Power to the People?Rik Ferguson• Director Security Research & Communications
Consumerisation of IT    “Consumerisation will be    the most significant trend    affecting IT during    the next 10 year...
…Not just mobile devices  Social Networking | Email | Voice over IP | Cloud Applications | Wi-Fi | File Transfer/Sharing |...
The IT View: Current Pain Points             iPad4
What’s Really Happening     • The current pain points are simply the leading edge of a bigger wave.     • Tactical solutio...
The also-rans
The winners (for now)
Consumer is King
Some recent iOS Vulnerabilities• CVE-2011-3246 – Malicious URLs disclose  sensitive information• CVE–2011-3439 – Malicious...
Some recent Android Vulnerabilities• CVE-2011-3874 – Buffer Overflow allows  code execution• CVE-2011-1823 – Local code ex...
Yes… It’s real.MOBILE MALWARE    Classification   1
But Google told me you areall Charlatans!
Mobile Malware -Android is where the action is
Malicious Marketplace• March 2011 - 58 malicious apps (approx  250,000 victims)• May 2011 - 24 malicious apps (up to 120,0...
It’s not only the vulnerabilities
And here’s how it works…
Consumerisation is Driving a Shift    • The advent of consumerisation in the last few years is causing  organizations to r...
is Losing Control
T is Losing Control        This shift of control away from corporate IT has three main results              1             ...
Unlock Opportunity• Business agility• Virtual work style• Move at the customer speed• Increase end-user productivity• Attr...
“Embrace” Is the Optimal Approach      1                2                   3                Say Yes… but not       Deploy...
Key Features for Mobile Security• Reduce costs, improve business agility, empower employees.• Regain visibility and contro...
Thank Yourik_ferguson@trendmicro.com
Upcoming SlideShare
Loading in …5
×

Information Security, Cybercrime and technology futures allowing you to get a clear insight into the challenges and issues facing your businesses today - Insight Technology Show 2012

436 views

Published on

Rik Ferguson and expert in Security Research & Communications discusses Cybercrime and how this can impact your business today.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Information Security, Cybercrime and technology futures allowing you to get a clear insight into the challenges and issues facing your businesses today - Insight Technology Show 2012

  1. 1. Power to the People?Rik Ferguson• Director Security Research & Communications
  2. 2. Consumerisation of IT “Consumerisation will be the most significant trend affecting IT during the next 10 years” Gartner• Popular new consumer technology spreads into business organizations• IT and consumer electronics converge as the same devices are used for work and play• Power shifts from corporate IT and enterprise vendors (IBM, HP) to end users and innovative consumer vendors (Apple, Google)
  3. 3. …Not just mobile devices Social Networking | Email | Voice over IP | Cloud Applications | Wi-Fi | File Transfer/Sharing | Videoconference | Mobile devices | Social Networking | Email | Voice over IP | Cloud Applications | Wi-Fi | File Transfer/Sharing | Videoconference | Mobile devices | Social Networking | Email | Voice over IP | Cloud Applications | Wi-Fi | File Transfer/Sharing | Videoconference | Mobile devices | Social Networking | Email | Voice over IP | Cloud Applications | Wi-Fi | File Transfer/Sharing | Email Videoconference | Mobile devices | Social Networking | Email | Voice over IP | Cloud Applications | Wi-Fi | File Transfer/Sharing | Videoconference | Mobile devices | Social Networking | Email | Voice over IP | Cloud Applications | Wi-Fi | File Transfer/Sharing | Videoconference | Mobile devices | Social Networking | Email | Voice over IP | Cloud Applications | Wi-Fi | File Transfer/Sharing | Videoconference | Mobile devices | Social Networking | Email | Voice over IP | Cloud Applications | Wi-Fi | File Transfer/Sharing | Videoconference | Mobile devices | Social Networking | Email | Voice over IP | Cloud Applications | Wi-Fi | File Transfer/Sharing | EmailVideoconference | Mobile devices | Social Networking | Email | Voice over IP | Cloud Applications | Wi-Fi | File Transfer/Sharing | Videoconference | Mobile devicesSocial Networking | Email | Voice over IP | Cloud Applications | Wi-Fi | File Transfer/Sharing | Videoconference | Mobile devices | Social Networking | Email | Voiceover IP | Cloud Applications | Wi-Fi | File Transfer/Sharing | Videoconference | Mobile devices | Social Networking | Email | Voice over IP | Cloud Applications | Wi-File Transfer/Sharing | Videoconference | Mobile devices | Social Networking | Email | Voice over IP | Cloud Applications | Wi-Fi | File Transfer/Sharing | EmailVideoconference | Mobile devices | Social Networking | Email | Voice over IP | Cloud Applications | Wi-Fi | File Transfer/Sharing | Videoconference | Mobile devicesSocial Networking | Email | Voice over IP | Cloud Applications | Wi-Fi | File Transfer/Sharing | Videoconference | Mobile devices | Social Networking | Email | Voiceover IP | Cloud Applications | Wi-Fi | File Transfer/Sharing | Videoconference | Mobile devices | Social Networking | Email | Voice over IP | Cloud Applications | Wi-
  4. 4. The IT View: Current Pain Points iPad4
  5. 5. What’s Really Happening • The current pain points are simply the leading edge of a bigger wave. • Tactical solutions will always remain reactive and be susceptible to disruption by the next wave. iPad iPhone Windows phone5
  6. 6. The also-rans
  7. 7. The winners (for now)
  8. 8. Consumer is King
  9. 9. Some recent iOS Vulnerabilities• CVE-2011-3246 – Malicious URLs disclose sensitive information• CVE–2011-3439 – Malicious font leads to arbitrary code execution• CVE-2011-3442 – Ability to bypass code- signing checks• CVE-2011-3255 – Apple ID & password could be intercepted by installed apps
  10. 10. Some recent Android Vulnerabilities• CVE-2011-3874 – Buffer Overflow allows code execution• CVE-2011-1823 – Local code execution and root privileges (Gingerbreak)• CVE-2011-1149 – Bypass sandbox and escalate privileges (KillingInTheNameOf)• A multitude of Adobe Flash vulnerabilities
  11. 11. Yes… It’s real.MOBILE MALWARE Classification 1
  12. 12. But Google told me you areall Charlatans!
  13. 13. Mobile Malware -Android is where the action is
  14. 14. Malicious Marketplace• March 2011 - 58 malicious apps (approx 250,000 victims)• May 2011 - 24 malicious apps (up to 120,000 victims)• December 2011 - 27 malicious apps (approx 14,000 victims).• February 2012 – 37 “Fan Apps” stealing handset information and aggressive advertising
  15. 15. It’s not only the vulnerabilities
  16. 16. And here’s how it works…
  17. 17. Consumerisation is Driving a Shift • The advent of consumerisation in the last few years is causing organizations to rethink the value of consumer-grade tools and services.
  18. 18. is Losing Control
  19. 19. T is Losing Control This shift of control away from corporate IT has three main results 1 2 3 Loss of visibility and “De-standardization” Unpredictability of where control as these “BYOD” increases the cost and data will be consumed by devices and modes of difficulty of managing end-users increases communicating proliferate and delivering data to challenge of data protection in business IT an increasingly environments heterogeneous endpoint landscape Tactical solutions will not address this fundamental change
  20. 20. Unlock Opportunity• Business agility• Virtual work style• Move at the customer speed• Increase end-user productivity• Attract and retain talent
  21. 21. “Embrace” Is the Optimal Approach 1 2 3 Say Yes… but not Deploy an Strategy: to everything for enterprise-gradeCreate a plan everyone infrastructure
  22. 22. Key Features for Mobile Security• Reduce costs, improve business agility, empower employees.• Regain visibility and control, share and protect data in a heterogeneous environment• “Embrace consumerization, unlock opportunity!” Regain visibility Deploy with Measure & control confidence effectiveness Enrollment Policy Enforcement Monitor Management Anti malware Report Provisioning Encryption React Tracking Remote Lock/Wipe Integrate …whatever the device, wherever the user
  23. 23. Thank Yourik_ferguson@trendmicro.com

×