CyberArk

CyberArk logo

PRIVILEGE. STOP ATTACKS.

Across the Enterprise – In the Cloud – On Endpoints

Unsecured privileged accounts add risk to your business anywhere they exist—100% of advanced cyber attacks involve them. Seamlessly protect privileged accounts across the enterprise—on premises, in the cloud and on your endpoints with CyberArk. Visit our website to learn why the world’s leading organizations prioritize privileged account security with CyberArk to detect and mitigate threats.

Who Are We?

CyberArk is the only security company focused on eliminating the most advanced cyber threats-- those that use insider privileges to attack the heart of the enterprise.

Dedicated to stopping attacks before they stop business, CyberArk proactively secures against cyber threats before attacks can escalate and do irreparable damage. The company is trusted by the world’s leading companies – including more than 45% of the Fortune 100 – to protect their highest value information assets, infrastructure and applications. CyberArk is a vital security partner to more than 3,075 global businesses.

 A global company, CyberArk is headquartered in Petach Tikvah, Israel, with U.S. headquarters located in Newton, MA. CyberArk also has offices throughout EMEA, Asia-Pacific and Japan. To learn more about CyberArk, visit www.cyberark.com.

 

Social Networking Security

The top three concerns with sharing information on Social Networks are :

  • Data Privacy
  • Impersonation
  • Phishing Bait

Risks / Threats associated with these concerns are:

  • Letting Burglars know your whereabouts
  • Providing stalkers information to track you
  • Providing the data for identity theft 
  • Providing data for corporate espionage
  • Providing data to build profiles on other social networking sites (impersonation)

What to do about it...

Password Management

  • Do not use the same password for all of your accounts. 
  • Passwords for your work and home accounts shoud be different, should be meaningful, but not easy to guess.
  • Do use a password safe solution to store passwords, not a post-it note; e.g. Keepass and Lastpass.

Status Updates

  • Do not share your physical location at every moment of time.
  • Do not share all of your hobbies and family information.
  • Do not share details about the latest organizational goals or accomplishments.

Impersonation

  • Use Google alerts to monitor for identity impersonation
  • Have Marketing manage C-Level Social Netowrking Sites
  • Educate users on the risks associated with Social Networks

InfraGard Houston Members Alliance Home Page

Welcome to InfraGard Houston Members Alliance public web site!

This is the InfraGard Houston Members Alliance public site. Secure chapter content is accessible from the National InfraGard site at https://www.infragard.org

The Houston Chapter of InfraGard provides members of the Critical Infrastructure community a means to share information to prevent, protect, and defend against hostile acts against Critical Infrastructure and Key Resources (CIKR). 

Members will find access to a number of resources that are used on a day to day basis, and find a number of communication portals to assist in protecting critical infrastructure.

If you're a visitor you might want to start at the About us page to find out more about the InfraGard program.

The link to the national public site is https://www.infragard.org

Legacy System Security

Challenge:

  • Business is unable to keep pace with the ever changing versions of application and operating systems. This can result due to the financial, resource or technical implications.

Risks:

  • Manufacturers will no longer issue fixes and patches for vulnerabilities that could be exploited by viruses, spyware and other malicious code.

Response:

  • Develop new ways to protect legacy systems and applications from vulnerabilities without impacting current operations.

Approach

  • MUST Use Organization Project Management process

Planning

  • Re-validate
  • That the application/OS is required
  • That the application/OS cannot upgrade
  • Document the agreed to decommission date and what the plan is to replace the application. (This information will be forgotten otherwise.)
  • Identify current environment capabilities:
  • Understand what you have so you can determine what you need
  • Include an Incident Management Plan for each app as part of the deliverables – risk can be reduced, not eliminated

Design 

  • Work from Basics to More complex
  • Apply to high risk systems first and low risk systems last
  • Include DR/BCP

Testing 

  • Apply in Test and UAT environment first when possible
  • DR/BCP should be tested first as it is not always possible to test the changes and rebuilding from scratch is not usually an option

Execution 

  • Be adaptable and be prepared for a few bumps along the way
  • This will be a cyclical process.
  • All applications will not be able to be changed at once
  • There will be multiple hardening activities. They should be segregated in order to identify any issues that might happen and identify the cause. 

 

Incident Response

Cyber Security Incident Response

A Cyber Security Incident Response Program is a key component of an Information Security Program. Risk assessments are an effective measure to reduce incidents, but there must be a capability to detect and manage the incidents that occur. Incident response is complex, requiring planning, people, process, and  technology. Attacks are unpredictable and continuously evolving and improvement of the Incident Management Program and Continuous Monitoring for attacks themselves. Effective information sharing can help an organization identify situations that are of greater severity and demand immediate attention.1

Please note:

  • We do vet all members - All members have been re- vetted within the last 12 months
  • FBI requires members to be U.S. citizens
  • Must pass a background check
  • Must stay active and log into site every 90 days or be re-vetted
  • Meetings are closed. This means members only. Members may bring a guest for recruitment purposes if they vouch for them
  • There are rules of non-disclosure
  • We do not share intellectual property
  • We sanitize what we share
  • What we do share is appropriately classified and marked based on content using the Traffic Light Protocol (TLP)
  • We have a process for content sharing that requires multiple level of approval

InfraGard Member Information Sharing

InfraGard members are encouraged to share incident information with other members so that we can reduce the number of incidents across the community as a whole. Our members are working in the tactical roles, managing the day to incidents in the environment. Working together we have the ability to:

  • Provide situational awareness
  • Operational and tactical risk management actions
  • Strategic response planning to address attacks

The hackers are working together - we need to level the playing field.

InfraGard Houston Information Sharing

As one of the most active chapters in the U.S, the Houston Chapter has many venues for sharing information.

  • Phishing Task Force:  Collaborative effort  to discuss best practices, innovative solutions, investigative techniques, incident response and practical approaches to communicate, perform trending analysis, provide security awareness and defend against phishing attacks in a timely manner
  • Special Interest Group (SIG): Special Interest Groups focus on a specific industry area and focus on topics of interest to that area.
  • Technology Tool Kit (TTK): The Technology Tool Kit (TTK) is intended to provide a collection of cyber security tools and guidance on their utilization, including an OpenSource Cyber Security Tool Repository,  Educational Awareness on Cyber Security Tool Utilization, and Reference Materials for Cyber Security Tools
  • Websites: InfraGard Houston stores TLP White data on the Houston Public website (this one). The national InfraGard site is at http:/www.infragard.org. This site is used for data that is classified such that it cannot be shared on the public site.

 

1 National Institute of Standards and Technology Special Publication 800-61 Revision 2 Natl. Inst. Stand. Technol. Publ. 800-61 Revision 2, 79 pages (Aug. 2012) CODEN: NSPUE2 http://dx.doi.org/10.6028.NIST.SP.600-61r2

Subcategories

Warranty Disclaimer

Warranty Disclaimer: The FBI, InfraGard, and its affiliates provide information, including but not limited to software, documentation, training, and other guidance to be known as “materials”. The materials are provided as-is and we expressly disclaim any and all warranties, express or implied, including, and without limitation, the implied warranties of merchantability, fitness for a particular purpose, non-infringement, quiet enjoyment, and integration, and warranties arising out of course of dealing or usage of trade. You agree that, as between you and the FBI, InfraGard, and its affiliates, you are responsible for the outcome of the use of materials made available, including but not limited to adherence to licensing requirements, and taking legal and regulatory considerations into account. There is no guarantee of accuracy, completeness, timeliness, or correct sequencing of the information provided.