Rochester Security Event
Upcoming SlideShare
Loading in...5
×
 

Rochester Security Event

on

  • 203 views

 

Statistics

Views

Total Views
203
Views on SlideShare
203
Embed Views
0

Actions

Likes
0
Downloads
12
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Rochester Security Event Rochester Security Event Presentation Transcript

  • 2013 Information Security Risks Year-End Review Caleb Barlow Director – IBM Application, Data, Mobile, Critical Infrastructure Security www.facebook.com/barlow.caleb www.youtube.com/calebbarlow
  • 2 © 2013 IBM Corporation
  • Threat landscape is growing fast In 2000 In 2012 361the Internet million people using 5.8% of the world’s population 3 2.67 billion people using the Internet 33% of the world’s population © 2013 IBM Corporation
  • …. and becoming Mobile In 2000 720 million mobile subscribers worldwide 12% of the world’s population 4 In 2012 6 billion worldwide mobile subscribers 87% population of the world’s © 2013 IBM Corporation
  • Innovative technology changes everything 1 trillion connected objects Social business 5 1 billion mobile workers Cloud and virtualization Bring your own IT © 2013 IBM Corporation
  • QR Codes §  QR Code can contain a URL to download malware §  The malware can then send SMS messages to a premium rate number (US $6 per message) •  Samsung Galaxy S3 can be reset from a QR Code wiping all data •  Google Glass vulnerability identified by Lookout Security 6 © 2013 IBM Corporation
  • How do Mobile Applications treat you? 7 © 2013 IBM Corporation
  • 8 © 2013 IBM Corporation
  • Motivation and sophistication is evolving rapidly Nation-state actors, APTs Stuxnet, Aurora, APT-1 MOTIVATION National Security, Economic Espionage Hacktivists Lulzsec, Anonymous Notoriety, Activism, Defamation Monetary Gain Nuisance, Curiosity Organized crime Zeus, ZeroAccess, Blackhole Exploit Pack Insiders, Spammers, Script-kiddies Nigerian 419 Scams, Code Red SOPHISTICATION 9 © 2013 IBM Corporation
  • X-Force Trend and Risk Report Crawler •  Over 1000 CPUs scanning the Internet 24x7 Darknet and Honeypots •  Capturing information from virgin IP addresses SpamTrap •  Obtains Spam IPs and samples Managed Services •  15B security events a day across 133 countries and over 20,000 devices under contract 10 © 2013 IBM Corporation
  • 11 Source: IBM X-Force® Research 2013 Trend and Risk Report © 2013 IBM Corporation
  • 2012 Sampling of Security Incidents by Attack Type, Time and Impact Conjecture of relative breach impact is based on publicly disclosed information regarding leaked records and financial losses 12 Source: IBM X-Force® Research 2013 Trend and Risk Report © 2013 IBM Corporation
  • Security Incidents in the first half of © 2013 IBM Corporation
  • still reliable for breaching databases of tracked disclosed breaches Low risk / high reward §  Old CMS installations §  CMS Plugins §  Forum software §  Other popular 3rd party scripts © 2013 IBM Corporation
  • continue to disrupt businesses High traffic volume as much as Industries affected: §  Banks §  Governments §  DNS Providers © 2013 IBM Corporation
  • attacks compromise end user trust Tainting legitimate sites with zero-day exploits Targeting Savvy Users §  Tech company developers §  Government Employees §  Unsuspecting viewers of trusted sites © 2013 IBM Corporation
  • foreign branch or local language sites tarnish brands Global brands targeted in foreign countries outside of home office Attackers rely on §  Lower security on local language sites §  Temporary micro-sites which gather user data §  Tarnish brands with path of least resistance © 2013 IBM Corporation
  • countries most impacted by security incidents The United States most reported breach target location Taiwan was targeted in several foreign branch security incidents © 2013 IBM Corporation
  • has become a new playground for attackers Social Media top target for attacks and mobile devices are expanding those targets -  Pre-attack intelligence gathering -  Criminals selling accounts -  Campaigns enticing user to click on malicious links © 2013 IBM Corporation
  • 20 © 2013 IBM Corporation
  • Products Time 21 © 2013 IBM Corporation
  • Cost Products Complexity Agility Effectiveness Time 22 © 2013 IBM Corporation
  • Your security team sees noise 23 © 2013 IBM Corporation
  • Security challenges are a complex, four-dimensional puzzle People Employees Outsourcers Attackers Consultants Suppliers Customers Partners Data Structured Unstructured At rest In motion Applications Systems Applications Web Applications Web 2.0 Mobile Applications Infrastructure Datacenters PCs Laptops Mobile Cloud Non-traditional …that requires a new approach © 2013 IBM Corporation
  • …that requires a new approach Then Now Administration Insight Data Basiccontrol Laserfocused Applications Bolt-on Built-in Infrastructure Thicker walls Smarter defenses People Collect and Analyze Everything 25 © 2013 IBM Corporation
  • A change in mindset is already happening 26 © 2013 IBM Corporation
  • Monitor Everything 27 © 2013 IBM Corporation
  • Consume Threat Intelligence 28 © 2013 IBM Corporation
  • Integrate Across Domains 29 © 2013 IBM Corporation
  • Security Intelligence 30 © 2013 IBM Corporation
  • IBM Security Framework Intelligence Integration Expertise © 2013 IBM Corporation
  • A comprehensive portfolio of products and services across all domains 32 © 2013 IBM Corporation
  • With Fiberlink, only IBM will provide the full spectrum of mobile management and security needs Requirements for Mobile Management and Security: Business Span of Control High Corporate Owned Assets Employees w/BYOD Task/Temp Workers Business Partners Low Consumer Transactions Solution Approaches: Mobile Device Management Containers – App Wrapping and SDKs Secure Transactions IBM / Fiberlink Offerings: IBM Security Access Manager for Mobile Planned Integration Points: •  SDKs will be packaged in Worklight IDE so all apps can be secured (IBM Worklight) •  Security information and events will feed into QRadar for analysis and actions will return to mobile tools (IBM QRadar) •  Code scans will be integrated into the process before apps are deployed into app store/catalog (IBM AppScan) 33 © 2013 IBM Corporation
  • Mobile Security Framework Personal Secure the Application Trusted Transactions Mobile Access Mgmt Identity Federation Application Level VPN Secure API Connectivity Malware & Fraud Detection Device & Location Risk Account Takeover Jailbreak w Device Rooted Security Intelligence SIEM Threat Research Enterprise Applications iOS / Android Static Scanning Worklight Mobile IDE Experience Management Tamper Proofing *partner Enterprise Container Cloud Services Secure the Device Enroll w Configurew Monitor Provision w Wipe w Fingerprint
  • Who is Fiberlink? §  Founded in 1991, Fiberlink has built expertise in delivering mobile management and security services as a service §  Headquartered in Blue Bell, PA §  Provides Mobile Device Management, Mobile Application Management, Enterprise Container with SDK and App-Wrapping, Secure Document Sharing and Mobile Expense Management as a Service helping enterprises connect, control and secure mobile devices to gain competitive advantage, increase employee productivity, and implement proper security measures §  Industry leading and award winning §  Cloud-based mobility management platform §  Seamless integration with existing enterprise systems §  Broad range of mobile OS support §  Robust policies for Bring Your Own Device (BYOD) security and privacy §  3500+ clients §  Marquee financial, healthcare, public sector, education, and retail customers §  Delivering value to enterprises of all sizes: small to large 35 © 2013 IBM Corporation
  • Industry analysts rank IBM Security as leading the market Security Analyst Report Rankings Domain Security Intelligence Market Segment / Report Security Information and Event Management (SIEM) Identity and Access Governance Gartner Magic Quadrant User Provisioning and Administration Leader 2013 2011 Challenger 2013 Strong Performer 2013 Leader 2013 Contender 2011 Leader 2013 MarketScope Leader Database Auditing and Real-Time Protection Data Leader 2013 Role Management and Access Recertification Web Access Management (WAM) IDC Market Share Leader Identity and Access Management Suites People Forrester Wave 2011 Data Masking Applications Leader Application Security Testing (dynamic and static) Leader Leader 2013 2013 Network Intrusion Prevention Systems (NIPS) Infrastructure EndPoint Protection Platforms (EPP) Managed Security Services (MSS) Services Information Security Consulting Services 2013 Challenger 2012 Visionary Strong Performer 2013 2013 Leader Leader 2012 2012 Leader 2013 No report available Note: Rankings compiled from latest available analyst reports as of September, 2013 36 © 2013 IBM Corporation
  • Chief Information Security Officers: 2013 IBM CISO Study Formalize your role as a CISO Establish a security strategy Focus on overall risk Develop effective business relations - build trust, share information, meet with the Csuite and board Invest in advanced technology when it meets a business need Fortify your mobile security Track risk to brand reputation and customer satisfaction Integrate metrics “Strategic vision… Global consistency… Lots of communication… speak business value, understand risk… minimize the impact… be on the bleeding edge…”© 2013 IBM Corporation IBM Confidential 37
  • Trusteer Advanced Fraud and Malware Protection Helping to protect against financial fraud and advanced security threats Among the capabilities Trusteer brings to IBMs security portfolio: Web Fraud Protection Leading web fraud capabilities for financial services and web commerce Secure Mobile Transactions Embedded security for mobile devices and applications helps enables secure transactions from devices to the back office Extended Advanced Threat Protection Unique endpoint solution for identifying and protecting against Advanced Persistent Threats 38 Security-as-a-Service Cloud based deployment enabling rapid and real-time updates © 2013 IBM Corporation
  • About  Trusteer   Global   Hundreds  of  Customers     100,000,000  Endpoints   Financial  Fraud  Preven;on   Solu;ons   Advanced  Threat   Protec;on   Intelligence   Technology   Leader   ©  Trusteer  2013   Leading  Global  Organiza;ons  Put   Their  TRUST  In  Us   7/10   Top  US  Banks     4/5   Top  Canadian  Banks   9/10   Top  UK  Banks   Major   European  Banks   Exper;se   39  
  • Malware  and  Phishing   Common  threat  to  online  channels  &  internal  systems   Social   Engineering   (Phishing)   Vulnerability   Exploit     Malware   Infec;on   Fraud   Scheme   Execu;on   Data   Exfiltra;on   Three Losing Battles Money   Loss   Enterprise   Breach   Two Major Impacts •  Humans will always make mistakes Widespread  Fraud   •  System and application vulnerabilities continue to emerge •  $3.4B  est  lost  to  online  fraud  in  20121   Advanced  Threats  and  Breaches   •  85%  of  breaches  go  undetected2   1JPMorgan: 2012 Online Fraud Report , 2Gartner: 2290415, •  $8.9M  average  cost  of  cyber-­‐aDacks3   3 •  Malware detection will always lag ©  Trusteer  2013   Ponemon Institute: 2012 Cost of Cybercrime Report: US
  • The  Specific  Problems  Trusteer  Solves   Online  Banking   Account  Takeover,   New  Account  Fraud   Phishing    and   Malware  Fraud   Mobile  Fraud  Risk   WWW   Advanced  Threats   (Employees)   Wire,  ACH,  Internal  Apps   ©  Trusteer  2013  
  • Trusteer  Solu;ons     Trusteer  Pinpoint   Malware  Detec;on   Phishing    and   Malware  Fraud   Trusteer   Rapport   Trusteer  Mobile  Risk   Engine   Trusteer   Mobile  SDK/ APP   Mobile  Fraud  Risk   WWW   Trusteer  Apex   Advanced  Threats   (Employees)   Wire,  ACH,  Internal  Apps   ©  Trusteer  2013   Trusteer  Pinpoint   Account  Takeover   (ATO)  Detec;on   Online  Banking   Account  Takeover,   New  Account  Fraud  
  • Your security team sees… © 2013 IBM Corporation
  • Clarity… © 2013 IBM Corporation
  • Insights… © 2013 IBM Corporation
  • Everything © 2013 IBM Corporation
  • Thank You www.facebook.com/barlow.caleb www.youtube.com/calebbarlow © 2013 IBM Corporation
  • Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed or misappropriated or can result in damage to or misuse of your systems, including to attack others. No IT system or product should be considered completely secure and no single product or security measure can be completely effective in preventing improper access. IBM systems and products are designed to be part of a comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT SYSTEMS AND PRODUCTS ARE IMMUNE FROM THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY. © Copyright IBM Corporation 2012. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or capabilities referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others. © 2013 IBM Corporation