SlideShare a Scribd company logo

Trending it security threats in the public sector

Core Security
Core Security

State and local information security leaders continue to be challenged with the “new norm,” to do more with less, while remaining on top of technology trends driving the marketplace. Traditional information security approaches often have limited impact and require more attention and resources. Please join Grayson Walters, Information Security Officer of Virginia Department of Taxation, and Eric Cowperthwaite, Vice President of Advanced Security and Strategy at Core Security as they discuss some of the top IT security trends and developments in the public sector, more specifically, within state and local governments.

Related slideshows

Rothke Sia 2006
Rothke Sia 2006Rothke Sia 2006
Rothke Sia 2006
 
Cyber Security and Cyber Awareness
Cyber Security and Cyber Awareness Cyber Security and Cyber Awareness
Cyber Security and Cyber Awareness
 
Cyber security
Cyber security Cyber security
Cyber security
 
1 of 16
Download to read offline
The “New Norm” in Cyber Security: What’s Trending Now in Public Sector
“…we should always be evaluating how we can work smarter...” ERIC COWPERTHWAITE VP Advanced Security and Strategy Core Security GRAYSON WALTERS Information Security Officer Virginia Department of Taxation
AGENDA IT security threats plaguing the public sector What you can do about them Q&A
1. Access to targets • Beware of “low-value targets” connected to larger, more interesting entities • Lower budgets and small staffs make evading security a bit easier How many vulnerabilities? How many applications? How many possible attack paths? Are the vulnerabilities exploitable? Does the attack path lead to sensitive data?
2. Where are your network boundaries? • Commercial tech has always outpaced business…and in government it is twice as bad • BYOD – Connected personal device overload • How many of your users are using web apps that you don’t know about? The Zero-Trust Model
3. Remember password theft Password theft is real • Phishing attacks work, they are easy to set up and have very low risk - 12% will click! • Users fail to report when they do something wrong • Users have access to things they should not
4. Enforcing controls. Always. Balancing policies and controls • You don’t necessarily want to be the “enforcer,” but it’s our role as security professionals
5. Overload…oh my! Security teams are overloaded: • Data – vulnerabilities, networks, viruses, SIEM, IoT, etc. • Regulations – Required security, reports, mandatory activity Security teams are, generally, too small, have the wrong skills Many different regulations and security frameworks to satisfy
So, what can we do to mitigate some of these #“new_norm”_threat_trends?
Penetration Testing Vulnerability Management Point Solution Enterprise Platform 1996 Core Security Founded 2001 Core Impact Pro Released 2011 Core Insight Released Core Security…evolution
Cut through the noise… • Engage new and different security skills, outsource critical skills • Success is going to require innovation • Must understand what the bad guy will do • Must know where to expend resources • Implement new technologies o Analytics o Automation o Integration Change the game to intelligent defense
RemediateCollect Remediation IT/Network Ops GRC SIEM Forensics Anti-Virus Logging Scanning Tools Application Security Scanning Web App Security DATA The Problem: • Mountains of Data • 1000’s of Vulnerabilities • No Relevance to Business The traditional solution: • Try to patch everything • Priority based on arbitrary scores • No business context
Collect Remediate Nessus MVM IP360 Qualys Nexpose Etc. Trustwave AppSpider App Scan Qualys Web Inspect Etc. DATA Attack Intelligence Platform Consolidate security data Simulate attack paths Prioritize business risk Validate vulnerabilities Remediation IT/Network Ops Actionable Information Analyze
Core Security Attack Intelligence Platform
Thank you! Now, it’s time for Q&A.
@coresecurity I blog.coresecurity.com I www.coresecurity.com ERIC COWPERTHWAITE. @e_cowperthwaite GRAYSON WALTERS. @grandomthoughts

More Related Content

Trending it security threats in the public sector

  • 1. The “New Norm” in Cyber Security: What’s Trending Now in Public Sector
  • 2. “…we should always be evaluating how we can work smarter...” ERIC COWPERTHWAITE VP Advanced Security and Strategy Core Security GRAYSON WALTERS Information Security Officer Virginia Department of Taxation
  • 3. AGENDA IT security threats plaguing the public sector What you can do about them Q&A
  • 4. 1. Access to targets • Beware of “low-value targets” connected to larger, more interesting entities • Lower budgets and small staffs make evading security a bit easier How many vulnerabilities? How many applications? How many possible attack paths? Are the vulnerabilities exploitable? Does the attack path lead to sensitive data?
  • 5. 2. Where are your network boundaries? • Commercial tech has always outpaced business…and in government it is twice as bad • BYOD – Connected personal device overload • How many of your users are using web apps that you don’t know about? The Zero-Trust Model
  • 6. 3. Remember password theft Password theft is real • Phishing attacks work, they are easy to set up and have very low risk - 12% will click! • Users fail to report when they do something wrong • Users have access to things they should not
  • 7. 4. Enforcing controls. Always. Balancing policies and controls • You don’t necessarily want to be the “enforcer,” but it’s our role as security professionals
  • 8. 5. Overload…oh my! Security teams are overloaded: • Data – vulnerabilities, networks, viruses, SIEM, IoT, etc. • Regulations – Required security, reports, mandatory activity Security teams are, generally, too small, have the wrong skills Many different regulations and security frameworks to satisfy
  • 9. So, what can we do to mitigate some of these #“new_norm”_threat_trends?
  • 10. Penetration Testing Vulnerability Management Point Solution Enterprise Platform 1996 Core Security Founded 2001 Core Impact Pro Released 2011 Core Insight Released Core Security…evolution
  • 11. Cut through the noise… • Engage new and different security skills, outsource critical skills • Success is going to require innovation • Must understand what the bad guy will do • Must know where to expend resources • Implement new technologies o Analytics o Automation o Integration Change the game to intelligent defense
  • 12. RemediateCollect Remediation IT/Network Ops GRC SIEM Forensics Anti-Virus Logging Scanning Tools Application Security Scanning Web App Security DATA The Problem: • Mountains of Data • 1000’s of Vulnerabilities • No Relevance to Business The traditional solution: • Try to patch everything • Priority based on arbitrary scores • No business context
  • 13. Collect Remediate Nessus MVM IP360 Qualys Nexpose Etc. Trustwave AppSpider App Scan Qualys Web Inspect Etc. DATA Attack Intelligence Platform Consolidate security data Simulate attack paths Prioritize business risk Validate vulnerabilities Remediation IT/Network Ops Actionable Information Analyze
  • 14. Core Security Attack Intelligence Platform
  • 15. Thank you! Now, it’s time for Q&A.
  • 16. @coresecurity I blog.coresecurity.com I www.coresecurity.com ERIC COWPERTHWAITE. @e_cowperthwaite GRAYSON WALTERS. @grandomthoughts