CYBER SECURITY OF HARES, TORTOISES AND HEDGEHOGS

Similar documents
DATA Dr. Jan Krancke, VP Regulatory Strategy & Projects CERRE Expert Workshop, Brussels. re3rerererewr

Managing Web Security in an Increasingly Challenging Threat Landscape

A HELPING HAND TO PROTECT YOUR REPUTATION

Security and Compliance challenges in Mobile environment

ENISA s Study on the Evolving Threat Landscape. European Network and Information Security Agency

Protect Yourself in the Cloud Age

Brainloop Cloud Security

AVOIDING ONLINE THREATS CYBER SECURITY MYTHS, FACTS, TIPS. ftrsecure.com

ISS X-Force. IBM Global Services. Angel NIKOLOV Country Manager BG, CZ, HU, RO and SK IBM Internet Security Systems

Evolving Threats and Attacks: A Cloud Service Provider s viewpoint. John Howie Senior Director Online Services Security and Compliance

Top Five Ways to Protect Your Network. A MainNerve Whitepaper

Hong Kong Information Security Outlook 2015 香 港 資 訊 保 安 展 望

Microsoft s cybersecurity commitment

Beyond passwords: Protect the mobile enterprise with smarter security solutions

Seminar: Security Metrics in Cloud Computing ( se)

Enabling Business Beyond the Corporate Network. Secure solutions for mobility, cloud and social media

Information Security. CS526 Topic 1

Web 2.0 and Data Protection. Paul Tsang Security Consultant McAfee

Cloud and Security (Cloud hacked via Cloud) Lukas Grunwald

Security A to Z the most important terms

Endpoint protection for physical and virtual desktops

Mobile Security: Controlling Growing Threats with Mobile Device Management

IBM Security Strategy

Guideline on Safe BYOD Management

Mobile Application Security. Helping Organizations Develop a Secure and Effective Mobile Application Security Program

TLP WHITE. Denial of service attacks: what you need to know

The Information Security Problem

Cyber Security, Fraud and Corporate Account Takeovers LBA Bank Counsel Conference December 2014

white paper Malware Security and the Bottom Line

10 Smart Ideas for. Keeping Data Safe. From Hackers

Information Security in Business: Issues and Solutions

Cloud-Security: Show-Stopper or Enabling Technology?

Securing mobile devices in the business environment

Anthony Minnaar Dept of Criminology & Security Science School of Criminal Justice College of Law University of South Africa

Endpoint protection for physical and virtual desktops

Guide Antivirus. You wouldn t leave the door to your premises open at night. So why risk doing the same with your network?

Internet threats: steps to security for your small business

Top 5 Security Trends and Strategies for 2011/2012 Peter Sandkuijl Europe SE manager network security psandkuijl@checkpoint.com

WEBTHREATS. Constantly Evolving Web Threats Require Revolutionary Security. Securing Your Web World

Securing Your Data In The Cloud: an insiders perspective

THE SMARTEST WAY TO PROTECT WEBSITES AND WEB APPS FROM ATTACKS. Junos WebApp Secure Junos Spotlight Secure

How are we keeping Hackers away from our UCD networks and computer systems?

2012 Bit9 Cyber Security Research Report

Patrick Gray Principal Security Strategist DATA SECURITY CHALLENGES IN THE ALL TOO PUBLIC AND NOT SO PRIVATE SECTORS

This session was presented by Jim Stickley of TraceSecurity on Wednesday, October 23 rd at the Cyber Security Summit.

Mobile Security: The good, the bad, the way forward

Creating A Culture of Security and Privacy in the Digital Age. Dave Welsh Microsoft Corporation dmwelsh@microsoft.com

Hands on, field experiences with BYOD. BYOD Seminar

Emerging risks for internet users

Stop DDoS Attacks in Minutes

Promoting Network Security (A Service Provider Perspective)

Chris Boykin VP of Professional Services

Cloud Computing TODAY S TOPICS WHAT IS CLOUD COMPUTING? ICAC Webinar Cloud Computing September 4, What Cloud Computing is and How it Works

RLI PROFESSIONAL SERVICES GROUP PROFESSIONAL LEARNING EVENT PSGLE 123. Cybersecurity: A Growing Concern for Small Businesses

Network Security in Building Networks

UNCLASSIFIED. Briefing to Critical Infrastructure Sector Organizations on the Canadian Cyber Incident Response Centre (CCIRC)

security changes with Orange focus on your business, we focus on your security

Mobile Security BYOD and Consumer Apps

security peace of mind can drive your business forward

Mobile Devices: Know the RISKS. Take the STEPS. PROTECT AND SECURE Health Information.

Security Practices for Online Collaboration and Social Media

Cyber Security. John Leek Chief Strategist

Think STRENGTH. Think Chubb. Cyber Insurance. Andrew Taylor. Asia Pacific Zone Product Manager Chubb Pro PI, Media, Cyber

Cybersecurity Protecting Yourself, Your Business, Your Clients

Mobile Devices: Know the RISKS. Take the STEPS. PROTECT AND SECURE Health Information.

Defense Media Activity Guide To Keeping Your Social Media Accounts Secure

Wearable Technology Evolution & Security: Grant Brown - Security Strategist Symantec

The Evil Legions - Spam, Hackers and Thieves

Putting Operators at the Centre of

Mobile Security: Top Five Security Threats for the Mobile Enterprise and How to Address Them

Mobility, Security Concerns, and Avoidance

Cisco on Cisco Best Practice Security Practices for Online Collaboration and Social Media

A GUIDE TO SECURITY AND PRIVACY IN A HOSTED EXCHANGE ENVIRONMENT TECHNICAL DOCUMENT

CONNECTED HEALTHCARE. Trends, Challenges & Solutions

3 Marketing Security Risks. How to combat the threats to the security of your Marketing Database

Nokia Networks. security you can rely on

Attacks from the Inside

IBM Endpoint Manager for Mobile Devices

Improving Web Application Security by Eliminating CWEs Weijie Chen, China INFSY 6891 Software Assurance Professor Dr. Maurice Dawson 15 December 2015

Connect With My Team. in real time RELIABLEFAST FAST M SPEED TEAMCONNECT SURF. Know How Guide to Mobile Device Management PEACE OF MIND SPEED NEW

Utilizing Security Ratings for Enterprise IT Risk Mitigation Date: June 2014 Author: Jon Oltsik, Senior Principal Analyst

Your Company Data, Their Personal Device What Could Go Wrong?

End-to-End Secure Cloud Services. Pertino Perspective

IBM Global Small and Medium Business. Keep Your IT Infrastructure and Assets Secure

Advanced Online Threat Protection: Defending. Malware and Fraud. Andrew Bagnato Senior Systems Engineer

BCS IT User Syllabus IT Security for Users Level 2. Version 1.0

Malware & Botnets. Botnets

Deploy secure, corporate access for mobile device users with the Junos Pulse Mobile Security Suite

A Channel Company White Paper. Online Security. Beyond Malware and Antivirus. Brought to You By:

Cybersecurity Kill Chain. William F. Crowe, CISA, CISM, CRISC, CRMA September 2015 ISACA Jacksonville Chapter Meeting August 13, 2015

Windows Server 2003 End of Support. What does it mean? What are my options?

Best Practices for a BYOD World

SOME CLOUDS ARE MEANT TO BE KEPT PRIVATE

Validian. Next Generation Information Policy Management & Intrusion Prevention: Securing Mobile, Cloud & Distributed Computing

Spyware. Michael Glenn Technology Management 2004 Qwest Communications International Inc.

10 Quick Tips to Mobile Security

STOP. THINK. CONNECT. Online Safety Quiz

the Council of Councils initiative

Jort Kollerie SonicWALL

Security in an Increasingly Threatened World. SMS: A better way of doing Two Factor Authentication (2FA)

Transcription:

CYBER SECURITY OF HARES, TORTOISES AND HEDGEHOGS ASIS 12th European Security Conference Gothenburg, April 15 th, 2013

HARE, TORTOISE, HEDGEHOG @ AESOP AND GRIMM http://en.wikipedia.org/wiki/the_tortoise_and_the_hare http://de.wikipedia.org/wiki/der_hase_und_der_igel

ATTACKERS BECOMING MORE AND MORE SOPHISTICATED drive-by attacks removable storage media Threats are becoming privacy single sign on mobile bandwidth increasingly complex Countless updates DDoS attacks Cloud Computing tablet computers 100,000 new Viruses per day vulnerabilities missing experts APPs internationalization malicious code Smartphone ABUSE complex software Hardware Trojans BYOD mobile botnets complex web applications mobile access time to market all IP network different operating systems complex Supply chain

CYBER ATTACKS ARE TAKING PLACE EVERY DAY MAIN REASONS: WEAK IMPLEMENTATIONS/MISSING PATCHES Gaming Industry IT-Security Industry Military Industry Online Shop Security Industry Social Network Internet Radio Online Dating Gov.Organization 100 mio. customer data records stolen, Network out of commission for a month Confidential details on the companies product family stolen Attack via VPN remote access system 24 mio. customer data records stolen Theft of internal and confidential customer documents (e.g., FBI/NSA) Theft of 6.5 mio. SHA1 password hashes Theft of 2.5 mio. MD5 password hashes Theft of 1.5 mio. password hashes Theft of contact details of experts

HOMEWORK HAS TO BE DONE EXTRA MILE IS NEEDED The The Extra Extra Mile Mile Fix the Basics Holistic Approach Business Business Focus Focus

FIX THE BASICS - OUR PRIORITIES FOR CYBER SECURITY SETTING THE SCENE WITH CYBER SECURITY INNOVATIONS Security by Design Privacy and Security Assessment (PSA) Fight against spam and botnets to protect our customers and our infrastructure (ABUSE) Protect our (externally accessible) systems through regular cyber-crash-tests Establishing processes for rapid patch management to all our systems Secure integration of new devices into IT landscapes (also in the BYOD context) Establishing security as an additional criteria for selection of suppliers

BUSINESS FOCUS - BE A SUCCESSFUL LEADER SECURE CONNECTED LIFE AND WORK FOR OUR CUSTOMERS Internal Customers rely on us because we have proven expertise we are problem-solving and not problem-creating we are aware of our different roles External Customers rely on us because we provide guidance and solutions to secure their data inform them frankly and directly about security issues security level is a criteria for product launch security is part of our DNA we take responsibility!

HOLISTIC APPROACH - CONVERGENCE OF SECURITY STAY OPEN-MINDED FOR THE BIGGER PICTURE Combined security forces and expertise Forget about silos Focus on sustainability and transparency Clear, transparent and reliable common rules Avoid Babylonian Confusion Security as Corporate Social Responsibility

THE EXTRA MILE - EARLY WARNING AND TRANSPARENCY OUR HONEY-NETWORK PROVIDES US WITH A REAL TIME VIEW 92 honey pot sensors learned 8,732,125 vulnerabilities within 3 years Up to 400,000 attacks per day a simulated Smartphone has been attacked more than 300,000 times in one year 330 of these attacks were successful, on average, almost one per day Worldwide there are currently almost one billion smartphones in use, think about the threat!

SHARING INFORMATION WHILE AN ATTACK IS HAPPENING WWW.SICHERHEITSTACHO.EU

TELEKOM IS THE MOST TRUSTED COMPANY WHICH COMPANY DO YOU THINK IS TRUSTWORTHY WHEN IT COMES TO THE HANDLING OF PERSONAL INFORMATION? 45% 27% 25% -44% 25% 23% 21% -56% 20% 19% 19% -60% 18% 18% 16% -73% 12% 10% -82% 8% Telekom Amazon Microsoft Vodafone Ebay Apple E-Plus Google Web.de O 2 GMX 1 & 1 Alice Yahoo Facebook Source: Security Report INSTITUT FÜR DEMOSKOPIE ALLENSBACH, Germany, June 2012

10+2 WAYS TO MITIGATE THE RISK 1 2 3 4 5 6 7 8 9 10 +1 +2 The risk of cyber attacks cannot be banned, but there are means to mitigate it. Tear down walls to create transparency. Be open-minded for collaboration (across boarders, industries and companies) and bundle the power. Create platforms for exchange (Cyber Security Summit 2012). Think outside the box (overarching test-centers, official security seals). Neighborhood watch is key to be successful (CERT-Community, SPOCs for rapid alerts). Accept shared responsibilities, e.g. between hard- and software suppliers. Invest in people and tools. Sensitization of employees. Sensitization of public (even the user as weakest link in cyber security has a shared responsibility). Accelerate innovation in Cyber Security, e.g. by cooperating with technology savvy start-up companies. Governments: Create / maintain reliable laws and rules. Governments: Countries should work closer together than ever before.

NO MATTER WHICH ONE WE ARE - LET S BE SMARTER! NO MATTER WHICH ONE WE ARE LET S BE SMARTER!

NO MATTER WHICH ONE WE ARE - LET S BE SMARTER! NO MATTER WHICH ONE WE ARE LET S BE SMARTER!

THANK YOU FOR YOUR ATTENTION! Deutsche Telekom Data Privacy and Data Security Report 2012 http://www.e-paper.telekom.com/epaper-data_privacy_and_data_security_2012/

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information