IT-Security. Perspective, History, Present and Future



Similar documents
What is the Right Security Solution for Mobile Computing? #RSAC

Siemens PKI Certificate Authority (CA) Hierarchy

Introduction to Cyber Security / Information Security

Mobile Device End-to-End- Encryption for Organizations. San Francisco, April 20th, 2015 GABA / TeleTrusT: Security Solutions Showcase

Cyber Security Review

Protecting productivity with Plant Security Services

Self defending networks?

INTEGRATED MESSAGE SeCURITY. Comprehensive security for your business

Brainloop Cloud Security

Achieving Truly Secure Cloud Communications. How to navigate evolving security threats

What s Wrong with Information Security Today? You are looking in the wrong places for the wrong things.

BSc (Hons) Sofware Engineering. Examinations for / Semester 2

TeamViewer Security Information

How Microsoft runs IT. Ludwig Wilhelm CIO Central & Eastern Europe Microsoft IT

Schengen routing or Schengen encryption?

Anomaly Detection and Vulnerability Management. Rolf Strehle, ditis Systeme Heidenheim

The Information Security Problem

Innovative Defense Strategies for Securing SCADA & Control Systems

TeleTrusT European Bridge CA Status and Outlook

Section 12 MUST BE COMPLETED BY: 4/22

Cisco RSA Announcement Update

Staying Secure After Microsoft Windows Server 2003 Reaches End of Life. Trevor Richmond, Sales Engineer Trend Micro

Bellevue University Cybersecurity Programs & Courses

How To Protect Your Data From Being Stolen

encryption with business partners

Automation Suite for. 201 CMR Compliance

IT Security Quo Vadis?

Intel Security Certified Product Specialist Security Information Event Management (SIEM)

MODULES FOR TRAINING PROGRAMMES ON CYBER SECURITY

Computer Security CS 426 Lecture 36. CS426 Fall 2010/Lecture 36 1

SSL BEST PRACTICES OVERVIEW

Smart cyber security for smart cities

ISS X-Force. IBM Global Services. Angel NIKOLOV Country Manager BG, CZ, HU, RO and SK IBM Internet Security Systems

OVERVIEW. Enterprise Security Solutions

Software Defined Perimeter: Securing the Cloud to the Internet of Things

Cybersecurity: An Innovative Approach to Advanced Persistent Threats

Mobile Devices: Know the RISKS. Take the STEPS. PROTECT AND SECURE Health Information.

National Endowment for the Arts Evaluation Report. Table of Contents. Results of Evaluation Areas for Improvement Exit Conference...

TeamViewer Security Information

Developing Secure Software in the Age of Advanced Persistent Threats

overview Enterprise Security Solutions

The USP Maker for the hosting industry Welcome to my presentation Christian Heutger WorldHostingDay

Cyber Security Risk Mitigation Checklist

TeamViewer Security Information

Cyber security in an organization-transcending way

SECURE YOUR BUSINESS WHEREVER IT TAKES YOU. Protection Service for Business

Total Defense Endpoint Premium r12

Classify, Protect, Audit: New Approach to SAP Data Security. Aparna Jue, SECUDE

TeamViewer Security Information

Role Based Identity and Access Management Basic Infrastructure for New Citizen Services and Lean Internal Administration

Global network of innovation. Svein Arne Lindøe Arnfinn Strand Security Competence Center Scandic Siemens Business Services (Norway)

Network Security Solution. Arktos Lam

Cybersecurity Health Check At A Glance

Endpoint Security Software Blades FAQ

EECS 588: Computer and Network Security. Introduction

Public Key Cryptography in Practice. c Eli Biham - May 3, Public Key Cryptography in Practice (13)

Understanding Data-Centric Security

Cybercrime myths, challenges and how to protect our business. Vladimir Kantchev Managing Partner Service Centrix

DATEV International Controlling Package

Unified Threat Management, Managed Security, and the Cloud Services Model

Close the security gap with a unified approach. Detect, block and remediate risks faster with end-to-end visibility of the security cycle

Securing the Service Desk in the Cloud

Top tips for improved network security

SECURING YOUR SMALL BUSINESS. Principles of information security and risk management

ITSC Training Courses Student IT Competence Programme SIIS1 Information Security

Preparing for a Cyber Attack PROTECT YOUR PEOPLE AND INFORMATION WITH SYMANTEC SECURITY SOLUTIONS

The Time has come for A Single View of IT. Sridhar Iyengar March 2011

After the Attack. The Transformation of EMC Security Operations

Commercially Proven Trusted Computing Solutions RSA 2010

Endpoint Protection Small Business Edition 2013?

National Plan for Information Infrastructure Protection

How to request a certificate

How To Understand And Understand The Security Of A Key Infrastructure

Securing Internet Facing. Applications. Technical White Paper. configuration drift, in which IT members open up ports or make small, supposedly

Healthcare IT Compliance Service. Services > Overview MaaS360 Healthcare IT Compliance Service

The Dirty Secret Behind the UTM: What Security Vendors Don t Want You to Know

Transcription:

IT-Security Perspective, History, Present and Future Prof. Dr. Norbert Pohlmann Chairman of the Board TeleTrusT Germany Association http://www.teletrust.de

Content TeleTrusT Germany IT Security and Trustworthiness from 1989 till now The Situation today: A Critical Assessment A Look into the Future: What are the challenges? Summary 2

Content TeleTrusT Germany IT Security and Trustworthiness from 1989 till now The Situation today: A Critical Assessment A Look into the Future: What are the challenges? Summary 3

TeleTrusT Deutschland e.v. Situation Founded in 1989 Members 100+ Government institutions (Federal German security agency, Federal police organization, ) User Organizations (Banks, DATEV (Tax consulting service provider), SAP, Siemens, ) Security Companies (Secunet, Rohde & Schwarz, PGP, SCM, Sirrix, nexus, ) Research Institutes / University (different Fraunhofer Institutes, UNI Podsdam, Institute for Internet-Security - if(is), ) IT Security consultants (Secorvo, TüvIT, INFORA, ) Partner (ECO, VOI, GDD, LSEC Association, ) 4

TeleTrusT Germany What is the TeleTrusT Association? Mission Together for more Security and Trustworthiness in our connected Information and Knowledge Society What is special about the TeleTrusT Association? Competent network Interdisciplinary International Projects European Bridge CA T.I.S.P. (TeleTrusT Information Security Professional) ISSE (Information Security Solutions Europe) RSA Conference Network Electronic Commerce 5

Content TeleTrusT Germany IT Security and Trustworthiness from 1989 till now The Situation today: A Critical Assessment A Look into the Future: What are the challenges? Summary 6

IT Security and Trustworthiness ~ 1989: Communication Security Defense model: Link- and Data Network Encryption Our attitude: IT Trend: Individualization and decentralization of IT Goce Dreamstime.com We have to hurry, before all security problems are solved. 7

IT Security and Trustworthiness ~ 1999: Perimeter and Infrastructure Security IT Trend: Professionalization of the Internet: e-mail and web system Defense model: Firewall and VPN system Digital Signature, e-mail security and PKI Our attitude: We have the IT security under control! Agencyby Dreamstime.com www.exvo.com by Danny de Wit 8

IT Security and Trustworthiness ~ 2009: Malware / Software Updates IT Trend: Smart Phones, Mobile Internet Web 2.0 Vulnerability by software errors Defense model: Anti-Malware, Software Upgrades, Personal Firewalls Our attitude: The IT Security problems are more than we can cope with! 9

Content TeleTrusT Germany IT Security and Trustworthiness from 1989 till now The Situation today: A Critical Assessment A Look into the Future: What are the challenges? Summary 10

IT Security and Trustworthiness Today: A Critical Assessment (1/4) Changes, Progress, Future Development into a connected information and knowledge society. IT Security is a changing challenge The Internet is going beyond all borders and culture! Time and region don t matter anymore! Development and change in IT are faster than ever. The users always need to adsorb knowledge to act in the right way. The protected values are constantly rising. The values that we have to protect are changing over the time. We see an innovation in attack models and the attackers are getting more professional. IT security mechanisms are getting more complex, more intelligent and more distributed. Over the time our IT security problems are getting bigger and bigger! 11

IT Security and Trustworthiness Today: A Critical Assessment (2/4) Problems: Computer Security The quality of our software is not secure enough! Weak detection rate for malware only 75 to 90%! Every 25. computer has malware! The internet users are badly prepared. E-mail Security Less than 4 % of the users encrypt e-mails (S/MIME, PGP, ) Less than 6 % of the users sign e-mails (In the financial world we see much more) More than 95 % Spam e-mails! (in the Infrastructure see the new ENISA report) 12

IT Security and Trustworthiness Today: A Critical Assessment (3/4) Problems: Identity Management Password, Password, Password, are the tools in the Internet! Identification spaces are in the companies and customer environments! They are not international! Federations are not used enough! Web Server Security Bad security for web server / web sides Today the main distribution of malware comes over web server A lot of web servers are badly implemented! Patches are not installed and if so, often very late! http://moneytipcentral.com/ 13

IT Security and Trustworthiness Today: A Critical Assessment (4/4) The level of IT Security and Trustworthiness of our IT Systems are insufficient! Ideas for solutions: Responsibility of the producer Demand of IT security / IT security branch Trusted Computing Karl12 Dreamstime.com 14

Content TeleTrusT Germany IT Security and Trustworthiness from 1989 till now The Situation today: A Critical Assessment A Look into the Future: What are the challenges? Summary 15

Very fast innovation Intelligent IT devices and flexible IT services Competent people for fast innovation Olegbabich Dreamstime.com, Xy Dreamstime.com Flexible IT devices and services for flexible working conditions Alex Slobodkin istockphoto 16

Age pyramid Secure and trustworthy collaboration Twice the number of people will retire from working life Fjvsoares Dreamstime.com, Andresr Dreamstime.com Open Object Security less Perimeter Security www.exvo.com by Danny de Wit 17

More CPUs, more performance Trusted Computing in all things Internet of Things Spontaneous Distributed Application http://4.bp.blogspot.com istockphoto.com, www.concept-phones.com, Yanko Design 18

More artificial intelligence IT fairy Software Assistant More power, more Intelligence For everybody a Good IT Fairy Geo Images istockphoto.com, www.concept-phones.com, Yanko Design 19

More clever and complex Attack models The digital world is dangerous like the tools we use! simscript.com 20

Content TeleTrusT Germany IT Security and Trustworthiness from 1989 till now The Situation today: A Critical Assessment A Look into the Future: What are the challenges? Summary 21

TeleTrusT Germany Summary We have to do something, to make our digital future more secure and more trustworthy! For that we need a quantum leap in the Security Technology, in the Procedure in the Co-operation with other organizations. The future starts now, so let us start together! TeleTrusT is ready to take responsibility for that 22

TeleTrusT Germany Perspective, History, Present and Future Thank you for your attention! Questions? Prof. Dr. Norbert Pohlmann Chairman of the Board TeleTrusT Germany Association http://www.teletrust.de

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information