Ivo Depoorter
Whois I Functions Sysadmin, DBA, CIO, ADP instructor, SSO,Security consultant Career (20 y) NATO – Local government – ...
Course outline Information security? Security Why? Security approach Vocabulary The weakest link Real life security ...
Information security?According to Wikipedia, ISO2700x, CISSP,SANS,…. Confidentiality: Classified information must, be pro...
Information security?Security attributes according to the Belgianprivacycommission Confidentiality Integrity Availabili...
CIA ExerciseDefacing of Belgian Army website
CIA Exercise Confidentiality ?? Webserver only hosting public information? Webserver separated from LAN? Integrity A...
Security Why? Compliance with law Protect (valuable) assets Prevent production breakdowns Protect reputation, (non-)co...
Security approach Both technical and non-technical countermeasures. Top-management approval and support! Communicate! ...
ISO 27002 Section 0 Introduction Section 1 Scope Section 2 Terms and Definitions Section 3 Structure of the Standard ...
ISO 27002 - Example10 9 11 15Procedures Physical access Logical accessSecurity audit local government > 500 employeesTechn...
Security vocabulary - Threat A potential cause of an unwanted incident, which mayresult in harm to individuals, assets, a...
Security vocabulary - Damage Harm or injury to property or a person, resulting in loss ofvalue or the impairment of usefu...
Security vocabulary - Risk Combination of the probability of an event and itsconsequence. Risk components Threat (proba...
The Zen of Risk What is just the right amount of security? Seeking Balance betweenSecurity (Yin) and Business (Yang)Pote...
Security vocabulary - AAA Authentication: technologies used to determine theauthenticity of users, network nodes, and doc...
The weakest linkSEC_RITY is not complete without U!Countermeasures:• Force password policy onserver• Train personnel• Use ...
The weakest linkAmateurs hack systems, professionals hack people!Countermeasures:• Implement security & accesspolicies• Jo...
Hacking stepsStep Countermeasures (short list)1. Reconnaissance Be careful with information2. Network mapping Network IDS ...
Logical security• VLAN’s• Password policy• …Real life security sampleHigh security (war)zoneIlliterate (local) cleaningper...
We learned…. Security is CIA(+) Why: law, reputation, production continuity,… Approach: layered, technical & non-techni...
Information security for dummies
Upcoming SlideShare
Loading in...5
×

Information security for dummies

467

Published on

Informatieveiligheid voor beginners

Published in: Education, Technology
1 Comment
0 Likes
Statistics
Notes
  • Be the first to like this

No Downloads
Views
Total Views
467
On Slideshare
0
From Embeds
0
Number of Embeds
3
Actions
Shares
0
Downloads
20
Comments
1
Likes
0
Embeds 0
No embeds

No notes for slide

Information security for dummies

  1. 1. Ivo Depoorter
  2. 2. Whois I Functions Sysadmin, DBA, CIO, ADP instructor, SSO,Security consultant Career (20 y) NATO – Local government – Youth care Training Lots of Microsoft, Linux, networking,programming… Security: Site Security Officer, CISSP, BCM,Ethical Hacking, network scanning,…
  3. 3. Course outline Information security? Security Why? Security approach Vocabulary The weakest link Real life security sample
  4. 4. Information security?According to Wikipedia, ISO2700x, CISSP,SANS,…. Confidentiality: Classified information must, be protectedfrom unauthorized disclosure. Integrity: Information must be protected againstunauthorized changes and modification. Availability: the information processed, and the servicesprovided must be protected from deliberate or accidentalloss, destruction, or interruption of services.
  5. 5. Information security?Security attributes according to the Belgianprivacycommission Confidentiality Integrity Availability+ Accountability Non-repudiation Authenticity Reliability
  6. 6. CIA ExerciseDefacing of Belgian Army website
  7. 7. CIA Exercise Confidentiality ?? Webserver only hosting public information? Webserver separated from LAN? Integrity Availability Unauthorized changes! Information is no longer available
  8. 8. Security Why? Compliance with law Protect (valuable) assets Prevent production breakdowns Protect reputation, (non-)commercial image Meet customer & shareholder requirements Keep personnel happy
  9. 9. Security approach Both technical and non-technical countermeasures. Top-management approval and support! Communicate! Information security needs alayered approach!!! Best practices COBITControl Objectives for Information and related Technology ISO 27002 (ISO 17799)Code of practice for information security management …..
  10. 10. ISO 27002 Section 0 Introduction Section 1 Scope Section 2 Terms and Definitions Section 3 Structure of the Standard Section 4 Risk Assessment and Treatment Section 5 Security Policy Section 6 Organizing Information Security Section 7 Asset Management Section 8 Human Resources Security Section 9 Physical and Environmental Security Section 10 Communications and Operations Management Section 11 Access Control Section 12 Information Systems Acquisition, Development andMaintenance Section 13 Information Security Incident Management Section 14 Business Continuity Management Section 15 Compliance
  11. 11. ISO 27002 - Example10 9 11 15Procedures Physical access Logical accessSecurity audit local government > 500 employeesTechnique: Social EngineeringInternal audit
  12. 12. Security vocabulary - Threat A potential cause of an unwanted incident, which mayresult in harm to individuals, assets, a system ororganization, the environment, or the community.(BCI) Samples: Fire Death of a key person (SPOK or Single Point of Knowledge) Crash of a critical network component e.g. core switch (SPOF: singlepoint of failure) …
  13. 13. Security vocabulary - Damage Harm or injury to property or a person, resulting in loss ofvalue or the impairment of usefulness Damage in information security: Operational Financial Legal Reputational Damage defaced Belgian Army website? Operational: probably (temporary frontpage, patch management,….) Financial: probably (training personnel, hiring consultancy,….) Legal: probably (lawsuit against external responsible?) Reputational: certainly!
  14. 14. Security vocabulary - Risk Combination of the probability of an event and itsconsequence. Risk components Threat (probability) Damage (amount) Example:DamageProcess Threat O F L R Max impact Probability RiskFood freezing Electricity Failure > 24 h 4 3 2 2 4 2 8
  15. 15. The Zen of Risk What is just the right amount of security? Seeking Balance betweenSecurity (Yin) and Business (Yang)Potential Loss CostCountermeasures Productivity
  16. 16. Security vocabulary - AAA Authentication: technologies used to determine theauthenticity of users, network nodes, and documents Authorization: who is allowed to do what? Accountability: is it possible to find out who has madeany operations?• Strong authentication(two-factor or multifactor)• Something you know (password, PIN,…)• Something you have (token,…)• Something you are (fingerprint, …)
  17. 17. The weakest linkSEC_RITY is not complete without U!Countermeasures:• Force password policy onserver• Train personnel• Use strong authentication• …
  18. 18. The weakest linkAmateurs hack systems, professionals hack people!Countermeasures:• Implement security & accesspolicies• Job rotation• Encryption• Employee awareness training• Audit trail of all accesses todocuments• ….
  19. 19. Hacking stepsStep Countermeasures (short list)1. Reconnaissance Be careful with information2. Network mapping Network IDS – block ICMP3. Exploiting System hardening4. Keeping access IDS – Antivirus – rootkit scanners5. Covering TracksReconnaissance (information gathering):Searching interesting information on discussion groups/forum,social networks, customer reference lists, Google hacks…
  20. 20. Logical security• VLAN’s• Password policy• …Real life security sampleHigh security (war)zoneIlliterate (local) cleaningpersonnel(Use opportunities!!!)Physical security:• Personnel clearance• Physical control• Pc placement (shoulder surfing)• Clean desk policy• Shredder• Lock screen policy• Fiber to pcWWW> 2 mLANTempest!!!
  21. 21. We learned…. Security is CIA(+) Why: law, reputation, production continuity,… Approach: layered, technical & non-technical, supportfrom CEO, lots of communication Vocabulary: threat, damage, risk, (strong)authentication,authorization, accountability Risk = threat * damage Security balance: loss vs. cost& countermeasures vs. productivity The weakest link is personnel! A hacker starts with information gathering
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×