With each passing year, the security threats facing computer networks have become more technically sophisticated, better organized and harder to detect. At the same time, the consequences of failure to block these attacks have increased. In addition to the economic consequences of financial fraud, we are seeing real-world attacks that impact the reliability of critical infrastructure and national security.
Join Lancope's Director of Security Research to learn about five key challenges that computer security professionals face in 2013, including:
1. State-sponsored espionage and sabotage of computer networks
2. Monster DDoS attacks
3. The loss of visibility and control created by IT consumerization and the cloud
4. The password debacle
5. Insider threats
Exploring ChatGPT Prompt Hacks To Maximally Optimise Your Queries
Challenges2013
1. 5 Cyber Security Challenges
for 2013
Tom Cross, Director of Security Research
tcross@lancope.com
(770) 225-6557
2. 5 CyberSecurity Challenges for 2013
Stated Sponsored Computer Intrusions
Monster DDOS Attacks
Loss of Visibility and Control created by IT Consumerization and the Cloud
The Password Debacle
The Insider Threat
10. 2013 is the year to demand our visibility back!
Cloud Services can provide authentication logs, netflow
– They may not have architected their services this way, but it is technically feasible
Netflow can provide visibility into private clouds
Identity aware Netflow provides a way to monitor mobile devices
10
User Name MAC Address Device Type
Bob.Smith
8c:77:12:a5:64:05
(Samsung
Electronics Co.,Ltd)
Android
John.Doe
10:9a:dd:27:cb:70
(Apple Inc)
Apple-iPhone
When a mobile device is
acting up it is critical to be
able to connect network
transactions with the person
who has the physical device.
13. The Insider Threat
• Internal Threats was ranked the #1 security concern closely followed by APT
o Respondents who ranked Insider Threats as their #1 security concern also had the
highest increase in network traffic due to additional mobile devices.
Security Concern Ranking
Insider Threats 1
APTs (DirectedAttacks) 2
IT Consumerization/ User Mobility / BYOD 3
Virtualization/ CloudComputing 4
Compliance 5
14. CERT Research on Insider Threat
14
CERT Insider Threat Research
12 years of history
Over 700 insider threat
cases
IT Sabotage
– Average: $1.7 million
– Median: $50,000
IP Theft
– Average: $13.5 million
– Median: $337,000
15. Combating Insider Threat is a multidisciplinary challenge
IT
HR Legal
IT cannot address insider threat by itself
– People have a tendency to think that IT is solely responsible for all computer security issues.
Legal: Are policies in place? Are they realistic? Does legal support IT practices?
HR: Who is coming and going? Who has workplace issues? Are there soft solutions?
IT: Is the privacy of end users adequately protected?
What impact on workplace harmony are policies, monitoring, and enforcement having?
Are you applying policies consistently?
15