Documente Academic
Documente Profesional
Documente Cultură
Paul Ferrillo Chuck Brooks Kenneth Holley George Platsis George Thomas Shawn Tuma Christophe Veltsos
“Director Fury” “Thor” “Captain America” “Ironman” “Black Panther” “Hulk” “Hawkeye”
Why do we do what we do?
#CyberAvengers
www.thecyberavengers.com
Laws and regulations
Machine Machine learning is often used with AI. It is software that can
Learning “learn” on its own based on human input and results of actions
taken. Together with AI, machine learning can become a tool to
predict outcomes based on past events.
Source: Maria Korolov, How AI can help you stay ahead of cybersecurity threats, CSO Online
(Oct. 19, 2017)
1. Risk assessment.
2. Policies and procedures focused on cybersecurity.
• Social engineering, password, security questions
3. Training of all workforce on P&P, then security.
4. Phish all workforce (esp. leadership).
5. Multi-factor authentication.
Why is this 6.
7.
Signature based antivirus and malware detection.
Internal controls / access controls.
important? 8.
9.
No outdated or unsupported software.
Security patch updates management policy.
10. Backups segmented offline, cloud, redundant.
Incident response plan.
Can AI/ML help? 11.
12. Encrypt sensitive and air-gap hypersensitive data.
13. Adequate logging and retention.
14. Third-party security risk management program.
15. Firewall, intrusion detection and prevention systems.
16. Managed services provider (MSP) or managed security services
provider (MSSP).
17. Cyber risk insurance.
1. Risk assessment.
2. Policies and procedures focused on cybersecurity.
• Social engineering, password, security questions
3. Training of all workforce on P&P, then security.
4. Phish all workforce (esp. leadership).
5. Multi-factor authentication.
Why is this 6.
7.
Signature based antivirus and malware detection.
Internal controls / access controls.
important? 8.
9.
No outdated or unsupported software.
Security patch updates management policy.
10. Backups segmented offline, cloud, redundant.
Incident response plan.
Can AI/ML help? 11.
12. Encrypt sensitive and air-gap hypersensitive data.
13. Adequate logging and retention.
14. Third-party security risk management program.
15. Firewall, intrusion detection and prevention systems.
16. Managed services provider (MSP) or managed security services
provider (MSSP).
17. Cyber risk insurance.
1. Risk assessment.
2. Policies and procedures focused on cybersecurity.
• Social engineering, password, security questions
3. Training of all workforce on P&P, then security.
4. Phish all workforce (esp. leadership).
5. Multi-factor authentication.
Why is this 6.
7.
Signature based antivirus and malware detection.
Internal controls / access controls.
important? 8.
9.
No outdated or unsupported software.
Security patch updates management policy.
10. Backups segmented offline, cloud, redundant.
Incident response plan.
Can AI/ML help? 11.
12. Encrypt sensitive and air-gap hypersensitive data.
13. Adequate logging and retention.
14. Third-party security risk management program.
15. Firewall, intrusion detection and prevention systems.
16. Managed services provider (MSP) or managed security services
provider (MSSP).
17. Cyber risk insurance.
1. Risk assessment.
2. Policies and procedures focused on cybersecurity.
• Social engineering, password, security questions
3. Training of all workforce on P&P, then security.
4. Phish all workforce (esp. leadership).
5. Multi-factor authentication.
Why is this 6.
7.
Signature based antivirus and malware detection.
Internal controls / access controls.
important? 8.
9.
No outdated or unsupported software.
Security patch updates management policy.
10. Backups segmented offline, cloud, redundant.
Incident response plan.
Can AI/ML help? 11.
12. Encrypt sensitive and air-gap hypersensitive data.
13. Adequate logging and retention.
14. Third-party security risk management program.
15. Firewall, intrusion detection and prevention systems.
16. Managed services provider (MSP) or managed security services
provider (MSSP).
17. Cyber risk insurance.
1. Risk assessment.
2. Policies and procedures focused on cybersecurity.
• Social engineering, password, security questions
3. Training of all workforce on P&P, then security.
4. Phish all workforce (esp. leadership).
5. Multi-factor authentication.
Why is this 6.
7.
Signature based antivirus and malware detection.
Internal controls / access controls.
important? 8.
9.
No outdated or unsupported software.
Security patch updates management policy.
10. Backups segmented offline, cloud, redundant.
Incident response plan.
Can AI/ML help? 11.
12. Encrypt sensitive and air-gap hypersensitive data.
13. Adequate logging and retention.
14. Third-party security risk management program.
15. Firewall, intrusion detection and prevention systems.
16. Managed services provider (MSP) or managed security services
provider (MSSP).
17. Cyber risk insurance.
1. Risk assessment.
2. Policies and procedures focused on cybersecurity.
• Social engineering, password, security questions
3. Training of all workforce on P&P, then security.
4. Phish all workforce (esp. leadership).
5. Multi-factor authentication.
Why is this 6.
7.
Signature based antivirus and malware detection.
Internal controls / access controls.
important? 8.
9.
No outdated or unsupported software.
Security patch updates management policy.
10. Backups segmented offline, cloud, redundant.
Incident response plan.
Can AI/ML help? 11.
12. Encrypt sensitive and air-gap hypersensitive data.
13. Adequate logging and retention.
14. Third-party security risk management program.
15. Firewall, intrusion detection and prevention systems.
16. Managed services provider (MSP) or managed security services
provider (MSSP).
17. Cyber risk insurance.
1. Risk assessment.
2. Policies and procedures focused on cybersecurity.
• Social engineering, password, security questions
3. Training of all workforce on P&P, then security.
4. Phish all workforce (esp. leadership).
5. Multi-factor authentication.
Why is this 6.
7.
Signature based antivirus and malware detection.
Internal controls / access controls.
important? 8.
9.
No outdated or unsupported software.
Security patch updates management policy.
10. Backups segmented offline, cloud, redundant.
Incident response plan.
Can AI/ML help? 11.
12. Encrypt sensitive and air-gap hypersensitive data.
13. Adequate logging and retention.
14. Third-party security risk management program.
15. Firewall, intrusion detection and prevention systems.
16. Managed services provider (MSP) or managed security services
provider (MSSP).
17. Cyber risk insurance.
1. Risk assessment.
2. Policies and procedures focused on cybersecurity.
• Social engineering, password, security questions
3. Training of all workforce on P&P, then security.
4. Phish all workforce (esp. leadership).
5. Multi-factor authentication.
Why is this 6.
7.
Signature based antivirus and malware detection.
Internal controls / access controls.
important? 8.
9.
No outdated or unsupported software.
Security patch updates management policy.
10. Backups segmented offline, cloud, redundant.
Incident response plan.
Can AI/ML help? 11.
12. Encrypt sensitive and air-gap hypersensitive data.
13. Adequate logging and retention.
14. Third-party security risk management program.
15. Firewall, intrusion detection and prevention systems.
16. Managed services provider (MSP) or managed security services
provider (MSSP).
17. Cyber risk insurance.
1. Risk assessment.
2. Policies and procedures focused on cybersecurity.
• Social engineering, password, security questions
3. Training of all workforce on P&P, then security.
4. Phish all workforce (esp. leadership).
5. Multi-factor authentication.
Why is this 6.
7.
Signature based antivirus and malware detection.
Internal controls / access controls.
important? 8.
9.
No outdated or unsupported software.
Security patch updates management policy.
10. Backups segmented offline, cloud, redundant.
Incident response plan.
Can AI/ML help? 11.
12. Encrypt sensitive and air-gap hypersensitive data.
13. Adequate logging and retention.
14. Third-party security risk management program.
15. Firewall, intrusion detection and prevention systems.
16. Managed services provider (MSP) or managed security services
provider (MSSP).
17. Cyber risk insurance.
1. Risk assessment.
2. Policies and procedures focused on cybersecurity.
• Social engineering, password, security questions
3. Training of all workforce on P&P, then security.
4. Phish all workforce (esp. leadership).
5. Multi-factor authentication.
Why is this 6.
7.
Signature based antivirus and malware detection.
Internal controls / access controls.
important? 8.
9.
No outdated or unsupported software.
Security patch updates management policy.
10. Backups segmented offline, cloud, redundant.
Incident response plan.
Can AI/ML help? 11.
12. Encrypt sensitive and air-gap hypersensitive data.
13. Adequate logging and retention.
14. Third-party security risk management program.
15. Firewall, intrusion detection and prevention systems.
16. Managed services provider (MSP) or managed security services
provider (MSSP).
17. Cyber risk insurance.
1. Risk assessment.
2. Policies and procedures focused on cybersecurity.
• Social engineering, password, security questions
3. Training of all workforce on P&P, then security.
4. Phish all workforce (esp. leadership).
5. Multi-factor authentication.
Why is this 6.
7.
Signature based antivirus and malware detection.
Internal controls / access controls.
important? 8.
9.
No outdated or unsupported software.
Security patch updates management policy.
10. Backups segmented offline, cloud, redundant.
Incident response plan.
Can AI/ML help? 11.
12. Encrypt sensitive and air-gap hypersensitive data.
13. Adequate logging and retention.
14. Third-party security risk management program.
15. Firewall, intrusion detection and prevention systems.
16. Managed services provider (MSP) or managed security services
provider (MSSP).
17. Cyber risk insurance.
1. Risk assessment.
2. Policies and procedures focused on cybersecurity.
• Social engineering, password, security questions
3. Training of all workforce on P&P, then security.
4. Phish all workforce (esp. leadership).
5. Multi-factor authentication.
Why is this 6.
7.
Signature based antivirus and malware detection.
Internal controls / access controls.
important? 8.
9.
No outdated or unsupported software.
Security patch updates management policy.
10. Backups segmented offline, cloud, redundant.
Incident response plan.
Can AI/ML help? 11.
12. Encrypt sensitive and air-gap hypersensitive data.
13. Adequate logging and retention.
14. Third-party security risk management program.
15. Firewall, intrusion detection and prevention systems.
16. Managed services provider (MSP) or managed security services
provider (MSSP).
17. Cyber risk insurance.
1. Risk assessment.
2. Policies and procedures focused on cybersecurity.
• Social engineering, password, security questions
3. Training of all workforce on P&P, then security.
4. Phish all workforce (esp. leadership).
5. Multi-factor authentication.
Why is this 6.
7.
Signature based antivirus and malware detection.
Internal controls / access controls.
important? 8.
9.
No outdated or unsupported software.
Security patch updates management policy.
10. Backups segmented offline, cloud, redundant.
Incident response plan.
Can AI/ML help? 11.
12. Encrypt sensitive and air-gap hypersensitive data.
13. Adequate logging and retention.
14. Third-party security risk management program.
15. Firewall, intrusion detection and prevention systems.
16. Managed services provider (MSP) or managed security services
provider (MSSP).
17. Cyber risk insurance.
1. Risk assessment.
2. Policies and procedures focused on cybersecurity.
• Social engineering, password, security questions
3. Training of all workforce on P&P, then security.
4. Phish all workforce (esp. leadership).
5. Multi-factor authentication.
Why is this 6.
7.
Signature based antivirus and malware detection.
Internal controls / access controls.
important? 8.
9.
No outdated or unsupported software.
Security patch updates management policy.
10. Backups segmented offline, cloud, redundant.
Incident response plan.
Can AI/ML help? 11.
12. Encrypt sensitive and air-gap hypersensitive data.
13. Adequate logging and retention.
14. Third-party security risk management program.
15. Firewall, intrusion detection and prevention systems.
16. Managed services provider (MSP) or managed security services
provider (MSSP).
17. Cyber risk insurance.
1. Risk assessment.
2. Policies and procedures focused on cybersecurity.
• Social engineering, password, security questions
3. Training of all workforce on P&P, then security.
4. Phish all workforce (esp. leadership).
5. Multi-factor authentication.
Why is this 6.
7.
Signature based antivirus and malware detection.
Internal controls / access controls.
important? 8.
9.
No outdated or unsupported software.
Security patch updates management policy.
10. Backups segmented offline, cloud, redundant.
Incident response plan.
Can AI/ML help? 11.
12. Encrypt sensitive and air-gap hypersensitive data.
13. Adequate logging and retention.
14. Third-party security risk management program.
15. Firewall, intrusion detection and prevention systems.
16. Managed services provider (MSP) or managed security services
provider (MSSP).
17. Cyber risk insurance.
1. Risk assessment.
2. Policies and procedures focused on cybersecurity.
• Social engineering, password, security questions
3. Training of all workforce on P&P, then security.
4. Phish all workforce (esp. leadership).
5. Multi-factor authentication.
Why is this 6.
7.
Signature based antivirus and malware detection.
Internal controls / access controls.
important? 8.
9.
No outdated or unsupported software.
Security patch updates management policy.
10. Backups segmented offline, cloud, redundant.
Incident response plan.
Can AI/ML help? 11.
12. Encrypt sensitive and air-gap hypersensitive data.
13. Adequate logging and retention.
14. Third-party security risk management program.
15. Firewall, intrusion detection and prevention systems.
16. Managed services provider (MSP) or managed security
services provider (MSSP).
17. Cyber risk insurance.
1. Risk assessment.
2. Policies and procedures focused on cybersecurity.
• Social engineering, password, security questions
3. Training of all workforce on P&P, then security.
4. Phish all workforce (esp. leadership).
5. Multi-factor authentication.
Why is this 6.
7.
Signature based antivirus and malware detection.
Internal controls / access controls.
important? 8.
9.
No outdated or unsupported software.
Security patch updates management policy.
10. Backups segmented offline, cloud, redundant.
Incident response plan.
Can AI/ML help? 11.
12. Encrypt sensitive and air-gap hypersensitive data.
13. Adequate logging and retention.
14. Third-party security risk management program.
15. Firewall, intrusion detection and prevention systems.
16. Managed services provider (MSP) or managed security services
provider (MSSP).
17. Cyber risk insurance.
Cyber Risk
Assessment
Cyber Risk
Management Program
Tabletop Deploy
Testing Defenses
Develop,
Implement,
Train on
P&P
#CyberAvengers
thecyberavengers.com
Questions?