Garland Group - Top Security Threats of 2011

  • 459 views
Uploaded on

This was a presentation given by Garland Group consultant, Eric Kitchens, in April 2011 where he talks about the latest security trends in banking.

This was a presentation given by Garland Group consultant, Eric Kitchens, in April 2011 where he talks about the latest security trends in banking.

More in: Education
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
459
On Slideshare
0
From Embeds
0
Number of Embeds
2

Actions

Shares
Downloads
13
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Top Security Threats for 2011Thursday, March 31, 2011
  • 2. Presenter Eric Kitchens, CISSP/CISA eric@thegarlandgroup.netThursday, March 31, 2011
  • 3. riskkey.com • IT Audit / Security Testing • Continuous Compliance • Collaboration ConsultingThursday, March 31, 2011
  • 4. What Are The Top Security Threats for 2011?Thursday, March 31, 2011
  • 5. Something Old, Something New, Something Borrowed...Thursday, March 31, 2011
  • 6. Something Old, Something New, Something Borrowed... Threats that were big news in the past are still out there.Thursday, March 31, 2011
  • 7. Something Old, Something New, Something Borrowed... Threats that were big news in the past are still out there. New and emerging threats often are combinations of “old” threats.Thursday, March 31, 2011
  • 8. Something Old, Something New, Something Borrowed... Threats that were big news in the past are still out there. New and emerging threats often are combinations of “old” threats. It’s never too late to mitigate.Thursday, March 31, 2011
  • 9. Something Old... Threats that have been with us for many years and will be with us for years to come.Thursday, March 31, 2011
  • 10. Something Old... Threats that have been with us for many years and will be with us for years to come. • Mobile DevicesThursday, March 31, 2011
  • 11. Something Old... Threats that have been with us for many years and will be with us for years to come. • Mobile Devices • Cloud Computing & VirtualizationThursday, March 31, 2011
  • 12. Something Old... Threats that have been with us for many years and will be with us for years to come. • Mobile Devices • Cloud Computing & Virtualization • Application VulnerabilitiesThursday, March 31, 2011
  • 13. Mobile DevicesThursday, March 31, 2011
  • 14. Mobile Devices • Various PlatformsThursday, March 31, 2011
  • 15. Mobile Devices • Various Platforms • Mal-Ware in the AppStoreThursday, March 31, 2011
  • 16. Mobile Devices • Various Platforms • Mal-Ware in the AppStore • Merging Business & Personal UseThursday, March 31, 2011
  • 17. Mobile Devices • Various Platforms • Mal-Ware in the AppStore • Merging Business & Personal Use • Lost or Stolen Devices & DataThursday, March 31, 2011
  • 18. Cloud ComputingThursday, March 31, 2011
  • 19. Cloud Computing • Expanding Scope of VirtualizationThursday, March 31, 2011
  • 20. Cloud Computing • Expanding Scope of Virtualization • Outsourced Applications and ServicesThursday, March 31, 2011
  • 21. Application VulnerabilitiesThursday, March 31, 2011
  • 22. Application Vulnerabilities • Operating System Vulnerabilities are DecreasingThursday, March 31, 2011
  • 23. Application Vulnerabilities • Operating System Vulnerabilities are Decreasing • Application Specific Vulnerabilities are on the RiseThursday, March 31, 2011
  • 24. Application Vulnerabilities • Operating System Vulnerabilities are Decreasing • Application Specific Vulnerabilities are on the Rise • Evaluate Automated Patching Tools for All Applications & SystemsThursday, March 31, 2011
  • 25. Something New... Not “new” but emerging and evolving into new problemsThursday, March 31, 2011
  • 26. Something New... Not “new” but emerging and evolving into new problems • Advanced Persistent ThreatsThursday, March 31, 2011
  • 27. Something New... Not “new” but emerging and evolving into new problems • Advanced Persistent Threats • HacktivisimThursday, March 31, 2011
  • 28. Something New... Not “new” but emerging and evolving into new problems • Advanced Persistent Threats • Hacktivisim • CyberterrorismThursday, March 31, 2011
  • 29. Advanced Persistent ThreatsThursday, March 31, 2011
  • 30. Advanced Persistent Threats • Google and RSA Are Recent ExamplesThursday, March 31, 2011
  • 31. Advanced Persistent Threats • Google and RSA Are Recent Examples • Executed Over Extended Period of TimeThursday, March 31, 2011
  • 32. Advanced Persistent Threats • Google and RSA Are Recent Examples • Executed Over Extended Period of Time • Adapts to Defenses and Mitigation StrategiesThursday, March 31, 2011
  • 33. Advanced Persistent Threats • Google and RSA Are Recent Examples • Executed Over Extended Period of Time • Adapts to Defenses and Mitigation Strategies • Baselining and Monitoring are Essential for DefenseThursday, March 31, 2011
  • 34. Cyber-Terrorism & HacktivismThursday, March 31, 2011
  • 35. Cyber-Terrorism & Hacktivism • DoS of Visa and MasterCard from WikiLeaks Supporters are Prime Examples.Thursday, March 31, 2011
  • 36. Cyber-Terrorism & Hacktivism • DoS of Visa and MasterCard from WikiLeaks Supporters are Prime Examples. • Disrupting Services for Ideological PurposesThursday, March 31, 2011
  • 37. Cyber-Terrorism & Hacktivism • DoS of Visa and MasterCard from WikiLeaks Supporters are Prime Examples. • Disrupting Services for Ideological Purposes • Tools are Freely Available to Non-Technical UsersThursday, March 31, 2011
  • 38. Cyber-Terrorism & Hacktivism • DoS of Visa and MasterCard from WikiLeaks Supporters are Prime Examples. • Disrupting Services for Ideological Purposes • Tools are Freely Available to Non-Technical Users • Be Aware of Outsourced Relationships and Higher Risk Customers They ServiceThursday, March 31, 2011
  • 39. Something Borrowed...Thursday, March 31, 2011
  • 40. Something Borrowed... “I swear, I meant to return all the confidential data on my USB drive after I was done ‘borrowing’ it!”Thursday, March 31, 2011
  • 41. Something Borrowed... “I swear, I meant to return all the confidential data on my USB drive after I was done ‘borrowing’ it!” • Insider ThreatsThursday, March 31, 2011
  • 42. Something Borrowed... “I swear, I meant to return all the confidential data on my USB drive after I was done ‘borrowing’ it!” • Insider Threats • Data Classification and ControlThursday, March 31, 2011
  • 43. Something Borrowed... “I swear, I meant to return all the confidential data on my USB drive after I was done ‘borrowing’ it!” • Insider Threats • Data Classification and Control • USB Storage DevicesThursday, March 31, 2011
  • 44. Questions & AnswersThursday, March 31, 2011
  • 45. Thanks. Email: eric@thegarlandgroup.net Web: http://www.thegarlandgroup.netThursday, March 31, 2011