The objectives of InfoSec are the preservation of confidentiality, integrity,
and availability of systems and information used by an organization’s
InfoSec
Hackers are increasingly relentless,
making the response to information,
security incidents an even more
complex challenge
o Impact of Security Incident
o Financial losses
o Intellectual property theft
o Brand/reputation compromised
o Fraud
o Legal exposure/lawsuit
o Loss of shareholder value
o Extortion
members. These three principles compose the CIA triad:
• Confidentiality involves the protection of assets from unauthorized entities
• Integrity ensures the modification of assets is handled in a specified and
authorized manner
• Availability is a state of the system in which authorized users have
continuous access to said assets
InfoSec is responsible for monitoring, detecting and isolating incidents and
the management of the organization security products, network devices,
end-user devices and systems
• People – maximize the value of your security team in order to build an
effective and efficient monitoring and response program
• Processes – build repeatable, enabled and automated workflows that align
your security intelligence platform with your organization function and
responsibilities
• Technology – optimally leverage environmental data and threat intelligence,
detect advance attacks with Realtime machine analytics, and rapidly
neutralize threats with the industry leading detection and response platform

Process
• Monitoring procedure
• Notification procedure
• Notification and escalation
processes
• Shift logging procedures
• Incident logging procedures
• Compliance monitoring procedure
• Report development procedure
• Incident investigation procedures
Understanding Environment
•SIEM monitoring and correlation
•Antivirus monitoring and logging
•Network and host IDS/IPS monitoring and logging
•Centralized logging platform, Email and spam and filtering
•Creating and maintaining InfoSec
•Web gateway and filtering
•Threat monitoring and intelligence
•Firewall monitoring and management
•Access Identity management
•Vulnerability assessment and monitoring
What is the point of InfoSec?
•Central location to collect information of threats
•External threats
•Internal threats
•User activity
•Loss of system and personal or sensitive data
•Provide evidence in investigation
•Keep organization running
• health monitoring on network and system
 Shift logs, incident logs and turnover
•Detail of the even, impact of the threat to the organization or
asses
•Description of the items found during the investigation which
researching the event
•Recommendation for the next analyst that might be taking
over the incident
SECURITY Organization invest millions of Dollars for business security safeguards per

AWARENESS year and holds IT responsible for online information privacy and security
but that is not sustainable business security model, because cybercriminal
only need one victim to get access into an organization, it only takes one
person to click on a phishing email to expose an entire organization.

Ongoing training and education program is essential.

Threats Jonathan A. Cabante
Impacts Information Security
Remediation practice
Incident Report

WHY SECURITY
MADE SENSE?
• Lost of Business due
to data breaches
• Lost of Business
Integrity and
Reputations
FYI: 85% of hacking and attack are
done inside company infrastructure
and only 15% are done outside
company premises, it is very
important to know since there are
no patches for ignorance
Use of the Internet by PMAXGlobal employee is permitted and encouraged
where such use supports the goals and objectives of the business. However,
access to the Internet through PMAXGlobal is a privilege and all employees must
adhere to the policies governing Computer, Email and Internet usage.
Company employees are expected to use the Internet responsibly and
productively. Internet access is limited to job-related activities only and personal
use is not permitted;.
The equipment, services and technology used to access the Internet are the
property of PMAXGlobal and the company reserves the right to monitor Internet
traffic and monitor and access data that is composed
All sites and downloads are monitored and/or blocked by PMAXGlobal if they
are deemed to be harmful and/or not productive to business.
The installation of software that are not required by business operation is
strictly prohibited (unless necessary as approved by Managing Director).

HOW WE
PROTECT?
• logoff computer when
away from desk
• shutdown computer when
not in used
• never shared password
• change password
regularly as it expires
• never install unnecessary
softwares
• run antivirus regularly
• never plug any BYOD
devices
• never altered any network
settings (Proxy)
PROHIBITED ACTIVITIES
Without prior written permission from PMAXGLOBAL, the Company's computer network may
not be used to disseminate, view or store commercial or personal advertisements, solicitations,
promotions, destructive code (e.g., viruses, Trojan horse programs, etc.) or any other
unauthorized materials.
• have an undue effect on the computer or company network's performance; (downloading
and streaming)
• Sending or posting discriminatory, harassing, or threatening messages or images on the
Internet or via Practicemax/PMAXGlobal email service
• Using computers to perpetrate any form of fraud, and/or software, film or music piracy
• Sending or posting chain letters, solicitations, or advertisements not related to business
purposes or activities
• Or violate any other policies, provisions, guidelines or standards of this agreement or any
other of the Company. Further, at all times users are responsible for the professional,
ethical and lawful use of the computer system. Personal use of the computer is a privilege
that may be revoked at any time.
• Installing software not business related and without administrative permission.
• Illegal copying - Users may not illegally copy material protected under copyright law
• Communication of Trade Secrets (NDA)- Unless expressly authorized to do so, users are
prohibited from sending, transmitting, or otherwise distributing proprietary information,
data, trade secrets or other confidential information belonging to The Company.
Unauthorized dissemination of such material may result in severe disciplinary action as
well as substantial civil and criminal penalties under State and Federal Economic Espionage
laws
 Cost of BREACH
90% of Organization
felt vulnerable to
insider attacks
53% confirmed
attack happened in
their organization
56% Regular
employee
55% privileged users
42% contractors pose
the largest insider
threat concerns
https://erpscan.io/research/industry-databreach-report-
2018/#form-industryFocused
https://enterprise.verizon.com/resources/reports/data-
breach-investigation-report_2015.pdf
THREAT ATTACKS
60% risk factors carried
insider threats
72% related to staff
receiving fraudulent emails
37% privileges
35% weak passwords;
65% can be cracked
36% endpoint access
35% information
technology complexity

https://erpscan.io/research/industry-databreach-report-
2018/#form-industryFocused
 DATA BREACH RISK
ZONES
Cost of a Security Incident

14 million users affected at

a time, resulting more than
145 millions potentially
affected consumers in the US

$62 million biggest ransom

was gained by cryptocurrency
mining

https://www.pewtrusts.org/en/research-and-
analysis/blogs/stateline/2017/11/10/worried-about-hackers-states-
turn-to-cyber-insurance
SITUATIONAL
UNAWARENESS 191 days for business to
identify a data breach
24% did not know if any
user credentials were stolen Ransomware still a top
cybersecurity threat
24% did not know which 39% of malware-related
threat actors exploited their data breaches
organization
More than 700 incidents
23% did not know whether accounts
organization had experienced
an advanced persistent threat
(APT) attack
20% did not know whether
any corporate assets were
hijacked for botnet use
https://erpscan.io/research/industry-databreach-report-
2018/#form-industryFocused
VIOLATION FINES

https://compliancy-group.com/hipaa-fines-
directory-year/
 Human factor continues to be key weakness:
HUMAN FACTOR employee are still falling victim to social attacks,
Many companies today are financial pretexting and phishing, represent 98% of
struggling with security and cyber social incidents and 93% of all breaches.
threats

Most attacks according to research Criminals and Hackers seek out:

indicate that successful attacks
leverage on social engineering and
also use of older vulnerabilities as
well known attacks
Security defense tools such as
AntiVirus, Firewalls, IPS and IDS are
not blocking many attacks
oSteal identities
oObtain access
oStalk, blackmail or publicly humiliate an individual
oPlan to inflict personal harm on an individual
oPlan to cause damage to an organization

Security tools are process require

training and experience

Many companies do not include

people in security training or the
process, while People are common
vulnerable. https://www.hotelbusiness.com/verizon-ransomware-still-a-top-cybersecurity-threat/
PHISHING
SPEAR PHISHING Is an email
attack directed at specific
individual or organization,
attacks are defined by ability
to leverage familiarity and by
the smaller number of
targets

Despite these small number,

the impact can be
devastating to an entire
organization.
EMAIL SECURITY
• Do not trust any email that urgently
requests your personal information,
username or password
• Never click on links in emails until you
confirm the sender is authentic
• Check the FROM: field closely, but know
that sender can be spoofed
• Phishing websites may look real, by using
company logos, and domain names that
might be close mis-spelling or look a likes
• Be suspicious of attachments with a
generic or impersonal message
• Think about the information you are
being asked to provide, legitimate
companies will not ask you to provide
personal or sensitive information over
email
• Legitimate companies will never ask your
to confirm your personal information or
username/password in email
• On eof the most effective ways to sty safe
is to hover your mouse over links in the
message to see if your recognize them
• Do not enroll your business email to any
none business related sites
 PASSWORD
SECURITY
• Create a Strong Password
• Make it long 8 character at
least 13 character ideally
• Make it diverse Insertion:
Example: Windows = Win5?9d0ws
• Make it impersonal Phrase-
based:
Choose a phrase you can
remember
Example: “I love Linux”=
1_<3_L1NuX
• use password vault (LastPass)
to secure credentials
• Do not store credential
information on plain text

https://howsecureismypassword.net/
RANSOMWARE
Can spread the same way as most
traditional viruses; through email
spam and attachments, if opened,
the system is susceptible to the
ransomware.
Ransomware can be delivered
through pirated version of software,
games, game modification,
screensavers and adult websites
Malware may come from
advertisement, videos, pop-up
windows, links on social media
network, or browser plug-ins to
exploit out-of-date browsers or
vulnerable software on a user’s
computer
Ransomware searches for other
network or file shares that are
attached on networked to the
infected machine, if it can access
those files, it will attempt to encrypt
them as well
RANSOMWARE
SECURITY
You can protect yourself and organization’s
network and server from ransomware and
avoid paying the ransom demands

• Stay vigilant when opening email,

verifying sender authenticity and double
checking email content

• Disable pop-up windows in your web

browser, keep browser up to date

• Keep all software, including Antivirus up

to date

• Do not store sensitive information on

your machine (leave everything on
Rdweb)

• Do not download and store none business

related software and programs

• Do not install any application that is none

business related
SENSITIVE DATA Sensitive Data are private and
SHARING SECURITY confidential information about
people, companies or projects –
• Do not overlook printer materials –
applies to both individual and
printed documents and physical files
organization
can contain as much sensitive
information as electronic files
An intellectual property and
• Do not store sensitive data on local
proprietary business information is
machine nor on unsecured portable
coveted by competitors and
storage
criminals
• keep track of Storage media
• Encrypt electronic files
If you don’t protect sensitive data;
• Strictly limit the number of copies
there could be serious
made
consequences:
• Follow company policy on handling
Exposing your and other’s personal
sensitive data nor ePHI
data to criminals
• Limit distribution to those who are
Disclosing customer information and
critical to the discussion
trade secrets to competitors
• Avoid sending confidential
Risk fines and/or legal action for you
document through the mail when
and your employer
possible (use ~HIPAA~ when
Damaging your professional
required to send)
reputation and your employer’s
• Alert recipient to the presence of
brand
confidential data and set
expectation for proper handling

SECURE BROWSING
• Use https when log into a site
(Remember: https doesn’t guarantee
that a sites is safe)
• Use a vpn when you can while
traveling , use to protect your online
activities
• Strictly limit your online activities
(do not log into any secure sites or
perform any financial transactions)
• Avoid transferring sensitive data
while connected to an open access
WiFI network
• Do not connect and access company
sensitive data on public computers
and public networks
• Be cautious about open wifi network
– free and open access wifi networks
are not secure
• Enable multi-factor authentication
when access to sensitive data, if
available
Social network is a great way for people to connect and
share information – a lot of information – with each other
online, but sharing information can sometimes present
potential risks.
Information you post on social networks can be used by
scammer to unlock doors to your company information
and assets.
Criminals and Hackers are great actors, social engineering
is there skills, to manipulate individuals into divulge
confidential, a significant threat to data and systems.
Don’t Think it Can’t Happen to you
Numerous website and reports have highlighted webcam
spying incidents, simple malware allows hackers to
activate cameras and microphones and make recordings
without users knowledge.
PHYSICAL
SAFEGUARDS
• Do not give unauthorized access
to secure areas
• Re-engage locks and doors when
done (close door always)
• Logout or lock your computer
before you walk away
• Lock sensitive files before leaving
your work space
• Don’t share passwords, access
tokens, or badges
• Cover charts so patient
information is not visible Criminals and Hackers might try to break into offices, steal your laptop or
• Use a cover sheet when faxing PHI phone, or learn your network password to get to sensitive data
• Close computer programs
containing patient information
when not in use
• Reduce the amount of PHI that sits
on devices
• Don’t post about patients on
social media
• Do not access on authorized areas
INCIDENT REPORT

To report an incident nor

technical assistance you may
reach out on 1-480-374-7330
or email at
support@practicemax.com

UR (you are) at the center of

SecURity

Do not hesitate to contact

us