Post on 28-May-2020
transcript
RansomwareI Know What You Did Last Summer
Stan Banash Jr. CISM, CISSP, C|CISO, CIPP
Chief Information Security Officer (CISO)
Children’s Hospital of Orange County
January 25, 2018
Threat Landscape
• Hackers• Cyber Crime Syndicates
• Malware Mercenaries
• Insiders• Clinical Staff
• Physicians
• Administrative/Support Staff
Attack Vectors
• External• Social Engineering
• Phishing
• Impersonation
• Vulnerable Systems
• Internal• Web Browsing
• Downloads
• External Media
Mitigation: Threat Intel
• Infragard
• US-CERT
• National Health • Information Sharing Analysis Center (NH-ISAC)
• Anti-Malware/ Security Vendors
Mitigation: Know Your Attack Surface
• Cloud Services
• Data Centers
• Mobile Devices / BYOD
• Vendors
• Internet of Things (IoT) / BioMed
• Users
Mitigation: Security Posture
• Understand Normal
• Security Operations Center (SOC)
• Develop a World View
• Career Development / Training
Mitigation: Vulnerability Management
• Vulnerability Management Program• Routine Scans• Risk Assessment• Segregation
• Patch Management Program• Applicability• Understand Risk• Metrics
• Time to remediate• Remediation Percentage
Incident Response
• Build a Plan – NIST SP800-61
• Prepare Your Environment
• Train Your Team
• Stage Tabletop Exercises
• Live Fire – Red/Blue, Purple