ntxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeq
TRANSCRIPT
![Page 1: Ntxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeq](https://reader031.vdocuments.net/reader031/viewer/2022030318/5a6775b07f8b9a656a8b53f9/html5/thumbnails/1.jpg)
NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5
Taking a Holistic Approach to Cybersecurity
Abu SadeqFounder & CEO
Zartech
Nov 10, 2017
![Page 2: Ntxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeq](https://reader031.vdocuments.net/reader031/viewer/2022030318/5a6775b07f8b9a656a8b53f9/html5/thumbnails/2.jpg)
NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5
About me
• Currently Founder & CEO of Zartech – a cybersecurity products and advisory services company
• Also work as ‘Fractional CISO’ for several companies
• Over 20+ years in the technology space within diverse industries
• Creator of Cyberator - a best-of-breed
cybersecurity assessment tool
2
![Page 3: Ntxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeq](https://reader031.vdocuments.net/reader031/viewer/2022030318/5a6775b07f8b9a656a8b53f9/html5/thumbnails/3.jpg)
NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5
Who invented the Internet?
3
![Page 4: Ntxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeq](https://reader031.vdocuments.net/reader031/viewer/2022030318/5a6775b07f8b9a656a8b53f9/html5/thumbnails/4.jpg)
NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5
The Birthplace of Internet
4
Room 3420 at the University of California, Los Angeles’s Boetler
Hall.
Back in 1969 the Advanced Research Projects Agency
Network (ARPANET) which developed the network that
became the basis for the Internet.
![Page 5: Ntxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeq](https://reader031.vdocuments.net/reader031/viewer/2022030318/5a6775b07f8b9a656a8b53f9/html5/thumbnails/5.jpg)
NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5 5
![Page 6: Ntxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeq](https://reader031.vdocuments.net/reader031/viewer/2022030318/5a6775b07f8b9a656a8b53f9/html5/thumbnails/6.jpg)
NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5
The Internet Today
6
- Google has indexed over 50 billion webpages
- 3.8 Billion Internet users in June 30, 2017
- 2.8 Billion active social media users
- 8.4 Billion Connected "Things" in Use and expected to be >25 Billion by 2020
- 1.6 Billion users purchasing via e-commerce
- Digital data stored in the cloud is 16.1 zettabytes
![Page 7: Ntxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeq](https://reader031.vdocuments.net/reader031/viewer/2022030318/5a6775b07f8b9a656a8b53f9/html5/thumbnails/7.jpg)
NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5
7
![Page 8: Ntxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeq](https://reader031.vdocuments.net/reader031/viewer/2022030318/5a6775b07f8b9a656a8b53f9/html5/thumbnails/8.jpg)
NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5
HACKED!
8
80M records/$100M+33M Records/$850M+
76M households/$1B+
1B records/$350M
40M records/$252M+
412M records
145M Records/$200M+56M records/$80M+
3K records/$35M
![Page 9: Ntxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeq](https://reader031.vdocuments.net/reader031/viewer/2022030318/5a6775b07f8b9a656a8b53f9/html5/thumbnails/9.jpg)
NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5
We need a holistic approach
9
![Page 10: Ntxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeq](https://reader031.vdocuments.net/reader031/viewer/2022030318/5a6775b07f8b9a656a8b53f9/html5/thumbnails/10.jpg)
NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5
Start by taking a 360 view of your security program
10
![Page 11: Ntxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeq](https://reader031.vdocuments.net/reader031/viewer/2022030318/5a6775b07f8b9a656a8b53f9/html5/thumbnails/11.jpg)
NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5
NIST Cybersecurity Framework (CSF)
11
Text
Text
Text
Text
Protect
Detect
Respond
Recover Identify
Identify: What's the organization's
understanding to managing cybersecurity risk to systems, assets, data, and capabilities
Protect: What appropriate
safeguards have been developed and implemented to ensure delivery of critical infrastructure services
Detect: What appropriate activities
have been developed and implemented to identify the occurrence of a cybersecurity event
Respond: What appropriate activities
have been develop and implemented to take action regarding a detected
cybersecurity event
Recover: What appropriate activities
have been developed and implemented to maintain plans for resilience and to restore
any capabilities or services that were impaired due to a cybersecurity event
NISTCybersecurity
Framework
Text
![Page 12: Ntxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeq](https://reader031.vdocuments.net/reader031/viewer/2022030318/5a6775b07f8b9a656a8b53f9/html5/thumbnails/12.jpg)
NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5
Why NIST CSF?
12
![Page 13: Ntxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeq](https://reader031.vdocuments.net/reader031/viewer/2022030318/5a6775b07f8b9a656a8b53f9/html5/thumbnails/13.jpg)
NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5
Purpose of the NIST CSF
13
![Page 14: Ntxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeq](https://reader031.vdocuments.net/reader031/viewer/2022030318/5a6775b07f8b9a656a8b53f9/html5/thumbnails/14.jpg)
NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5
Function: Identify
14
What's the organization's understanding to managing cybersecurity risk to systems, assets, data, and capabilities?
![Page 15: Ntxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeq](https://reader031.vdocuments.net/reader031/viewer/2022030318/5a6775b07f8b9a656a8b53f9/html5/thumbnails/15.jpg)
NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5
Function: Protect
15
What appropriate safeguards have been developed and implemented to ensure delivery of critical infrastructure services?
![Page 16: Ntxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeq](https://reader031.vdocuments.net/reader031/viewer/2022030318/5a6775b07f8b9a656a8b53f9/html5/thumbnails/16.jpg)
NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5
Function: Detect
16
What appropriate activities have been developed and implemented to identify the occurrence of a cybersecurity event?
![Page 17: Ntxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeq](https://reader031.vdocuments.net/reader031/viewer/2022030318/5a6775b07f8b9a656a8b53f9/html5/thumbnails/17.jpg)
NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5
Function: Respond
17
What appropriate activities have been develop and implemented to take action regarding a detected cybersecurity event?
![Page 18: Ntxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeq](https://reader031.vdocuments.net/reader031/viewer/2022030318/5a6775b07f8b9a656a8b53f9/html5/thumbnails/18.jpg)
NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5
Function: Recover
18
What appropriate activities have been developed and implemented to maintain plans for resilience and to restore any capabilities or services that were impaired due to a cybersecurity event?
![Page 19: Ntxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeq](https://reader031.vdocuments.net/reader031/viewer/2022030318/5a6775b07f8b9a656a8b53f9/html5/thumbnails/19.jpg)
NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5
19
A number of studies show that implementation of these seven Controls provides an effective defense against the most common cyber attacks (~90% of attacks).
![Page 20: Ntxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeq](https://reader031.vdocuments.net/reader031/viewer/2022030318/5a6775b07f8b9a656a8b53f9/html5/thumbnails/20.jpg)
NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5
7 controls for effective defense
#1. Implementing a formal information security
governance approach
#2. Inventory of Authorized & Unauthorized Devices
#3. Inventory of Authorized & Unauthorized Software
#4. Secure Configurations for Hardware & Software on Mobile Devices, Laptops, Workstations, & Servers
#5. Continuous Vulnerability Assessment & Remediation
#6. Controlled Use of Administrative Privileges
#7. User Education & Awareness
20
![Page 21: Ntxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeq](https://reader031.vdocuments.net/reader031/viewer/2022030318/5a6775b07f8b9a656a8b53f9/html5/thumbnails/21.jpg)
NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5
21
Thank you