Ransomware Protection and how a Managed Security Service Provider can Protect Oil & Gas Retailers from Being the Next Target Presenters: Ajith Edakandi, Director of Product Management & Marketing Agenda • Housekeeping • Presenters • About Conexxus • Presentation • Q & A

Conexxus: Ransomware Protection and how a Managed Security Service Provider can Protect Oil & Gas Retailers from Being the Next Target Housekeeping This webinar is being recorded and will be made available in approximately 7 days.

• YouTube (youtube.com/conexxusonline) • Website Link (conexxus.org) Slide Deck • Survey Link – Presentation provided at end Participants • Ask questions via webinar interface • Please, no vendor specific questions • Our webinars may be used toward PCI continuing education credits. Please contact [email protected] for questions regarding a certificate of webinar attendance. Email: [email protected]

Conexxus: Ransomware Protection and how a Managed Security Service Provider can Protect Oil & Gas Retailers from Being the Next Target Presenters Conexxus Host Moderator Allie Russell Kara Gunderson Standards Coordinator Chair, Data Security Committee Conexxus POS Manager, CITGO Petroleum [email protected] [email protected]

Speakers

Conexxus: Ransomware Protection and how a Managed Security Service Provider can Protect Oil & Gas Retailers from Being the Next Target About Conexxus • We are an independent, non-profit, member driven technology organization • We set standards… – Data exchange – Security – Mobile commerce • We provide vision – Identify emerging tech/trends • We advocate for our industry – Technology is policy

Conexxus: Ransomware Protection and how a Managed Security Service Provider can Protect Oil & Gas Retailers from Being the Next Target 2020 Conexxus Webinar Schedule Month/Date Webinar Title Speaker Company How to elevate your business through digital January 23, 2020 Dean Marier Cybera transformation Gray Taylor Conexxus February 27, 2020 Progress in the “API Sprint” David Ezell Conexxus Ed Adams Security Innovation Marc Punzirudu ControlScan March 18, 2020 Data Security Beyond PCI: Securing the Enterprise Kara Gunderson CITGO Petroleum Sam Pfanstiel ControlScan April 2, 2020 Presentation by GS1 Liz Sertl GS1

Breach response considerations for the convenience May 7, 2020 Todd McClelland McDermott Will & Emery store and petroleum market

July 16, 2020 How PCI Security Council Is Responding to COVID-19 Troy Leach PCI SSC

Managed Network Service Providers: What you need July 30, 2020 Joint MNSP’s to know 2020 Conexxus Webinar Schedule Month/Date Webinar Title Speaker Company How an Attacker Bypasses Network, Software & Jeff Gibson ControlScan August 27, 2020 Physical Controls Geoffrey Vaughan Security Innovation

September 24, 2020 Lessons Learned with IoT API Integration Scott Cheek SageNet

Ransomware Protection and how a Managed Security October 22, 2020 Service Provider can help Oil & Gas Retailers from Ajith Edakandi Hughes Network being the next target Three Real-World Scenarios That Impact PCI November 12, 2020 Rob Chapman Cybera Compliance

A Step-by-Step approach to Automating Security November 19, 2020 Ash Swamy Omega Response in a Multi-Vendor Environment

December 3, 2020 EMV Webinar TBD TBD

January 2021 Securely Connecting Third-Party Vendors Simon Gamble Mako Networks Thank you to our 2020 Diamond Sponsors

Conexxus: Ransomware Protection and how a Managed Security Service Provider can Protect Oil & Gas Retailers from Being the Next Target Current Threat Landscape What can the traditional security services do and not do. What is Endpoint Protection Agenda Why do you need a Managed Service Provider How do you select the right MSSP

Conexxus: Ransomware Protection and how a Managed Security Service Provider can Protect Oil & Gas Retailers from Being the Next Target Conexxus: Ransomware Protection and how a Managed Security Service Provider can Protect Oil & Gas Retailers from Being the Next Target Typical Methods of attack

Malvertising: Cybercriminals can place their ads on almost any Social Engineering: tricks to fool website, even the most you into downloading their trustworthy sites. If you click on malware from an attachment or a malicious advertisement, URL. you’ll download ransomware onto your device.

Drive by downloads: Attackers can prime websites with Exploit kits: prewritten code malware so that when you visit, designed to take advantage of the site automatically and vulnerabilities in applications, secretly downloads the malware networks, or devices.. onto your device.

Conexxus: Ransomware Protection and how a Managed Security Service Provider can Protect Oil & Gas Retailers from Being the Next Target Conexxus: Ransomware Protection and how a Managed Security Service Provider can Protect Oil & Gas Retailers from Being the Next Target Conexxus: Ransomware Protection and how a Managed Security Service Provider can Protect Oil & Gas Retailers from Being the Next Target Defense in Depth

Conexxus: Ransomware Protection and how a Managed Security Service Provider can Protect Oil & Gas Retailers from Being the Next Target Conexxus: Ransomware Protection and how a Managed Security Service Provider can Protect Oil & Gas Retailers from Being the Next Target Ransomware Attack Example

Attacker sends Spam Filter Inbox Download Web browser Web Filter weaponized e-mail failed invoice failed User clicks on Web address not malicious link blocked

Webpage shows Password Web Filter Anti-Virus Open ZIP archive Enter password password protected ZIP failed failed Automatically Web address not Archive is new and User opens User enters downloaded blocked password malicious archive password protected

Run binary Anti-Virus Binary jumps into Negotiate Web Filter Encryption of files failed trusted process encryption (C&C) failed User runs Binary is Explorer.exe Communication is malicious binary unknown not blocked in archive

Conexxus: Ransomware Protection and how a Managed Security Service Provider can Protect Oil & Gas Retailers from Being the Next Target Current Attacks and Threats

Known Malware Zero-day Fileless attacks • Targeted attacks threats attacks • Low and slow • Insider threats

99%+ of attacks can be <1% require analysis over time prevented with the right & across layers with machine tools learning Conexxus: Ransomware Protection and how a Managed Security Service Provider can Protect Oil & Gas Retailers from Being the Next Target Endpoints

Users and devices exploited

Once penetrated the exploit propagates

Laptops Traditional security stack and Cloud event monitoring solutions might not detect it before its Servers too late. Desktops Phone/Tablet Conexxus: Ransomware Protection and how a Managed Security Service Provider can Protect Oil & Gas Retailers from Being the Next Target Retail Store Environment

Backoffice Fuel Forecourt POS/Kiosks Routers Order Management Gartner Category: Endpoint Detection and Response (EDR) The endpoint detection and response (EDR) market is an • Solutions that have the following emerging security technology capabilities: created to continuously 1. Detect security incidents at the endpoint provide early identification of ongoing 2. Investigate security incidents advanced attacks and to more 3. Contain the incident rapidly respond to detected 4. Remediate endpoints to a pre-infection attacks. state

Conexxus: Ransomware Protection and how a Managed Security Service Provider can Protect Oil & Gas Retailers from Being the Next Target Location #1

Location #2

Security Location #N Operations Center

Managed SIEM Conexxus: Ransomware Protection and how a Managed Security Service Provider can Protect Oil & Gas Retailers from Being the Next Target Key Features to look for in an Endpoint Solution

Prevention AI & Machine Learning Automation

to stop everything you can to detect sophisticated attacks to accelerate investigations

ACROSS NETWORK, ENDPOINT AND CLOUD DATA

Conexxus: Ransomware Protection and how a Managed Security Service Provider can Protect Oil & Gas Retailers from Being the Next Target How do you select the right Service Provider

• 24x7 Managed Detection and Response – Augmented SOC (Security Operations Center) • Relies on a Machine Learning (AI) Technology Leader • Can Deliver Automated Remediation for Ransomware

Conexxus: Ransomware Protection and how a Managed Security Service Provider can Protect Oil & Gas Retailers from Being the Next Target THANK YOU Conexxus: Ransomware Protection and how a Managed Security Service Provider can Protect Oil & Gas Retailers from Being the Next Target • Website: www.conexxus.org • Email: [email protected] • LinkedIn Profile: Conexxus.org • Follow us on Twitter: @Conexxusonline

Conexxus: Ransomware Protection and how a Managed Security Service Provider can Protect Oil & Gas Retailers from Being the Next Target DISCLAIMER: Conexxus does not endorse any products or services that may be described or mentioned in this presentation. The views and opinions expressed in this presentation are solely those of the speakers and not of Conexxus. By hosting this webinar, Conexxus is not providing any legal advice; if you have any questions about legal issues raised or discussed, you should seek the assistance of attorneys who are competent in that area.

Conexxus: Ransomware Protection and how a Managed Security Service Provider can Protect Oil & Gas Retailers from Being the Next Target