Security and Privacy

Similar documents
The Next Generation Security Operations Center

Security Analytics for Smart Grid

Getting Ahead of Advanced Threats

IMPLEMENTING A SECURITY ANALYTICS ARCHITECTURE

Rashmi Knowles Chief Security Architect EMEA

The session is about to commence. Please switch your phone to silent!

After the Attack. The Transformation of EMC Security Operations

Advanced Persistent Threats

Advanced SOC Design. Next Generation Security Operations. Shane Harsch Senior Solutions Principal, MBA GCED CISSP RSA

The Future of the Advanced SOC

Cyber Security. John Leek Chief Strategist

Trends in Malware DRAFT OUTLINE. Wednesday, October 10, 12

Advanced Threats: The New World Order

KEY STEPS FOLLOWING A DATA BREACH

Presented by Evan Sylvester, CISSP

Content Security: Protect Your Network with Five Must-Haves

Session 9: Changing Paradigms and Challenges Tools for Space Systems Cyber Situational Awareness

CYBER SECURITY INFORMATION SHARING & COLLABORATION

Into the cybersecurity breach

IBM Security Strategy

I ve been breached! Now what?

What s Wrong with Information Security Today? You are looking in the wrong places for the wrong things.

Software that provides secure access to technology, everywhere.

Teradata and Protegrity High-Value Protection for High-Value Data

10 Smart Ideas for. Keeping Data Safe. From Hackers

Introduction. Jason Lawrence, MSISA, CISSP, CISA Manager, EY Advanced Security Center Atlanta, Georgia

By: Gerald Gagne. Community Bank Auditors Group Cybersecurity What you need to do now. June 9, 2015

What Data? I m A Trucking Company!

Hong Kong Information Security Outlook 2015 香 港 資 訊 保 安 展 望

REVOLUTIONIZING ADVANCED THREAT PROTECTION

Belmont Savings Bank. Are there Hackers at the gate? 2013 Wolf & Company, P.C.

RSA Security Analytics

EMERGING THREATS & STRATEGIES FOR DEFENSE. Stephen Coty Chief Security

Cyber Security Metrics Dashboards & Analytics

Practical Steps To Securing Process Control Networks

I D C A N A L Y S T C O N N E C T I O N

White Paper THE FOUR ATTACK VECTORS TO PREVENT OR DETECT RETAILER BREACHES. By James Christiansen, VP, Information Risk Management

Cyber Warfare. Global Economic Crime Survey. Causes of Cyber Attacks. David Childers, CEO Compli Vivek Krishnamurthy, Foley Hoag LLP. Why Cybercrime?

Advanced Visibility. Moving Beyond a Log Centric View. Matthew Gardiner, RSA & Richard Nichols, RSA

應 用 SIEM 偵 測 與 預 防 APT 緩 攻 擊

Next-Generation Penetration Testing. Benjamin Mossé, MD, Mossé Security

RSA Security Anatomy of an Attack Lessons learned

Logging In: Auditing Cybersecurity in an Unsecure World

Overcoming PCI Compliance Challenges

Think STRENGTH. Think Chubb. Cyber Insurance. Andrew Taylor. Asia Pacific Zone Product Manager Chubb Pro PI, Media, Cyber

Addressing the Full Attack Continuum: Before, During, and After an Attack. It s Time for a New Security Model

Cyber Security and Information Assurance Controls Prevention and Reaction NOVEMBER 2013

Enterprise Cybersecurity: Building an Effective Defense

The Onslaught of Cyber Security Threats and What that Means to You

Westcon Presentation on Security Innovation, Opportunity, and Compromise

BYOzzzz: Focusing on the Unsolved Challenges of Mobility, An Industry Perspective

External Supplier Control Requirements

Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst

defending against advanced persistent threats: strategies for a new era of attacks agility made possible

Agenda , Palo Alto Networks. Confidential and Proprietary.

Gregg Gerber. Strategic Engagement, Emerging Markets

A Case for Managed Security

NATIONAL CYBER SECURITY AWARENESS MONTH

THE PERFECT STORM WEATHERING CYBER THREATS IN THE HEALTHCARE INDUSTRY

The Cloud App Visibility Blindspot

JUNIPER NETWORKS SPOTLIGHT SECURE THREAT INTELLIGENCE PLATFORM

Cybersecurity and internal audit. August 15, 2014

RSA Security Analytics the complete approach to security monitoring or how to approach advanced threats

Operational Lessons from the RSA/EMC CIRC: People, Process, & Threat Intel

Honeywell Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Honeywell Process Solutions (HPS) June 4, 2014

Defending Against Data Beaches: Internal Controls for Cybersecurity

Incident Response. Proactive Incident Management. Sean Curran Director

FERPA: Data & Transport Security Best Practices

Cyber Security An Exercise in Predicting the Future

WHAT EVERY CEO, CIO AND CFO NEEDS TO KNOW ABOUT CYBER SECURITY.

Attachment A. Identification of Risks/Cybersecurity Governance

Cybersecurity The role of Internal Audit

Marble & MobileIron Mobile App Risk Mitigation

Cyber security Building confidence in your digital future

A HELPING HAND TO PROTECT YOUR REPUTATION

Incident Response. Six Best Practices for Managing Cyber Breaches.

Protecting Your Data From The Inside Out UBA, Insider Threats and Least Privilege in only 10 minutes!

Protecting critical infrastructure from Cyber-attack

Securely Yours LLC Top Security Topics for Sajay Rai, CPA, CISSP, CISM

Data Breaches and Cyber Risks

Cybersecurity: What CFO s Need to Know

IBM Cloud Security Draft for Discussion September 12, IBM Corporation

Transcription:

Security and Privacy Matthew McCormack, CISSP, CSSLP CTO, Global Public Sector, RSA The Security Division of EMC 1

BILLIONS OF USERS MILLIONS/BILLIONS OF APPS 2010 Cloud Big Data Social Mobile Devices HUNDREDS OF MILLIONS OF USERS 1990 TENS/HUNDREDS OF THOUSANDS OF APPS LAN/Internet PC Client/Server Source: IDC, 2012 MILLIONS OF USERS 1970 Mainframe, Mini Computer Terminals THOUSANDS/TENS OF THOUSANDS OF APPS 2

802.11 Enabled Wine Refrigerator Destructive Attacks Disruptive Attacks The Unknown?? METHODS Sophisticated Mobile Attacks Intrusive Attacks Advanced DDoS Hacker Collaboration Worms/ Viruses Simple DDoS Phishing Pharming APTs Multi-Stage TIME 2007 2013 2020 3

The Malware Marketplace 4

The Malware Marketplace $8/hr 5

Traditional Security is Not Working! 99% of breaches led to compromise within days or less with 85% leading to data exfiltration in the same time 85% of breaches took weeks or more to discover 84% of data records were stolen as a result of stolen login credentials Source: Verizon 2012 Data Breach Investigations Report 6

The Age of Advanced Threats Who How Cyber Criminals Nation State Actors Hacktivists Advanced Threats Need to evolve with changing threat environment Well funded & well organized Open Source Intelligence Collection Zero-day Vulnerability Research Acutely Targeted Campaigns Black Market Malware Supply Chain Tampering 7

Attack Surface of Social Media Initial monetization Total Commercialization of social media: absence of privacy 2013 Social Media 2020 8

2013 A Year In Hacks *** ZDnet 9

The Community of Attackers Criminals Petty criminals Unsophisticated Organized crime Organized, sophisticated supply chains (PII, financial services, retail) Non-state actors Terrorists PII, Government, critical infrastructure Anti-establishment vigilantes Hacktivists Targets of opportunity Nation states PII, government, defense industrial base, IP rich organizations 10

Security Models Reactive Historical Intelligence Driven New Perimeter-based Static Controls Siloed Management System Risk-based Dynamic/Agile Controls Contextual/Interactive Management System 11

Traditional Reactive Defense Methodology Firewalls Virus Scanning USB Disablement Employee Background Checks Intrusion Detection Intrusion Prevention Policy Overall Network Protection 12

Reactive Model Firewall Virus Scanning Policy Intrusion Detection Intrusion Prevention Employee Background Checks USB Control Perimeter Enforcement VPN 13

Traditional Reactive Defense Methodology Firewalls Virus Scanning USB Disablement Employee Background Checks Intrusion Detection Intrusion Prevention Policy Overall Network Protection 14

Today s Dynamic Risk Management 24x7 Coverage Social Media Profile Monitoring Mobile Devices (BYOD) 802.11 Proliferation Virus Scanning Portable Mass Storage Cloud Storage Software As a Service Monitoring Compliance Automation Policy Enforcement Continuous Training Penetration Testing Employee Social Media presence Big Data Analytics Infrastructure As a Service Monitoring Insider Threat / Counter Intelligence Digital Forensics Ediscovery Packet Capture Audit Logging DLP SEIM Continuous Monitoring Remote Employee Automated Code Analysis Rapid App Development Security Liability Insurance Breach Notification 15

16

CUSTOMERS AND USERS PRIVACY CONFLICTING BUSINESS & GOVERNMENT PII USE 17

Living in a State of Compromise Assume you are compromised and plan for failure It s unrealistic to believe you can keep attackers out of your networks Focus on core IT security concepts: Minimize impact of compliance Control/Monitor Administrative Privileges Make lateral movement difficult Situational Awareness (Visibility to the Infrastructure) Centralize your critical information assets: What/Where they live? How much are they worth? 18

Incident Response as a Cultural Norm Not as a function of Information Security The clock is ticking from the moment a breach starts, how will you react? Well executed plans are often well tested What is your backup email system? Can everyone communicate via encrypted email? Are you using non-affiliated Internet access? If you discover a breach What information would an attacker want? Who has access to it? What are the procedures to remove all access? Who can authorize these steps? What would the impact be to the company? 19

Security Challenges For 2014 No perimiter Hiring Retention Contracts written for static defined effort Expanding mobile and BYOD environment Shrinking Budgets Webified everything Non-Compliant Cloud offerings Mass data stores Increased PII data storage of customers 20

21

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information