A School s Blueprint to Secure Everything

Similar documents
Empowering Wholesale Customers: WWAN/ Machine to Machine APR 2015

The Industrial Internet of Things. Overcoming Adoption Challenges to Release the Value Within IIoT

Symantec Endpoint Security Management Solutions Presentation and Demo for:

Preparing for a Cyber Attack PROTECT YOUR PEOPLE AND INFORMATION WITH SYMANTEC SECURITY SOLUTIONS

Confidence in a Connected World. MEEC Symantec Product Availability. John Lally MD Education Account Executive John_Lally@symantec.

Hong Kong Information Security Outlook 2015 香 港 資 訊 保 安 展 望

Right-Sizing M2M Security: The Best Security is Security Tailored to Your Application

Big Data in Action: Behind the Scenes at Symantec with the World s Largest Threat Intelligence Data

Cisco Advanced Malware Protection

WHITE PAPER Security in M2M Communication What is secure enough?

Mobile, Cloud, Advanced Threats: A Unified Approach to Security

IBM Security Strategy

Protecting Your Organisation from Targeted Cyber Intrusion

Secure Your Mobile Workplace

Leading by Innovation McAfee Endpoint Security The Future of Malware-Detection: Activate protection on all Layers outside the Operating System

Ovation Security Center Data Sheet

Internet of Things (IoT): Security Awareness. Sandra Liepkalns, CRISC

End-user Security Analytics Strengthens Protection with ArcSight

The Internet of Things: Opportunities & Challenges

The Internet of Things (IoT) Opportunities and Risks

Fighting Advanced Threats

Ovation Security Center Data Sheet

Symantec Mobile Security

End to End Security do Endpoint ao Datacenter

BYOzzzz: Focusing on the Unsolved Challenges of Mobility, An Industry Perspective

The User is Evolving. July 12, 2011

Is Your Vendor CJIS-Certified?

Attunity Better Data Movement For The Internet Of Things

Internet threats: steps to security for your small business

Netzwerkvirtualisierung? Aber mit Sicherheit!

How To Understand The Power Of The Internet Of Things

Honeywell Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Honeywell Process Solutions (HPS) June 4, 2014

Cybercrime myths, challenges and how to protect our business. Vladimir Kantchev Managing Partner Service Centrix

Fog Computing and the Internet of Things: Extend the Cloud to Where the Things Are

Protect Your IT Infrastructure from Zero-Day Attacks and New Vulnerabilities

PROTECTION FOR SERVERS, WORKSTATIONS AND TERMINALS ENDPOINT SECURITY NETWORK SECURITY I ENDPOINT SECURITY I DATA SECURITY

What Do You Mean My Cloud Data Isn t Secure?

Into the cybersecurity breach

Getting Started with the iscan Online Data Breach Risk Intelligence Platform

Practice Good Enterprise Security Management. Presented by Laurence CHAN, MTR Corporation Limited


Addressing Evolving Threats & Responses in a MITA 3.0 World Robert Myles, CISSP, CISM

Symantec Endpoint Protection

Product Roadmap Symantec Endpoint Protection Suzanne Konvicka & Paul Murgatroyd

24/7 Visibility into Advanced Malware on Networks and Endpoints

future data and infrastructure

Big Data Use Cases Update

PC Proactive Solutions Technical View

M2M & Internet of Things Opportunities

Securing the Internet of Things WHITEPAPER

How Attackers are Targeting Your Mobile Devices. Wade Williamson

Speed Up Incident Response with Actionable Forensic Analytics

Cisco Advanced Services for Network Security

Securing the endpoint and your data

Cisco & Big Data Security

overview Enterprise Security Solutions

The Benefits of SSL Content Inspection ABSTRACT

Industrial Security Solutions

Sophistication of attacks will keep improving, especially APT and zero-day exploits

Leveraging innovative security solutions for government. Helping to protect government IT infrastructure, meet compliance demands and reduce costs

INVESTIGATIONS REPORT

WHITEPAPER. Fraud Protection for Native Mobile Applications Benefits for Business Owners and End Users

Cybersecurity: An Innovative Approach to Advanced Persistent Threats

Connected Intelligence and the 21 st Century Digital Enterprise

Information Technology Solutions

Symantec Endpoint Protection

Are you prepared to be next? Invensys Cyber Security

API Management: Powered by SOA Software Dedicated Cloud

Secure Clouds - Secure Services Trend Micro best-in-class solutions enable data center to deliver trusted and secure infrastructures and services

Security Frameworks. An Enterprise Approach to Security. Robert Belka Frazier, CISSP

IBM Endpoint Manager Product Introduction and Overview

Modern Cyber Threats. how yesterday s mind set gets in the way of securing tomorrow s critical infrastructure. Axel Wirth

Unified Security, ATP and more

Symantec Consulting Services

Seven Things To Consider When Evaluating Privileged Account Security Solutions

Defending Against Data Beaches: Internal Controls for Cybersecurity

Securing Remote Vendor Access with Privileged Account Security

Cyber Security. BDS PhantomWorks. Boeing Energy. Copyright 2011 Boeing. All rights reserved.

McAfee - Overview. Anthony Albisser

Security Information & Event Management (SIEM)

Preemptive security solutions for healthcare

Securing Internet Facing. Applications. Technical White Paper. configuration drift, in which IT members open up ports or make small, supposedly

Intel Cyber-Security Briefing: Trends, Solutions, and Opportunities

PCI Data Security Standards (DSS)

Cisco Advanced Malware Protection for Endpoints

McAfee Network Security Platform

The Internet of Things Risks and Challenges

Concierge SIEM Reporting Overview

Microsoft s cybersecurity commitment

Transcription:

A School s Blueprint to Secure Everything Renault Ross CISSP, MCSE, CCNA, CHSS, CCSK,VCP5 US Information Security & Privacy Architect Public Sector Strategic Programs

Agenda Key Trends & Snapshot of Today s Threat Landscape Security Challenges in Securing Everything Recommendations and Strategies

Technology Trends DATA GROWTH CONSUMERIZATION Mobile Social IT-IFICATION KEY TRENDS CLOUD VIRTUALIZATION THREAT LANDSCAPE

Technology Trends DATA GROWTH CONSUMERIZATION Mobile Social IT-IFICATION KEY TRENDS CLOUD VIRTUALIZATION THREAT LANDSCAPE

Technology Trends DATA GROWTH CONSUMERIZATION Mobile Social IT-IFICATION KEY TRENDS CLOUD? VIRTUALIZATION THREAT LANDSCAPE

Internet of Things Auto Telematics In-vehicle entertainment Navigation Safety services Concierge services Remote diagnostics Personalized insurance Manufacturing Supply chain management Geo-fencing Machine diagnostics Inventory control Industrial automation control Equipment monitoring Retail & Finance Smart payments, cards Point of sale terminals ATM Vending machine monitoring Digital signage and electronic billboards Healthcare Home healthcare and hospital patient monitoring Remote telemedicine & physician consultation Body sensor monitoring Utilities Meter reading Industrial controls Pro-active alerts Smart Grid applications Remote temperature control Consumer Services Smart home appliances Connected home Video feed monitoring

Threat Landscape A fundamental shift Old Motivation Hacking Cyber Crime Cyber Espionage Cyber Warfare 7

What s in common between Miss Teen and a Businessman?

THEY ARE BOTH TARGETED FOR ATTACK

Targeted Attacks up 42% in 2012

Targeted Attacks by Industry Manufacturing Finance, Insurance & Real Estate Services Non-Traditional Government Energy/Utilities Services Professional Wholesale Retail Aerospace Transportation, Communications, Electric, Gas Manufacturing moved to top position in 2012 But all industries are targeted 2% 2% 2% 1% 8% 10% 12% 17% 19% 24% 0% 10% 20% 30%

2 Infection vectors

The vulnerability being exploited is the browser and plugins Plugins (flash, Acrobat, Silverlight, Skype ) Browser IPS Code (php, ActiveX javascript, AS3) Browser Host IPS Protocol (HTTP, HTTPS) Network (IP)

Threat Landscape How are we being attacked? It can start with an attachment Buried inside may be an embedded Flash object Which leverages a vulnerability to deliver malware

Threat Landscape How are we being attacked? More likely it will be a link Seems innocuous, right? Well not so fast Hover over the link to see the real link buried underneath Clicking the link brings you to a malicious web site

Threat Landscape How are we being attacked? Or the web site itself will infect you just by visiting it For example, the neighborhood pizza store might be infected How many pizza stores have a fulltime IT guy on staff looking out for trouble?

2010 Trends Mobile Threats There s an app for that

Threat Landscape Why is it hard to stop attacks? Hacker develops threat Hacker uses Tool to obfuscate executable Tool generates clones that differ at the byte-level This is my first virus that I plan to use to steal key and passwords from unsuspecting victims. Use cloud scanner to check for detection Ijis kks my alsiep siilf that pasje ata see ps stwe ake adas pasowallsie sppfr ausupeasect ffi Ijis kks my alsiep siilf that pasje ata see ps stwe ake adas pasowallsie sppfr ausupeasect ffi Kjjkjjj sdkjhkjsj398jid 9-2 -02-00 3984 2 3 030984 1299-04 1-03---0-23li jkjdunjjdpe d. Ista asbin lsiked lipole alskk askf hwpks pollasjjfklg toalkkst pooldajao sjfkg asklfa klla oek Release undetected variants

The Internet of Things Is a Broad Area HVAC Transport Fire & Safety Servers Storage Lighting PC, Routers Switches Security Access, etc. Turbines Tanks, Fighter Jets Microprocessors Windmills Batteries Generators Motors, Drills Fuel Cells Alternative Rigs, Derricks, Well Heads, Pumps, Pipelines ENERGY CONSUMER & HOME IoT (Internet of Things) IT & NETWORKS Battlefield Comms SECURITY/PUBLIC SAFETY Homeland Security RETAIL POS Terminals Tags INDUSTRIAL Cash Registers Vending Machines Signs, etc. PDAs Implants, Surgical Equipment Pumps, Monitors Telemedicine Automobiles Ships Pumps, Valves, Vats, Conveyors, Pipelines Meters, Drives, Converting, Fabrication Assembly/Packaging, Vessels. * Adapted from Beecham Research Tolls, etc. Traffic Lights Planes

The Rising Number of Things Today, 7 billion people, 9 billion connected devices! By 2020, 50 billion things connected to the Internet 2020 2010 2015 12.5B 25B 50B 2003 500M *From Cisco UBSG, April 2011

Architecture Matters Application logic, data and analytics can be placed anywhere Local/Edge Gateway Cloud Enterprise Application Data Analytics

Trust / Governance When a device is contacted for the first time (a user, another device), is it trusted? PKI as a root of trust Employ reputation Leverage a separate trusted channel Governance: Policy definition, management, and enforcement Compliance

Identity Billions of devices are going to be interconnected, so it is necessary to manage their identities in a scalable way Eventually, each device will be addressable on the Internet to support end-to-end communication, so it requires a scalable way to discover a device s address given its identity

Fault Tolerance Devices may become faulty and stop working and even get compromised Many devices deployed in the field where there s no management capability Fault tolerance: Remote monitoring Fault discovery by e.g., anomaly detection, intrusion detection, or remote diagnostics Remote reboot, reprogramming, and software update End-point protection by e.g., lock-down

Communications Heterogeneous communications: Ethernet, dail-up, optics WiFi, Celluar, ZigBee, Bluetooth, WiMax Different requirements for communication: Low transmission latency for control networks Small payload size, e.g., 8 bytes for CAN, and 128 bytes for ZigBee Secure communications channel: Establish secure communication between devices/users using e.g., SSLlike handshake protocol

Security Recommendations In the Internet of Things Develop and Enforce IT Policies Policy & standards modules, risk manager & vulnerability modules and solutions Authenticate Device Two-factor authentication, Managed Public Key Infrastructure solutions Protect the information Data Loss Prevention, Encryption, Backup and High availability solutions Manage the Infrastructure Protect the Infrastructure Desktop and server patch management, software delivery, assets, ticket management and mobile devices solutions Malicious Endpoint Protection, Web Gateway, Message Gateway, and Critical Systems Protection solutions

1 Governance Tools to Develop and Enforce IT Policy

A Governance, Risk and Compliance Audit Reports Dashboards External Policies Standards Entitlements Questionaires Federated Data Processing and Analysis CCS-Data Collection 3rd Party Data ESM Manager

Authenticate Identities & Devices

Strong Authentication and MPKI Public Key Infrastructure VeriSign Identity Protection Fraud Detection Service Rules Eng. Behavior Eng. PKI service issues certificates for strong authentication, encryption and digital signing Shared cloud-based two-factor authentication solution offering multiple credential choices RISK SCORE Risk-Based authentication and software-based fraud detection Government Endpoint Application Mobility

3 Protect the Information

Data Loss Prevention Storage Data Loss Prevention Network Discover Data Loss Prevention Data Insight Data Loss Prevention Network Protect Endpoint Data Loss Prevention Endpoint Discover Data Loss Prevention Endpoint Prevent Network Data Loss Prevention Network Monitor Data Loss Prevention Network Prevent

Encryption of sensitive data Whole Disk Help Desk Removal Hard-drive

4 Manage the Infrastructure

Enterprise Systems Management Systems Management Platform SECURITY INFORMATION RISK & COMPLIANCE STORAGE INFRASTRUCTURE OPERATIONS BUSINESS CONTINUITY Dell Management Console Dell Client Manager vpro TM enabled computer management System Management Platform Third-Party Solutions HP Client Manager Mobile Security Management Backup Management Application Virtualization Power Management HelpDesk Management Patch and System Management

5 Protect the Infrastructure

Threat management solutions

Summary Network monitoring Anomaly detection and reporting Information and event management from all network and host sources Data management Intrusion protection / detection Resource lockdown Operational Security Storage Foundation Manage Data NetBackup Information Protection Network Heuristics Operational Security Manage Data CSP Inventory & Asset Mgmt Data Loss Prevention Encryption Information Protection Symantec Security in IoT Embedded Security Embedded Security mpki SEP CSP Encrypt information Authenticate devices Managed / hosted PKI & device level certificates Controlling and securing systems Intrusion protection / detection Resource lockdown Application whitelisting

Thank you! Renault Ross Renault_Ross@symantec.com SYMANTEC PROPRIETARY/CONFIDENTIAL INTERNAL USE ONLY Copyright 2010 Symantec Corporation. All rights reserved.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information