Cloud and Critical Infrastructures how Cloud services are factored in from a risk perspective



Similar documents
Can We Become Resilient to Cyber Attacks?

Separating Signal from Noise: Taking Threat Intelligence to the Next Level

The Landscape of Cyber, critical infrastructure and how Regulation fits in

Advanced Visibility. Moving Beyond a Log Centric View. Matthew Gardiner, RSA & Richard Nichols, RSA

IBM Security Strategy

Ahead of the threat with Security Intelligence

The Benefits of an Integrated Approach to Security in the Cloud

Zak Khan Director, Advanced Cyber Defence

IBM Advanced Threat Protection Solution

Security Business Intelligence Big Data for Faster Detection/Response

The Role of Threat Intelligence and Layered Security for Intrusion Prevention in the Post-Target Breach Era

THREAT VISIBILITY & VULNERABILITY ASSESSMENT

Mobile, Cloud, Advanced Threats: A Unified Approach to Security

WAN security threat landscape and best mitigation practices. Rex Stover Vice President, Americas, Enterprise & ICP Sales

Active Response: Automated Risk Reduction or Manual Action?

Symantec Cyber Threat Analysis Program Program Overview. Symantec Cyber Threat Analysis Program Team

The Role of Threat Intelligence and Layered Security for Intrusion Prevention in the Post-Target Breach Era

IBM QRadar Security Intelligence April 2013

SANS Top 20 Critical Controls for Effective Cyber Defense

IBM Cloud Security Draft for Discussion September 12, IBM Corporation

WHITE PAPER: THREAT INTELLIGENCE RANKING

On and off premises technologies Which is best for you?

Stay ahead of insiderthreats with predictive,intelligent security

Concierge SIEM Reporting Overview

Security Analytics for Smart Grid

Cyber Resilience Implementing the Right Strategy. Grant Brown Security specialist,

Palo Alto Networks. October 6

ADDING NETWORK INTELLIGENCE TO VULNERABILITY MANAGEMENT

DYNAMIC DNS: DATA EXFILTRATION

Splunk Enterprise Log Management Role Supporting the ISO Framework EXECUTIVE BRIEF

Practical Steps To Securing Process Control Networks

Cyber Threat Intelligence Move to an intelligencedriven cybersecurity model

Applying Internal Traffic Models to Improve Identification of High Fidelity Cyber Security Events

Eight Essential Elements for Effective Threat Intelligence Management May 2015

Compliance Guide ISO Compliance Guide. September Contents. Introduction 1. Detailed Controls Mapping 2.

Critical Security Controls

The session is about to commence. Please switch your phone to silent!

Future Threat Landscape - How will technology evolve and what does it mean for cyber security?

The Changing IT Risk Landscape Understanding and managing existing and emerging risks

Fostering Incident Response and Digital Forensics Research

OVERVIEW. Enterprise Security Solutions

Italy. EY s Global Information Security Survey 2013

The Cloud App Visibility Blindspot

How To Connect Log Files To A Log File On A Network With A Network Device (Network) On A Computer Or Network (Network Or Network) On Your Network (For A Network)

Cymon.io. Open Threat Intelligence. 29 October 2015 Copyright 2015 esentire, Inc. 1

Big Data in Action: Behind the Scenes at Symantec with the World s Largest Threat Intelligence Data

Top 20 Critical Security Controls

Threat Intelligence Buyer s Guide

CYBER SECURITY INFORMATION SHARING & COLLABORATION

Security Challenges and Solutions for Higher Education. May 2011

managing SSO with shared credentials

security changes with Orange focus on your business, we focus on your security

Vladimir Yordanov Director of Technology F5 Networks, Asia Pacific Developments in Web Application and Cloud Security

Information security controls. Briefing for clients on Experian information security controls

ALERT LOGIC FOR HIPAA COMPLIANCE

Symantec Enterprise Security: Strategy and Roadmap Galin Grozev

Addressing Cyber Security in Oracle Utilities Applications

Safeguarding the cloud with IBM Dynamic Cloud Security

Leading The World Into Connected Security. Dipl.-Inform., CISSP, S+ Rolf Haas Enterprise Technology Specialist Content Lead EMEA

DETECTING THE ENEMY INSIDE THE NETWORK. How Tough Is It to Deal with APTs?

CALNET 3 Category 7 Network Based Management Security. Table of Contents

IBM Security QRadar SIEM & Fortinet FortiGate / FortiAnalyzer

Addressing the SANS Top 20 Critical Security Controls for Effective Cyber Defense

Threat Intelligence: An Essential Component of Cyber Incident Response. Jeanie M Larson, CISSP-ISSMP, CISM, CRISC

McAfee - Overview. Anthony Albisser

Emerging Network Security Threats and what they mean for internal auditors. December 11, 2013 John Gagne, CISSP, CISA

After the Attack: RSA's Security Operations Transformed

WHITE PAPER SPLUNK SOFTWARE AS A SIEM

Seven Things To Consider When Evaluating Privileged Account Security Solutions

Cautela Labs Cloud Agile. Secured. Threat Management Security Solutions at Work

Cisco Advanced Malware Protection

A Primer on Cyber Threat Intelligence

Top 5 Global Bank Selects Resolution1 for Cyber Incident Response.

Cyber security Building confidence in your digital future

Gaining the upper hand in today s cyber security battle

Vulnerability Management

CGI Cyber Risk Advisory and Management Services for Insurers

Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst

Comprehensive real-time protection against Advanced Threats and data theft

D. Grzetich 6/26/2013. The Problem We Face Today

Cyber intelligence in an online world

Cisco Advanced Services for Network Security

Into the cybersecurity breach

Reneaué Railton Sr. Informa2on Security Analyst, Duke Medicine Cyber Defense & Response

RSA Security Analytics

BeyondInsight Version 5.6 New and Updated Features

Securing and protecting the organization s most sensitive data

Unified Security, ATP and more

Sygate Secure Enterprise and Alcatel

Strategic Plan On-Demand Services April 2, 2015

Microsoft s cybersecurity commitment

GOOD PRACTICE GUIDE 13 (GPG13)

McAfee Security Architectures for the Public Sector

Automate the Hunt. Rapid IOC Detection and Remediation WHITE PAPER WP-ATH

Defending Against Cyber Attacks with SessionLevel Network Security

Introduction. Jason Lawrence, MSISA, CISSP, CISA Manager, EY Advanced Security Center Atlanta, Georgia

How To Integrate Intelligence Based Security Into Your Organisation

81% of participants believe the government should share more threat intelligence with the private sector.

ADVANCED KILL CHAIN DISRUPTION. Enabling deception networks

Transcription:

Cloud and Critical Infrastructures how Cloud services are factored in from a risk perspective Reaching the Cloud era in the EU Riga 16 June 2015 Jonathan Sage Government and Regulatory Affairs Cyber Security Policy Lead, Europe

Today s conversation. Current and emerging attacks and incidents Changing approaches and addressing security - risks relating to Cloud Collaboration - Incident Sharing / Information Sharing (privacy, liability) Emerging Regulation on the Horizon (critical, reporting, risk, standards)

Organizations today face a growing range of cyber adversaries The number and variety of new adversaries and threats continues to grow Old threats don t always disappear while new threats continue to add to the total landscape Attacker Outsiders Combination Malicious Insiders Inadvertent Actor

An evolving landscape, how many events, attacks and incidents, what the average finance organization is looking like. Security events Security attacks Security incidents Annual 61,126,420 Monthly 5,260,535 Weekly 1,213,969 Annual 13,673 Monthly 1,139 Weekly 262 Annual 126 Monthly 10 Weekly 2.41 Security Intelligence Correlation and analytics tools Security Intelligence Human security analysts Events: Increased efficiencies in tuning year on year to 61m Observable occurrences in a system or network Attacks: Increased efficiencies achieved decreased attack volume More efficiency in security processing to help clients focus on identified malicious events Incidents: up 8% year on year Attacks deemed worthy of deeper investigation Source: IBM Cyber Security Index 2015

An increasing amount of feeds to ingest, a challenge to reach prioritized data that optimizes threat prevention and response Internal Threats and exposures that affect a specific organization Ever-increasing proliferation of data sources External Third party insight Industry- and geographyspecific threats and trends Firewall Proxy IDS/IPS 1 Endpoint security Employee directory Top tier phishing indicators Brand abuse phishing indicators Malware campaigns/ indicators Fraud payment Actor /indic ators Web Application Authentication Malware detection SSO/ LDAP 2 context Staff asset / credentials Customer asset / credentials Threat landscap e Intel as a service (IaaS) Human Human Intel (HUMINT) Intel Email Network security Building access Fraud payment Application inventory Law enforcemt threat Industry threat sharing Public sector threat ISAC 5 threat Technical Technical Intel (TECHINT) Intel CSIRT 3 incidents Vulnerability patch mgmt DNS/ DHCP 4 Call/ IVR 5 Website marketing analytics 6 IP reputation Passive DNS 4 OSINT 7 sentiment analysis Undergd/dar k Web Malware Hashes / MD5 8 1 Intrusion detection system / intrusion prevention system (IDS/IPS); Single sign-on (SSO) / lightweight directory access protocol (LDAP); 3 Computer security incident response team (CSIRT); 4 Domain name system (DNS) / dynamic host configuration protocol (DHCP); 5 Interactive voice response (IVR); 5 Information sharing and analysis center; (ISAC) 6 Intellectual property; (IP) 7 Open source ligence (OSI); Malware detection or defense system (MDS) 8

Cloud plays many different roles emergence of HYBRID Not critical per se, cloud is becoming increasingly deployed everywhere in the IT landscape Not all cloud is PUBLIC Risk based approach Need to look at how cloud is deployed and secure appropriately ON-PREMISES IT PRIVATE PUBLIC #1 concerns for cloud are security and privacy* * Source: Gartner 2015 IBM IBM Corporation Corporation 6

Cloud is not inherently more risky than traditional IT Not everything is critical depends on for what purpose cloud is used Cloud Customer Data Controller Problems facing cloud providers in an enterprise environment if they have to report an incident out to another authority Causes conflict between cloud user (data controller) and cloud provider (data processor) * Source: Gartner Multiple Cloud Providers Data Processors Cloud used for different purposes and functions 2015 IBM IBM Corporation Corporation 7

The changing approaches...current and emerging Prepared - taken appropriate steps. Governance as well as technical Assurance- risk assessment and testing Threat based ligence integrated Detection and Response Able to capture / report critical incident Having the data / Recognizing the incident. Information sharing exchanges Advancing protection automated real time digesting Addressing liability issues and Maintaining privacy

Thank you 9 2014 IBM Corporation

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information