Legacy Systems

Social Networking Security

The top three concerns with sharing information on Social Networks are :

  • Data Privacy
  • Impersonation
  • Phishing Bait

Risks / Threats associated with these concerns are:

  • Letting Burglars know your whereabouts
  • Providing stalkers information to track you
  • Providing the data for identity theft 
  • Providing data for corporate espionage
  • Providing data to build profiles on other social networking sites (impersonation)

What to do about it...

Password Management

  • Do not use the same password for all of your accounts. 
  • Passwords for your work and home accounts shoud be different, should be meaningful, but not easy to guess.
  • Do use a password safe solution to store passwords, not a post-it note; e.g. Keepass and Lastpass.

Status Updates

  • Do not share your physical location at every moment of time.
  • Do not share all of your hobbies and family information.
  • Do not share details about the latest organizational goals or accomplishments.

Impersonation

  • Use Google alerts to monitor for identity impersonation
  • Have Marketing manage C-Level Social Netowrking Sites
  • Educate users on the risks associated with Social Networks

Legacy System Security

Challenge:

  • Business is unable to keep pace with the ever changing versions of application and operating systems. This can result due to the financial, resource or technical implications.

Risks:

  • Manufacturers will no longer issue fixes and patches for vulnerabilities that could be exploited by viruses, spyware and other malicious code.

Response:

  • Develop new ways to protect legacy systems and applications from vulnerabilities without impacting current operations.

Approach

  • MUST Use Organization Project Management process

Planning

  • Re-validate
  • That the application/OS is required
  • That the application/OS cannot upgrade
  • Document the agreed to decommission date and what the plan is to replace the application. (This information will be forgotten otherwise.)
  • Identify current environment capabilities:
  • Understand what you have so you can determine what you need
  • Include an Incident Management Plan for each app as part of the deliverables – risk can be reduced, not eliminated

Design 

  • Work from Basics to More complex
  • Apply to high risk systems first and low risk systems last
  • Include DR/BCP

Testing 

  • Apply in Test and UAT environment first when possible
  • DR/BCP should be tested first as it is not always possible to test the changes and rebuilding from scratch is not usually an option

Execution 

  • Be adaptable and be prepared for a few bumps along the way
  • This will be a cyclical process.
  • All applications will not be able to be changed at once
  • There will be multiple hardening activities. They should be segregated in order to identify any issues that might happen and identify the cause. 

 

Incident Response

Cyber Security Incident Response

A Cyber Security Incident Response Program is a key component of an Information Security Program. Risk assessments are an effective measure to reduce incidents, but there must be a capability to detect and manage the incidents that occur. Incident response is complex, requiring planning, people, process, and  technology. Attacks are unpredictable and continuously evolving and improvement of the Incident Management Program and Continuous Monitoring for attacks themselves. Effective information sharing can help an organization identify situations that are of greater severity and demand immediate attention.1

Please note:

  • We do vet all members - All members have been re- vetted within the last 12 months
  • FBI requires members to be U.S. citizens
  • Must pass a background check
  • Must stay active and log into site every 90 days or be re-vetted
  • Meetings are closed. This means members only. Members may bring a guest for recruitment purposes if they vouch for them
  • There are rules of non-disclosure
  • We do not share intellectual property
  • We sanitize what we share
  • What we do share is appropriately classified and marked based on content using the Traffic Light Protocol (TLP)
  • We have a process for content sharing that requires multiple level of approval

InfraGard Member Information Sharing

InfraGard members are encouraged to share incident information with other members so that we can reduce the number of incidents across the community as a whole. Our members are working in the tactical roles, managing the day to incidents in the environment. Working together we have the ability to:

  • Provide situational awareness
  • Operational and tactical risk management actions
  • Strategic response planning to address attacks

The hackers are working together - we need to level the playing field.

InfraGard Houston Information Sharing

As one of the most active chapters in the U.S, the Houston Chapter has many venues for sharing information.

  • Phishing Task Force:  Collaborative effort  to discuss best practices, innovative solutions, investigative techniques, incident response and practical approaches to communicate, perform trending analysis, provide security awareness and defend against phishing attacks in a timely manner
  • Special Interest Group (SIG): Special Interest Groups focus on a specific industry area and focus on topics of interest to that area.
  • Technology Tool Kit (TTK): The Technology Tool Kit (TTK) is intended to provide a collection of cyber security tools and guidance on their utilization, including an OpenSource Cyber Security Tool Repository,  Educational Awareness on Cyber Security Tool Utilization, and Reference Materials for Cyber Security Tools
  • Websites: InfraGard Houston stores TLP White data on the Houston Public website (this one). The national InfraGard site is at http:/www.infragard.org. This site is used for data that is classified such that it cannot be shared on the public site.

 

1 National Institute of Standards and Technology Special Publication 800-61 Revision 2 Natl. Inst. Stand. Technol. Publ. 800-61 Revision 2, 79 pages (Aug. 2012) CODEN: NSPUE2 http://dx.doi.org/10.6028.NIST.SP.600-61r2

InfraGard Houston Home

Welcome to InfraGard Houston!

This is the new InfraGard Houston Alliance public site. Secure chapter content is accessible at https://www.infragard.org

The Houston Chapter of InfraGard provides members of the Critical Infrastructure community a means to share information to prevent, protect, and defend against hostile acts against Critical Infrastructure and Key Resources (CIKR). 

Members will find access to a number of resources that are used on a day to day basis, and find a number of communication portals to assist in protecting critical infrastructure.

If you're a visitor you might want to start at the About us page to find out more about the InfraGard program.

The link to the national public site is https://www.infragard.org

Security Awareness

People are our weakest link. We can implement the best technology and top of the line tools, however if our people do not configure the tools the way they need to be configured, or if the users do not know how to protect themselves and the organization, all of our efforts are in vain. There needs to be a balance across people, process and technology to ensure that business goals are aligned with compliance and implementing security controls in a way that the business enables uses to work effectively and efficiently. Users need to be educated about how their actions effect the organization not only when they are at work, but when at home and on their social networks.

The following Security Awareness communications may be re-used "as is" or branded to reflect your organization identity, based on their individual copyrights. Some of the content has been gathered from the Centre for the Protection of National Infrastructure (CPNI). Using their resources, we have created a set of ready to use posters with the InfraGard logo and replicated them locally to reduce latency issues.

Resource Links:

Security Awareness Content:

Badges / Tailgating

Clear Work Area

Data Disposal

Emails

Passwords

Phishing

USBs

 Please contact us if you would like to learn more about the Phishing Task Force and our other Special Interest Groups who support our Security Awareness content.

Subcategories

Warranty Disclaimer

Warranty Disclaimer: The FBI, InfraGard, and its affiliates provide information, including but not limited to software, documentation, training, and other guidance to be known as “materials”. The materials are provided as-is and we expressly disclaim any and all warranties, express or implied, including, and without limitation, the implied warranties of merchantability, fitness for a particular purpose, non-infringement, quiet enjoyment, and integration, and warranties arising out of course of dealing or usage of trade. You agree that, as between you and the FBI, InfraGard, and its affiliates, you are responsible for the outcome of the use of materials made available, including but not limited to adherence to licensing requirements, and taking legal and regulatory considerations into account. There is no guarantee of accuracy, completeness, timeliness, or correct sequencing of the information provided.