Upload
others
View
6
Download
0
Embed Size (px)
Citation preview
• Director of Network Services
• Cisco Meraki Network Associate (CMNA)
• Barracuda Backup and Recovery Engineer
• CompTIA A+
• CompTIA Net +
• CompTIA Security +
• Barracuda SPAM Firewall Engineer
• Cisco Certified Network Associate(CCNA)-Security
• Cisco Certified Network Associate(CCNA)
The evolution of technology in manufacturing
Most targeted industries
• Health Care
• Manufacturing
• Financial Services
• Government Agencies
• Education
• Source: INFOSEC
Industry Mandated Standards
• Health Care - Health Insurance Portability and Accountability Act (HIPPA)
• Financial Services – Financial Industry Regulatory Authority (FINRA),
• Government Agencies – National Institute of Standards and Technology (NIST)
• Education- Family Educational Rights and Privacy Act
• Manufacturing – Limited and typically not audited.• Do you supply to DoD?
National Institute of Standards and Technology SP 800-171 Rev. 1
• Access Control
• Awareness and Training
• Audit and Accountability
• Configuration Management
• Identification and Authentication
• Incident Response
• Maintenance
• Media Protection
• Personnel Security
• Physical Protection
• Risk Assessment
• System and Communications Protection
• System and Information Integrity
Access Control
• Limit Access to authorized Users
• Limit Access to the types of transactions and functions that authorized users are permitted to execute.
• Employ the principle of least privilege
• Limit unsuccessful logon attempts
• Authorize wireless access prior to allowing connections
• Protect Wireless using authentication and encryption
Configuration Management
• Establish and maintain baseline configurations and inventories of organizational information systems through development life cycles
• Establish and enforce security configuration settings for IT products deployed
• Analyze the security impact of changes prior to implementation
• Control and monitor user-installed software
Identification and Authentication
• Identify information system users, processes acting on behalf of users, or devices.
• Authenticate the identities of those users, processes, or devices as a prerequisite to allowing access.
• Use multifactor authentication for local and network access.
• Enforce a minimum password complexity and change of characters when new passwords are created.
Incident Response
• Do you have an incident response plan?
• Do you have an incident response team?
• If you have a policy when was it last tested?
NIST Summary
• 14 different sections
• 109 different steps
• Some of these steps you are already doing
Biggest security challenges facing the manufacturing industry
• More computers
• More software
• More automation
• Use wireless technologies
• Use of IoT
• Old embedded operating systems still running production equipment.
• Internal Threats
Types of Attacks
• Password attacks• Dictionary attack
• Birthday attack
• Man In the Middle
• Brute Force attack
• Insider Threats
• SQL Injection
• Zero Day attack
• Phishing
• Spear Phishing
• Whale Phishing
• Spoofing
• Malware
• Trojan Horse
• Ransomware
• DoS, DDoS
Spear Phishing
Targeted email using personalized information to trick people into thinking it came from legitimate source.
Whale Phishing Usually targets someone in the organization impersonating a C-level executive to send money or data that contains PII information.
Trojan HorseType of Malware disguised as a legitimate software
Zero Day ExploitCyber attack that occurs on the same day that a weakness is discovered.
How to mitigate risk
• Next Generation Firewall
• IDS/IPS
• Block by geographic region
• Open DNS
• Anti-Virus
• Anti-Malware
• 2FA/MFA
• Software Patching
• Utilize VPN for remote access
• Routine vulnerability scans
• Password policy
• Screen lock out policy
• Failed login lockout policy
• Employee Security Awareness Training
• SIEM
• Backups
Next Generation Firewall
• Employs Intrusion Detection/Intrusion Prevention
• Restrict traffic by users, site, geography
• Create site to site VPN connections between remote sites to ensure security
• Utilize VPN client when users access company resources from home.
• https://n169.meraki.com/Rummie/n/cW_TkdPc/manage/security/events
Employee Security Awareness Training
• Employees are your biggest vulnerability
• Recent study by KnowBe4 found that 26%-45% of employees are susceptible phishing. This was reduced by 75% after security awareness training.
• This can be managed by HR department and takes employees 5-10 minutes per month to complete.
Security Patching
• Windows Updates
• Java/Flash
• Adobe
• Firefox
• Google Chrome
• VMWare
• Cisco
• Firmware Updates
• Industry specific software
Backup Procedure
• How much is your data worth?
• Do you have a backup?
• Do you also have an off site backup?
• How far back can you go to retrieve old data?
• Who is monitoring whether the backups are passing?
• When is the last time your organization tested a restore?
What’s Next??
• Attacks are becoming more sophisticated
• 92% of malware is delivered via email
• The average cost of an attack is $3 million
• Two-thirds of SMB’s have suffered a cyber attack in the past 12 months
Source: 2018 State of Cybersecurity in Small & Medium Size Businesses report