International Public Safety Association - Q+A: How a cyberattack can bring down your department & how to identify, respond, recover

INTERNATIONAL PUBLIC SAFETY ASSOCIATION
Together we are stronger

Newsletters Career Opportunities Sponsorship/Advertisement

Home
Q+A: How a cyberattack can bring down your department & how to identify, respond, recover

Q+A: How a cyberattack can bring down your department & how to identify, respond, recover

31 Aug 2017 09:26 | IPSA (Administrator)

By M.K. Palmore, CISSP, FBI

Mr. M.K. Palmore was a 2017 IPSA Webinar Week instructor. Hundreds of public safety professionals attended the event How a cyberattack can bring down your department & how to identify, respond, recover. The IPSA selected the top questions by the audience and Palmore responded.

What is your opinion of the recommended NIST password changes?

There has been a fair amount of concentration on the development of complex passwords, but not enough emphasis on the ability of two-factor authentication (2FA) to mitigate threats. 2FA is a largely effective counter to the threat actor’s ability to infiltrate systems and is readily available to both consumers and businesses as an effective control measure. I would highly recommend its implementation and use.

What is Assurance Process Integration?

Quality assurance is an existing process used in most manufacturing and software development. It is the periodic, but formalized testing that ensures that an end product meets all necessary requirements. Information security should be a part of the assurance process. While testing functionality, information security should be tested ensuring the completeness of the product or system.

I heard that dark web healthcare records are often sold for $400 per patient record, is this true?

Patient records are more valuable than any data currently offered on the dark web. These records last for the life of the victim and sometimes beyond. The value fluctuates, but they are consistently amongst the highest in value and desire to obtain by cybercriminal threat actors.

Does this happen in other public safety professions (e.g. law enforcement, fire)?

Any business or entity that has operations utilizing networked environments can fall victim to a cyberattack. It is a common belief in the security business that obscurity is not a defense.

What are the six areas of the incident response playbook?

Preparation, Identification, Containment, Eradication, Recovery and Lessons Learned are the six areas generally covered in developing an incident response “playbook.”

About the Author

M.K. Palmore, CISSP, is a Senior Federal Law Enforcement Executive and has strong leadership and mentoring skills responsible for cybersecurity, risk management and strategic-vision creation and implementation. His skilled competencies and areas of excellence include Cybersecurity, Enterprise Risk Management, Governance & Compliance, Information Security Program Development, Digital Forensics, InfoSec Incident Response & Management, Physical Security, Executive-Protection, Crisis Response & Management, Business Continuity and Disaster Response Planning.