Autopsy of a Data Breach – Common Mistakes that Lead to Breaches

Milan Koppen, Senior Solution Specialist, Secunia
In July 2013 the US Department of Energy suffered a breach caused by a known vulnerability in one of the applications used to store personal data from employees and their family members. A total of 104,000 records were exposed. Following the incident, the department investigated the chain of events that led to the breach.

The case illustrates some of the common challenges that organizations face when attempting to maintain the security of their technology environments.

The challenges include: fragmented infrastructures and heterogeneous environments; competing priorities between business units; unclear lines of responsibility and undocumented processes; lack of urgency and awareness over cyber security issues and the skills to assess risk; inadequate authority; and ineffective internal communication and coordination.

The in-depth scrutiny of the causes and consequences of this breach gives us the opportunity to reflect upon the challenges we face within our own organization. A case such as this shows that, while basic security principles seem obvious and easy to implement – and many of us assume they are in place – reality can sometimes prove to be very different to theory and best practice recommendations.

Join us, when we analyze the case and the data showing the importance of maintaining an overview and control over IT environments.

Key takeaways:
-Insights into the common challenges that organizations face when implementing an IT security strategy
-Data on the cost and consequences of data breaches
-Best practices for implementing a security baseline
-The importance of vulnerability intelligence to support risk assessment
-The importance of mitigating actions to avoid security breaches
- Q&A session
Feb 4 2014
47 mins
Autopsy of a Data Breach – Common Mistakes that Lead to Breaches
Join us for this summit:
More from this community:

IT Security

  • Live and recorded (5260)
  • Upcoming (140)
  • Date
  • Rating
  • Views
  • Join Tom Kellerman, Chief Cyber Security Officer for Trend Micro, in an informative webinar specifically tailored for corporate executives and directors who need to develop and implement a comprehensive cyber security strategy. Tom will highlight critical information including 2015 cyber threat trends and how risk management strategies have changed.

    During this live webinar, you’ll learn:
    • How to identify, classify, and protect your valuable data assets
    • How to assess your organization’s vulnerability to attack
    • How to measure and mitigate cyber risks cost-effectively
    • And more...
  • A new category of threat is emerging – a threat designed to evade traditional signature-based technologies such as Anti-Virus and Intrusion Detection. Attempting to meet the challenge is a new class of technology, “Advanced Malware Protection” or “AMP,” which is an industry term for technology designed to continuously monitor for, offload and detonate files in a sandbox - safely away from the main environment - to observe and detect malicious objects.

    If a security device produces an alert in the forest, who’s there to hear it?

    The challenge is these next generation advanced malware detection solutions produce so much detail about the suspicious activity that most organizations do not have the resources to thoroughly investigate/analyze. The best technology means nothing if you don’t have the right expertise to react to the alert, quickly decipher complex reports, investigate the threat, and determine the right response. And meanwhile, the threat actors aren’t standing still – they’re developing measures to circumvent controls in some traditional sandbox environments.

    You will learn:
    1.How the threat is evolving and how actors are employing evasive practices to overcome traditional and even some more sophisticated security defenses
    2.Why next generation sandboxing and full-system emulation are the keys to combatting evasive malware threats
    3.The expertise needed to accurately identify and diagnose the threat once the alert is received
    4.How to ensure your organization has the ability to respond effectively to the incident and close all the backdoors a threat actor may have opened
  • 2014 could have easily been called, “The year of the biggest security breaches since the beginning of forever.” But given current security practices and technologies, many of the breaches could have been prevented. So why weren’t they?

    Many of the affected companies fell into a very common trap, thinking that if a company goes to the trouble to be legally compliant then it will be effectively “secure.” Unfortunately, as with many kinds of regulations, legal compliance really represents the absolute least amount of effort required. If companies want to give themselves the best chance to avoid the very severe consequences that come with a major breach, there are five practices they need to put in place now.

    Join Adrian Sanabria, Senior Security Analyst at 451 Research, and Amrit Williams, CTO of CloudPassage, on this webinar to learn
    · Possible gaps left by the compliance-first approach to security
    · How to limit vulnerabilities across traditional, virtual and cloud infrastructures
    · Five best practices to avoid a major security breach in 2015
  • The bring-your-own-device (BYOD) movement has been a huge boon for businesses that put a premium on productivity. File sync and share solutions have emerged to help employees work from anywhere, at any time, on any device. In this BrightTALK exclusive, eFolder explores the top seven features that business should consider when adopting a file sync and share solution. Learn what is required for a file sync and share solution to improve collaboration, maximize productivity, and ensure security.
  • Join Tom Kellermann, Chief Cyber Security Officer for Trend Micro, in an informative webinar specifically tailored for corporate executives and directors who are ready to take the reins of a real and effective plan to secure their organization, their data, and their careers against targeted attacks.

    During this live webinar, you’ll learn:
    • How to identify, classify, and protect your valuable data assets
    • How to assess your organization’s vulnerability to attack
    • How to measure and mitigate cyber risks cost-effectively
  • The Internet of Things (the new buzzword for the tech industry) is increasing the connectedness of people and things on a scale that was once beyond imagination. Connected devices outnumber the world's population by 1.5 to 1.It is expected to eventually touch some 200 billion cars, appliances, machinery and devices globally, handling things like remote operation, monitoring and interaction among Internet-connected products.

    In combination with the fact that there are almost as many cell-phone subscriptions (6.8 billion) as there are people on this earth (seven billion), we have all the ingredients for a Perfect Cyber Storm.

    Join me for an informal discussion of the challenges for our profession, and some possible solutions.
  • Do you feel alone? No resources? No help? If you are like many security practitioners faced with a mountain of tasks each day and a small (or non-existent) team to help, prioritization and efficiency are key. Join Joe Schreiber, Solutions Architect for AlienVault for this practical session outlining habits to get the most out of your limited resources.

    In this session, you'll learn how to develop routines to efficiently manage your environment, avoid time-sucks, and determine what you can do by yourself and where you need help.

    In this practical session, Joe will cover:
    - How to work around the limitations of a small (or one person) team
    - Tips for establishing a daily routine
    - Strategies to effectively prioritize daily tasks
    - Benefits of threat intelligence sharing
    - Critical investigation & response steps when the inevitable incident occurs
  • Do you feel alone? No resources? No help? If you are like many security practitioners faced with a mountain of tasks each day and a small (or non-existent) team to help, prioritization and efficiency are key. Join Joe Schreiber, Solutions Architect for AlienVault for this practical session outlining habits to get the most out of your limited resources.

    In this session, you'll learn how to develop routines to efficiently manage your environment, avoid time-sucks, and determine what you can do by yourself and where you need help.

    In this practical session, Joe will cover:
    - How to work around the limitations of a small (or one person) team
    - Tips for establishing a daily routine
    - Strategies to effectively prioritize daily tasks
    - Benefits of threat intelligence sharing
    - Critical investigation & response steps when the inevitable incident occurs
  • Cutting down on the time taken to complete complex document review cycles allows the modern lawyer to operate at the pace required by their industry.

    Join our webinar to learn top tips for shortening these review cycles without losing document integrity and risking corruption. We’ll also cover what technologies are available to provide a quick and accurate way to improve document review efficiency.
  • FireEye recently released a new report that documents how and why governments around the world are turning to the cyber domain as a cost-effective way to spy on other countries, steal technology, and even wage war.

    Whether it’s sensitive military, diplomatic, or economic information, governments depend on the integrity of their data. If that data falls into the wrong hands, the consequences could be severe.

    In the wake of two apparent state- and government-sponsored attacks, APT1 and APT28, government agencies must understand why they are in attackers’ crosshairs, what attackers might be seeking, and how they can protect themselves.

    Join us for a dynamic discussion with subject matter experts where you will learn:

    •What makes your government-related organization an appealing target – whether you’re a political opponent, business, agency or vendor
    •Why it’s important to determine who could be planning an attack, their motives, and how they might carry out their goals
    •How to assess your level of preparedness and how to protect yourself if you are not ready for this new era of cyber warfare
  • Channel
  • Channel profile
  • How to Mitigate the Risk of Software Vulnerabilities Mar 26 2015 3:30 pm UTC 30 mins
    Software vulnerabilities remain one of the most common attack vectors for security incidents and data breaches, either as the entry point for hackers or the enabler of privileges escalation inside networks.
    Despite awareness of the risk, and the fact that most software vulnerabilities have a fix the day they are made public, organizations continue to fail to execute mitigation actions. The consequence is that we continue to see costly breaches affecting businesses around the globe.
    In this webinar, Marcelo will talk about how the use of vulnerability intelligence can be a game changer to help organizations become better at mitigating the risk of software vulnerabilities.
    Key takeaways:
    -Data related to software vulnerabilities
    -The challenge of prioritizing mitigation
    -How the use of vulnerability intelligence can help support consistent risk reduction
  • Understanding Software Vulnerabilities Mar 24 2015 3:30 pm UTC 30 mins
    Software vulnerabilities remain one of the most common attack vectors for security incidents and data breaches, either as the entry point for hackers or as the enabler of privileges escalation inside networks.
    This webinar demystifies software vulnerabilities, shows how they relate to the wider ecosystem and demonstrates how this knowledge can be used to define strategies and improve security.
    Key takeaways:
    -What is a software vulnerability
    -How a software vulnerability becomes a threat
    -A glimpse of how threats multiply
    -How addressing vulnerabilities impacts risk reduction
  • Reducing the Risk of Targeted Attacks with Intelligence Mar 17 2015 3:00 pm UTC 45 mins
    If your intuitive response to the risk of targeted attacks is to run and get some Advanced Threat

    Protection, do yourself a favour and take a step back. The reality is that, while the number of advanced

    attacks has been increasing, the vast majority of cases still use fairly simple techniques and exploit

    publically known vulnerabilities that can be solved by regular patching or other mitigation actions.

    In this webinar we will talk about how you should use vulnerability intelligence to reduce the attack

    surface for hackers and strengthen resilience before you think of implementing ATP solutions.

    Key takeaways:

    - An overview of a multi-layered security approach

    - How to leverage vulnerability intelligence to reduce risk
  • Deploying a Configuration Manager Lab in Azure via PowerShell Recorded: Dec 16 2014 46 mins
    During this webinar, we will discuss the process of deploying a Microsoft System Center 2012 Configuration Manager lab environment on the Microsoft Azure platform, by using Desired State Configuration, the Azure PowerShell module, and general PowerShell automation.
  • How to mitigate the risk of APT with a multi-layered approach to security Recorded: Dec 11 2014 39 mins
    In this webinar, Andrei Vilcan will present his approach to Information Security and how he and his team work to mitigate the risk of Advanced Persistent Threat attacks at Banca Transilvania.
    He will introduce the aspects of the multi-layered approach to the Information Security strategy he is in charge of implementing, the challenges he faces and his achievements so far.
    As a Secunia CSI user, he will share how the solution helps him in one of the key areas of his strategy: security patch management.

    About Andrei: Andrei is Head of Information Security at Banca Transilvania. He has 23 years of experience in IT Management, the past 6 of which is in IT Security. He works to protect his organization’s assets, including customer data, to ensure that the business can operate without disruptions.
  • Heartbleed, Bash Bug and Poodle: What we learnt from the Big Three in 2014! Recorded: Dec 3 2014 33 mins
    In April, one fairly minor vulnerability - Heartbleed - sent the IT community reeling. Since then we’ve had Shellshock/Bashbug and Poodle.

    2014 was a year of high profile cases that effected massive changes in the IT community - and the lessons learnt should stay top of mind.
  • Focus: Software Vulnerability Management Recorded: Oct 14 2014 36 mins
    RISK.

    Managing risk must start with reducing the cracks and holes through which unwelcome visitors can gain access to any valuables you want to protect.

    Software vulnerabilities are often the entry points used by cybercriminals to get into organizations and escalate attacks. For that reason, having a comprehensive overview and accurate information on software vulnerabilities is one of the critical factors to assess risk and prioritize the actions that will have a strong and consistent impact on reducing the attack surface.

    The immediate result of managing software vulnerabilities is the proactive reduction of risk, but there is another, often overlooked, benefit for organizations. Less cracks and holes means less noise for those who monitor environments for incidents and are responsible for responding to them. The outcome is improved accuracy, faster responses and lower cost.

    In this webinar we explain the intelligence that goes into managing software vulnerabilities, how it differs from basic information about vulnerabilities and how organizations can benefit from intelligence to become more secure.
  • Secunia's Corporate Software Inspector 7.0 Reviewed live Recorded: Aug 19 2014 46 mins
    Walk through Secunia's Corporate Software Inspector, CSI, 7.0 with Microsoft MVP Kent Agerlund, Coretech. Kent will walk through and review Secunia's CSI 7.0 live - while demoing the tool and answering questions. In addition he will review the System Center CnfgMngr 2012 Plug-in - the add on piece to Secunia's CSI 7 solution.
  • Compelling Reasons to use Vulnerability Intelligence Recorded: Aug 12 2014 34 mins
    Dealing with the threat of cyber-attacks becomes more complex as the methods used by hackers to break into organizations and steal valuable assets become more sophisticated. Business leaders panic when hearing about the risks of advanced targeted attacks (ATA), advanced persistent threat (APT) and other acronyms.

    As fairly simple techniques are all it takes to exploit vulnerabilities, and vulnerability exploitation is behind the majority of security breaches, one of the challenges organizations face in the race against cyber-attacks is acquiring trusted information about vulnerabilities to enable security teams to define strategies to mitigate risk.

    In this webinar we will talk about the reasons why vulnerability intelligence is a critical part of an information security strategy. We will discuss how vulnerability research, and the intelligence derived from it, can help organizations improve their security posture.

    Key takeaways:

    What makes vulnerability intelligence trustworthy

    The most effective uses of vulnerability intelligence

    How to leverage vulnerability intelligence to reduce risk
  • Work Smarter Not Harder Recorded: Aug 6 2014 58 mins
    In this one hour session, Microsoft MVP Nash Pherson and Right Click Tools Author Ryan Ephgrave will show day-to-day scenarios that all ConfigMgr Administrators will recognize, but utilize tools that make them easier. These include things like keeping your ConfigMgr infrastructure healthy and happy, taking care of ConfigMgr Clients, and deploying and troubleshooting software updates. Come see the Now Micro Right Click Tools and Secunia Corporate Software Inspector in action!
  • Patching and Compliance: A CISO's perspective to reducing risk Recorded: Jul 15 2014 48 mins
    Join us on Tuesday, July 15th for a Webinar with Larry Whiteside, Chief Information Security Officer for LCRA, as he discusses Patching and Compliance: A CISO's perspective to reducing risk.

    Over the past few years security has gotten caught up in the latest hype or trends related to threats. This has caused many security teams to lose focus of some basic things that can be done to mitigate new and old threats in their environment. In this Webinar we will discuss tride and true techniques to mitigate risk and help security organizations take care of some low hanging fruit.
  • Using PowerShell with ConfigMgr 2012 R2 Recorded: Jun 20 2014 50 mins
    In this session, we will discuss how to use PowerShell with ConfigMgr to make your job easier. You will learn about the integrated cmdlets, as well as how to step out and leverage WMI when you need to handle those ‘special’ PackageFlags and other tasks.
  • ConfigMgr HTTPS Client Communication Recorded: Jun 19 2014 46 mins
    HTTPS client communication enables other features within ConfigMgr including IBCM and Mac OSX support and also increases the security of client communication. The pre-requisite for HTTPS client communication and implementing HTTPS client communication is simple, right? Well, as many have found out, the added complexity of a PKI and certificates makes this task much more complex than it appears at first. This session will cover the not-so-basics along with the multiple possible pitfalls when implementing HTTPS client communication in ConfigMgr.
  • Managing 3rd Party Updates with Microsoft’s System Center Configuration Manager Recorded: Jun 18 2014 48 mins
    Attend this session and learn tips and tricks on how to solve the daily challenges around patching your environment with Microsoft and non-Microsoft updates. We will outline best practices and demonstrate how to effectively patch 3rd party applications in System Center Configuration Manager.
  • Was Heartbleed Really that Critical? Recorded: Jun 18 2014 30 mins
    Was Heartbleed really that critical? What’s all the commotion about? Why did it cause so much trouble?

    Part of the answer lies in the failed disclosure of it. In early April 2014, Heartbleed was the hot topic, not only in the security media, but equally in mainstream vehicles. Very few times in the past has a vulnerability received such extensive media coverage. And even as its newsworthiness lessens, the consequences of Heartbleed continue to develop.

    In this webinar, Secunia’s Director of Research and Security, Kasper Lindgaard will present his views on the disclosure of the Heartbleed vulnerability, and how it exemplifies that an unsuccessful coordinated disclosure increases the risk of exploitation. Kasper will also talk about the impact for technology vendors using the vulnerable Heartbeat in their products, and give an overview of the number of products and vendors affected to date.

    Key takeaways:
    -Insights into the dynamics of vulnerability research and how it impacts security in the context of the Heartbleed event.
    -The impact of Heartbleed for technology vendors.
    -Figures on vendors and products affected.
    -Learnings from the Heartbleed incident for the industry and for security practitioners.
  • Strategies to Prevent ConfigMgr Oopsies Recorded: Jun 17 2014 55 mins
    ConfigMgr 2012 R2 is the most powerful systems management tool available… and that power may keep your manager up at night. This session will cover strategies for developing the people, process, and technical tools required to reduce the risk of an ‘oops’ with ConfigMgr. We will discuss how to develop staff members to appropriately utilize ConfigMgr, common mistakes and how to overcome them, and how to leverage the built-in Role Based Administration security model.
  • System Center Configuration Manager and the art of Compliance Management Recorded: Jun 16 2014 47 mins
    With Compliance Settings aka Management you can combine all the cool features in Configuration Manager into a single set of rule. In this session you will learn how to use compliance settings to control your Windows environment, Apple Mac OS X environment and your mobile devices.
  • Dissecting the 2013 Vulnerability Landscape Recorded: Mar 20 2014 39 mins
    Every year Secunia releases a review of the vulnerability landscape, based on its vulnerability research and data from its Personal Software Inspector (PSI) user base.
    The data in this research helps security professionals around the globe make sense of the evolution of the threat landscape and the trends throughout the year.
    In this webinar, Secunia’s CTO, Morten Stengaard and Head of Research, Kasper Lindgaard, will interpret the data presented in the Secunia Vulnerability Review 2014 and answer questions. The review will be released on 26th February at 20:00 CET.
    Before 26th February, you can pre-register to receive a copy of the review as soon as it is released, at:
    http://secunia.com/resources/reports/vr2014/

    Key takeaways:
    -The number of vulnerabilities and zero-days detected in 2013
    -The security state of browsers and PDF readers
    -How quick vendors are to respond to vulnerabilities
    -Which programs are more vulnerable
  • Custom Data Gathering and Use with ConfigMgr, Part 2 Recorded: Feb 18 2014 50 mins
    This Webinar is a follow-on session from part 1 presented at System Center Universe and will focus on advanced ways to gather use data within System Center Configuration Manager (ConfigMgr); it will build on the part 1 material including some advanced inventory techniques including the use and creation of data discovery records (DDRs). It will also tackles some of the common challenges and how to overcome them when gathering data from managed systems.
  • Icelandair on how to implement a complete patch management strategy Recorded: Feb 12 2014 39 mins
    Join this webinar to hear directly from Icelandair how the international airline took a more proactive approach to preventing cyber attacks.
    In this session, Icelandair will describe the IT security challenges the company faced and how security issues led to investigating solutions that addressed these issues.
    Learn about the security strategy and measures Icelandir have implemented to ensure a robust security platform – specifically in the area of vulnerability intelligence, patch management and patch deployment integration in a Microsoft environment, using System Center Configuration Manager and WSUS.

    Key take aways:

    - Learn from a real-life experience and related insights
    - Understand why it’s important to be proactive instead of reactive
    - 15 minute Q&A with Icelandair and Secunia security specialists
Take pre-emptive action against vulnerabilities and security breaches
Secunia is recognised industry-wide as a pioneer and global player within the IT security ecosystem, in the niche of Vulnerability Management. Our award-winning portfolio equips corporate and private customers worldwide with Vulnerability Intelligence, Vulnerability Assessment, and automated Patch Management tools to manage and control vulnerabilities across their networks and endpoints.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Autopsy of a Data Breach – Common Mistakes that Lead to Breaches
  • Live at: Feb 4 2014 3:00 pm
  • Presented by: Milan Koppen, Senior Solution Specialist, Secunia
  • From:
Your email has been sent.
or close
You must be logged in to email this