The Difficult Road To Cybersecurity - PowerPoint PPT Presentation

About This Presentation
Title:

The Difficult Road To Cybersecurity

Description:

Title: Financial Services Qualifications Subject: Quals Author: Ioannis Tzanos Keywords: Financial Services Last modified by: Stephen Katz Created Date – PowerPoint PPT presentation

Number of Views:62
Avg rating:3.0/5.0
Slides: 17
Provided by: Ioann3
Category:

less

Transcript and Presenter's Notes

Title: The Difficult Road To Cybersecurity


1
The Difficult Road To Cybersecurity
  • Steve Katz, CISSP
  • Security Risk Solutions
  • 631-692-5175
  • stevekatz_at_securityrisksolutions.org

2
Mission
  • To prevent, detect and respond to acts that could
    impact the ability of a company to provide
    essential services.
  • To maintain public/customer confidence in a
    companys ability to ensure the confidentiality,
    integrity and availability of information and
    services.
  • To enable a company to pursue business
    opportunities while meeting security and privacy
    commitments.
  • To create a culture where security is an integral
    part of the business governance process.

3
Key Drivers
  • The Need to Deliver Trust to Customers, Partners
    and Staff
  • Legal/Regulatory
  • ISO17799/ISF/BITS/COSO/COBIT Security Standards
  • Company Policy, Standards and Practices
  • Internal Audit Practices and Procedures

4
Operating Assumptions
  • All companies are targets
  • All technology is vulnerable to intrusion
  • Web commerce systems are the windows to the
    company
  • Internet based Malware is a prevalent reality
  • What is secure today, wont be tomorrow
  • Ongoing assessment is mandatory
  • Security is a Journey NOT a Destination
  • Metrics If You Cant Measure It, You Cant
    Manage It!

5
Some Top Concerns
  • Not Having An Effective Vulnerability/Patch
    Management Process.
  • Not Using Vulnerability Assessment and IDS/IPS
    Tools.
  • Not Analyzing Source Code.
  • Not Having Effective End Point Security.
  • Not Having Effective Application Level Security.
  • Having Improperly Secured Remote Access.
  • Unprotected Laptop Computers Being Stolen.
  • Ineffective Security For Web Services.

6
Some Top Concerns
  • Having Improperly Configured Firewalls Servers.
  • Not Having Effective Security Over Stored and
    Transmitted Data.
  • Using Non-secured E-Mail for Restricted/Private
    Information.
  • Not Pen-Testing Internet Based Applications.
  • Not Analyzing Security Event Logs
  • Not Changing/Deleting Entitlements after Changes
    in Job or Employment Status.
  • Not Effectively Communicating with Business
    Management and the Board.

7
Classification of ThreatFirst Generation
  • Spread via email, or sharing files, disks, etc.
  • Examples would be the common viruses of the
    80s/90s.
  • Remedy Human action and anti-virus programs

8
Classification of ThreatSecond Generation
  • Threat usually self propagating worms.
  • Leverage known vulnerabilities.
  • Mostly non-destructive.
  • Remedy Identify the vulnerability and fix ASAP.

9
Classification of ThreatThird Generation
  • Leverage known and unknown vulnerabilities where
    patches may not be available.
  • May be targeted attacks.
  • May hide behind encryption.
  • Attacks aimed at obtaining information, including
    phishing/pharming.
  • Remedy Automated vulnerability management tools
    and processes.

10
2005 Symantec ReportBased on 24,000 Sensors in
180 Companies
  • Increasing use of sophisticated, Worms, Trojans,
    and Bots sold to the highest bidder.
  • Information Theft is on the rise 74 of code
    submitted could steal information.
  • Almost 11,000 new Malware programs identified in
    first half of 2005 up 48 over 2004.
  • Increase in number of Phishing attacks.
  • Average time from disclosing an exploit to a
    working attack 6 days.
  • Average time between exploit and patch release
    54 Days
  • Biggest Threat worms, trojans, viruses and bots.
  • Number of attacks is decreasing - severity of
    attacks is increasing.

11
Vulnerability-to-Exploit Window
12
2005 CSI/FBI Security Survey
  • 700 Respondents vs. 494 in 2004
  • Causes of Financial Loss
  • Viruses 42.8M
  • Unauthorized Access 31.2M
  • Theft of Information 30.9M
  • DOS 7.3M

13
2005 CSI/FBI Security Survey
  • Security Technology Used
  • Firewalls 97
  • Antivirus 96
  • IDS 72
  • Server Based ACLs 70
  • Encrypting Data in Transit 68
  • Encrypted Files 46
  • Password Tokens 42
  • Biometrics 15

14
Need To Look At Additional Tools
  • Risk, Vulnerability Remediation Management
  • Vulnerability Assessments Threat Alerts
  • Impact Assessment
  • Patch Validation Distribution
  • Anti-phishing/anti-pharming tools
  • Identity Access Management
  • End Point Security Products
  • Event Log Analyzers
  • Network Security Intelligence
  • Source Code Analysis
  • Web Services/XML Security Tools

15
Security Risk Framework
People-Who Process-What Technology-How
Prevention Awareness Programs Security Training Policy Standards Trust Permit Risk Acceptance Anti-Virus ID Access Management App. Code Review
Detection Security Report Violation Logs Event Logs IDS Report Analysis Violation Analysis Tools IDS Event Log Analysis Tools
Investigation Forensics Cyber Security Investigators SIRT Data Mirroring/Forensics Tools
Recovery Reconstitution
Verification Validation Metrics Pen Testing War Games Assessment Tools Remediation Verification App. Code Analysis
16
Thank You
Write a Comment
User Comments (0)
About PowerShow.com