Cyb400_Project_Two_Talking_Points
docx
keyboard_arrow_up
School
Southern New Hampshire University *
*We aren’t endorsed by this school
Course
400
Subject
Information Systems
Date
Apr 3, 2024
Type
docx
Pages
5
Uploaded by johnstondarcy
Project Two: Security Assessment Presentation
Presentation Notes
Cyb 400
Adrienne Johnston
SNHU
Title Slide
Slide #1- Title slide only.
Introduction
Slide #2- Introduction slide.
“Welcome everyone and thankyou for your interest in the key findings of Grey Matter’s security assessment of BrainMeld’s IT infrastructure. As you all are aware, Grey Matter recently acquired BrainMeld, and prior to the eventual absorption of BrainMeld’s assets, it was vital we gauge the health of its IT systems already in place. Upon completion of assessment, we uncovered some issues that need immediate attention from the Board of Directors. First, it was uncovered that BrainMeld’s Windows SMB Server has a remote code execution vulnerability.
Second, BrainMeld’s Microsoft service agreement licenses are set to expire before years end
. There are some other issues that need correcting, but they don’t rise to the level of notifying the Board of Directors and can be addressed by departments locally”.
Content
Slide#3-Lets’s Overcomplicate Things.
“Before I dive into the meat and potatoes of why we are here, I want to put your mind at ease. I won’t be throwing terms at you like ransomware, firewalls, virus, malware, HIPAA, spyware, web threat protection, policies, personally identifiable information compliance. I feel as if I already lost half of you just mentioning those. We will navigate through the issues in plain speak,
only touching on the aspects that I feel the Board would find important.
Microsoft Windows Server SMB Exploit
Slide#4-SMB Exploit Explained
“The SMB is the component the lets employees’ access and share files, as well as connect to things like the various printers within the building, as well as for accessing remote services. BrainMeld’s SMB server is unsecure. That means a talented threat actor, from anywhere in the world, insert him or herself into BrainMeld’s network as if he were right in the building tapping away at a workstation. If their talented enough, they can gain access to all of BrainMeld’s files, directories, and all services on the BrainMeld network. There are several things that can result, infect a network, take personal information on ANYONE
noted on the network, but more often than not, hackers will hold an organization hostage through a little thing called ransomware”.
Ransomware Explained
Slide#5-Ransomware Explained
“Ransomware has slowly become the bane of any successful organization, worldwide. The hacker who has inserted themselves in company networks, take control of those networks and everything within them (files, folders, services). Once they have control, they put their own encryption suite around all of it, all of it. Access to your own network will be completely out of reach, even your most talented, clever, experienced IT guru will be helpless in trying to recover control of the network. The only way to get it back… Yep, you pay a ransom. The thief is the only person with the key to the encryption the thief created to start with. These transactions are done in Bitcoin and are impossible to trace. This year alone, ransomware has cost business 20 BILLION dollars, averaging 4 MILLION per company. You can choose not to pay the ransom and expect losing customers, ruined reputation, and possible astronomical fines. Unfortunately, its commonplace to pay the ransom and get on with business with your tail between your legs”.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
SMB Solution
Slide#6-SMB Solution Explained
“All is not lost though! There is a simple solution to this enormous problem
, security updates
!
Microsoft, the vender for the server with the SMB, releases security updates, patches, and hot
fixes
(updates that happen without shutting down the network). They also have live, technical service agents available 24 hours a day , familiar with your components and systems, to assist with any security or operational issues that arise. Once a vulnerability is discovered, they release updates that will fix issues as small as power glitches all they way up to exploits that allow for things like ransomware
. Which leads to our next key finding….”
Microsoft Service Agreement Expiration
Slide#7-Service Agreement Explained
“BrainMeld’s service agreements with Microsoft are set to expire at the end of 2020. As mentioned before, a service agreement is an extremely important partnership between Microsoft and our organization to ensure our systems are protected as well as running optimally. Before Grey Matter can safely join computer system assets with BrainMeld, there needs to be an assurance that Microsoft will be able to manage and fix the network assets during and after acquisition.”
Conclusion
Slide#8-Conclusion Explained
. Grey Matter must renegotiate the vendor contract with Microsoft, for reasons I think you see clearly after this presentation. The SMB vulnerability presented today is a wake-up call to take
system security seriously and an active union with Microsoft is vital to that goal. Grey Matter is growing, and growing pains can be expected, but we need to recognize is that partnerships with Microsoft and other key components to Grey Matter will only help us succeed.”
Questions-Comments-Concerns
Slide#9-Q&A