viewer/2022070713/5ed2e80a4e7ab45be80ceda0/html5/thumbnails/15.jpg)
©2015 RSM US LLP All Rights Reserved
A PROACTIVE APPROACH
![Page 16: CS11 RSM FORMATTED - Amazon S3 · •Compliance ≠ Security –Compliance = You have built the foundation to get secure •Security is not bought. –Tools are tools, not solutions](https://reader035.vdocuments.net/reader035/viewer/2022070713/5ed2e80a4e7ab45be80ceda0/html5/thumbnails/16.jpg)
Threat Modeling Methodology
Threat Model
Assets(What/Where)
Risk Tolerance(Why)
Threats(How)
Mitigationsand
AssessmentStrategy
Actors(Who)
Focus on where your risks are, not where other people are breached.
![Page 17: CS11 RSM FORMATTED - Amazon S3 · •Compliance ≠ Security –Compliance = You have built the foundation to get secure •Security is not bought. –Tools are tools, not solutions](https://reader035.vdocuments.net/reader035/viewer/2022070713/5ed2e80a4e7ab45be80ceda0/html5/thumbnails/17.jpg)
First 90 daysMarch 30, 2015Data Security and Privacy
A State PerspectiveAugust 16, 2016
State of Illinois © 2015 Confidential : For discussion only
![Page 18: CS11 RSM FORMATTED - Amazon S3 · •Compliance ≠ Security –Compliance = You have built the foundation to get secure •Security is not bought. –Tools are tools, not solutions](https://reader035.vdocuments.net/reader035/viewer/2022070713/5ed2e80a4e7ab45be80ceda0/html5/thumbnails/18.jpg)
Kirk Lonbom Chief Information Security OfficerState of Illinois
Responsible for information and cyber security for entities operating under the Governor
64 Agencies, Boards and Commissions 50,000 state employees Compliance areas including FISMA, HIPAA, PCI, CJIS, more
![Page 19: CS11 RSM FORMATTED - Amazon S3 · •Compliance ≠ Security –Compliance = You have built the foundation to get secure •Security is not bought. –Tools are tools, not solutions](https://reader035.vdocuments.net/reader035/viewer/2022070713/5ed2e80a4e7ab45be80ceda0/html5/thumbnails/19.jpg)
![Page 20: CS11 RSM FORMATTED - Amazon S3 · •Compliance ≠ Security –Compliance = You have built the foundation to get secure •Security is not bought. –Tools are tools, not solutions](https://reader035.vdocuments.net/reader035/viewer/2022070713/5ed2e80a4e7ab45be80ceda0/html5/thumbnails/20.jpg)
What is being attacked?
![Page 21: CS11 RSM FORMATTED - Amazon S3 · •Compliance ≠ Security –Compliance = You have built the foundation to get secure •Security is not bought. –Tools are tools, not solutions](https://reader035.vdocuments.net/reader035/viewer/2022070713/5ed2e80a4e7ab45be80ceda0/html5/thumbnails/21.jpg)
EVERYTHING!
![Page 22: CS11 RSM FORMATTED - Amazon S3 · •Compliance ≠ Security –Compliance = You have built the foundation to get secure •Security is not bought. –Tools are tools, not solutions](https://reader035.vdocuments.net/reader035/viewer/2022070713/5ed2e80a4e7ab45be80ceda0/html5/thumbnails/22.jpg)
![Page 23: CS11 RSM FORMATTED - Amazon S3 · •Compliance ≠ Security –Compliance = You have built the foundation to get secure •Security is not bought. –Tools are tools, not solutions](https://reader035.vdocuments.net/reader035/viewer/2022070713/5ed2e80a4e7ab45be80ceda0/html5/thumbnails/23.jpg)
![Page 24: CS11 RSM FORMATTED - Amazon S3 · •Compliance ≠ Security –Compliance = You have built the foundation to get secure •Security is not bought. –Tools are tools, not solutions](https://reader035.vdocuments.net/reader035/viewer/2022070713/5ed2e80a4e7ab45be80ceda0/html5/thumbnails/24.jpg)
![Page 25: CS11 RSM FORMATTED - Amazon S3 · •Compliance ≠ Security –Compliance = You have built the foundation to get secure •Security is not bought. –Tools are tools, not solutions](https://reader035.vdocuments.net/reader035/viewer/2022070713/5ed2e80a4e7ab45be80ceda0/html5/thumbnails/25.jpg)
![Page 26: CS11 RSM FORMATTED - Amazon S3 · •Compliance ≠ Security –Compliance = You have built the foundation to get secure •Security is not bought. –Tools are tools, not solutions](https://reader035.vdocuments.net/reader035/viewer/2022070713/5ed2e80a4e7ab45be80ceda0/html5/thumbnails/26.jpg)
![Page 27: CS11 RSM FORMATTED - Amazon S3 · •Compliance ≠ Security –Compliance = You have built the foundation to get secure •Security is not bought. –Tools are tools, not solutions](https://reader035.vdocuments.net/reader035/viewer/2022070713/5ed2e80a4e7ab45be80ceda0/html5/thumbnails/27.jpg)
“No locale, industry or organization is bulletproof when it comes to the
compromise of data”
![Page 28: CS11 RSM FORMATTED - Amazon S3 · •Compliance ≠ Security –Compliance = You have built the foundation to get secure •Security is not bought. –Tools are tools, not solutions](https://reader035.vdocuments.net/reader035/viewer/2022070713/5ed2e80a4e7ab45be80ceda0/html5/thumbnails/28.jpg)
![Page 29: CS11 RSM FORMATTED - Amazon S3 · •Compliance ≠ Security –Compliance = You have built the foundation to get secure •Security is not bought. –Tools are tools, not solutions](https://reader035.vdocuments.net/reader035/viewer/2022070713/5ed2e80a4e7ab45be80ceda0/html5/thumbnails/29.jpg)
![Page 30: CS11 RSM FORMATTED - Amazon S3 · •Compliance ≠ Security –Compliance = You have built the foundation to get secure •Security is not bought. –Tools are tools, not solutions](https://reader035.vdocuments.net/reader035/viewer/2022070713/5ed2e80a4e7ab45be80ceda0/html5/thumbnails/30.jpg)
Breaches in State Government
South Carolina Department of Revenue• Exposed Tax Records of 70 Million People• Costs to the state - $70 Million
Utah – Medicaid Program• Theft of 750,000 Medicaid Records• Costs to the state - $9 Million
California – Reported that there have been multiple data breaches at state agencies• Costs to the state - $8.8 Million
IBM 2016 Study of breaches in the U.S.• $7.01 million is the average total cost of a
data breach (up .5 mil from 2015)• $221 is average cost per lost or stolen record
![Page 31: CS11 RSM FORMATTED - Amazon S3 · •Compliance ≠ Security –Compliance = You have built the foundation to get secure •Security is not bought. –Tools are tools, not solutions](https://reader035.vdocuments.net/reader035/viewer/2022070713/5ed2e80a4e7ab45be80ceda0/html5/thumbnails/31.jpg)
Elected Official? Appointed Official? Program Executive or Manager? Fiduciary Responsibility? Placed in the Public’s Trust?
![Page 32: CS11 RSM FORMATTED - Amazon S3 · •Compliance ≠ Security –Compliance = You have built the foundation to get secure •Security is not bought. –Tools are tools, not solutions](https://reader035.vdocuments.net/reader035/viewer/2022070713/5ed2e80a4e7ab45be80ceda0/html5/thumbnails/32.jpg)
Elected Official? Appointed Official? Program Executive or Manager? Fiduciary Responsibility? Placed in the Public’s Trust?
Or do you just want to make sure you just keep your job?
![Page 33: CS11 RSM FORMATTED - Amazon S3 · •Compliance ≠ Security –Compliance = You have built the foundation to get secure •Security is not bought. –Tools are tools, not solutions](https://reader035.vdocuments.net/reader035/viewer/2022070713/5ed2e80a4e7ab45be80ceda0/html5/thumbnails/33.jpg)
State Business Risk Life, Health and Safety Delivering Services to our
Citizens Delivering Services to our
Employees
![Page 34: CS11 RSM FORMATTED - Amazon S3 · •Compliance ≠ Security –Compliance = You have built the foundation to get secure •Security is not bought. –Tools are tools, not solutions](https://reader035.vdocuments.net/reader035/viewer/2022070713/5ed2e80a4e7ab45be80ceda0/html5/thumbnails/34.jpg)
Financial Risk Lost Revenue Breach Costs Fraud and Theft
State Business Risk Life, Health and Safety Delivering Services to our
Citizens Delivering Services to our
Employees
![Page 35: CS11 RSM FORMATTED - Amazon S3 · •Compliance ≠ Security –Compliance = You have built the foundation to get secure •Security is not bought. –Tools are tools, not solutions](https://reader035.vdocuments.net/reader035/viewer/2022070713/5ed2e80a4e7ab45be80ceda0/html5/thumbnails/35.jpg)
Financial Risk Lost Revenue Breach Costs Fraud and Theft
Privacy & Confidentiality Risk Personal Information –
Identify Theft Confidential Information
State Business Risk Life, Health and Safety Delivering Services to our
Citizens Delivering Services to our
Employees
![Page 36: CS11 RSM FORMATTED - Amazon S3 · •Compliance ≠ Security –Compliance = You have built the foundation to get secure •Security is not bought. –Tools are tools, not solutions](https://reader035.vdocuments.net/reader035/viewer/2022070713/5ed2e80a4e7ab45be80ceda0/html5/thumbnails/36.jpg)
Reputational/Political Risk Elected Officials Agency Directors Program Managers
Financial Risk Lost Revenue Breach Costs Fraud and Theft
Privacy & Confidentiality Risk Personal Information –
Identify Theft Confidential Information
State Business Risk Life, Health and Safety Delivering Services to our
Citizens Delivering Services to our
Employees
![Page 37: CS11 RSM FORMATTED - Amazon S3 · •Compliance ≠ Security –Compliance = You have built the foundation to get secure •Security is not bought. –Tools are tools, not solutions](https://reader035.vdocuments.net/reader035/viewer/2022070713/5ed2e80a4e7ab45be80ceda0/html5/thumbnails/37.jpg)
Information Security Protect information from
unauthorized disclosure Ensure information is
trustworthy Guarantee reliable access to
mission critical information
Cyber-Resiliency Ability to anticipate,
withstand and recover from adverse cyber-events.
Evolve and improve in pace with the ever-changing cyber landscape.
![Page 38: CS11 RSM FORMATTED - Amazon S3 · •Compliance ≠ Security –Compliance = You have built the foundation to get secure •Security is not bought. –Tools are tools, not solutions](https://reader035.vdocuments.net/reader035/viewer/2022070713/5ed2e80a4e7ab45be80ceda0/html5/thumbnails/38.jpg)
![Page 39: CS11 RSM FORMATTED - Amazon S3 · •Compliance ≠ Security –Compliance = You have built the foundation to get secure •Security is not bought. –Tools are tools, not solutions](https://reader035.vdocuments.net/reader035/viewer/2022070713/5ed2e80a4e7ab45be80ceda0/html5/thumbnails/39.jpg)
![Page 40: CS11 RSM FORMATTED - Amazon S3 · •Compliance ≠ Security –Compliance = You have built the foundation to get secure •Security is not bought. –Tools are tools, not solutions](https://reader035.vdocuments.net/reader035/viewer/2022070713/5ed2e80a4e7ab45be80ceda0/html5/thumbnails/40.jpg)
Data Breach Causes, Malicious or
Criminal Attack, 50%
Data Breach Causes, Negligent
Employees, 23%
Data Breach Causes, System Problems -
Both IT and Business Process
Failures, 27%
Data Breach Causes
![Page 41: CS11 RSM FORMATTED - Amazon S3 · •Compliance ≠ Security –Compliance = You have built the foundation to get secure •Security is not bought. –Tools are tools, not solutions](https://reader035.vdocuments.net/reader035/viewer/2022070713/5ed2e80a4e7ab45be80ceda0/html5/thumbnails/41.jpg)
![Page 42: CS11 RSM FORMATTED - Amazon S3 · •Compliance ≠ Security –Compliance = You have built the foundation to get secure •Security is not bought. –Tools are tools, not solutions](https://reader035.vdocuments.net/reader035/viewer/2022070713/5ed2e80a4e7ab45be80ceda0/html5/thumbnails/42.jpg)
![Page 43: CS11 RSM FORMATTED - Amazon S3 · •Compliance ≠ Security –Compliance = You have built the foundation to get secure •Security is not bought. –Tools are tools, not solutions](https://reader035.vdocuments.net/reader035/viewer/2022070713/5ed2e80a4e7ab45be80ceda0/html5/thumbnails/43.jpg)
$ 86
![Page 44: CS11 RSM FORMATTED - Amazon S3 · •Compliance ≠ Security –Compliance = You have built the foundation to get secure •Security is not bought. –Tools are tools, not solutions](https://reader035.vdocuments.net/reader035/viewer/2022070713/5ed2e80a4e7ab45be80ceda0/html5/thumbnails/44.jpg)
$ 86 (what’s in YOUR database?)
![Page 45: CS11 RSM FORMATTED - Amazon S3 · •Compliance ≠ Security –Compliance = You have built the foundation to get secure •Security is not bought. –Tools are tools, not solutions](https://reader035.vdocuments.net/reader035/viewer/2022070713/5ed2e80a4e7ab45be80ceda0/html5/thumbnails/45.jpg)
• The longer it takes to detect, the more it costs.
• 70% of attackers move from the initial victim to a secondary target within 24 hours.
• An attacker is in your environment for over 200 days before detection
• Victims MUST report incidents quickly!
![Page 46: CS11 RSM FORMATTED - Amazon S3 · •Compliance ≠ Security –Compliance = You have built the foundation to get secure •Security is not bought. –Tools are tools, not solutions](https://reader035.vdocuments.net/reader035/viewer/2022070713/5ed2e80a4e7ab45be80ceda0/html5/thumbnails/46.jpg)
We DO know what we DO know! (known software vulnerabilities)
Phishing is still the biggest sport (it’s easy)
63% of breaches involved weak, default or stolen passwords (we just don’t get it – Multi-factor!)
Social Unrest = Increased Attacks
Web Applications have weaknesses (many easy to fix –just find them!)
We all make mistakes. (human errors cost us)
![Page 47: CS11 RSM FORMATTED - Amazon S3 · •Compliance ≠ Security –Compliance = You have built the foundation to get secure •Security is not bought. –Tools are tools, not solutions](https://reader035.vdocuments.net/reader035/viewer/2022070713/5ed2e80a4e7ab45be80ceda0/html5/thumbnails/47.jpg)
$0
$50
$100
$150
$200
$250
Cos
t
Mitigating Breach Cost
Cost
![Page 48: CS11 RSM FORMATTED - Amazon S3 · •Compliance ≠ Security –Compliance = You have built the foundation to get secure •Security is not bought. –Tools are tools, not solutions](https://reader035.vdocuments.net/reader035/viewer/2022070713/5ed2e80a4e7ab45be80ceda0/html5/thumbnails/48.jpg)
Daily Phishing, Brute Force, Calls, SQLi
Ransomware – (but getting better)
DDos Attacks – States and Law Enforcement
Administrative Errors
Indications of Increased Nation State Activity
![Page 49: CS11 RSM FORMATTED - Amazon S3 · •Compliance ≠ Security –Compliance = You have built the foundation to get secure •Security is not bought. –Tools are tools, not solutions](https://reader035.vdocuments.net/reader035/viewer/2022070713/5ed2e80a4e7ab45be80ceda0/html5/thumbnails/49.jpg)
![Page 50: CS11 RSM FORMATTED - Amazon S3 · •Compliance ≠ Security –Compliance = You have built the foundation to get secure •Security is not bought. –Tools are tools, not solutions](https://reader035.vdocuments.net/reader035/viewer/2022070713/5ed2e80a4e7ab45be80ceda0/html5/thumbnails/50.jpg)
Cyber-Risk Awareness Campaign
![Page 51: CS11 RSM FORMATTED - Amazon S3 · •Compliance ≠ Security –Compliance = You have built the foundation to get secure •Security is not bought. –Tools are tools, not solutions](https://reader035.vdocuments.net/reader035/viewer/2022070713/5ed2e80a4e7ab45be80ceda0/html5/thumbnails/51.jpg)
A Common Cybersecurity Framework for Illinois
![Page 52: CS11 RSM FORMATTED - Amazon S3 · •Compliance ≠ Security –Compliance = You have built the foundation to get secure •Security is not bought. –Tools are tools, not solutions](https://reader035.vdocuments.net/reader035/viewer/2022070713/5ed2e80a4e7ab45be80ceda0/html5/thumbnails/52.jpg)
Illinois Emergency Operations PlanCyber-Disruption Response Strategy
![Page 53: CS11 RSM FORMATTED - Amazon S3 · •Compliance ≠ Security –Compliance = You have built the foundation to get secure •Security is not bought. –Tools are tools, not solutions](https://reader035.vdocuments.net/reader035/viewer/2022070713/5ed2e80a4e7ab45be80ceda0/html5/thumbnails/53.jpg)
P.I.I. Encryption Expansion of monitoring capabilities
and detection. Detection of weak passwords Initial implementations of Two-Factor
Authentication
![Page 54: CS11 RSM FORMATTED - Amazon S3 · •Compliance ≠ Security –Compliance = You have built the foundation to get secure •Security is not bought. –Tools are tools, not solutions](https://reader035.vdocuments.net/reader035/viewer/2022070713/5ed2e80a4e7ab45be80ceda0/html5/thumbnails/54.jpg)
To what extent have the essential services and functions of YOUR agency been identified and programs implemented to provide for their resilience in the event of a disruption or cyber incident?
What are the risks to critical operations and what strategies are in place to mitigate that risk?
Is sufficient attention being given to the ability to defend against intrusions?
What is our plan in the case of a breach or other cyber-event?
![Page 55: CS11 RSM FORMATTED - Amazon S3 · •Compliance ≠ Security –Compliance = You have built the foundation to get secure •Security is not bought. –Tools are tools, not solutions](https://reader035.vdocuments.net/reader035/viewer/2022070713/5ed2e80a4e7ab45be80ceda0/html5/thumbnails/55.jpg)
Anticipate Threatening Events Quickly Detect Intrusions Protect Critical and Confidential Information Continue Essential Activities Despite Adverse Conditions Restore Mission-Critical Functions Within Agreed Upon
Time Periods Evolve and Learn so that the Impact of Potential and Actual
Events is Minimized
![Page 56: CS11 RSM FORMATTED - Amazon S3 · •Compliance ≠ Security –Compliance = You have built the foundation to get secure •Security is not bought. –Tools are tools, not solutions](https://reader035.vdocuments.net/reader035/viewer/2022070713/5ed2e80a4e7ab45be80ceda0/html5/thumbnails/56.jpg)