Are you playing Chess or Checkers with your Cyber-security posture - DERRICK A. BUTTS, CISSP, ITILV3 Aug. 2018
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
Are you playing Chess or Checkers with your Cyber-security posture… DERRICK A. BUTTS, CISSP, ITILV3 Aug. 2018
2
Speakers Bio…
• As Truth Initiative’s Chief Information Officer and
Cybersecurity Officer, oversees a team of specialists
supporting access control, computing, VoIP, cybersecurity,
and other information technologies along with enterprise
and cloud-based applications.
• Career spans three decades in information technology as
an enterprise solutions architect which has included
positions at major corporations such as Siemens and
MCI/WorldCom, as well as the U.S. Information
Agency/Voice of America and the U.S. Naval Sea
Command (NAVSEA).
• Before joining Truth Initiative®, was CEO/President of
Continuums Corp., a business continuity strategy
company working with securing cloud and infrastructures
for enterprise clients in multiple sectors. He holds a CISSP
and ITILv3 certification.
3
How is your construction IT business flow?
Busy reacting to
network security &
OPs issues
Always responding to new
Not able to prevent issues
threats and operational stability
before they occur
issues
Little to no time to
Always addressing
plan for offensive
end-user request
security posture
Adversary | 1. e4 Nf6 4
In the game of Checkers vs.
Chess…
• Game of checkers - a player waits for an opponent’s move
before determining his own.
VS
• Game of chess - it’s critical to think ahead three or more
moves.
• You must anticipate the various ways an opponent may
attack while planning your advance toward the opposing
King – Ransomware, Social Engineering, and ASNT.
• CIOs, CISOs, Security Officers and IT Directors must adopt
forward-thinking mindset of the chess player to stay ahead
in the real-world to position corporate defenses.
Adversary | 2. d3 d6 5
Chess or Checkers mindset…
• What is your board game mindset in supporting
cybersecurity in your construction projects?
• How do chess pieces equate to stakeholders in your
construction/business/cloud/cyber environment?
Adversary | 3. Nf3 e5 6
The pieces in your business environment…
King – Your organization’s mission critical data: confidential information,
employee records, legal documents, research data, intellectual property
(IP), plus passwords and the Active Directory database
Queen – The CEO/President and business driver: aware that technology
is required to protect and implement the strategic plan and fully
supportive of preventive security measures.
Adversary | 4. g3 Bg4 7
The pieces in your business environment…
Bishops, Rooks, and Knights – The CIO, CISO and IT staff: the movers
and shakers supporting innovation and implementation by maintaining
a secure operational environment – Business Continuity Plan (BCP),
Network Operating Procedures (NOP), Service Operating Procedures
(SOP), Systems Security Plan (SSP), and Risk Management Plan (RMP) –
as well as firewalls, Intrusion Prevention Systems (ISP); antivirus, anti-
malware, and anti-ransomware applications.
Pawns – Employees, a.k.a. end-users: trained in
security awareness and adherence to security
policies.
Adversary | 5. Bg2 Nc6 8
You have been Hacked – Now what?...
An employee has clicked on a spear phishing email that has opened up a ransomware
attack on your entire enterprises data….(OMG)
A choice of two moves to consider a Stalemate –
1. Embrace - Follow your Cyber Incident Response Plan (CIRP) and Business Continuity
Plan (BCP) – Most remediations efforts may take between a few hours to a day or
two
2. Deflect - Execute your Cyber Insurance Policy
Strongly Recommend Not to Pay – Immediate Checkmate!
Next Steps – What do we do to avoid this Embarrassment from happing again?
Adversary | 6. O-O Be7 9
Poll Question How many cyber incidents have you been exposed to within the past two years? 0 1-2 3-5 More than 5
Chess strategy in
Cybersecurity…
• Continuously evaluating your position so you can make
smart, proactive decisions.
• Important to understand and know the capabilities of
the players across your infrastructure.
• Know the weaknesses and limitations of your
Cybersecurity Posture to avoid being compromised.
Adversary | 7. h3 Bxf3 11Are you in the Chess Recommendations: Enterprise
Security Audit (ESA)
mindset?… • Design for business continuity –
• Do you know the status and baseline of your Based on potential threats
construction IT business and Cybersecurity • Power, Water, Access, Human
Posture? • Design for projected Growth –
Susceptibility to Evolving Threats
o What are your security & operation plans, • Support Changes in Technologies
incident mitigation procedures, physical and
logical defenses?
o Will the site be designed to enforce security
strengths and mitigate weaknesses?
o How much of your data will be on-premise vs. in
the Cloud?
Adversary | 8. Bxf3 Qd7 12Recommendations: Hybrid of
What standards mindset?… Nationally based Standards
• National Institute of Standards &
Technologies (NIST) – Cyber
• Are you using standards-based guidelines and Security Framework (CSF) & SP 800
processes ? Series Guidelines
o Do you keep them current? • Information Technology
Infrastructure Library (ITILv3)
o Do they consider a best of breed approach?
• IT Service Management (ITSM) and
o Are the repeatable? alignment with business/
o Do they allow for the integration of threat construction needs.
change?
o Do they allow for the integration of technology
refresh?
Adversary | 9. Bg4Nxg4 13Recommendations: Multi-layered
Proactive Monitoring Approach
mindset?… • Cyber-based tools – Cloud, Email,
Data Storage, and Services
• Are you proactively monitoring the • Enterprise Network tools –
effectiveness of your business/cyber-security LAN/WAN egress points servers
posture? • End-point tools- issued device –
o Does your monitoring feedback and reporting malware, ransomware and mobile
allow you to make predictive adjustments? device protection
o based on changes in threats
o based on changes in vulnerabilities
Adversary | 10. hxg4 h5 14The Internet/cloud is your chess
board…
• Chess Masters – CIOs/CISOs/ and
Security practitioners
• Strategic movement of your pieces
• Balance of strategy and tactics to
support secure information flow
Adversary | 11. ghx5 Qh3 15Avoiding careless moves…
• Asked the questions before making the simple mistakes…
o Have you thought through all the consequences?
o Have you taken the Enterprise environment into
account?
o What is the impact if it does not go well?
o Is there a fallback plan or is it ALL or nothing?
o Does your move consider current threats?
o Does your move consider the emerging technologies and
possible future vulnerabilities?
Adversary | 12. Nc3 Rxh5 16Poll Question How much of your cybersecurity posture is affected by the following? Limited budgets Limited cybersecurity skillset of IT personnel Limited security Awareness Training for the Enterprise Lack of Executive Management buy-in and support Lagging security policies and/or enforcement of current policies All of the above
Cybersecurity Endgame…
• The endgame for the adversary is to capture your
KING.
• Your endgame is to protect your KING –
mission critical data
• Chess is FUN, but…
• Victory in your Cybersecurity posture during/after
construction is best achieved when you avoid the
Checkmate and settle for a Stalemate.
Adversary | 13. Nd5 Qh1# anakonda007 (1548) vs. zebedee26 (926)
Checkmate! Live Chess | Chess.com | 4 Mar 2011 | 0-1 18Game over! Thank you for your time! dabutts@truthinitiative.org
You can also read
