Cyber Security in Healthcare 2012: Threats, Trends & Business Priorities

Transcription

1 Cyber Security in Healthcare 2012: Threats, Trends & Business Priorities Brian Contos, Customer Security Strategist and Sr. Director, Emerging Markets, McAfee an Intel Company Las Vegas Nevada, Venetian Hotel, :45AM DISCLAIMER: The views and opinions expressed in this presentation are those of the author and do not necessarily represent official policy or position of HIMSS.

2 Conflict of Interest Disclosure Brian Contos Has no real or apparent conflicts of interest to report HIMSS

3 Learning Objectives Identify the major cyber threat vectors such as malicious insiders, opportunistic attacks, and targeted attacks Answer questions around securely supporting new trends in IT like web 2.0, mobility, cloud, and virtual environments Recognize ways to make security more strategic and aligned with business priorities

4 Agenda Threats Trends Business Priorities

5 Digitization, Access, Dependence Information Gone Viral Circa Event/Technology Circa Event/Technology 20,000 B.C. Cave Paintings 1969 ARPANET 3,100 B.C. Sumerian Cuneiform Markings First language-based writing system 1969 Telnet 500 B.C. Pre-Columbian civilizations use paper 1970 Banking ATMs 350 B.C. Greek Ionic alphabet of 24 letters 1971 FTP 1100 Wax seals used to sign documents , C Programming Language 1455 Guttenberg produces printed bibles using movable type 1973 NCP Later renamed TCP/IP 1755 First comprehensive/authoritative English dictionary 1979 Xerox introduces Ethernet 1800 Library of Congress opens in Washington 1980 Personal Computer 1804 Joseph-Marie Jacquard of France devises an automatic loom 1982 Lotus Charles Babbage builds a prototype of his difference engine 1983 Cellular Technology 1837 Samuel Morse develops telegraph and Morse Code 1988 Internet 1877 Photography 1989 Web Browser based on HTTP 1877 Telephone 1997 Blogs 1897 Radio 1998 Google 1923 Credit Cards 2000 Wikipedia 1928 Television 2001 ipod 1931 Telex (Antecedent to FAX) 2003 Social Networks 1946 Mobile Phones 2004 Podcasting 1958 ARPA Created by President Eisenhower 2005 YouTube 1966 ASCII 2006 Twitter

6 IPv6 (340 Undecillion) 340,282,366,920,938,463,463,374,607,431,768,211,456 4,294,967,296 IPv4

7 Comparative Threat Windows Sea 3,000 BC people in the Mediterranean distributed goods 1,300 BC first recorded pirates Threat Window 1,700 years Air 1859 John Wise distributed mail via air balloon India to NY 1931 first hijacking (Peru) Threat Window 72 years Space 1962 first commercial satellite just five years after Sputnik Access and cost have made it less attractive Different Cultures International Boundaries Complex Jurisdiction Cyber ARPANET1969 / Commercial use NSFNET/MCI Mail 1988 Threat Window zero

8 California Dept. of Public health fined five hospitals a total of $675,000 for failing to prevent unauthorized access to confidential patient records. Breaches Happen Medical provider had to notify over 130,000 people of a data breach due to the loss of digital media with unencrypted patient data. It costs $294 per compromised record for a data breach in Healthcare. Covered entity pays $1 million to the US Dept. of Health and Human Services to settle potential HIPAA violations. Healthcare providers accounted for 113 of 385 of significant breaches at US companies in the 1 st half of 2010.

9

10 Insiders Low-tech Trumps Hi-tech Anything done unintentionally can also be done intentionally with greater impact Trust & Access

11 Who Are They - SAM Why hack when you can recruit It is very important to concentrate on hitting the U.S. economy through all possible means. Osama Bin Laden or plant?

12

13 Lab Assistant: Richard Gibson Medical Office Worker: Liz Arlene Ramirez

14 IP Theft 3,300 Aston Martin V8 Vantages $400 Million in IP

15

16 Industrial Revolution 19th century Mass Production Automation, Efficiency, Scalability

17 Smarter Faster Stronger Research and Destroy Virtual machine Detection Line-by-line debugger detection Re-writes host file Multi-packed, one time, encrypted Rootkits Fuzzing Reverse Engineering Code Auditing

18 Family More than a Decade of Experience, Relationships and Trust Groups Carders Hackers Spammers Bot herders Money Launders Renegade Hosters Malware developers Document forgers Specialized hardware providers Back office services FW, AV, Test Beds

19 Carbon Footprint Over 62 trillion spam messages a year 33 billion kilo-watt-hours per year (2.4 million homes in the U.S.) Greenhouse gases equivalent to 3.1 million passenger cars

20 Botnets By The Numbers Number of Systems: 160,000 Bandwidth: 500 Gbps Number of Systems: 500,000 Bandwidth: 1,500 Gbps Number of Systems: 6,400,000 Bandwidth: 28 Terabits Across over 230 Countries

21 Cameron Diaz Julia Roberts Jessica Biel Gisele Bündchen Heidi Klum Cameron Diaz Piers Morgan Jessica Biel

22

23

24 Targeted Attacks Industrialized Hacking APT Advanced: Custom exploits and other mature tools Persistent: Not a crime of opportunity on a mission Threat: They have money and they are motivated

25

26

27

28

29

30 $45 Billion Industry by 2014 Yankee Group

31 1,600 Tweets a Second 40% Mobile

32 Mobile Phones & Toilets 1.2 billion: India s population 570 million: Mobile phone subscribers 366 million: Regular access to toilets Mobile Internet traffic > traditional computers

33 If Facebook Was a Country #1 Rank Country Population Date of Estimate 1 China 1,340,950,000 December 2nd India 1,190,930,000 December 2nd Facebook 800,000,000 December 2nd USA 310,829,000 December 2nd Indonesia 237,556,000 May 10 th Brazil 190,732,000 August 1 st 2010 People spend over 700 billion minutes per month on Facebook

34 Lessons Learned Just saying no doesn t scale; people will find a way remember wireless access points

35

36

37 HR IT IT Sales Finance

38

39 Mobile Devices Laptops and Desktops Virtualized Desktops Consumerization of IT

40 Life Cycle Provisioning Self-service provisioning sets security policies, configures network connectivity, automatically personalizes devices for users by configuring and other applications. Provisioning epo MGT

41 Application Management Enterprise Make applications available in a secure, role-based way. Offer software for download, links to thirdparty app stores, and web links. This is accomplished via the Enterprise App store. Life Cycle Provisioning Self-service provisioning sets security policies, configures network connectivity, automatically personalizes devices for users by configuring and other applications. IT Operations Support Manage policies and devices and get reports through their web browsers. Consoles access is role based leveraging directory authentication and groups. IT Operations Support Application Management epo MGT Provisioning Security & Authentication Security & Authentication Each device is issued a unique digital certificate to strongly authenticate it to the enterprise network. Compliance Devices are automatically checked prior to network access to ensure that only authorized, managed, and secured devices access enterprise applications and services. Compliance Policy Management Policy Management Security policies and configuration updates are pushed in real-time to the device over-the-air including selective and remote wipe, if the device is lost or stolen.

42 Mobile Devices Laptops and Desktops Virtualized Desktops Consumerization of IT

43 Segment network access based on identity and role 2 3 Check antivirus and OS patch level prior to access to network Guest Network Trusted Network Say Yes Segment network access upon connection 1 No Access 4 Full system interrogation Enforce compliance prior to access Un-Managed Devices Managed Devices

44 Mobile Devices Laptops and Desktops Virtualized Desktops Consumerization of IT

45 VDI Data Center Data Virtual Center Desktop Virtual Infrastructure Desktop Infrastructure AV AV Virtual Desktop / From the Cloud / As a Service AV AV Antivirus for VDI AV Smartphone Tablet Device Laptop Desktop Home System Offloads antivirus processing overhead Increased density yields higher ROI Unified management of physical and virtual security Optimized security specifically designed for virtualization

46

47 Avoid Silos Maximize ROI Maximize ROSI Embrace Agility Make Security Business Relevant Endpoint, network, content Reduced cost - tactical security tasks, training, system, manual efforts, support, licensing, breach-related expenses Reduced risk - integrated discovery, prevention, detection, management, intelligence, response, and audit Data Center, Mobility, Compliance Automation, Minimizing Downtime, Mitigating 0-days, Guarding Networks Improved decision making & planning

48 How? Can?

49 REACTIVE (~3% of IT Budget on Security) COMPLIANT/PROACTIVE (~8% of IT Budget on Security) OPTIMIZED (~4% of IT Budget on Security) TCO (CapEx + OpEx) SECURITY POSTURE SECURITY OPTIMIZATION

50 Consider Endpoints Host IPS Agent DLP Agent Encryption Antivirus Agent NAC Audit Agent Systems Management Agent EVERY SOLUTION HAS AN AGENT EVERY AGENT HAS A CONSOLE EVERY CONSOLE REQUIRES A SERVER EVERY SERVER REQUIRES AN OS/DB EVERY OS/DB REQUIRES PEOPLE, MAINTENANCE, PATC HING WHERE DOES IT END?

51 Optimized Central Management (AV, DLP, NAC, Encryption ) SINGLE AGENT SINGLE CONSOLE

52

53 Connected - Operational Efficiencies CONNECT ENDPOINT, NETWORK, AND CONTENT

54 Connected - Intelligence ENRICH Hundreds of Researchers, Millions of Sensors 75B Web Reputation Queries/mo. 20B Message Reputation Queries/mo. 2.5B Malware Reputation Queries/mo. 2B Botnet C&C IP Reputation Queries/mo.

55 Connected - Processes & Metrics IMPROVE FLOW AND DERIVE MORE EXACTING MEASUREMENTS

56 Cost Reduction - Hardware and Software MINIMIZE INFRASTRUCTURE

57 Cost Reduction - Licenses and Maintenance TAKE ADVANTAGE OF ECONOMIES OF SCALE

58 Cost Reduction - Administrative Resources EASE TIME SPENT ON SLA MONITORING, LEGAL, CONTRACTING

59 Cost Reduction - Compliance and Audit STREAMLINE STATE, FEDERAL, INTERNATIONAL, INDUSTRY, GRC

60 Cost Reduction - Education REDUCE THE TRAINING AND TIME TO PROFICIENCY

61 Cost Reduction - IT Resources REFOCUS IT MORE STRATEGICALLY

62 Risk Mitigation - Manage ADMINISTRATION THROUGH A SINGLE PANE OF GLASS

63 Risk Mitigation - Discover KNOW YOUR ASSETS, VULNERABILITIES, COUNTERMEASURES

64 Risk Mitigation - Protect LEVERAGE INCIDENT PREVENTION

65 Risk Mitigation - Detect and Analyze PREVENTION ISN T 100%

66 Risk Mitigation - Respond A PROCESS; NOT A FIRE DRILL

67 Risk Mitigation - Audit and Report REVIEW, IMPROVE, REPEAT

68 Agility - Threats INSIDERS, INDUSTRIALIZED, APTS

69 Agility - Trends MOBILITY, VIRTUALIZATION, WEB 2.0

70 Agility - Business Priorities DATA CENTER OPTIMIZATION, CLOUD, DATA SECURITY

71 Avoid Silos Maximize ROI Maximize ROSI Embrace Agility Make Security Business Relevant Endpoint, network, content Reduced cost - tactical security tasks, training, system, manual efforts, support, licensing, breach-related expenses Reduced risk - integrated discovery, prevention, detection, management, intelligence, response, and audit Data Center, Mobility, Compliance Automation, Minimizing Downtime, Mitigating 0-days, Guarding Networks Improved decision making & planning

72 Contact Me Blog