New Trend for Information Security

1
New Trend for Information Security

• Executive Vice President of
• Global Security Response
• Oscar Chang

2
Agenda

• Information Security Mega Trend
• Security Concerns by CTO
• Recent Virus Attack and Solution
• Proposed Technical Direction
• Q A

3
Information Security Mega Trend

• Network Virus Attacks are Ascending
• Better Security Management is Essential
• Network Security Platforms are Rising(Gartner)
• Centralized Security Buying Centers(Gartner)

Data Source in the Parentheses
4
Driving Forces for a Better Security Management

• External
• The havoc wreaked worldwide by the Nimda and SQL
  Slammer computer virus attacks highlights the
  existence of an increasingly effective
  underground society of hackers and confirms the
  need to build better defenses against cyber
  attacks. The impact of these highly publicized
  attacks is, however, dwarfed by the business
  losses caused by internal security lapses.
• Internal
• A series of financial reporting scandals
  involving high-profile enterprises demonstrates
  an urgent need for information security
  techniques that improve the trustworthiness of
  enterprise transactions and audit trails.
• Legal/Regulatory
• A series of legislative and regulatory
  initiatives including the Graham-Leach-Bliley
  Financial Services Modernization Act, the
  Healthcare Information Portability and
  Accountability Act (HIPAA) and the European Data
  Privacy Directive demands better execution in
  the areas of security and privacy, and raises the
  legal and financial stakes for enterprises that
  fail to meet their standards.

Source The Gartner Group
5
4 Critical IT Security Issues in CIOs Mind

• Security policies and architecture
• Security infrastructure
• Security administration
• Business continuity planning

Source The Gartner Group
6
Security Risk, Organization, Policies and
Architecture

• The scope of planning and development in this
  area should include
• Risk management
• Regulatory issues
• Confidentiality and intellectual property
  protection
• Business application security
• Security services and sourcing

Biggest Problem Policy Enforcement!!
Source The Gartner Group
7
Security Infrastructure

• In the fast changing environment, enterprises
  must have a hardened interior and a layered
  approach to security, with an infrastructure that
  includes
• Firewalls
• Intrusion detection and prevention
• Antivirus protection and content filtering
• Mobile and wireless security
• Encryption
• IT security management

Missing Link Did we close all the gate?!!
Source The Gartner Group
8
Security Administration

• Sound security administration focuses on
  operational technologies and best practices that
  maintain secure access to applications and
  resources, and on ensuring the integrity of
  system definitions and configurations.
• The scope of security administration includes
• Web services and public-key infrastructure
• Vulnerability assessment
• Security configuration and patch management
• Identity and access management

Biggest Problem Knowing who has what?!! And
again, enforcement is the problem.
Source The Gartner Group
9
Business Continuity Planning

• Comprehensive business continuity planning
  programs should address
• business recovery (that is, recovery of the
  workspace),
• business resumption planning (for key business
  processes),
• contingency planning and
• crisis/emergency management.
• Business continuity planning should be integrated
  into business processes and the IT life cycle,
  and address the following concerns
• Business continuity planning strategies and best
  practices
• Business continuity planning technology and tools
• Business continuity planning services

Biggest Problem What to do at outbreak
time?!! How to limit the damage, and fast
recovery.
Source The Gartner Group
10
Recent Network Virus Attacks
(??????????)
11
State of Computer Virus Today

• - Network virus infection
• - Corp. damage increase
• - Security Infrastructure matter
• - IT panic mode

No Solution Yet
5
12
The Network Changed

• From server centric to access point centric

LAN Server-Client Centric
Internet gateway
Network Access point
13
Virus Changed-from File Virus to Mail Virus to
Network Virus
14
What s Missing in the network defense?

• Segmented protection,isolation and shielding at
  access point is important for outbreak
  containment.
• Network worms spread from machine to machine
  without touching the file system, render
  traditional AV ineffective
• Virus pattern deployment speed never catch up
  with virus spreading speed.
• AV/security policy is hard to enforce.

15
Proposed Technical Direction

• Market solution
• Blended Threads
• Destination protection
• A suites of security products loaded on the host.
• Aim and shoot Scan

• Trend Recommendations
• Network Virus
• Network defense plan
• Network agents deployed to enable network
  security service
• Life cycle management
• Shielding
• Isolation, aim and shoot
• cleanup, post mortem.

16
Q A