ITS Datamatix Gitex Conference 2009 New ICT Security V2

Implementing New Approaches of Global ICT Security Management +973-36040991 [email_address]

79% - don’t believe Security Software of Digital Signature provides Sufficient Protection

50% - Organization not protected against Malware based on attack trends

62% - not enough time resources to address vulnerabilities

66% - out of work during recession will lead to more people joining cyber-criminal underground

ICT Security 2009 - Risks

41% - increase in sophistication of attacks

45% - increase in phishing attacks on employees

49% - (financial services) increase in technical sophistication of attacks

63% - infected web site biggest cause of compromise of online security

ICT Security 2009 – Arms Race

eCrime 2009 – UAE Costly

Complexity is a big issue FIREWALLS EMAIL HYGIENE COMPLIANCE POLICY IM / VolP SECURITY 1990 2000 2005 2010 TIME VolP & Unified Messaging Content Control Spam +AV Control Perimeter Security

ICT Risks are changing

More sophisticated Attacks

Criminals Hacking is now a business

Hacker don’t follow rules?

There is much more?

Importance of Critical Infrastructures

People is the biggest problem?

Technology Process People Technology is not enough

Scope of Security Management & Value

Security focus on Business

Integrated Security Mgmt Business Security Management Physical Security Management ICT Security Management

Infrastructure Best Practices

Risk Classification

Managing Risk Threats Vulnerabilities Controls Risks Assets Security Requirements Business Impact exploit expose increase increase increase have protect against met by indicate reduce

Business View Service and Continuity Customer Focus Managing Risks Operation Risk Controls Auditing Governance & Compliance IT Infrastructure Disaster Recovery High Availability Views of Security and Risk Management

Not all risk can be eliminated via controls

Elimination Reduction/Controls Transfer/Outsource Insurance Residual Risk Management

Technology People

SLA

24x7x365

Industry Best Practices

ITIL based processes

Data Center Best Practices

Latest Monitoring tools

State of the Art knowledge base

Secure technology

Certified and Trained Staff

Technical Experts

Cross Training

Onsite and Offsite

Holistic Implementation Process

How to achieve organization goals and objectives Organization Goals and Objectives How to perform the activities that are needed Artifacts used to perform activities References to use for efficient performance Best Practices Structure

Managed Security Framework Desktop Network Servers Databases Storage Applications Monitoring, Automation Tools ITIL Compliant Best Practices Aggregated Reporting / Portal / I2MP, Service Desk Redundancy / High Availability / Disaster Recovery Onsite Offsite Vendor A Vendor B Call Center Center of Excellence

Implementation Continuous Detection Response

24x7x365

Security monitoring

Managed Services

Automatic Alerting

Incidence Response

Vulnerability Assessment

Patch Management

Forensic Analysis

Integration

Incident Response Analyse Contain Eliminate Restore Lessons Policy Refine Policy Continuous Monitoring T-1 T 0 T 1 T 1 T 3 T 4 T N Communicate

CIO Security Metrics

Not enough security – system is at risk Too much security – system is unusable Practical Security Mix

Protection Detection Response SECURITY P>D+R Security = Time Anti-virus VPN Firewall Access Control Intrusion Prevention Managed Services Patch Mgmt CIRT Vulnerability Testing Intrusion Detection Log Correlation CCTV

Security in Depth

Security in Depth Revised People Technology Process Prevent Respond/ Recover Detect

Knowledge fills gaps SETA = Security +Training + Awareness + Education

Transformation Optimization Due Diligence Transition Plan Implementation Process

Chose right balance Controls & Trade-Offs Secure Fast/Easy Cheap

ICT Security Skilled Resources Logical Physical Integration Best Practices Continuous Model Security with 20/20 Vision

Questions