Cybersecurity
SAM Engagement
Presenter Name
Large Scale Technology Trends Transforming access to people and information
Mobile
Social
Cloud
Big Data
Cybersecurity Environment is Evolving
Cybercrime costs US
economy up to
$140 billion
annually, report says
How hackers
allegedly stole
“unlimited” amounts
of cash from banks in
just a few hours
Universities face a
rising barrage of
cyberattacks
Los Angeles Times [2013]
Ars Technica [2013]
Ars Technica [2013]
Malware burrows
deep into computer
BIOS to escape AV
Forget carjacking,
soon it will be
carhacking
Researchers have discovered one of the first
pieces ever used in the wild that modifies
the software on the motherboard of
infected computers to ensure the infection
can’t be easily eradicated…
Rising cyber security risks to drivers as their
cars become increasingly powered by and
connected to computers have prompted the
US auto-safety regulator to start a new office
focusing on the threat…
The Register [September 2011]
The Sydney Morning Herald [2013]
Cyberattacks on the
rise against US
corporations
New York Times [2013]
Espionage malware
infects rafts of
governments,
industries around
the world
Ars Technica [2013]
Pirated Software is a Key Source of Malware
Criminals embrace
pirated software:
It’s lucrative
Digital
Downloads
It spreads malware
It’s less risky and has a low barrier to entry
Production of
counterfeit software
As a result, one out of three computers with
counterfeit software installed will be infected
by malware
SAM Supports
Your
Cybersecurity
Strategy
You can’t protect what you
don’t know.
For an overall cybersecurity program to be effective, it is necessary to first
have a clear understanding of an organization’s IT infrastructure.
The focus of a Cybersecurity SAM Engagement is to provide customers
with a view of what software is deployed to identify areas of potential risk
and provide high-level guidance on their cybersecurity programs and
policies to help enable good IT software asset management.
Common
Scenarios for
Compromising
Security
Using outdated software.
2014
mission-critical
Use of old software that is no longer supported is a much moreDelivering
attractive
target
performance across all
to cyber thieves, and increases cyber risk.
workloads with faster
A new standard for
missions critical databases
and end-to-end business
intelligence with cloudready technologies and
solutions.
Not updating software.
insights from any data
and a platform for hybrid
cloud.
• In-memory across workloads
• Performance & scale
• Hybrid
cloudup to
Not using the latest version of software or having patches that are
not
• Optimized
date opens doors to cybercrime.
• HDinsight
Comprehensive data
platform solution with
massive strides in mission
critical and business
intelligence capabilities
Comprehensive,
integrated data
management and
business intelligence with
award-winning analytics.
• Cloud BI
Adding software indiscriminately.
Illegal digital downloads, or purchasing online from an unknown vendor
increases the risk of unknowingly downloading malware.
Sharing removable media.
Use of removable media is a common way that inappropriate software is shared
from machine to machine, and can compromise assets, open breaches, or cause
similar problems.
What is Software Asset Management (SAM)?
SAM is a global industry standard
• ISO/IEC 19770-1
• Endorsed by Microsoft and many others
SAM is essential in today’s business world
SAM is a best practice incorporating a set of proven processes
and procedures for managing and optimizing your organization's
IT assets.
SAM is an integral part of the control framework
of any well-run organization
Following SAM best practices results in better information for
decision making and a higher degree of operational excellence;
ultimately driving long-term business value.
Cybersecurity SAM Engagement
A customer
focused SAM
engagement
will help you:
Optimize licensing
Decrease costs
associated with
cyber risk like data
loss, fraud,
support.
Minimize
cybersecurity risks
Secure your IT
infrastructure
Benefits of a
Cybersecurity
SAM
Engagement
Establish a solid foundation for securely managing software assets that
promotes good cybersecurity preventative practices in a holistic,
integrated way.
Become more prepared in order to build a resilient, adaptive IT
infrastructure that can respond to threats.
Support an effective defense against attacks through added policies
and controls.
Decrease costs from data loss, fraud from theft, loss in revenue, labor,
support, employee downtime, cost to locate and reinstall lost data,
customer support, and negative impact to reputation.
What Every Customer Needs to Do
Run Latest Microsoft
& Third-party
Products
Implement
Good Patch
Management
Practices
Align Active
Directory to Current
Threat Environment
Align Active Directory to
Current Threat
Environment
Assess Threats &
Countermeasures of
Assess Threats &
the IT Infrastructure
Countermeasures
of the
and
Operational
IT Infrastructure and
Practices Practices
Operational
Institute Policies
Aimed at Reducing
Cyber Risk
Institute Policies Aimed
at Reducing Cyber Risk
Address Cybersecurity at its Foundational Roots
Priority
1
2
3
4
Cybersecurity SAM Engagement: Step 1
Organizational Profile
Security Considerations
Applications, OS,
and data security
Cybersecurity
Concerns
Infrastructure
Basic information
about the
organization
Environment
Gather preliminary information about
the existing environment, future goals,
and security concerns
People
Cybersecurity Engagement: Step 2
Inventory deployed software
Match installations with licenses
Microsoft
...build a detailed report on your current state
Cybersecurity Engagement: Step 3
A Cybersecurity Assessment will assess your current status using generally accepted security
controls. The assessment will cover topics such as:
•
•
•
•
•
Authorized and Unauthorized Devices
Authorized and Unauthorized Software
Secure Configurations for Hardware and Software
Malware Defenses
Application Software Security
Increasing the efficiency of each control
raises the success rate of the defenses
in the environment.
Deployment
Considerations
for a Secure IT
environment
Frequently install security updates for all software. This is the
simplest, and perhaps most effective, way to protect an organization
Keep anti-virus software active and up-to-date. Run frequent
security scans.
Whenever possible, use the newest versions of applications.
They typically have much stronger security features.
Manage Active Directory roles and access. Validate the
configuration management of applications to ensure there are no security gaps.
Monitor what software and devices employees bring into
the workplace and the network environment. A successful BYOD
program needs to take into account data security risks.
Carefully manage the supply chain. Understand threats that can be
introduced in procurement, configuration, exception management, and disposal.
Genuine
Software
Pirated software puts computers
and data at risk.
Only devices with genuine Microsoft software get important software
updates needed to operate reliably and protect from malware often found
in counterfeit software.
Tips for safer shopping
•
•
•
Make sure you are getting what you paid for. Buy from a reseller
you trust.
Use a secure payment method.
Beware of Product Keys sold separately.
The best way to get everything you expect up front is
to buy genuine Microsoft software preinstalled on a
new PC or from an authorized reseller.
Topics covered
by SAM Policies
and Processes
Managing vulnerabilities
through proper patch
management
Establishing protocols to
secure devices
Addressing change
management
Aligning Active Directory
to the current threat
environment
Creating and managing
an authorized software
media library
Instituting proper
permission management
Training Employees,
vendors, and others
accessing organizational
resources
Example policy: Laptops, workstations, and servers
must be configured so that they will not auto-run
content from removable media, like USB tokens (i.e.,
"thumb drives"), USB hard drives, CDs/DVDs, FireWire
devices, external serial advanced technology
attachment devices, and mounted network shares.
The Path Forward
How secure is the IT
environment?
Where do
cybersecurity
improvement
opportunities exist?
Are there any
licensing issues to
discuss?
Next Steps and Q&A