Upload File

internal threats in kazakhstan. cyber crime. how to defend. cyber security

38
How to Defend against Internal Threats Ken Tulegenov, Group Founder “Information Security Community. Kazakhstan” on LinkedIn [email protected] Almaty November 16 2016

Upload: ken-tulegenov

Post on 13-Apr-2017

193 views

Category:

Data & Analytics


0 download

Report

TRANSCRIPT

Page 1: Internal Threats in Kazakhstan. Cyber crime. How to defend. Cyber Security

How to Defend

against

Internal ThreatsKen Tulegenov, Group Founder

“Information Security Community. Kazakhstan” on LinkedIn

[email protected]

AlmatyNovember 16

2016

Page 2: Internal Threats in Kazakhstan. Cyber crime. How to defend. Cyber Security

Price of Economic Crime

Page 3: Internal Threats in Kazakhstan. Cyber crime. How to defend. Cyber Security

Types of Economic Crime

Page 4: Internal Threats in Kazakhstan. Cyber crime. How to defend. Cyber Security

Who is a Perpetrator?

Page 5: Internal Threats in Kazakhstan. Cyber crime. How to defend. Cyber Security

Risk Map & Methods of Combating

Page 6: Internal Threats in Kazakhstan. Cyber crime. How to defend. Cyber Security

Expected future

NOWADAY Situation FUTURE Situation (2 years)

Page 7: Internal Threats in Kazakhstan. Cyber crime. How to defend. Cyber Security

Cybercrime Globally

Page 8: Internal Threats in Kazakhstan. Cyber crime. How to defend. Cyber Security

Cybercrime in the USA & UK

Page 9: Internal Threats in Kazakhstan. Cyber crime. How to defend. Cyber Security

Cybercrime in the USA & UK

Page 10: Internal Threats in Kazakhstan. Cyber crime. How to defend. Cyber Security

Cyber Threat Vectors

Page 11: Internal Threats in Kazakhstan. Cyber crime. How to defend. Cyber Security

External Attacks aka “Unauthorized Access”

Page 12: Internal Threats in Kazakhstan. Cyber crime. How to defend. Cyber Security

Victims

Page 13: Internal Threats in Kazakhstan. Cyber crime. How to defend. Cyber Security

Who will be

the next victim?

Page 14: Internal Threats in Kazakhstan. Cyber crime. How to defend. Cyber Security

APT Attack Anatomy (Kill-chain)

Page 15: Internal Threats in Kazakhstan. Cyber crime. How to defend. Cyber Security

Internal Attacks aka “Insider Threats”

Page 16: Internal Threats in Kazakhstan. Cyber crime. How to defend. Cyber Security

Types of Insiders

Page 17: Internal Threats in Kazakhstan. Cyber crime. How to defend. Cyber Security

Malicious Insiders

Page 18: Internal Threats in Kazakhstan. Cyber crime. How to defend. Cyber Security

Malicious Insider Motivations

Page 19: Internal Threats in Kazakhstan. Cyber crime. How to defend. Cyber Security

Insiders by Percentage

Page 20: Internal Threats in Kazakhstan. Cyber crime. How to defend. Cyber Security

Cost of Incident (Average USA Stats)

Page 21: Internal Threats in Kazakhstan. Cyber crime. How to defend. Cyber Security

Annual cost

Page 22: Internal Threats in Kazakhstan. Cyber crime. How to defend. Cyber Security

Incident Timing & Cost

Page 23: Internal Threats in Kazakhstan. Cyber crime. How to defend. Cyber Security

What Data is the most convertible to money?

Page 24: Internal Threats in Kazakhstan. Cyber crime. How to defend. Cyber Security

Sensitive Data

Page 25: Internal Threats in Kazakhstan. Cyber crime. How to defend. Cyber Security

Employee Behaviors

Page 26: Internal Threats in Kazakhstan. Cyber crime. How to defend. Cyber Security

Risky Users

Page 27: Internal Threats in Kazakhstan. Cyber crime. How to defend. Cyber Security

How to combat effectively?

Page 28: Internal Threats in Kazakhstan. Cyber crime. How to defend. Cyber Security

Recommendations

Page 29: Internal Threats in Kazakhstan. Cyber crime. How to defend. Cyber Security

Data Source For Monitoring

Page 30: Internal Threats in Kazakhstan. Cyber crime. How to defend. Cyber Security

Clear Vision:

Page 31: Internal Threats in Kazakhstan. Cyber crime. How to defend. Cyber Security

Attack Anatomy (Kill-chain)

Page 32: Internal Threats in Kazakhstan. Cyber crime. How to defend. Cyber Security

Measures for Internal Threats (IMHO) :

Data Encryption (FDE, USB, Backup)

Application Control

Device Control

HIPS + AV

NGFW

Prevent (Basic)

DLP

Privilege Rights Management

Internal NGFW

802.1x

SIEM

Prevent (Gen)

Database Activity Monitoring

Users Activity Monitoring

Database Encryption

IRM (Information Rights Management)

User Behavior Analysis

Prevent

(Adv)

Page 33: Internal Threats in Kazakhstan. Cyber crime. How to defend. Cyber Security

How to manage this ZOO?

One Security Platform for 1 Security Layer or Products Family

Easy Administration via Console (User Interface / Configuration / Support)

Unified Real-time Monitoring for all products

Page 34: Internal Threats in Kazakhstan. Cyber crime. How to defend. Cyber Security

What can Intel Security (McAfee) offer?

SIEM (Security Information Event Management)

EPP (Endpoint Protection)

DLP (Data Loss Prevention)

MDP (Mobile Data Protection / Encryption)

Page 35: Internal Threats in Kazakhstan. Cyber crime. How to defend. Cyber Security

Measures for Internal Threats (IMHO) :

Data Encryption (FDE, USB, Backup)

Application Control

Device Control

HIPS + AV

NGFW

Prevent (Basic)

DLP

Privilege Rights Management

Internal NGFW

802.1x

SIEM + Threat Exchange

Prevent (Gen)

Database Activity Monitoring

Users Activity Monitoring

Database Encryption

IRM (Information Rights Management)

User Behavior Analysis

Prevent (Adv)

Page 36: Internal Threats in Kazakhstan. Cyber crime. How to defend. Cyber Security

Who uses McAfee (My experience):

Page 37: Internal Threats in Kazakhstan. Cyber crime. How to defend. Cyber Security

Reasons for Using:

Market Presence (Gartner’s “Magic Quadrants”)

Unified Management (for Different Products)

Scalability (Branches around the country)

Integration (with Current / Future Solutions)

Transparency (for Users)

Easy to use (for Security Administrators)

Page 38: Internal Threats in Kazakhstan. Cyber crime. How to defend. Cyber Security

Thank you for your attention

Any

Questions?


Predictive model for multistage cyber-attack …...security controls to defend against these attacks. Security controls are defined as ‘‘The management, operational, and technical

Defend colors

Catching the Golden Snitch- Leveraging Threat Intelligence Platforms to Defend Against Cyber Attacks

Strategies to Combat New, Innovative Cyber Threats - 2017 · Strategies to Combat New, Innovative Cyber Threats - 2017. ... Enterprise Security for 2017 Key Cyber Threats to Defend

24 AF Operationalizing Cyber 0900... · 2010-05-22 · 24 AF Mission (USAF’s Cyber Force) 24 AF Mission: Extend, operate and defend the Air Force portion of the DoD network and

Www.madeinindiashow.in Kazakhstan PDF India Show Kazakhstan 2014

Defend Powerpoint

A HOOVER INSTITUTION ESSAY Defend Forward and ......Nationa Security Technology an aw A HOOVER INSTITUTION ESSAY Defend Forward and Cyber Countermeasures ASHLEY DEEKS Aegis Series

Case Study – Developing consultancy skills in Kazakhstan Kazakhstan Case Stu… · Case Study – Developing consultancy skills in Kazakhstan CMC Kazakhstan Kazakhstan Chamber of

ARMING BUSINESSES TO COMBAT MODERN …...ARMING BUSINESSES TO COMBAT MODERN CYBER THREATS Award-winning cyber security services to defend against increasingly sophisticated attacks

October 2013 Under cyber attack · organization’s information security program versus where it needs to be to successfully defend the more insidious cyber attacks the majority of

caseism.com › wp-content › uploads › 2015 › 10 › The-Vulnerabilit… · civilians and military will work together to defend against cyber attacks using stronger and more

Referenze - Berti · PALAZZO DEL GOVERNO - Akmola - Kazakhstan GOVERNMENT PALACE - Akmola - Kazakhstan ASTANA HOTEL - Akmola – Kazakhstan ASTANA HOTEL - Akmola - Kazakhstan MUSEO

PALANTIR · DEFEND AGAINST CYBER ATTACKS With Palantir, organizations can improve enterprise-wide situational awareness and obtain a comprehensive understanding of threats facing

KAZAKHSTANvipromotion.kz/uploads/events/5525fc0bc749c/5525fc0bc749c.pdfОрганизатор: KAZAKHSTAN KAZAKHSTAN EXPOFORUM Meeting Club Kazakhstan KAZAKHSTAN EXPOFORUM 14-15 ноября

ADVISORY MEMORANDUM ON ENSURING ESSENTIAL CRITICAL ...€¦ · CISA | DEFEND TODAY,SECURE TOMORROW 1 [email protected] @CISAgov | @cyber | @uscert_govLinkedin.com/company/cisagov

Illinois Cyber Navigator Program · What does PA 100-0587 do? Creates the “Cyber Navigator Program” An effort to help election authorities to defend against cyber breaches and

Defend Life

Security Solution - IBM Business Connect Qatar Defend your company against cyber threats with security solutions

Issue 35 - NATO · 2019-08-09 · Cyber threats, attacks and fundamental cyber defence responsibility of NATO to defend its own networks and assist Allies received a detailed discussion

Anatomy of an Attack Cyber Threats Facing CIOs and How to ... · Cyber Threats Facing CIOs and How to Defend Against Them. Agenda ... • Up-to-date anti-virus/anti-malware software

Kazakhstan Project - Eni · Kazakhstan Project Pietro Cavanna ... Presentation of Kashagan Development Plan & Budget ... Eni’s History in Kazakhstan. Kazakhstan

Agile Virtualized Infrastructure to Proactively Defend Against … · 2015-03-19 · Agile Virtualized Infrastructure to Proactively Defend Against Cyber Attacks Fida Gillani ∗,

Agile Virtualized Infrastructure to Proactively Defend ... · Agile Virtualized Infrastructure to Proactively Defend Against Cyber Attacks ... Apart from providing one time resource

Country Seminar: Kazakhstan Country seminar : Kazakhstan · Country seminar : Kazakhstan Luxembourg Chamber of Commerce 2nd of March, 2017 Country Seminar: Kazakhstan

CYBER THREAT DATA SHARING NEEDS REFINEMENT. Without data sharing, it is almost impossible to detect, defend and contain systemic attacks early. While sharing cyber threat data sounds

Cyber negotiation: a cyber risk management approach to defend … · 2019-03-04 · Cyber negotiation: a cyber risk management approach to defend urban critical infrastructure from

KAZAKHSTAN - ebrd.com · the Republic of Kazakhstan. Kazakhstan

Defend illustrator

Introducing the Economics of Cybersecurity: Principles and ...cs.brown.edu/courses/csci1800/sources/lec27/Moore.pdf · Cyber Command to defend the domestic Internet infrastructure

U. S. Fleet Cyber Command / TENTH Fleet Strategic …. S. Fleet Cyber Command / TENTH Fleet Strategic Plan 2015-2020 3 Goal 1: operate the Network as a Warfighting Platform Defend

Brochure DEFEND

OREGON CYBER RESILIENCE SUMMIT CISA · “DEFEND TODAY, SECURE TOMORROW” We lead the Nation’s risk management efforts by bringing together diverse stakeholders to collaboratively

688th Cyberspace Wing › › resource › resmgr › ... · 2019-03-20 · DoD Cyberspace Operations Missions • Defend the Nation from Cyber Attacks of Significant Consequence

We defend your right to defend yourself