Securing the Human (人を守るセキュリティ)

2,224 views

Published on

2012年12月5日に東京・中央区のベルサール八重洲で開催された、ITフォーラム「地方自治組織における危機管理~サイバー攻撃対応編~」(主催・経済産業新報社、後援・ブルーコートシステムズ合同会社)におけるRSAコンファレンスプログラム議長/米ブルーコートシステムズ最高セキュリティ戦略責任者
ヒュー・トンプソン(Hugh Thompson)博士による地方自治体が抱える課題と世界の先進事例紹介。

http://www.itforum-roundtable.com/

Published in: Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
2,224
On SlideShare
0
From Embeds
0
Number of Embeds
517
Actions
Shares
0
Downloads
3
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Securing the Human (人を守るセキュリティ)

  1. 1. Securing the Human: Challenges and Success Stories Dr. Hugh Thompson Chief Security Strategist and Senior Vice President© Blue Coat Systems, Inc. 2012.
  2. 2. © Blue Coat Systems, Inc. 2012.
  3. 3. © Blue Coat Systems, Inc. 2012.
  4. 4. The Shifting IT Environment© Blue Coat Systems, Inc. 2012.
  5. 5. Shift: Attackers • Attackers are becoming organized and profit-driven • Attackers are turning to a blend of technical and human attacks • An entire underground economy has been created: – Meeting place for buyers and sellers (chat rooms, auction sites, etc.) – What they are trading: vulnerabilities, botnet time, credit card numbers, PII, … – New ways to exchange of “value” anonymously and in non- sovereign currency© Blue Coat Systems, Inc. 2012.
  6. 6. Shift: Consumerization • Shift in technology power – from the enterprise to the individual • Employee-owned devices are now more powerful than company-provided devices • Rogue/shadow IT is large and growing as individuals now have greater choices with technology© Blue Coat Systems, Inc. 2012.
  7. 7. Shift: Growing complexity/credibility of attacks • It is becoming harder for users to make good security/risk choices – Bad neighborhoods online are looking like good neighborhoods online – Phishing emails use shortened URLS and are increasingly credible – Bad URLs coming in from “trusted” sources • Safety nets are eroding – Desktop AV often not present or unreliable on BYOD – New malware being generated quickly, reducing the effectiveness of AV signatures© Blue Coat Systems, Inc. 2012.
  8. 8. © Blue Coat Systems, Inc. 2012.
  9. 9. WARNING! SHARKMAGEDDON!!© Blue Coat Systems, Inc. 2012.
  10. 10. Behind the numbers • Worldwide shark attacks rose from 63 to 79 in 2010. • Much of the increase was due to two very angry sharks in Egypt!© Blue Coat Systems, Inc. 2012.
  11. 11. Hackernomics In the absence of security education or experience, people (customers, managers, developers, testers, designers) naturally make poor security decisions with technology Corollary: Systems need to be easy to use securely and difficult to use insecurely© Blue Coat Systems, Inc. 2012.
  12. 12. © Blue Coat Systems, Inc. 2012.
  13. 13. © Blue Coat Systems, Inc. 2012. 17
  14. 14. Haccident (hacking accident) An undesirable or unfortunate happening that occurs unintentionally by users making security mistakes when using technology.© Blue Coat Systems, Inc. 2012.
  15. 15. © Blue Coat Systems, Inc. 2012.
  16. 16. © Blue Coat Systems, Inc. 2012.
  17. 17. Bob door slide© Blue Coat Systems, Inc. 2012.
  18. 18. © Blue Coat Systems, Inc. 2012.
  19. 19. © Blue Coat Systems, Inc. 2012.
  20. 20. WebPulse Collaborative Defense Proxy Cloud Proxy Packet Cache K9 Third SG Service AV Shaper Flow Party Aware Intelligent Proactive  75 Million Users  New & Emerging Malware  Malnet Tracking Worldwide  Negative Day Defense  Multi-dimensional Ratings  One Billion Daily for Different Content Types  Web & Mobile Application Requests Controls  Real-time Web Filtering in  Consumer & Enterprise 21 Languages  Blocks 3.3M Threats Daily© Blue Coat Systems, Inc. 2012 24
  21. 21. Negative Day Defense Negative Day Defense Identifies Negative Day Defense Continues to Block Malnet Infrastructure and Blocks New Components UTM AV Engines Begin Detection Policy applied Active Threat Phase -30 Days 0 Day +1 Days +30 Days Infrastructure Phase New Subnet, Exploit Attack Dynamic Payload Attack IP Address Server Begins Changes Domain Ends and Host Name© Blue Coat Systems, Inc. 2012 25
  22. 22. Enabling the Real-Time Enterprise Single Device Multiple Devices Owned by IT Devices Owned by Employee Office-Based Users Always-on Remote & Users & on Private WAN Mobile Workers, Networks Controlled by IT Public Access Enterprise Apps Store & Enterprise Apps Applications Consumer Style Apps Sanctioned by IT Mandated by Users Securing the Securing the Perimeter Security User© Blue Coat Systems, Inc. 2012 26
  23. 23. No Intranet Access Choppy Video VPN Error Inaudible Voice Multiple LoginsRequired Malware Exposure© Blue Coat Systems, Inc. 2012.
  24. 24. Fast Response Time Streaming Video & Voice Seamless Access to Apps Malware Protected One,Secure Login Greater Productivity© Blue Coat Systems, Inc. 2012.
  25. 25. © Blue Coat Systems, Inc. 2012.
  26. 26. Summary • The threat landscape is changing – attackers are going after both technical vulnerabilities and human vulnerabilities • We must be proactive in stopping threats • Preventing bad user choices is a key component of a comprehensive security solution© Blue Coat Systems, Inc. 2012.

×