Your SlideShare is downloading. ×
0
Financial institution security top it security risk
Financial institution security top it security risk
Financial institution security top it security risk
Financial institution security top it security risk
Financial institution security top it security risk
Financial institution security top it security risk
Financial institution security top it security risk
Financial institution security top it security risk
Financial institution security top it security risk
Financial institution security top it security risk
Financial institution security top it security risk
Financial institution security top it security risk
Financial institution security top it security risk
Financial institution security top it security risk
Financial institution security top it security risk
Financial institution security top it security risk
Financial institution security top it security risk
Financial institution security top it security risk
Financial institution security top it security risk
Financial institution security top it security risk
Financial institution security top it security risk
Financial institution security top it security risk
Financial institution security top it security risk
Financial institution security top it security risk
Financial institution security top it security risk
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Financial institution security top it security risk

388

Published on

Redspin founder and security evangelist, John Abraham gives a keynote speaker at a Financial Institution's Security Conference.

Redspin founder and security evangelist, John Abraham gives a keynote speaker at a Financial Institution's Security Conference.

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
388
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
10
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Financial Institution SecurityTop IT Security RiskApril 13, 2011 - John Abraham
  • 2. Issue 1:Systematic Risk Management Focus, focus, focus
  • 3. Source: ISO 27001, NIST SP 800-39, PCI DSS, FFIEC, COBIT, 3HIPAA - Administrative Safeguards (§164.308), ...
  • 4. 4
  • 5. Issue 2:Mobile Devices in the Enterprise
  • 6. Issue 3:Wireless
  • 7. Issue 4:Social Media Information Disclosure
  • 8. Issue 5:Virtualization Sprawl
  • 9. Issue 6: rd3 -Party Mobile Applications Patch Management + Mobile Applications = Danger!
  • 10. Issue 7:Vendor Management The days of “Oops, it was the vendor” being a valid excuse for a data breach are long over.
  • 11. Issue 8:SQL Injection Never trust the user!
  • 12. Issue 9:Inadequate Testing Programs Existence does not equal Effective
  • 13. 14
  • 14. PIX Version 6.3(5)interface ethernet0 autointerface ethernet1 autointerface ethernet2 autonameif ethernet0 outside security0nameif ethernet1 inside security100nameif ethernet2 dmz security50...access-list out permit tcp any host 10.0.0.15 eq smtpaccess-list out permit tcp any host 10.0.0.15 eq wwwaccess-list dmz permit ip host 192.168.0.13 172.16.0.0 255.255.255.0access-list dmz deny ip 192.168.0.0 255.255.255.0 172.16.0.0 255.255.255.0access-list dmz permit tcp host 192.168.0.13 172.16.0.0 255.255.255.0 eq smtpaccess-list in deny tcp host 172.16.0.2 host 192.168.0.13 eq ftpaccess-list in permit tcp 172.16.0.0 255.255.255.0 any eq wwwaccess-list in permit tcp 172.16.0.0 255.255.255.0 any eq httpsaccess-list in permit tcp 172.16.0.0 255.255.255.0 any eq 37access-list in permit udp 172.16.0.0 255.255.255.0 any eq timeaccess-list in permit udp 172.16.0.0 255.255.255.0 any eq domainaccess-list in permit udp 172.16.0.0 255.255.255.0 any eq telnetaccess-list in permit tcp 172.16.0.0 255.255.255.0 any eq sshaccess-list in permit tcp 172.16.0.0 255.255.255.0 any eq daytimeaccess-list in permit tcp 172.16.0.0 255.255.255.0 host 192.168.0.13 eq wwwaccess-list in permit tcp 172.16.0.0 255.255.255.0 host 192.168.0.13 eq https...ip address outside 10.0.0.2 255.255.255.0ip address inside 172.16.0.2 255.255.255.0ip address dmz 192.168.0.1 255.255.255.0ip audit info action alarmip audit attack action alarmpdm history enablearp timeout 14400global (outside) 1 10.0.0.3nat (inside) 1 172.16.0.0 255.255.255.0 0 0static (dmz,outside) 10.0.0.15 192.168.0.13 netmask 255.255.255.255 0 0access-group out in interface outsideaccess-group in in interface insideaccess-group dmz in interface dmz... 15
  • 15. PIX Version 6.3(5)interface ethernet0 autointerface ethernet1 autointerface ethernet2 autonameif ethernet0 outside security0nameif ethernet1 inside security100nameif ethernet2 dmz security50...access-list out permit tcp any host 10.0.0.15 eq smtpaccess-list out permit tcp any host 10.0.0.15 eq wwwaccess-list dmz permit ip host 192.168.0.13 172.16.0.0 255.255.255.0access-list dmz deny ip 192.168.0.0 255.255.255.0 172.16.0.0 255.255.255.0access-list dmz permit tcp host 192.168.0.13 172.16.0.0 255.255.255.0 eq smtpaccess-list in deny tcp host 172.16.0.2 host 192.168.0.13 eq ftpaccess-list in permit tcp 172.16.0.0 255.255.255.0 any eq wwwaccess-list in permit tcp 172.16.0.0 255.255.255.0 any eq httpsaccess-list in permit tcp 172.16.0.0 255.255.255.0 any eq 37access-list in permit udp 172.16.0.0 255.255.255.0 any eq timeaccess-list in permit udp 172.16.0.0 255.255.255.0 any eq domainaccess-list in permit udp 172.16.0.0 255.255.255.0 any eq telnetaccess-list in permit tcp 172.16.0.0 255.255.255.0 any eq sshaccess-list in permit tcp 172.16.0.0 255.255.255.0 any eq daytimeaccess-list in permit tcp 172.16.0.0 255.255.255.0 host 192.168.0.13 eq wwwaccess-list in permit tcp 172.16.0.0 255.255.255.0 host 192.168.0.13 eq https...ip address outside 10.0.0.2 255.255.255.0ip address inside 172.16.0.2 255.255.255.0ip address dmz 192.168.0.1 255.255.255.0ip audit info action alarmip audit attack action alarmpdm history enablearp timeout 14400global (outside) 1 10.0.0.3nat (inside) 1 172.16.0.0 255.255.255.0 0 0static (dmz,outside) 10.0.0.15 192.168.0.13 netmask 255.255.255.255 0 0access-group out in interface outsideaccess-group in in interface insideaccess-group dmz in interface dmz... 16
  • 16. + + Free USB Drives
  • 17. Issue 10:Social Engineering... phishingOur testing shows:  30% failure rateRecent news:  Epsilon breach  RSA Security breach
  • 18. Issue 10.5:Lack of Mobile Device Security PolicyPolicy components:  Access control  Authentication  Encryption  Incident response  Training & awareness  Vulnerability management
  • 19. { Thanks! } John Abrahamjabraham@redspin.com 805-705-8040 (mobile)
  • 20. Summary:Top Security Risks for 2011 Risk Management Mobile Devices in the Enterprise Wireless Social Media Information Disclosure Virtualization Sprawl 3rd-Party Mobile Applications Vendor Management SQL Injection Inadequate Testing Programs Social Engineering Mobile Device Security Policy
  • 21. And from last year:Dont forget about.... Faulty DMZs Virus protection Encryption

×