Top 10 Database Threats

4,793 views
4,466 views

Published on

Why do databases have the highest rate of breaches among all business assets? The answer is simple: they house the sensitive business data that malicious insiders and hackers want most. The risk of a database breach can be mitigated by implementing internal controls and following industry best practices - but you must first understand the shifting threat landscape. This presentation will (1) present the top 10 threats to your database in 2013 (2) define a layered defense strategy for preventing database breaches using industry best practices (3) demonstrate a successful defense against data theft with a customer case study.

Published in: Technology
0 Comments
2 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
4,793
On SlideShare
0
From Embeds
0
Number of Embeds
5
Actions
Shares
0
Downloads
776
Comments
0
Likes
2
Embeds 0
No embeds

No notes for slide

Top 10 Database Threats

  1. 1. Top 10 Database Threats 2013Raphael ReichSenior Director, Product Marketing © 2013 Imperva, Inc. All rights reserved.
  2. 2. Overview Background Top 10 database threats Neutralizing the threats2 © 2013 Imperva, Inc. All rights reserved.
  3. 3. Raphael Reich Sr. Director, Product Marketing | Imperva Expertise + 20+ years in product marketing, product management, and software engineering Professional Experience + Cisco, Check Point, Network General Academics + Bachelor’s degree in Computer Science from UC Santa Cruz + MBA from UCLA © 2013 Imperva, Inc. All rights reserved.
  4. 4. Background4 © 2013 Imperva, Inc. All rights reserved.
  5. 5. Background Ninety six percent (96%) of records breached are from databases. 2012 Verizon Data Breach Report 5% 95% Less than 5% of Security spend is on data center security. Worldwide Security Products 2011-2014 Forecast (IDC -February 2011)5 © 2013 Imperva, Inc. All rights reserved.
  6. 6. What’s changed?6 © 2013 Imperva, Inc. All rights reserved.
  7. 7. Top 10 Threats7 © 2013 Imperva, Inc. All rights reserved.
  8. 8. (1) Excessive and Unused Privileges Used to work in Accounts Payable Jim works in Sales Uses his access for personal enrichment8 © 2013 Imperva, Inc. All rights reserved.
  9. 9. (1) Excessive and Unused Privileges9 © 2013 Imperva, Inc. All rights reserved.
  10. 10. (2) Privilege Abuse10 © 2013 Imperva, Inc. All rights reserved.
  11. 11. (2) Privilege Abuse11 © 2013 Imperva, Inc. All rights reserved.
  12. 12. (3) SQL Injection The Best Way To Spend Your Security Budget “…one SQL injection attack can bring in big bucks. Its a Admin no-brainer that you should OR 1 = 1 -- make this problem top priority.” Dark Reading, Feb 28, 201312 © 2013 Imperva, Inc. All rights reserved.
  13. 13. (3) SQL Injection13 © 2013 Imperva, Inc. All rights reserved.
  14. 14. (4) Malware69% of breaches incorporated malware Source: Verizon Data Breach Report, 201214 © 2013 Imperva, Inc. All rights reserved.
  15. 15. (4) Malware15 © 2013 Imperva, Inc. All rights reserved.
  16. 16. (5) Weak Audit Trail16 © 2013 Imperva, Inc. All rights reserved.
  17. 17. (5) Weak Audit Trail17 © 2013 Imperva, Inc. All rights reserved.
  18. 18. (6) Storage Media Exposure How South Carolina Failed To Spot Hack Attack “…the attacker had successfully located and begun copying 23 database backup files…” Information Week, November 26, 201218 © 2013 Imperva, Inc. All rights reserved.
  19. 19. (6) Storage Media Exposure19 © 2013 Imperva, Inc. All rights reserved.
  20. 20. (7) Database Vulnerability Exploitation20 © 2013 Imperva, Inc. All rights reserved.
  21. 21. (7) Database Vulnerability Exploitation21 © 2013 Imperva, Inc. All rights reserved.
  22. 22. (8) Unmanaged Sensitive Data22 © 2013 Imperva, Inc. All rights reserved.
  23. 23. (8) Unmanaged Sensitive Data23 © 2013 Imperva, Inc. All rights reserved.
  24. 24. (9) Denial of Service24 © 2013 Imperva, Inc. All rights reserved.
  25. 25. (9) Denial of Service25 © 2013 Imperva, Inc. All rights reserved.
  26. 26. (10) Limited Security Expertise & Education26 © 2013 Imperva, Inc. All rights reserved.
  27. 27. (10) Limited Security Expertise & Education27 © 2013 Imperva, Inc. All rights reserved.
  28. 28. Neutralizing Threats28 © 2013 Imperva, Inc. All rights reserved.
  29. 29. Layered Approach to Database Security Discovery and Assessment User Rights Management Monitoring and Blocking Auditing Data Protection Non-Technical Security29 © 2013 Imperva, Inc. All rights reserved.
  30. 30. Discovery & Assessment30 © 2013 Imperva, Inc. All rights reserved.
  31. 31. User Rights Management31 © 2013 Imperva, Inc. All rights reserved.
  32. 32. Monitoring and Blocking32 © 2013 Imperva, Inc. All rights reserved.
  33. 33. Auditing33 © 2013 Imperva, Inc. All rights reserved.
  34. 34. Data Protection34 © 2013 Imperva, Inc. All rights reserved.
  35. 35. Non-Technical Security35 © 2013 Imperva, Inc. All rights reserved.
  36. 36. Customer Use Case: Sensitive Data Auditing36 © 2013 Imperva, Inc. All rights reserved.
  37. 37. Sensitive Data Auditing Use CaseDatabase User SecureSphere DAM:  Capture audit details and generate A multinational oil & gas reports company needed to:  Generate SIEM alerts  Streamline database auditing for PCI and SOX  Reduce time and log collection errors  Send activity alerts to Security Information Event Manager (SIEM) Audit Reports Audit Logs ! SIEM 37 © 2013 Imperva, Inc. All rights reserved.
  38. 38. Auditing Sensitive Data – Key Capabilities Activity Auditing SecureSphere DAMCollect and recorddatabase activitydetails Satisfy compliance requirements Conduct forensic Users Audit Policies Databases Audit Details analysis Privileged User MonitoringMonitor privileged or“power” users Enforce Separation of Duties See all activity incl. local Audit Policies Privileged User access Database Agent Appliance Block if needed38 © 2013 Imperva, Inc. All rights reserved.
  39. 39. Auditing Sensitive Data – Key Capabilities ReportingEnterprise class PCI, HIPAA, SOX…reporting framework Custom Analyze threats Accelerate compliance Dashboard AlertingAlert in real time onsuspicious behavior SYSLOG Quickly identify attacks Prevent data theft Email SIEM39 © 2013 Imperva, Inc. All rights reserved.
  40. 40. Auditing Sensitive Data – Key Capabilities Discovery & Classification Discover DBs and classify sensitive information Credit Cards  Discover active DB services  Identify rogue DBs Rogue  Determine what needs SSN to be monitored PII SecureSphere DAS40 © 2013 Imperva, Inc. All rights reserved.
  41. 41. Webinar Materials Join Imperva LinkedIn Group, Imperva Data Security Direct, for… Answers to Post-Webinar Attendee Discussions Questions Webinar Join Group Recording Link © 2013 Imperva, Inc. All rights reserved.
  42. 42. www.imperva.com- - © 2013 Imperva, Inc. All rights reserved.

×