This will be my last blog of the month in regard to our Nations Cyber Security Awareness Month. I was able to attend a webinar, “Defending Cyber Borders -- Beyond the Virtual Maginot Line” October 25th, in which a panel discussed what CIOs, CEOs, and those who work in the virtual realm; pretty much all of us, need to focus on in regard to defending our virtual borders.
The panelists were as follows:
Rick Holland, Senior Analyst, Forrester: Rick is a Senior Analyst serving Security & Risk Professionals. Rick helps clients optimize security architectures and technologies to protect the organization from advanced threats. His research focuses on email and web content security as well as virtualization security. He also supports research in incident management and forensics. He is based in the Dallas area.
Rob Lee, Fellow, SANS Institute: Rob Lee is an entrepreneur and consultant in the Washington DC area, specializing in information security, incident response, and digital forensics. Rob is currently the curriculum lead and author for digital forensic and incident response training at the SANS Institute in addition to owning his own firm. Rob has more than 15 years of experience in computer forensics, vulnerability and exploit discovery, intrusion detection/prevention, and incident response.
Steve Martino, Vice President, Information Security, Cisco: Vice President Steve Martino leads Cisco’s Information Security (InfoSec) organization to innovate and adopt the most effective security technologies and policies, reflect them in Cisco’s people, products and services, and share them with customers. He has more than 30 years of high-technology experience in security, IT operations, product development and operations, marketing, and sales.
Shehzad Mirza, Director, MS-ISAC Security Operations Center: Shehzad Mirza is currently working as the Director of the MS-ISAC Security Operations Center (SOC). He is responsible for managing a team of analysts. Previously, he has worked as a principal consultant with Symantec Corporation managing various cyber security projects, and a technical trainer for New Horizons Computer Learning Center. Shehzad has worked in the security field for over eleven years and is MCSE, GCIH, GAWN, and CISSP certified. His main expertise is in network security infrastructure and assessment, firewall configuration, IDS/IPS configuration, PCI compliance, staffing and vulnerability assessments.
Rod Turk, Director and CISO, U.S. Patent and Trademark Office: Mr. Turk’s current position as the U.S. Patent and Trademark Office (USPTO), Chief Information Security Officer and Director, Office of Organizational Policy and Governance puts him at the forefront of the government’s effort on cyber security. Mr. Turk manages and oversees USPTO’s compliance with the Federal Information Security Management Act (FISMA) and implementation of IT best practices.
A major theme that resounded throughout the webinar was that everybody is a fighter in this battle. We, the end user at the device, are the ones who have to stop the intrusion first by knowing not to go to this website or click on this link from an unknown email. It was stated that many (possibly up to 97%) of these ‘fishing’ attempts can be thwarted at the end user level. It was also stated that the ability for those involved on the technology side of the house to integrate and create a relationship with the non-technology side is paramount. Together, lets to be able to teach proper protection at the end user level and create policy that is revisited, refined, and correctly implemented. Let’s not create an environment to where our “incident responders”, those who will aid in the detection, mitigation, and recovery phase, are wearing two or more hats. They have to be focused on the task at hand and be able to virtually isolate or quarantine that end user device from the network.
Rod Turk made the analogy of a hard chocolate covered cherry. The outside is protected, but once a bite, even the smallest bite is taken, and that first layer gone, the rest is just gushy and soft. He was using this to describe the security that most company’s put in place as far as protection. There has to be a focus from protecting inside out. Once again, the idea of the end user protecting or detecting malware and reporting such will allow for faster response and may also allow the responder to trace the malware back to a source.
So where do we begin? A focus has to be made in order to identify what is valuable that someone else would want? Why? Who? Why would they want to interrupt my operations? What’s important to me? What would they target? Identify those needs early and start with that. Go back to the basics in regards to solid policy and implementation; not only for end users but for IT professionals, too. Have good patch management, know what you have within your environment, you can’t protect yourself if you don’t even know what you have to protect. If you’re on a limited budget, no problem, just concentrate on what’s most important to protect right now and work from there.
Once again, the ability for the CEO, CFO, CIO, or CISO to be able to build a relationship and collaborate, I can’t stress this enough, is paramount. “Techie” talk isn’t sexy by any means, but it has to be understood on even high levels that everyone can be a stop gate or can be the catalyst to a massive intrusion. The barrier does have to come down and the old way of thinking, “I’m not a gadget guy, that’s someone else’s problem” has to migrate to the idea that this is an Asymmetrical Battlefield meaning a 360 degree fight. There are no ‘front lines’; everybody’s a target.
If you don’t get an opportunity to watch the webcast, I strongly recommend you do, then know this:
It starts with the human end user. We’re all in this toghether, so let’s be proactive in identifying what doesn’t look right, no matter how small, and report it.
Lean on your basic fundamentals either as an IT professional or the policy that outlines use of devices.
Create an environment that is conducive for incident responders to do their job by making sure their main focus is incident response
And lastly know that nothing will change if a proactive approach is not taken by both “Techie’s” and “Non-Techie’s”. Collaborate and Integrate.
It was great serving you this month! Please protect yourselves and help protect whatever agency or company you may be working for. Cyberspace is limitless and endless; we may never have a full grasp but we can start with a basic knowledge. You can check out MS-ISAC if you would like to know more.
I attended MobileCon 2012, the newly branded CTIA enterprise and application event, earlier this month. I noticed the common theme this year was MDM-BYOD-Cybersecurity. Given the recent McKinsey report that indicated 77 percent of CIOs today state that they will allow some form of consumerization in the coming few years, IT professionals are challenged to increase flexibility without compromising security
Throughout the event, I heard many BYOD case studies with a huge interest/following in data and metrics. On this theme, I thought our own Cisco BYOD case study that we have been sharing with our customers would be of interest to this community.
Note, I will provide updated numbers soon as my peers continue to seek out the latest and greatest mobile devices here in the center of Silicon Valley.
Today, we are more interconnected than ever before. Not only do we use the Internet to stay connected, informed and engaged, but also we rely on it for all of our day-to-day needs. We rely heavily on the Internet for everything from submitting taxes, to applying for student loans, to following traffic signals, to even powering our homes.
Acknowledging the importance of cyber security, President Obama designated October as National Cyber Security Awareness Month to engage and educate public and private sector partners to raise awareness about cyber security and improve the resiliency of the nation in the event of a cyber incident.
Government and corporate leaders overwhelmingly identify cyber security and associated trust issues as one of their top IT concerns. Use of network-based technologies such as mobility, collaboration and virtualization are increasing, as are related threats. Securing business infrastructure and data relies on solutions and secure systems from “trusted” vendors, a relationship founded on the reputation of the vendor, its people, its processes and its technology.
Cisco is dedicated to protecting organizations from threats including malicious modification or substitution of technology, misuse of intellectual property, supply chain disruption and counterfeit products. As the most trustworthy vendor in the world, Cisco delivers architectures built on secure software and hardware that is backed by a highly secure supply chain. By providing trustworthy and assured network platforms, Cisco enables government organizations and enterprises to confidently secure their business infrastructure, data and information from attacks.
We are currently in Cybersecurity month here in the United States, which is to say that our country is trying to raise our awareness in regard to our virtual protection.
So, Cyber Security? What is security for cyberspace…? It’s difficult at times to think of an imaginary border that protects networks, computers, programs and data from attack, damage or unauthorized access. Unauthorized access… so hacking? Yes, but more devious with results that could even lead to injury or death of our population.
Imagine what would happen if, all of a sudden, one of our major cyber systems were “hacked”… What does that mean for us? Think. Just about our whole existence revolves around cyberspace. That’s right, systems operate virtually to be able to manage simple things like pay roll all the way to complex things like flight plans, take-off and landing. Cyberspace is where your Facebook lives, Twitter, personal email accounts, and all of your personal finance information. Has your account ever been hacked by a friend posting a funny blurb on your account? Or has your identity been stolen by a hacker? With technology becoming an extension of ourselves, it’s just important to protect ourselves. Let’s not create an episode of J.J. Abrams “Revolution” if we can avoid it…
What can we do about it? That’s the point of this month is for “us”… yes, us plain ole citizens, to be more proactive in protecting ourselves, our communities, and ultimately our country.
“Americans can follow simple steps to keep themselves, their personal assets, and private information safe online. Here are a few tips all Internet users can do to practice cyber security during National Cybersecurity Awareness Month (NCSAM) and throughout the year:
Set strong passwords and don’t share them with anyone.
Keep your operating system, browser, and other critical software optimized by installing updates.
Maintain an open dialogue with your family, friends, and community about Internet safety.
Limit the amount of personal information you post online and use privacy settings to avoid sharing information widely.
Be cautious about what you receive or read online – if it sounds too good to be true, it probably is.”
As government agencies, schools, hospitals and organizations everywhere transition to mobile workforces the need to rethink cyber defense strategies becomes critical. Rates of cybercrimes, like hackings, virus infiltrations and digital breaches, continue to rise and networks need protection in order to keep data—and people—safe. In fact, President Obama outlined the importance of cyber security in his Wall Street Journal op-ed this summer.
In addition, The National Cyber Security Alliance (NCSA) declared October National Cyber Security Awareness Month, so on October 25th , we invite you to join us as government experts, industry specialists and leading analysts gather for a cybersecurity town hall event, “Defending Cyber Borders—Beyond the Virtual Maginot Line.” Take part in the discussion as guests like Forrester analyst Rich Holland and Sans Institute Fellow Rob Lee, discuss innovative cyber security strategies and technologies and teach you to build effective, cost-conscious approaches to protecting your networks.
Register today for the virtual event. If you can’t make the date but are serious about cyber security, stay tuned for an on-demand version of the discussion.