Top Banner
Artificial Intelligence In the Legal and Regulatory Realm Practical Cybersecurity Risk Management Strategies Paul Ferrillo a/k/a Director Fury @PaulFerrillo Shawn Tuma a/k/a The Hulk @ShawnETuma www.thecyberavengers.com #CyberAvengers
30

#CyberAvengers - Artificial Intelligence in the Legal and Regulatory Realm

Jan 22, 2018

Download

Business

Shawn Tuma
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Page 1: #CyberAvengers - Artificial Intelligence in the Legal and Regulatory Realm

Artificial Intelligence In the Legal and Regulatory RealmPractical Cybersecurity Risk Management Strategies

Paul Ferrillo a/k/a Director Fury

@PaulFerrillo

Shawn Tuma a/k/a The Hulk

@ShawnETuma

www.thecyberavengers.com

#CyberAvengers

Page 2: #CyberAvengers - Artificial Intelligence in the Legal and Regulatory Realm

Who are the #CyberAvengers?

Paul Ferrillo“Director Fury”

Chuck Brooks“Thor”

Kenneth Holley“Captain America”

George Platsis“Ironman”

George Thomas“Black Panther”

Shawn Tuma“Hulk”

Christophe Veltsos“Hawkeye”

Page 3: #CyberAvengers - Artificial Intelligence in the Legal and Regulatory Realm

Why do we do what we do?

Page 4: #CyberAvengers - Artificial Intelligence in the Legal and Regulatory Realm

#CyberAvengerswww.thecyberavengers.com

Page 5: #CyberAvengers - Artificial Intelligence in the Legal and Regulatory Realm

Laws and regulations

Types Security Privacy Unauthorized Access

International Laws Privacy Shield GDPR

Federal Laws & Regs. HIPAA, GLBA, FERPA FTC, SEC, FCC, HHS

State Laws 48 states (AL & SD) NYDFS & Colorado FinServ

Industry Groups PCI, FINRA

Contracts 3rd Party Bus. Assoc. Data Security Addendum

Page 6: #CyberAvengers - Artificial Intelligence in the Legal and Regulatory Realm

When does an incident or breach require disclosure?

Page 7: #CyberAvengers - Artificial Intelligence in the Legal and Regulatory Realm

Usually the real-world threats are not so sophisticated

• 63% confirmed breaches from weak,

default, or stolen passwords

• Data is lost over 100x more than stolen

• Phishing used most to install malware

Easily Avoidable Breaches

90% in 2014

91% in 2015

91% in 2016 (90% from email)

Page 8: #CyberAvengers - Artificial Intelligence in the Legal and Regulatory Realm

1. Risk assessment.

2. Policies and procedures focused on cybersecurity.

• Social engineering, password, security questions

3. Training of all workforce on P&P, then security.

4. Phish all workforce (esp. leadership).

5. Multi-factor authentication.

6. Signature based antivirus and malware detection.

7. Internal controls / access controls.

8. No outdated or unsupported software.

9. Security patch updates management policy.

10. Backups segmented offline, cloud, redundant.

11. Incident response plan.

12. Encrypt sensitive and air-gap hypersensitive data.

13. Adequate logging and retention.

14. Third-party security risk management program.

15. Firewall, intrusion detection and prevention systems.

16. Managed services provider (MSP) or managed security services provider (MSSP).

17. Cyber risk insurance.

Common Cybersecurity Best Practices

Page 9: #CyberAvengers - Artificial Intelligence in the Legal and Regulatory Realm

If the basics are so effective, why is it such a problem for everyone to use them?

Page 10: #CyberAvengers - Artificial Intelligence in the Legal and Regulatory Realm

What are artificial intelligence and machine learning?

In a cybersecurity context, AI is software that perceives its environment well enough to identify events and take action against a predefined purpose. AI is particularly good at recognizing patterns and anomalies within them, which makes it an excellent tool to detect threats.

Machine learning is often used with AI. It is software that can “learn” on its own based on human input and results of actions taken. Together with AI, machine learning can become a tool to predict outcomes based on past events.

Source: Maria Korolov, How AI can help you stay ahead of cybersecurity threats, CSO Online (Oct. 19, 2017)

Artificial Intelligence &

Machine Learning

Page 11: #CyberAvengers - Artificial Intelligence in the Legal and Regulatory Realm

1. Risk assessment.

2. Policies and procedures focused on cybersecurity.

• Social engineering, password, security questions

3. Training of all workforce on P&P, then security.

4. Phish all workforce (esp. leadership).

5. Multi-factor authentication.

6. Signature based antivirus and malware detection.

7. Internal controls / access controls.

8. No outdated or unsupported software.

9. Security patch updates management policy.

10. Backups segmented offline, cloud, redundant.

11. Incident response plan.

12. Encrypt sensitive and air-gap hypersensitive data.

13. Adequate logging and retention.

14. Third-party security risk management program.

15. Firewall, intrusion detection and prevention systems.

16. Managed services provider (MSP) or managed security services provider (MSSP).

17. Cyber risk insurance.

Why is this important?

Can AI/ML help?

Page 12: #CyberAvengers - Artificial Intelligence in the Legal and Regulatory Realm

1. Risk assessment.

2. Policies and procedures focused on cybersecurity.

• Social engineering, password, security questions

3. Training of all workforce on P&P, then security.

4. Phish all workforce (esp. leadership).

5. Multi-factor authentication.

6. Signature based antivirus and malware detection.

7. Internal controls / access controls.

8. No outdated or unsupported software.

9. Security patch updates management policy.

10. Backups segmented offline, cloud, redundant.

11. Incident response plan.

12. Encrypt sensitive and air-gap hypersensitive data.

13. Adequate logging and retention.

14. Third-party security risk management program.

15. Firewall, intrusion detection and prevention systems.

16. Managed services provider (MSP) or managed security services provider (MSSP).

17. Cyber risk insurance.

Why is this important?

Can AI/ML help?

Page 13: #CyberAvengers - Artificial Intelligence in the Legal and Regulatory Realm

1. Risk assessment.

2. Policies and procedures focused on cybersecurity.

• Social engineering, password, security questions

3. Training of all workforce on P&P, then security.

4. Phish all workforce (esp. leadership).

5. Multi-factor authentication.

6. Signature based antivirus and malware detection.

7. Internal controls / access controls.

8. No outdated or unsupported software.

9. Security patch updates management policy.

10. Backups segmented offline, cloud, redundant.

11. Incident response plan.

12. Encrypt sensitive and air-gap hypersensitive data.

13. Adequate logging and retention.

14. Third-party security risk management program.

15. Firewall, intrusion detection and prevention systems.

16. Managed services provider (MSP) or managed security services provider (MSSP).

17. Cyber risk insurance.

Why is this important?

Can AI/ML help?

Page 14: #CyberAvengers - Artificial Intelligence in the Legal and Regulatory Realm

1. Risk assessment.

2. Policies and procedures focused on cybersecurity.

• Social engineering, password, security questions

3. Training of all workforce on P&P, then security.

4. Phish all workforce (esp. leadership).

5. Multi-factor authentication.

6. Signature based antivirus and malware detection.

7. Internal controls / access controls.

8. No outdated or unsupported software.

9. Security patch updates management policy.

10. Backups segmented offline, cloud, redundant.

11. Incident response plan.

12. Encrypt sensitive and air-gap hypersensitive data.

13. Adequate logging and retention.

14. Third-party security risk management program.

15. Firewall, intrusion detection and prevention systems.

16. Managed services provider (MSP) or managed security services provider (MSSP).

17. Cyber risk insurance.

Why is this important?

Can AI/ML help?

Page 15: #CyberAvengers - Artificial Intelligence in the Legal and Regulatory Realm

1. Risk assessment.

2. Policies and procedures focused on cybersecurity.

• Social engineering, password, security questions

3. Training of all workforce on P&P, then security.

4. Phish all workforce (esp. leadership).

5. Multi-factor authentication.

6. Signature based antivirus and malware detection.

7. Internal controls / access controls.

8. No outdated or unsupported software.

9. Security patch updates management policy.

10. Backups segmented offline, cloud, redundant.

11. Incident response plan.

12. Encrypt sensitive and air-gap hypersensitive data.

13. Adequate logging and retention.

14. Third-party security risk management program.

15. Firewall, intrusion detection and prevention systems.

16. Managed services provider (MSP) or managed security services provider (MSSP).

17. Cyber risk insurance.

Why is this important?

Can AI/ML help?

Page 16: #CyberAvengers - Artificial Intelligence in the Legal and Regulatory Realm

1. Risk assessment.

2. Policies and procedures focused on cybersecurity.

• Social engineering, password, security questions

3. Training of all workforce on P&P, then security.

4. Phish all workforce (esp. leadership).

5. Multi-factor authentication.

6. Signature based antivirus and malware detection.

7. Internal controls / access controls.

8. No outdated or unsupported software.

9. Security patch updates management policy.

10. Backups segmented offline, cloud, redundant.

11. Incident response plan.

12. Encrypt sensitive and air-gap hypersensitive data.

13. Adequate logging and retention.

14. Third-party security risk management program.

15. Firewall, intrusion detection and prevention systems.

16. Managed services provider (MSP) or managed security services provider (MSSP).

17. Cyber risk insurance.

Why is this important?

Can AI/ML help?

Page 17: #CyberAvengers - Artificial Intelligence in the Legal and Regulatory Realm

1. Risk assessment.

2. Policies and procedures focused on cybersecurity.

• Social engineering, password, security questions

3. Training of all workforce on P&P, then security.

4. Phish all workforce (esp. leadership).

5. Multi-factor authentication.

6. Signature based antivirus and malware detection.

7. Internal controls / access controls.

8. No outdated or unsupported software.

9. Security patch updates management policy.

10. Backups segmented offline, cloud, redundant.

11. Incident response plan.

12. Encrypt sensitive and air-gap hypersensitive data.

13. Adequate logging and retention.

14. Third-party security risk management program.

15. Firewall, intrusion detection and prevention systems.

16. Managed services provider (MSP) or managed security services provider (MSSP).

17. Cyber risk insurance.

Why is this important?

Can AI/ML help?

Page 18: #CyberAvengers - Artificial Intelligence in the Legal and Regulatory Realm

1. Risk assessment.

2. Policies and procedures focused on cybersecurity.

• Social engineering, password, security questions

3. Training of all workforce on P&P, then security.

4. Phish all workforce (esp. leadership).

5. Multi-factor authentication.

6. Signature based antivirus and malware detection.

7. Internal controls / access controls.

8. No outdated or unsupported software.

9. Security patch updates management policy.

10. Backups segmented offline, cloud, redundant.

11. Incident response plan.

12. Encrypt sensitive and air-gap hypersensitive data.

13. Adequate logging and retention.

14. Third-party security risk management program.

15. Firewall, intrusion detection and prevention systems.

16. Managed services provider (MSP) or managed security services provider (MSSP).

17. Cyber risk insurance.

Why is this important?

Can AI/ML help?

Page 19: #CyberAvengers - Artificial Intelligence in the Legal and Regulatory Realm

1. Risk assessment.

2. Policies and procedures focused on cybersecurity.

• Social engineering, password, security questions

3. Training of all workforce on P&P, then security.

4. Phish all workforce (esp. leadership).

5. Multi-factor authentication.

6. Signature based antivirus and malware detection.

7. Internal controls / access controls.

8. No outdated or unsupported software.

9. Security patch updates management policy.

10. Backups segmented offline, cloud, redundant.

11. Incident response plan.

12. Encrypt sensitive and air-gap hypersensitive data.

13. Adequate logging and retention.

14. Third-party security risk management program.

15. Firewall, intrusion detection and prevention systems.

16. Managed services provider (MSP) or managed security services provider (MSSP).

17. Cyber risk insurance.

Why is this important?

Can AI/ML help?

Page 20: #CyberAvengers - Artificial Intelligence in the Legal and Regulatory Realm

1. Risk assessment.

2. Policies and procedures focused on cybersecurity.

• Social engineering, password, security questions

3. Training of all workforce on P&P, then security.

4. Phish all workforce (esp. leadership).

5. Multi-factor authentication.

6. Signature based antivirus and malware detection.

7. Internal controls / access controls.

8. No outdated or unsupported software.

9. Security patch updates management policy.

10. Backups segmented offline, cloud, redundant.

11. Incident response plan.

12. Encrypt sensitive and air-gap hypersensitive data.

13. Adequate logging and retention.

14. Third-party security risk management program.

15. Firewall, intrusion detection and prevention systems.

16. Managed services provider (MSP) or managed security services provider (MSSP).

17. Cyber risk insurance.

Why is this important?

Can AI/ML help?

Page 21: #CyberAvengers - Artificial Intelligence in the Legal and Regulatory Realm

1. Risk assessment.

2. Policies and procedures focused on cybersecurity.

• Social engineering, password, security questions

3. Training of all workforce on P&P, then security.

4. Phish all workforce (esp. leadership).

5. Multi-factor authentication.

6. Signature based antivirus and malware detection.

7. Internal controls / access controls.

8. No outdated or unsupported software.

9. Security patch updates management policy.

10. Backups segmented offline, cloud, redundant.

11. Incident response plan.

12. Encrypt sensitive and air-gap hypersensitive data.

13. Adequate logging and retention.

14. Third-party security risk management program.

15. Firewall, intrusion detection and prevention systems.

16. Managed services provider (MSP) or managed security services provider (MSSP).

17. Cyber risk insurance.

Why is this important?

Can AI/ML help?

Page 22: #CyberAvengers - Artificial Intelligence in the Legal and Regulatory Realm

1. Risk assessment.

2. Policies and procedures focused on cybersecurity.

• Social engineering, password, security questions

3. Training of all workforce on P&P, then security.

4. Phish all workforce (esp. leadership).

5. Multi-factor authentication.

6. Signature based antivirus and malware detection.

7. Internal controls / access controls.

8. No outdated or unsupported software.

9. Security patch updates management policy.

10. Backups segmented offline, cloud, redundant.

11. Incident response plan.

12. Encrypt sensitive and air-gap hypersensitive data.

13. Adequate logging and retention.

14. Third-party security risk management program.

15. Firewall, intrusion detection and prevention systems.

16. Managed services provider (MSP) or managed security services provider (MSSP).

17. Cyber risk insurance.

Why is this important?

Can AI/ML help?

Page 23: #CyberAvengers - Artificial Intelligence in the Legal and Regulatory Realm

1. Risk assessment.

2. Policies and procedures focused on cybersecurity.

• Social engineering, password, security questions

3. Training of all workforce on P&P, then security.

4. Phish all workforce (esp. leadership).

5. Multi-factor authentication.

6. Signature based antivirus and malware detection.

7. Internal controls / access controls.

8. No outdated or unsupported software.

9. Security patch updates management policy.

10. Backups segmented offline, cloud, redundant.

11. Incident response plan.

12. Encrypt sensitive and air-gap hypersensitive data.

13. Adequate logging and retention.

14. Third-party security risk management program.

15. Firewall, intrusion detection and prevention systems.

16. Managed services provider (MSP) or managed security services provider (MSSP).

17. Cyber risk insurance.

Why is this important?

Can AI/ML help?

Page 24: #CyberAvengers - Artificial Intelligence in the Legal and Regulatory Realm

1. Risk assessment.

2. Policies and procedures focused on cybersecurity.

• Social engineering, password, security questions

3. Training of all workforce on P&P, then security.

4. Phish all workforce (esp. leadership).

5. Multi-factor authentication.

6. Signature based antivirus and malware detection.

7. Internal controls / access controls.

8. No outdated or unsupported software.

9. Security patch updates management policy.

10. Backups segmented offline, cloud, redundant.

11. Incident response plan.

12. Encrypt sensitive and air-gap hypersensitive data.

13. Adequate logging and retention.

14. Third-party security risk management program.

15. Firewall, intrusion detection and prevention systems.

16. Managed services provider (MSP) or managed security services provider (MSSP).

17. Cyber risk insurance.

Why is this important?

Can AI/ML help?

Page 25: #CyberAvengers - Artificial Intelligence in the Legal and Regulatory Realm

1. Risk assessment.

2. Policies and procedures focused on cybersecurity.

• Social engineering, password, security questions

3. Training of all workforce on P&P, then security.

4. Phish all workforce (esp. leadership).

5. Multi-factor authentication.

6. Signature based antivirus and malware detection.

7. Internal controls / access controls.

8. No outdated or unsupported software.

9. Security patch updates management policy.

10. Backups segmented offline, cloud, redundant.

11. Incident response plan.

12. Encrypt sensitive and air-gap hypersensitive data.

13. Adequate logging and retention.

14. Third-party security risk management program.

15. Firewall, intrusion detection and prevention systems.

16. Managed services provider (MSP) or managed security services provider (MSSP).

17. Cyber risk insurance.

Why is this important?

Can AI/ML help?

Page 26: #CyberAvengers - Artificial Intelligence in the Legal and Regulatory Realm

1. Risk assessment.

2. Policies and procedures focused on cybersecurity.

• Social engineering, password, security questions

3. Training of all workforce on P&P, then security.

4. Phish all workforce (esp. leadership).

5. Multi-factor authentication.

6. Signature based antivirus and malware detection.

7. Internal controls / access controls.

8. No outdated or unsupported software.

9. Security patch updates management policy.

10. Backups segmented offline, cloud, redundant.

11. Incident response plan.

12. Encrypt sensitive and air-gap hypersensitive data.

13. Adequate logging and retention.

14. Third-party security risk management program.

15. Firewall, intrusion detection and prevention systems.

16. Managed services provider (MSP) or managed security services provider (MSSP).

17. Cyber risk insurance.

Why is this important?

Can AI/ML help?

Page 27: #CyberAvengers - Artificial Intelligence in the Legal and Regulatory Realm

1. Risk assessment.

2. Policies and procedures focused on cybersecurity.

• Social engineering, password, security questions

3. Training of all workforce on P&P, then security.

4. Phish all workforce (esp. leadership).

5. Multi-factor authentication.

6. Signature based antivirus and malware detection.

7. Internal controls / access controls.

8. No outdated or unsupported software.

9. Security patch updates management policy.

10. Backups segmented offline, cloud, redundant.

11. Incident response plan.

12. Encrypt sensitive and air-gap hypersensitive data.

13. Adequate logging and retention.

14. Third-party security risk management program.

15. Firewall, intrusion detection and prevention systems.

16. Managed services provider (MSP) or managed security services provider (MSSP).

17. Cyber risk insurance.

Why is this important?

Can AI/ML help?

Page 28: #CyberAvengers - Artificial Intelligence in the Legal and Regulatory Realm

Cyber Risk Assessment

Strategic Planning

Deploy Defenses

Develop, Implement,

Train on P&P

Tabletop Testing

Reassess & Refine

Cyber Risk Management Program

Page 29: #CyberAvengers - Artificial Intelligence in the Legal and Regulatory Realm

#CyberAvengersthecyberavengers.com

Page 30: #CyberAvengers - Artificial Intelligence in the Legal and Regulatory Realm

Questions?