cyber security, cyber intelligence & cyber investigation

Cyber Security, Cyber Intelligence & Cyber Investigation

Hong-Eng KohVice President, POLCYB

Society for the Policing of Cyberspace

Global LeadJustice & Public Safety

Oracle Corporation

Copyright © 2015 Oracle and/or its affiliates. All rights reserved. |

Safe Harbor StatementThe following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle’s products remains at the sole discretion of Oracle.

2

Copyright © 2015 Oracle and/or its affiliates. All rights reserved. | 3

CyberSecurity

CyberIntelligence

Platform

Countering Cyber Threats

Integrated Policing Platform

Protect Detect Investigate Resolve

Copyright © 2015 Oracle and/or its affiliates. All rights reserved. | 4

CyberSecurity

CyberIntelligence

Platform

Countering Cyber Threats

Integrated Policing Platform

Protect Detect Investigate Resolve

Copyright © 2015 Oracle and/or its affiliates. All rights reserved. | 5

Adapted from Kuppinger Cole Presentation, March 2013

MALICIOUSCOORDINATED ATTACKS

HACKING

DATA THEFT

DENIAL OF SERVICE

BLACKMAIL

MISUSE• PRIVILEGE

ABUSE

• DELIBERATE LEAKAGE

• CURIOSITY

MISTAKES• ACCIDENTAL

ERASURE

• ACCIDENTAL DISCLOSURE

• Hackers

• Rival nations\spies

• Employees

• Contractors

• DBA’s

• Developers

Cloud Mobile Social

Copyright © 2015 Oracle and/or its affiliates. All rights reserved. | 6

S E C U R I T Y

S E C U R I T Y

S E C U R I T Y

S E C U R I T Y

S E C U R I T Y

S E C U R I T Y

S E C U R I T Y

SECURITY INSIDE OUTBUILT-IN AT EVERY LAYER

Copyright © 2015 Oracle and/or its affiliates. All rights reserved. | 7

Governance, Risk and Compliance

Identity Management

Mobile Security

Cloud Security

Infrastructure Security

SECURITY INSIDE OUT

Copyright © 2015 Oracle and/or its affiliates. All rights reserved. | 8

CONTAINER EXPERIENCECONTROL

Isolate corporate data, support remote wipe, restrict

data transfer

Secure applications & communication, corporate

application store

Role based access, self service request, sign-on, fraud

detection

MOBILE SECURITY SUITE

Mobile SecurityOracle’s Strategy

Copyright © 2015 Oracle and/or its affiliates. All rights reserved. | 9

CyberSecurity

CyberIntelligence

Platform

Countering Cyber Threats

Integrated Policing Platform

Protect Detect Investigate Resolve

Copyright © 2015 Oracle and/or its affiliates. All rights reserved. | 10

Cyber Intelligence Platform

Protected Network

Data Packets

Network Switches

Log Files

Security Analyst

Predictive Attack Recognition, Session and File Analytics

SIEM System Events

Open Source Information Unstructured

Cyber “Data” Pool

Copyright © 2015 Oracle and/or its affiliates. All rights reserved. | 11

Oracle Big Data Appliance

NoSQL DB Driver

Application

HDFS, Hadoop, CDH

Map ReduceORCH - Stats

Map ReduceHive - Activities

Map ReducePig - Sessionize

Cyber Information Discovery

Complex Event

ProcessingExpert System

Decision Engine

Cyber Real-time Analysis

API/NBI SIEM/SOC

Mass Analysis\Algorithm

s Layer

Probe/Switch

LAN

Probe/switch

Real-time Access

Batch Processing

System M

onitoring & M

anagement

Cyber Intelligence Platform High Level Architecture

• Big Data Appliance• Oracle Event Processing• Business Intelligence• Real-Time Decisions• Endeca Information

Discovery

Deep Packet Inspection

(DPI) Router

Copyright © 2015 Oracle and/or its affiliates. All rights reserved. | 12

Cyber Intelligence Platform

Copyright © 2015 Oracle and/or its affiliates. All rights reserved. | 13

Cyber Intelligence Platform

Copyright © 2015 Oracle and/or its affiliates. All rights reserved. | 14

Cyber Intelligence Platform

Copyright © 2015 Oracle and/or its affiliates. All rights reserved. | 15

Cyber Intelligence Platform

Copyright © 2015 Oracle and/or its affiliates. All rights reserved. | 16

Cyber Intelligence Platform

Copyright © 2015 Oracle and/or its affiliates. All rights reserved. | 17

CyberSecurity

CyberIntelligence

Platform

Countering Cyber Threats

Integrated Policing Platform

Protect Detect Investigate Resolve

Copyright © 2015 Oracle and/or its affiliates. All rights reserved. | 18

Integrated Policing Platform

Business Rules Legislation Policy Procedures Service Rules Behavior Models Scheduling

Internet

Policing Operational Capabilities

Phone eMail Mobile Face to Face PaperChannels

Operations& Response Investigation Intelligence

PropertyManagement

Suspect &Offender

Records Management

Coordination& Liaison

Citizens Trusted 3rd parties Police Staff Legal RepresentativeInvolved parties

Content Management Knowledge Base

Business Intelligence Performance Management Intelligence Analysis Management Reporting

Information Management Database Master Data Spatial Data Resilience & Availability Security

Social

Communication Layer Data Exchange Service Bus Extract, Transform, Load (ETL)

Siebel Public Sector

WebCenter Portal & ADF Mobile

Master Data Management / Engineered Systems / Security Options

Oracle Business Intelligence / Endeca Information DIscovery

WebCenter Content / Oracle Knowledge

Oracle Policy Automation

Oracle Service Bus / Oracle Data Integrator / Oracle GoldenGate

Incident Mgt

Alerts

Case Mgt

Prosecution

Relationship

Analysis

Lost & Found

Evidence

Offender

Custody

Criminal

Firearms

Legal Instr.

Warrants

Services requiring configuration

Copyright © 2015 Oracle and/or its affiliates. All rights reserved. | 19

hong-eng.koh@oracle.com

@he_koh

linkedin.com/in/hekoh