Your SlideShare is downloading. ×
0
Financial Institution SecurityTop IT Security RiskApril 13, 2011 - John Abraham
Issue 1:Systematic Risk Management                    Focus,                    focus,                    focus
Source: ISO 27001, NIST SP 800-39, PCI DSS, FFIEC, COBIT,   3HIPAA - Administrative Safeguards (§164.308), ...
4
Issue 2:Mobile Devices in the Enterprise
Issue 3:Wireless
Issue 4:Social Media Information Disclosure
Issue 5:Virtualization Sprawl
Issue 6:  rd3 -Party Mobile Applications    Patch Management            +    Mobile Applications           = Danger!
Issue 7:Vendor Management           The days of    “Oops, it was the vendor”  being a valid excuse for a data      breach ...
Issue 8:SQL Injection        Never trust the user!
Issue 9:Inadequate Testing Programs          Existence           does not equal           Effective
14
PIX Version 6.3(5)interface ethernet0 autointerface ethernet1 autointerface ethernet2 autonameif ethernet0 outside securit...
PIX Version 6.3(5)interface ethernet0 autointerface ethernet1 autointerface ethernet2 autonameif ethernet0 outside securit...
+   +      Free        USB Drives
Issue 10:Social Engineering... phishingOur testing shows:  30% failure rateRecent news:  Epsilon breach  RSA Security b...
Issue 10.5:Lack of Mobile Device Security PolicyPolicy components:  Access control  Authentication  Encryption  Incide...
{ Thanks! }    John Abrahamjabraham@redspin.com 805-705-8040 (mobile)
Summary:Top Security Risks for 2011   Risk Management   Mobile Devices in the Enterprise   Wireless   Social Media Inf...
And from last year:Dont forget about.... Faulty DMZs Virus protection Encryption
Financial institution security top it security risk
Financial institution security top it security risk
Financial institution security top it security risk
Financial institution security top it security risk
Upcoming SlideShare
Loading in...5
×

Financial institution security top it security risk

390

Published on

Redspin founder and security evangelist, John Abraham gives a keynote speaker at a Financial Institution's Security Conference.

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
390
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
10
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Transcript of "Financial institution security top it security risk"

  1. 1. Financial Institution SecurityTop IT Security RiskApril 13, 2011 - John Abraham
  2. 2. Issue 1:Systematic Risk Management Focus, focus, focus
  3. 3. Source: ISO 27001, NIST SP 800-39, PCI DSS, FFIEC, COBIT, 3HIPAA - Administrative Safeguards (§164.308), ...
  4. 4. 4
  5. 5. Issue 2:Mobile Devices in the Enterprise
  6. 6. Issue 3:Wireless
  7. 7. Issue 4:Social Media Information Disclosure
  8. 8. Issue 5:Virtualization Sprawl
  9. 9. Issue 6: rd3 -Party Mobile Applications Patch Management + Mobile Applications = Danger!
  10. 10. Issue 7:Vendor Management The days of “Oops, it was the vendor” being a valid excuse for a data breach are long over.
  11. 11. Issue 8:SQL Injection Never trust the user!
  12. 12. Issue 9:Inadequate Testing Programs Existence does not equal Effective
  13. 13. 14
  14. 14. PIX Version 6.3(5)interface ethernet0 autointerface ethernet1 autointerface ethernet2 autonameif ethernet0 outside security0nameif ethernet1 inside security100nameif ethernet2 dmz security50...access-list out permit tcp any host 10.0.0.15 eq smtpaccess-list out permit tcp any host 10.0.0.15 eq wwwaccess-list dmz permit ip host 192.168.0.13 172.16.0.0 255.255.255.0access-list dmz deny ip 192.168.0.0 255.255.255.0 172.16.0.0 255.255.255.0access-list dmz permit tcp host 192.168.0.13 172.16.0.0 255.255.255.0 eq smtpaccess-list in deny tcp host 172.16.0.2 host 192.168.0.13 eq ftpaccess-list in permit tcp 172.16.0.0 255.255.255.0 any eq wwwaccess-list in permit tcp 172.16.0.0 255.255.255.0 any eq httpsaccess-list in permit tcp 172.16.0.0 255.255.255.0 any eq 37access-list in permit udp 172.16.0.0 255.255.255.0 any eq timeaccess-list in permit udp 172.16.0.0 255.255.255.0 any eq domainaccess-list in permit udp 172.16.0.0 255.255.255.0 any eq telnetaccess-list in permit tcp 172.16.0.0 255.255.255.0 any eq sshaccess-list in permit tcp 172.16.0.0 255.255.255.0 any eq daytimeaccess-list in permit tcp 172.16.0.0 255.255.255.0 host 192.168.0.13 eq wwwaccess-list in permit tcp 172.16.0.0 255.255.255.0 host 192.168.0.13 eq https...ip address outside 10.0.0.2 255.255.255.0ip address inside 172.16.0.2 255.255.255.0ip address dmz 192.168.0.1 255.255.255.0ip audit info action alarmip audit attack action alarmpdm history enablearp timeout 14400global (outside) 1 10.0.0.3nat (inside) 1 172.16.0.0 255.255.255.0 0 0static (dmz,outside) 10.0.0.15 192.168.0.13 netmask 255.255.255.255 0 0access-group out in interface outsideaccess-group in in interface insideaccess-group dmz in interface dmz... 15
  15. 15. PIX Version 6.3(5)interface ethernet0 autointerface ethernet1 autointerface ethernet2 autonameif ethernet0 outside security0nameif ethernet1 inside security100nameif ethernet2 dmz security50...access-list out permit tcp any host 10.0.0.15 eq smtpaccess-list out permit tcp any host 10.0.0.15 eq wwwaccess-list dmz permit ip host 192.168.0.13 172.16.0.0 255.255.255.0access-list dmz deny ip 192.168.0.0 255.255.255.0 172.16.0.0 255.255.255.0access-list dmz permit tcp host 192.168.0.13 172.16.0.0 255.255.255.0 eq smtpaccess-list in deny tcp host 172.16.0.2 host 192.168.0.13 eq ftpaccess-list in permit tcp 172.16.0.0 255.255.255.0 any eq wwwaccess-list in permit tcp 172.16.0.0 255.255.255.0 any eq httpsaccess-list in permit tcp 172.16.0.0 255.255.255.0 any eq 37access-list in permit udp 172.16.0.0 255.255.255.0 any eq timeaccess-list in permit udp 172.16.0.0 255.255.255.0 any eq domainaccess-list in permit udp 172.16.0.0 255.255.255.0 any eq telnetaccess-list in permit tcp 172.16.0.0 255.255.255.0 any eq sshaccess-list in permit tcp 172.16.0.0 255.255.255.0 any eq daytimeaccess-list in permit tcp 172.16.0.0 255.255.255.0 host 192.168.0.13 eq wwwaccess-list in permit tcp 172.16.0.0 255.255.255.0 host 192.168.0.13 eq https...ip address outside 10.0.0.2 255.255.255.0ip address inside 172.16.0.2 255.255.255.0ip address dmz 192.168.0.1 255.255.255.0ip audit info action alarmip audit attack action alarmpdm history enablearp timeout 14400global (outside) 1 10.0.0.3nat (inside) 1 172.16.0.0 255.255.255.0 0 0static (dmz,outside) 10.0.0.15 192.168.0.13 netmask 255.255.255.255 0 0access-group out in interface outsideaccess-group in in interface insideaccess-group dmz in interface dmz... 16
  16. 16. + + Free USB Drives
  17. 17. Issue 10:Social Engineering... phishingOur testing shows:  30% failure rateRecent news:  Epsilon breach  RSA Security breach
  18. 18. Issue 10.5:Lack of Mobile Device Security PolicyPolicy components:  Access control  Authentication  Encryption  Incident response  Training & awareness  Vulnerability management
  19. 19. { Thanks! } John Abrahamjabraham@redspin.com 805-705-8040 (mobile)
  20. 20. Summary:Top Security Risks for 2011 Risk Management Mobile Devices in the Enterprise Wireless Social Media Information Disclosure Virtualization Sprawl 3rd-Party Mobile Applications Vendor Management SQL Injection Inadequate Testing Programs Social Engineering Mobile Device Security Policy
  21. 21. And from last year:Dont forget about.... Faulty DMZs Virus protection Encryption
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×