Transcription
Director of Network Services Cisco Meraki Network Associate (CMNA) Barracuda Backup and Recovery Engineer CompTIA A CompTIA Net CompTIA Security Barracuda SPAM Firewall Engineer Cisco Certified Network Associate(CCNA)-Security Cisco Certified Network Associate(CCNA)
The evolution of technology inmanufacturing
Most targeted industries Health Care Manufacturing Financial Services Government Agencies Education Source: INFOSEC
Industry Mandated Standards Health Care - Health Insurance Portability and AccountabilityAct (HIPPA) Financial Services – Financial Industry Regulatory Authority(FINRA), Government Agencies – National Institute of Standards andTechnology (NIST) Education- Family Educational Rights and Privacy Act Manufacturing – Limited and typically not audited. Do you supply to DoD?
National Institute of Standards andTechnology SP 800-171 Rev. 1 Access Control Awareness and Training Audit and Accountability Configuration Management Identification andAuthentication Incident Response Maintenance Media Protection Personnel Security Physical Protection Risk Assessment System and CommunicationsProtection System and InformationIntegrity
Access Control Limit Access to authorized Users Limit Access to the types of transactions and functions thatauthorized users are permitted to execute. Employ the principle of least privilege Limit unsuccessful logon attempts Authorize wireless access prior to allowing connections Protect Wireless using authentication and encryption
Configuration Management Establish and maintain baseline configurations andinventories of organizational information systems throughdevelopment life cycles Establish and enforce security configuration settings for ITproducts deployed Analyze the security impact of changes prior toimplementation Control and monitor user-installed software
Identification and Authentication Identify information system users, processes acting on behalfof users, or devices. Authenticate the identities of those users, processes, ordevices as a prerequisite to allowing access. Use multifactor authentication for local and network access. Enforce a minimum password complexity and change ofcharacters when new passwords are created.
Incident Response Do you have an incident response plan? Do you have an incident response team? If you have a policy when was it last tested?
NIST Summary 14 different sections 109 different steps Some of these steps you are already doing
Biggest security challenges facing themanufacturing industry More computers More software More automation Use wireless technologies Use of IoT Old embedded operating systems still running productionequipment. Internal Threats
Types of Attacks Password attacks Dictionary attack Birthday attack Man In the Middle Brute Force attack Insider Threats SQL Injection Zero Day attack Phishing Spear Phishing Whale Phishing Spoofing Malware Trojan Horse Ransomware DoS, DDoS
Spear PhishingTargeted email using personalizedinformation to trick people into thinking itcame from legitimate source.
Whale PhishingUsually targets someone in theorganization impersonating a C-levelexecutive to send money or data thatcontains PII information.
Trojan HorseType of Malware disguised as alegitimate software
Zero Day ExploitCyber attack that occurs on the same day that a weakness is discovered.
How to mitigate risk Next Generation Firewall IDS/IPS Block by geographic region Open DNS Anti-Virus Anti-Malware 2FA/MFA Software Patching Utilize VPN for remote access Routine vulnerability scans Password policy Screen lock out policy Failed login lockout policy Employee SecurityAwareness Training SIEM Backups
Next Generation Firewall Employs Intrusion Detection/Intrusion Prevention Restrict traffic by users, site, geography Create site to site VPN connections between remote sites toensure security Utilize VPN client when users access company resourcesfrom home. https://n169.meraki.com/Rummie/n/cW TkdPc/manage/security/events
Employee Security Awareness Training Employees are your biggest vulnerability Recent study by KnowBe4 found that 26%-45% ofemployees are susceptible phishing. This was reduced by75% after security awareness training. This can be managed by HR department and takesemployees 5-10 minutes per month to complete.
Security Patching Windows Updates Java/Flash Adobe Firefox Google Chrome VMWare Cisco Firmware Updates Industry specific software
Backup Procedure How much is your data worth? Do you have a backup? Do you also have an off site backup? How far back can you go to retrieve old data? Who is monitoring whether the backups are passing? When is the last time your organization tested a restore?
What’s Next? Attacks are becoming more sophisticated 92% of malware is delivered via email The average cost of an attack is 3 million Two-thirds of SMB’s have suffered a cyber attack in the past12 monthsSource: 2018 State of Cybersecurity in Small & Medium Size Businesses report
Barracuda Backup and Recovery Engineer CompTIA A CompTIA Net CompTIA Security Barracuda SPAM Firewall Engineer Cisco Certified Network Associate(CCNA)-Security Cisco Certified Network Associate(CCNA) . Failed login lockout policy Employee Security Awareness Training SIEM Backups.
