dss @ digital era 2014 - security in the digital world
DESCRIPTION
2012, 2013, 2014, IT security, ITSEC, infosec, Latvia, Lithuania, Estonia, Compliance, data, protection, network, governance, identity, cloud, virtualization, antivirus, firewall, device control, application control, SIEM, security event and information management, log, risk, encryption, IPS, IDS, DdoS, DOS, IBM, Forescout, Lumension, McAfee, Symantec, Sophos, Q1 Labs, Radware, WAF, vulnerability, hacker, Avecto, Balabit, Checkpoint, Varonis, Guardium, Appscan, DLP, data leak protection, Mobile, MDM, MAM, MobileIron, Centrify, Cyberoam, HP, PCI DSS, Cobit, ITIL, SOX, BASEL, anomaly detection, prevention, cert, enisa, observeIT, microsoft, oracle, samsung, accelliion, ipoque, DPA, ExtremeNetworks, Cadence, Opticom, Datakom, VARAM, The Baltic States, Baltics, IBM, Security intelligence, Qradar, Guardium, MioSoft, BeyondTrust, Retina, Critical infrastructure, ISACATRANSCRIPT
Data protection in digital era
Andris Soroka7th of April, 2014
Riga, Latvia
The Saga Begins – Scared vs. Informed
About speaker
“Data Security Solutions” business card
Specialization – IT Security
IT Security services (consulting, audit, pen-testing, market analysis, system testing and integration, training and technical support)
Solutions and experience portfolio with more than 20 different technologies – cyber-security global market leaders from more than 10 countries
Trusted services provider for banks, insurance companies, government and private companies (critical infrastructure etc.)
Role of DSS in Cyber-security Development in Baltics
Cyber-Security Awareness Raising
Technology and knowledge transfer
Most Innovative Portfolio
Trusted Advisor to its Customers
Cybersecurity Awareness Raising
Own organized conference “DSS ITSEC”5th annual event this yearMore than 400 visitors + more than 250 online live streaming watchers from LV, EE, LT4 parallel sessions with more than 40 international speakers, including Microsoft, Oracle, Symantec, IBM, Samsung and many more – everything free of charge
Participation in other events & sponsorshipCERT & ISACA conferences & eventsRIGA COMM, HeadLight, IBM Pulse Las vegasRoadshows and events in Latvia / Lithuania / Estonia (f.i. Vilnius Innovation Forum, Devcon, ITSEC HeadLight, SFK, business associations)
Participation in cyber security discussions, strategy preparations, seminaries, publications etc.
Innovations – technology & knowledge transfer
Innovative Technology Transfer Number of unique projects done with different technology global leadership vendorsKnowledge transfer (own employees, customers – both from private & public, other IT companies in LV, EE, LT) Specialization areas include:
Endpoint SecurityNetwork SecuritySecurity ManagementApplication SecurityMobile SecurityData SecurityCyber-securitySecurity Intelligence
Some just basic ideas
AGENDA – IT Security basics in ~ 40 mins
Introduction of DSS and speakerPrologue: Digital World 2014The Saga begins – Cyber Criminals
Introduction & business cardBusiness behindExamples
The Story Continues – Targets of Cyber Criminals
IndividualsBusiness OwnersGovernment
Value of Information Security for businessRisk managementTechnology
ConclusionQ&A (if time allows)
Prologue: The Digital World 2014 & future
Prologue: Some new technologies
3D PrintersGoogle Glasses (“glassh**es)Cloud ComputingBig Data & SupercomputersMobile Payment & Virtual MoneyRobotics and Intraday DeliveriesInternet of thingsAugmented RealityExtreme development of ApsDigital prototypingGadgets (devices) & MobilityTechnology replaced jobs (automation)
Geo-location powerBiometricsHealth bands and mHealthElectronic carsAvegant Glymph and much, much more
Prologue: Mobility & Gadgets
Multi-OS
Millions of mobile applications
Digital Agenda for European Union
Personal data concerns of EU digital agenda
The Sage Continues: Cybercriminals
Weakest link is always the most important
Source: IBM X-Force annual report 2013
True or fake? In fact this isn’t funny...
Best «success story» describing hackers..
No changes in that perspective
Privacy is gone?
Disaster in software world - NSA
Disaster in technology world - NSA
Governments write malware and exploits (USA started, others follow..)
Cyber espionageSabotageCyber warsInfecting own citizensSurveillance
Known NSA “partners”Microsoft (incl. Skype)AppleAdobeFacebookGoogleMany, many others
Internet is changing!!!USA thinks that internet is their creation and foreign users should think of USA as their masters…
Disaster in software world - NSA
Privacy is gone?
War on privacy is still on! At least in EU!
ICO fines Midlothian Council £140K for data breachesMonday 30 January 2012 09:58
Advertisement break
Bright future of the internet way ahead..
1995 – 20051st Decade of the
Commercial Internet
2005 – 20152nd Decade of the
Commercial InternetMotive
Script-kiddies or hackers
Insiders
Organized crime
Competitors, hacktivists
National Security Infrastructure Attack
EspionagePolitical Activism
Monetary Gain
Revenge
Curiosity
Many countries are in the game now…
Many countries are in the game now…
Many countries are in the game now…
Global statistics
Examples: Hackers searching tool
Mobility & Security...
Mobility and Security (cont.)
McAfee 2013 Q1 Threats Report
Federal Reserve Survey March 2013
Mobile Malware Explodes
Mobile banking adoption rising
End users fall victimto mobile attacks
Some examples of incidents (DDoS)
Cyberwars going on!
Examples: Hackers searching tool
Examples: Hackers searching tool
Examples (continued)
Examples: Whistleblowers should be careful
Source: Juris Pūce, Analytica IT Security
Examples (continued)
Examples: Hacker is watching / listening
Google maps helped hacked incercept calls..
The Sage: Simplicity
Some examples of incidents
Hacking business services...
Current prices on the Russian underground market:Hacking corporate mailbox: $500Winlocker ransomware: $10-$20Unintelligent exploit bundle: $25Intelligent exploit bundle: $10-$3,000Basic crypter (for inserting rogue code into benign file): $10-$30SOCKS bot (to get around firewalls): $100Hiring a DDoS attack: $30-$70 / day, $1,200 / monthBotnet: $200 for 2,000 botsDDoS Botnet: $700ZeuS source code: $200-$250Windows rootkit (for installing malicious drivers): $292Hacking Facebook or Twitter account: $130Hacking Gmail account: $162Email spam: $10 per one million emailsEmail scam (using customer database): $50-$500 per one million emails
Examples: Advanced Persistent Threat
Lets summarize The Saga told
The value of a hacked computer…
Source: Brian Crebs IT security blog
Why hackers might want to “contact” You?
BusinessCommercial espionage (financial, business and personal data)An attack can stop the business, services (competition)You are spam targetYour home page could be damagedThey can control and monitor youThey can change data in systemsHome page cross-scripting
Private personYou have the infrastructure for tests of new viruses and robotsYou have server where to store illegal stuff (programs, files etc.)They can do criminal (or any) activities using your computerWiFi – they can just borrow the internetYou have the information which could be sold in black market
“The results” of damageFinancial loss (costs, data, market, value)Reputation (customer, partner, HR)Development and competitiveness loss
Conclusion: The Saga will continue anyway
Conclusion: The Saga will continue anyway
For many companies security is like salt, people just sprinkle it on top.
Smart ones act smart way – risk mgmt.
Think security first & Where are You here?
Organizations Need an Intelligent View of Their Security Posture
Security
Intelligence
Proficient
Proactive
Auto
mat
edM
anu
al
Reactive
Proficient
Basic
Optimized Optimized
Organizations use predictive and automated security analytics to drive toward security intelligence
ProficientSecurity is layered into the IT fabric and business operations
BasicOrganizations
employ perimeter protection, which
regulates access and feeds manual reporting
New game, new rules..
Productivity
Security
Challenge for business ahead..
DROŠĪBAS PASĀKUMI
Costs Security costs
Optimum? Remaining part of risk
Security actions
RisksNew optimum?
Source: Māris Gabaliņš, The Art Of The Systems
Take-Away as conclusion
Security Maturity
Develop a Risk-aware Security Strategy
49% of C level executives have no measure of the effectiveness of their security efforts
31% of IT professionals have no risk strategy
2012 Forrester Research Study, 2013 Global Reputational Risk & IT Study, IBM
Costs for business from cybercrime
Return of Investment
“DSS” is here for You! Just ask for…
Si vis pacem, para bellum. (Lat.)
Remedy against the poison
Some just basic ideas
Policy and real time controlOf devices and applicationsOf people and IT stuffOf data leak protectionOf internet usageOf any accessOf employees trainingOf….
Encryption of data..Mobile phonesVoice calls and text messageseMailsComputers and devicesData bases…
Some just basic ideas
Multifaceted strategy is requiredLayers of controls (tech and non-tech)
Awareness / PreventionEducate workforce (social engineering+)
SegmentationWhat if intrusion happen? (modeling)
Critical assets definition & action planRoles, responsibilities, access rulesRisk analysisBusiness continuity
Continuous real time monitoring, identification and disruption
All data, all users, all systemsAnomaly detection and analysisIntelligence
Prologue of prologue…
Think security first