Cybersecurity breaches and regulatory compliance are this year's themes. Marriott was sued and fined $124 million for their data breach back in 2014, according to The Wall Street Journal. Capital One leaked 100 million credit applications including Social Security Numbers. Both LabCorp and Quest Diagnostics exposed millions of patients’ medical records. With the General Data Protection Regulation (GDPR) now fully active and the California Consumer Privacy Act (CCPA) on the horizon, there are hefty monetary consequences for mishandling consumer’s data. It’s no longer a slap on the wrist and some bad press coverage for negligent cybersecurity practices. More than ever before, it’s critical for organizations to safeguard sensitive data to maintain the trust of consumers and avoid steep fines. This begs the question: what's the best way that organizations can protect themselves against these consequences of a data breach? I will be presenting research on this very question at BSidesLV and DEFCON this year. In my speaker sessions, I'll share the lessons I've learned from securing organizations around the world for the past 14 years. My talks are set to cover topics on incident response & threat hunting using protocol analyzers, research around modern phishing attacks resulting in Business Email Compromise (BEC) and Network Security Monitoring (NSM) best practices. From responding to hundreds of incidents in the financial and media & entertainment industries, there are simple things organizations could be doing to prevent themselves from becoming the next Marriott. Much of the information I will share comes from a solid foundation of knowing your own environment well enough to identify digital threats. My favorite cybersecurity quote comes from Sun Tzu’s The Art of War:
If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle.
Through my talks at BSidesLV and DEFCON, I'll demonstrate how to baseline an environment so that cybersecurity professionals can first fingerprint normal activity. I'll then share real world examples of modern hacker techniques, allowing attendees to identify and hunt digital threats in their own networks before they evolve into a data breach. You can learn more about my upcoming speaker engagements here.
About the Author: Michael Wylie, MBA, CISSP is the Director of Cybersecurity Services at Richey May Technology Solutions. In his role, Michael is responsible for delivering information assurance by means of vulnerability assessments, cloud security, penetration tests, risk management, and training. Michael has developed and taught numerous courses for the U.S. Department of Defense, DEFCON, Moorpark College, California State Universities, and for clients around the world. Michael is the winner of the SANS Continuous Monitoring and Security Operations challenge coin and holds the following credentials: CISSP, CCNA R&S, CCNA CyberOps, GMON, GPEN, TPN, CEH, CEI, VCP-DCV, CHPA, PenTest+, Security+, Project+, and more. Twitter: @TheMikeWylie. Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.
