Your SlideShare is downloading. ×
Sense of Security Best practice strategies to improve your enterprise security
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Saving this for later?

Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime - even offline.

Text the download link to your phone

Standard text messaging rates apply

Sense of Security Best practice strategies to improve your enterprise security

292
views

Published on

Best practice strategies to improve your enterprise security …

Best practice strategies to improve your enterprise security
Examining the recent cases of security breaches to understand where your network is weak
Analysing your existing security platform to mitigate the risk of breaches and theft
Understanding the risks of damages associated to data security breach and related data theft

Published in: Technology, Business

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
292
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
28
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. www.senseofsecurity.com.au © Sense of Security 2013 Page 1 – April 2013Compliance, Protection & Business ConfidenceSense of Security Pty LtdSydneyLevel 8, 66 King StreetSydney NSW 2000AustraliaMelbourneLevel 10, 401 Docklands DrvDocklands VIC 3008AustraliaT: 1300 922 923T: +61 (0) 2 9290 4444F: +61 (0) 2 9290 4455info@senseofsecurity.com.auwww.senseofsecurity.com.auABN: 14 098 237 908Best practice strategies toimprove your enterprisesecurityMurray Goldschmidt, Chief Operating OfficerApril 20132nd Annual Australian Fraud Summit 2013
  • 2. www.senseofsecurity.com.au © Sense of Security 2013 Page 2 – April 2013Agenda1. Recent Security Breaches2. Identifying & Understanding Security Risks& Organisational Implications3. Steps to mitigate risk of breaches & theft
  • 3. .senseofsecurity.com.au © Sense of Security 2013 Page 3 – April 2013Increasing threat / consequenceScope – increasing ability to exploitCyber Threat Actors
  • 4. .senseofsecurity.com.au © Sense of Security 2013 Page 4 – April 2013Increasing threat / consequenceScope – increasing ability to exploitCyber Threat ActorsAgenda Targets
  • 5. .senseofsecurity.com.au © Sense of Security 2013 Page 5 – April 2013Increasing threat / consequenceScope – increasing ability to exploitScript Kiddies/Cyber ResearchersExperimentation, Fun, TestingCyber Threat ActorsAgenda Targets
  • 6. .senseofsecurity.com.au © Sense of Security 2013 Page 6 – April 2013Increasing threat / consequenceScope – increasing ability to exploitScript Kiddies/Cyber ResearchersExperimentation, Fun, TestingCyber Threat ActorsAgenda Targets
  • 7. .senseofsecurity.com.au © Sense of Security 2013 Page 7 – April 2013Increasing threat / consequenceScope – increasing ability to exploitHacktivistsDisruption, Reputational Damage,Political/Social,Script Kiddies/Cyber ResearchersExperimentation, Fun, TestingCyber Threat ActorsAgenda Targets
  • 8. .senseofsecurity.com.au © Sense of Security 2013 Page 8 – April 2013Increasing threat / consequenceScope – increasing ability to exploitHacktivistsDisruption, Reputational Damage,Political/Social,Script Kiddies/Cyber ResearchersExperimentation, Fun, TestingCyber Threat ActorsAgenda Targets
  • 9. .senseofsecurity.com.au © Sense of Security 2013 Page 9 – April 2013Increasing threat / consequenceScope – increasing ability to exploitOrganised CrimeFinancial gain, fraud, ID theftHacktivistsDisruption, Reputational Damage,Political/Social,Script Kiddies/Cyber ResearchersExperimentation, Fun, TestingCyber Threat ActorsAgenda Targets
  • 10. .senseofsecurity.com.au © Sense of Security 2013 Page 10 – April 2013Increasing threat / consequenceScope – increasing ability to exploitOrganised CrimeFinancial gain, fraud, ID theftHacktivistsDisruption, Reputational Damage,Political/Social,Script Kiddies/Cyber ResearchersExperimentation, Fun, TestingCyber Threat ActorsAgenda Targets
  • 11. .senseofsecurity.com.au © Sense of Security 2013 Page 11 – April 2013Increasing threat / consequenceScope – increasing ability to exploitOrganised CrimeFinancial gain, fraud, ID theftProfessionals/Companies/TerroristsCommercial advantage, Intellectual PropertyHacktivistsDisruption, Reputational Damage,Political/Social,Script Kiddies/Cyber ResearchersExperimentation, Fun, TestingCyber Threat ActorsAgenda Targets
  • 12. .senseofsecurity.com.au © Sense of Security 2013 Page 12 – April 2013Increasing threat / consequenceScope – increasing ability to exploitOrganised CrimeFinancial gain, fraud, ID theftProfessionals/Companies/TerroristsCommercial advantage, Intellectual PropertyHacktivistsDisruption, Reputational Damage,Political/Social,Script Kiddies/Cyber ResearchersExperimentation, Fun, TestingCyber Threat ActorsAgenda Targets
  • 13. .senseofsecurity.com.au © Sense of Security 2013 Page 13 – April 2013Increasing threat / consequenceScope – increasing ability to exploitOrganised CrimeFinancial gain, fraud, ID theftProfessionals/Companies/TerroristsCommercial advantage, Intellectual PropertyNation StatesEconomic, political or military advantageHacktivistsDisruption, Reputational Damage,Political/Social,Script Kiddies/Cyber ResearchersExperimentation, Fun, TestingCyber Threat ActorsAgenda Targets
  • 14. .senseofsecurity.com.au © Sense of Security 2013 Page 14 – April 2013Increasing threat / consequenceScope – increasing ability to exploitOrganised CrimeFinancial gain, fraud, ID theftProfessionals/Companies/TerroristsCommercial advantage, Intellectual PropertyNation StatesEconomic, political or military advantageHacktivistsDisruption, Reputational Damage,Political/Social,Script Kiddies/Cyber ResearchersExperimentation, Fun, TestingCyber Threat ActorsAgenda Targets
  • 15. .senseofsecurity.com.au © Sense of Security 2013 Page 15 – April 2013Activity –But Not Yet Cyber Warhttp://www.economist.com/blogs/analects/2013/02/chinese-cyber-attacks
  • 16. .senseofsecurity.com.au © Sense of Security 2013 Page 16 – April 2013Hacktivist Attackshttp://www.bankinfosecurity.com/american-express-a-5645 http://www.scmagazine.com/market-for-ddos-prevention-to-hit-870-million/article/287020/
  • 17. .senseofsecurity.com.au © Sense of Security 2013 Page 17 – April 2013Advanced Persistent Threat
  • 18. .senseofsecurity.com.au © Sense of Security 2013 Page 18 – April 2013Targetorg/personAdvanced Persistent Threat
  • 19. .senseofsecurity.com.au © Sense of Security 2013 Page 19 – April 2013Targetorg/personAdvanced Persistent Threat
  • 20. .senseofsecurity.com.au © Sense of Security 2013 Page 20 – April 2013Targetorg/personAdvanced Persistent Threat
  • 21. .senseofsecurity.com.au © Sense of Security 2013 Page 21 – April 2013Targetorg/personAdvanced Persistent Threat
  • 22. .senseofsecurity.com.au © Sense of Security 2013 Page 22 – April 2013Targetorg/personAdvanced Persistent Threat
  • 23. .senseofsecurity.com.au © Sense of Security 2013 Page 23 – April 2013Targetorg/personMalwarepenetratesAdvanced Persistent Threat
  • 24. .senseofsecurity.com.au © Sense of Security 2013 Page 24 – April 2013Targetorg/personMalwarepenetratesAdvanced Persistent Threat
  • 25. .senseofsecurity.com.au © Sense of Security 2013 Page 25 – April 2013Targetorg/personMalwarepenetratesAdvanced Persistent Threat
  • 26. .senseofsecurity.com.au © Sense of Security 2013 Page 26 – April 2013Targetorg/personMalwarepenetratesAdvanced Persistent Threat
  • 27. .senseofsecurity.com.au © Sense of Security 2013 Page 27 – April 2013Targetorg/personMalwarepenetratesCommand &ControlAdvanced Persistent Threat
  • 28. .senseofsecurity.com.au © Sense of Security 2013 Page 28 – April 2013Targetorg/personMalwarepenetratesCommand &ControlAdvanced Persistent Threat
  • 29. .senseofsecurity.com.au © Sense of Security 2013 Page 29 – April 2013Targetorg/personMalwarepenetratesCommand &ControlAdvanced Persistent Threat
  • 30. .senseofsecurity.com.au © Sense of Security 2013 Page 30 – April 2013Targetorg/personMalwarepenetratesCommand &ControlAdvanced Persistent Threat
  • 31. .senseofsecurity.com.au © Sense of Security 2013 Page 31 – April 2013Targetorg/personMalwarepenetratesCommand &ControlAdvanced Persistent Threat
  • 32. .senseofsecurity.com.au © Sense of Security 2013 Page 32 – April 2013Targetorg/personMalwarepenetratesCommand &ControlAdvanced Persistent Threat
  • 33. .senseofsecurity.com.au © Sense of Security 2013 Page 33 – April 2013Targetorg/personMalwarepenetratesCommand &ControlAdvanced Persistent Threat
  • 34. .senseofsecurity.com.au © Sense of Security 2013 Page 34 – April 2013Targetorg/personMalwarepenetratesCommand &ControlData harvest& exfiltrateAdvanced Persistent Threat
  • 35. .senseofsecurity.com.au © Sense of Security 2013 Page 35 – April 2013Targetorg/personMalwarepenetratesCommand &ControlData harvest& exfiltrateAdvanced Persistent Threat
  • 36. .senseofsecurity.com.au © Sense of Security 2013 Page 36 – April 2013Targetorg/personMalwarepenetratesCommand &ControlData harvest& exfiltrateAdvanced Persistent Threat
  • 37. www.senseofsecurity.com.au © Sense of Security 2013 Page 37 – April 2013RBA Falls Victim to Cyber Attackhttp://www.afr.com/p/national/rba_confirms_cyber_attacks_ZsVpeJas8JX6UXCLwOVJKP
  • 38. www.senseofsecurity.com.au © Sense of Security 2013 Page 38 – April 2013Opportunistic Attack – Out of Businesshttp://www.zdnet.com/distribute-it-claims-evil-behind-hack-1339319324/
  • 39. www.senseofsecurity.com.au © Sense of Security 2013 Page 39 – April 2013Identifying Security RiskMateriality RiskASX Principle 7: “Recognise and Manage Risk”• A risk profile informs the board andmanagement about material business risks,relevant to company (financial and non-financial) matters. Material business risks arethe most significant areas of uncertainty orexposure at a whole of Company level that couldimpact the achievement of organisationalobjectives.Applies also to non listed entities!
  • 40. www.senseofsecurity.com.au © Sense of Security 2013 Page 40 – April 2013Small Business Also Affectedhttp://www.staysmartonline.gov.au/alert_service/advisories/ransomware_attacks_will_increase_in_2013
  • 41. www.senseofsecurity.com.au © Sense of Security 2013 Page 41 – April 20131use application whitelisting to help prevent malicious software andother unapproved programs from runningJust The Top 4 …..At least 85% of the targeted cyber intrusions that Defence Signals Directorate (DSD) responds tocould be prevented by following the first four mitigation strategies listed in DSD’s 35 Strategiesto Mitigate Targeted Cyber Intrusions234patch applications such as PDF readers, Microsoft Office, Java, FlashPlayer and web browserspatch operating system vulnerabilitiesminimise the number of users with administrative privilegesAs of April 2013, the Top 4 Strategies to Mitigate Targeted Cyber Intrusions are mandatory forAustralian Government agencies.
  • 42. www.senseofsecurity.com.au © Sense of Security 2013 Page 42 – April 2013Action RequiredCorporations & Government aregenerally becoming more aware to theneed for improved governance andinfosec capability
  • 43. www.senseofsecurity.com.au © Sense of Security 2013 Page 43 – April 2013Protect Your Datahttp://www.theaustralian.com.au/news/nation/personal-details-of-50000-people-exposed-as-abc-website-hacked/story-e6frg6nf-1226586895264
  • 44. www.senseofsecurity.com.au © Sense of Security 2013 Page 44 – April 2013Protect Your Datahttp://www.dailyfinance.com/2012/06/08/youve-been-hacked-again-why-linkedins-breach-is-worse-tha/
  • 45. www.senseofsecurity.com.au © Sense of Security 2013 Page 45 – April 2013EmailKnow Your DataThere is no network perimeter. Your data is everywhere.Mobile DevicesCorporate/Home NetworksDatabases/File ServersCloud Services
  • 46. www.senseofsecurity.com.au © Sense of Security 2013 Page 46 – April 2013Data Centric, Not System Centric
  • 47. www.senseofsecurity.com.au © Sense of Security 2013 Page 47 – April 2013AvailabilityFundamentals Still Countthe security controls used to protect data, and thecommunication channel designed to access it must be functioningcorrectlyIntegritydata integrity means maintaining and assuring the accuracy andconsistency of data over its entire life-cycleConfidentialitypreventing the disclosure of information to unauthorisedindividuals or systems
  • 48. www.senseofsecurity.com.au © Sense of Security 2013 Page 48 – April 2013Defence-in-DepthA solid Information Security capabilityrequires resilience through defence-in-depth, sound fundamentals,accountability by executives and theability to comply withregulations/legislation.
  • 49. www.senseofsecurity.com.au © Sense of Security 2013 Page 49 – April 2013Regulation & LegislationGovernmentPrivacy ActAustralian Government - Information Security Manual (ISM),Protective Security Policy Framework (PSPF)State Government Standards, e.g. NSW Government DigitalInformation Security Policy based on ISO 27001Industry Australian Prudential Regulatory Authority (PPG-234)PCI Security Standards Council (PCI Data Security Standard – PCI DSS)
  • 50. www.senseofsecurity.com.au © Sense of Security 2013 Page 50 – April 2013Self ExaminationWhat type of data do you have and is it classified?Whose owns it?Where does it reside (data sovereignty)?How is it accessed and by whom?What are your future technology objectives (BYOD, Cloud,Mobility…)Are there third parties suppliers involved?What are your compliance obligations?Do you a current/effective security governance capability?How would you respond in case of an incident?
  • 51. www.senseofsecurity.com.au © Sense of Security 2013 Page 51 – April 2013Information Security GovernanceIncorporate an industry recognised system of governance(e.g. ISO 27001 - Information Security Management System)DomainsInformation Security Management: Security Policy & OrganisationAsset ManagementHuman Resource SecurityPhysical & Environmental SecurityCommunications & Operations ManagementAccess ControlInformation Systems Acquisition, Development & MaintenanceInformation Security Incident ManagementBusiness Continuity ManagementCompliance
  • 52. www.senseofsecurity.com.au © Sense of Security 2013 Page 52 – April 2013Management & Technical StandardsManagement standards and technical controls need to bedefined and enforced.Management Practice AreaChange Management Incident & Event ManagementPatch ManagementDisaster Recovery & Business ContinuityManagementConfiguration Management Security Awareness ManagementVulnerability Management Physical SecurityThreat Management Application ManagementAccess Control Management 3rd Party Management
  • 53. www.senseofsecurity.com.au © Sense of Security 2013 Page 53 – April 2013Technical AssuranceVulnerability Management ProgramSDLC Governance, Static Code AnalysisConfiguration Management / HardeningEnterprise Security ArchitectureTesting of technology assets and social engineeringthreat assessmentsExternal/Internal penetration testing (ethical hacking)on networks and applications
  • 54. www.senseofsecurity.com.au © Sense of Security 2013 Page 54 – April 2013Questions?Thank youHead office is level 8, 66 King Street, Sydney, NSW 2000,Australia. Owner of trademark and all copyright is Sense ofSecurity Pty Ltd. Neither text or images can be reproducedwithout written permission.T: 1300 922 923info@senseofsecurity.com.auwww.senseofsecurity.com.au