Assessing Data Security Risks: Learning From Recent Breaches - PowerPoint PPT Presentation

1 / 27
About This Presentation
Title:

Assessing Data Security Risks: Learning From Recent Breaches

Description:

As a result, status quo often leaves vulnerabilities. ... Forever 21. Belarus: ????????. Unknown: 'Delpiero' US: Gonzalez, Scott, Toey. China: ??, ??? ... – PowerPoint PPT presentation

Number of Views:86
Avg rating:3.0/5.0
Slides: 28
Provided by: lennyzelts6
Category:

less

Transcript and Presenter's Notes

Title: Assessing Data Security Risks: Learning From Recent Breaches


1
Assessing Data Security Risks Learning From
Recent Breaches
  • Lenny Zeltser
  • Security Consulting Manager, Savvis

2
A data security breach can be a major disruption
to business.
3
Complexities of making risk decisionscan be
overwhelming.
4
As a result, status quo often leaves
vulnerabilities.
5
Learn from recent breaches to tighten your
security mechanisms.
6
Large-Scale Breaches
7
?
Sports Authority
Forever 21
DSW
Boston Market
OfficeMax
BJs
Dave Busters
Barnes Noble
TJX
8
3-Year Undercover Operation
  • Belarus ????????
  • Unknown Delpiero
  • US Gonzalez, Scott, Toey
  • China ??, ???
  • Ukraine ??????????, ?????, ???????, ???????

Belarus Pavolvich Unknown Delpiero US
Gonzalez, Scott, Toey China Chiu, Wang Ukraine
Yastremskiy, Burak, Storchak, Suvorov
9
Foot in the Door
  • Wardriving
  • SQL injection
  • Social engineering

10
A sniffer captured magnetic stripe data and PINs.
11
Malware helped in a breach of millions of credit
and debit card transactions.
Heartland Payment System
12
  • How would an attacker get a foot in the door?
  • What is your flow of sensitive data?
  • What are your malware defenses?

13
Malicious Insider Breaches
14
Employee used customer data to set up new
accounts and cash out. (380,000)
Citi
15
Employee downloaded and sold customer data.
(60,000)
Countrywide Home Loans
16
Contractor attempted to destroy data on 4,000
servers after being fired.
Fannie Mae
17
  • Do employees have just the access they need?
  • How can you detect and block data leaks?

18
Process Breaches
19
Digital photo frames infected during QA.
Sams Club
Best Buy
20
202,000 sensitive letters mailed to wrong
recipients.
Blue Cross and Blue Shield of GA
21
Personal details of 9,000 people emailed,
believed to be sample data.
ADP
22
  • How do you share sensitive data?
  • How can you detect and prevent processing errors?

23
So What?
24
As data increases in value, the impact of a
security breach can grow in severity.
25
Ask questions to understand your security posture.
26
  • How would an attacker get a foot in the door?
  • What is your flow of sensitive data?
  • What are your malware defenses?
  • Do employees have just the access they need?
  • How can you detect and block data leaks?
  • How do you share sensitive data?
  • How can you detect and prevent processing errors?

27
It is better to know some of the questions, than
all of the answers.
Happy to chat
Write a Comment
User Comments (0)
About PowerShow.com