2023 Cyber Security Strategy

202 3 Cyber Security Strategy

Risk Based Approach

Risk Assessment Activities

Risk Identification and Selection of Security Controls

Monitoring and Measurement of Security Controls

Implementation of Security Control

2

Identified Risks

• Phishing attacks continue to become much more sophisticated • Geo-Targeted - more targeted and personalized • Impersonation attacks

IoT is evolving and creating a big un-realized risk • 7B devices connected now - 22 billion by 2025

•

• Attacks against cloud service provider platforms continue to increase •

Hackers are compromising credentials and stealing confidential information

• Vulnerabilities in systems and applications are being widely exploited •

could allow unauthorized access, system compromise and theft of confidential information

• New and more sophisticated Ransomware variants are being released everyday • AI-Enhanced variants

• Use of hacking services (HaaS) is on the rise – script kiddies and novice hackers • Ransomware as a service • Information stealers

3

Our Top Focus Areas

• Endpoint Detection & Response • Cloud Service Provider Security • Vulnerability Management & Beyond • Backup Protection • Identity Protection Management • User Awareness & Training • ISO Compliance

4

Implement Endpoint Detection & Response

• Perform real-time continuous monitoring and collection of endpoint data • Monitor and collect activity data that could indicate a threat • Analyze this data to identify threat patterns • Automatically respond to identified threats • Remove or contain threats • Disable compromised accounts • Perform action on system

5

Cloud Service Provider Security

Implement secure authentication • SSO where feasible – Azure AD

•

• Better monitoring and identification of malicious activities • Active security monitoring – daily/weekly reports?

Continuous vulnerability scanning • Quarterly assessments

•

6

Vulnerability Management & Beyond

• Implement automated vulnerability scanning of systems and applications • Real-time endpoint scanning for vulnerabilities Identify and immediately mitigate exploitable vulnerabilities • Exploit code is available in the wild •

Scan IoT devices •

•

Develop secure configuration standards based on device type and identified issues

7

Backup Protection Capabilities

Implement immutable storage backup • Locks backups and prevents them from being modified or changed Use non-domain credentials to manage backups • Protects backup system from unauthorized access through the use of compromised domain credentials

•

•

8

Identity Protection Management

• Evaluate and implement Identity Threat Protection solution • Monitor authentication attempts • Perform real-time continuous monitoring of the darkweb

Implement MFA •

•

VPN and O365

• Review the feasibility of implementing password-less authentication • Windows Hello

9

User Awareness & Training

• Provide annual mandatory and new employee training to employees • Utilize KnowBe4 • Utilize short 2 minute videos in cyber security advisories • A much better approach to get the point across

• Conduct phishing tests every other month •

Provide supplementary training to employees that fall victim

10

ISO Compliance

• Complete monthly security and compliance activities •

Document the results to ensure compliance to ISO27001 requirements

• Complete internal audit in March, 2023 • Address all identified issues

• Complete ISO certification audit in June, 2023

11

Next Steps

• Develop evaluation and implementation plans

• Evaluate technology solutions

• Communicate cost and value to management

• Communicate progress through monthly updates and security team meetings

12