6-27-14 Podcast References

“Anything that is measured and watched, improves.”

—Bob Parsons


US airports compromised during major APT hacking campaign, says CIS

http://www.csoonline.com/article/2369043/us-airports-compromised-during-major-apt-hacking-campaign-says-cis.html

C-IT Recommendation

  1. Ensure your company has an effective spam gateway or email content filter solution that quarantines junk mail, detects viruses.
  2. Consult with your email security team to validate the email security solution is running on the latest stable version with the latest signature updates.
  3. Ensure your company is using a web content filtering solution to prevent user from accessing malicious websites.
  4. Validate the web content filtering solution is up to date with the latest stable version with the latest site signature updates
  5. Thoroughly educate your end users on phishing attacks and how to avoid them.
  6. Encourage your end users through your information security policy not to give their company email out for non-business related purposes
  7. Restrict administrative access on local machines and browsers to only users which absolutely need access to install programs for business purposes

Article Resources

Center for Internet Security 2013 Annual Report

http://www.cisecurity.org/about/documents/2013AnnualReportspreads.pdf


 

Insider Threats Top Infosecurity Europe Attendees’ Cyber Fears

http://www.infosecurity-magazine.com/view/39035/insider-threats-top-infosecurity-europe-attendees-cyber-fears/

http://www.csoonline.com/article/2385000/security-awareness/security-awareness-and-concern-are-both-on-the-rise-among-it-professionals.html

C-IT Recommendation

  1. Ensure your organization has Firewalls/Intrusion Prevention Solutions in place that will block incoming attempts to infect PCs with a crimeware kit
  2. Ensure your organization has a solid anti-malware solution at the end point and that all endpoints are covered.
  3. Enforce a patch management standard in your organization which requires security patches to be deployed in the production environment within a reasonable time after they are tested within your test environment.
  4. Test business functionality of each type of device and record any issues impacting any business functions on the devices.
  5. If no issues result in the testing, deploy the security updates to the production systems. If functionality impacting issues occur on the test devices, engage Adobe support and/or vendor support if specific applications are negatively impacted.
  6. Consult with your Vulnerability and Threat Management Team (VTM) to verify all production systems are patched with the latest updates.
  7. Implement an advanced malware solution such as Invincea Freespace, FireEye Web Security (NX Series), Source Fire FireAmp to keep remote connections from initiating from your internal network.

Article Resources

Emory Technology Education on Phishing
http://it.emory.edu/security/security_awareness/phishing.html

Lancope Survey Results

http://www.lancope.com/files/Blog/Lancope-Infosecurity-Europe-2014-Survey-Results.pdf

Lancope Combating Insider Threat Webinar

http://www.lancope.com/resource-center/recorded-webinars/insider-threat-hunting-for-authorized-evil/


 

US Oil & Gas Industry Establishes Information Sharing Center

http://www.infosecurity-magazine.com/view/39024/us-oil-gas-industry-establishes-information-sharing-center/

http://www.darkreading.com/analytics/threat-intelligence/oil-and-natural-gas-industry-forms-isac/d/d-id/1278885?

Article Resources

http://www.momentumpress.net/books/protecting-industrial-control-systems-electronic-threats

Leave a Reply

Your email address will not be published. Required fields are marked *