EVADE THE BREACHBY CHANGING THE WAY YOU THINK ABOUT INFORMATION SECURITY
MAJOR HAYDEN
RACKSPACE
@majorhayden
FOR ACCRUENT ...
ABOUT MAJOR
• Born in Austin
• At Rackspace since 2006
• Focused on Linux engineering, software
development and informatio...
THIS IS A CHINCHILLA
THEY ARE AMAZING PETS AND I COULD TALK ABOUT THEM FOR A LONG TIME
AGENDA
Presentation 30 minutes
Q&A 30 minutes
Let's cover some
critical concepts
SECURITY ISN'T EASY
YOUR BUSINESS
DOESN'T EXIST
TO BE SECURE
INSPIRED BY KEITH PALMGREN'S "13 ABSOLUTE TRUTHS OF SECURITY"
SECURITY HAS
NO FINISH LINE
INSPIRED BY KEITH PALMGREN'S "13 ABSOLUTE TRUTHS OF SECURITY"
Reports that say...that something hasn't
happened are always interesting to me,
because as we know,
there are known knowns...
THREE DEFENSIVE LAYERS
PreventativeMake yourself a hard target
DetectiveKnow when danger is on your doorstep
CorrectiveRem...
We can apply these
layers to something
we all know well
How do we protect
our homes?
PHOTO CREDIT: DPREVITE [bit.ly/1mC8QBi]
PHOTO CREDIT: DPREVITE [bit.ly/1mC8QBi]
We lock our doors
We put our lights on timers
We close the blinds
We install secur...
PHOTO CREDIT: DPREVITE [bit.ly/1mC8QBi]
We lock our doors
We put our lights on timers
We close the blinds
We install secur...
PHOTO CREDIT: DPREVITE [bit.ly/1mC8QBi]
We lock our doors
We put our lights on timers
We close the blinds
We install secur...
PHOTO CREDIT: DPREVITE [bit.ly/1mC8QBi]
We lock our doors
We put our lights on timers
We close the blinds
We install secur...
You now know
two other concepts
DEFENSE IN DEPTHASSUME THE WORST AND BUILD LAYERS OF DEFENSE
PHOTO CREDIT: SZEKE [bit.ly/1mxjkzl]
RISK MANAGEMENTINVEST YOUR TIME SPENT ON SECURITY WISELY
PHOTO CREDIT: LORENZOCLICK [bit.ly/1f40rns]
Do your third party
vendors invest in
security as much as
you do?
How will you know
for sure?
IT'S NOT EASY
PHOTO CREDIT: KEVIN DOOLEY [bit.ly/1ri0hej]
Let's review
the facts
"Target gave network
access to a third-party
vendor, a small
Pennsylvania HVAC
company, which did not
appear to follow
bro...
"Target
appears to have
failed to respond
to multiple automated
warnings from the
company’s
anti-intrusion
software that t...
"Attackers who
infiltrated Target’s
network with a
vendor credential
appear to have
successfully moved from
less sensitive...
"Target
appears to have
failed to respond
to multiple warnings
from the company’s
anti-intrusion
software regarding the
es...
What can we
learn from the
Target breach?
Target's situation
isn't unique
to Target
It's
your responsibility
to insulate yourself
from third parties
Continually test your
security layers so
you can trust them
in an emergency
What about the
vendors that
don't show up
on your books?
PHOTO CREDIT: CLASPINGWALNUT [BIT.LY/1K5J5DT]
HOW ABOUT THE
OPENSSL SOFTWARE
FOUNDATION?
HEARTBLEED:
A QUICK SUMMARY
• Small coding error allows attackers to steal
chunks of memory from remote servers
• Attacker...
HEARTBLEED:
LESSONS LEARNED
Layer your defenses
Segregate server duties
Make emergency plans
Rackspace
has joined many other
companies in support of the
Core Infrastructure Initiative
that provides funding for
open ...
LET'S WRAP IT UP
PHOTO CREDIT: TANAKAWHO [bit.ly/1mxiEd3]
Three takeaways:
(Or, if you fell asleep
during the last half hour,
here's what I was talking about)
1. Layer your defenses
2. The security
of your business
is your business
3. Better security
requires changes
in people, process,
and technology
THANK YOU!
!
PHOTO CREDIT: STUCK IN CUSTOMS [bit.ly/1k5nqha]
Blog: major.io
Twitter: @majorhayden
Email: major.hayden@rack...
Upcoming SlideShare
Loading in …5
×

Accruent insights 2014 2014-04-28 - v8 - final

708 views

Published on

Published in: Technology, Business
0 Comments
2 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
708
On SlideShare
0
From Embeds
0
Number of Embeds
9
Actions
Shares
0
Downloads
4
Comments
0
Likes
2
Embeds 0
No embeds

No notes for slide

Accruent insights 2014 2014-04-28 - v8 - final

  1. 1. EVADE THE BREACHBY CHANGING THE WAY YOU THINK ABOUT INFORMATION SECURITY MAJOR HAYDEN RACKSPACE @majorhayden FOR ACCRUENT INSIGHTS 2014, AUSTIN, TEXAS PHOTO CREDIT: CURTIS GREGORY PERRY [bit.ly/1k5ajws]
  2. 2. ABOUT MAJOR • Born in Austin • At Rackspace since 2006 • Focused on Linux engineering, software development and information security • Two kids and four chinchillas
  3. 3. THIS IS A CHINCHILLA THEY ARE AMAZING PETS AND I COULD TALK ABOUT THEM FOR A LONG TIME
  4. 4. AGENDA Presentation 30 minutes Q&A 30 minutes
  5. 5. Let's cover some critical concepts
  6. 6. SECURITY ISN'T EASY
  7. 7. YOUR BUSINESS DOESN'T EXIST TO BE SECURE INSPIRED BY KEITH PALMGREN'S "13 ABSOLUTE TRUTHS OF SECURITY"
  8. 8. SECURITY HAS NO FINISH LINE INSPIRED BY KEITH PALMGREN'S "13 ABSOLUTE TRUTHS OF SECURITY"
  9. 9. Reports that say...that something hasn't happened are always interesting to me, because as we know, there are known knowns; ! there are things that we know that we know. We also know there are known unknowns; ! that is to say we know there are some things we do not know. But there are also unknown unknowns, the ones we don't know we don't know.
 
 —Donald Rumsfeld, United States Secretary of Defense PUBLIC DOMAIN PHOTO BY THE UNITED STATES ARMY
  10. 10. THREE DEFENSIVE LAYERS PreventativeMake yourself a hard target DetectiveKnow when danger is on your doorstep CorrectiveRemove the threat and repair the damage PROCESSIMPROVEMENT ! FEEDBACKLOOP
  11. 11. We can apply these layers to something we all know well
  12. 12. How do we protect our homes? PHOTO CREDIT: DPREVITE [bit.ly/1mC8QBi]
  13. 13. PHOTO CREDIT: DPREVITE [bit.ly/1mC8QBi] We lock our doors We put our lights on timers We close the blinds We install security cameras We join the neighborhood watch We set our security alarm We have our alarm monitored We buy homeowner's insurance ! We buy firearms* *
  14. 14. PHOTO CREDIT: DPREVITE [bit.ly/1mC8QBi] We lock our doors We put our lights on timers We close the blinds We install security cameras We join the neighborhood watch We set our security alarm We have our alarm monitored We buy homeowner's insurance ! We buy firearms PREVENTATIVE
  15. 15. PHOTO CREDIT: DPREVITE [bit.ly/1mC8QBi] We lock our doors We put our lights on timers We close the blinds We install security cameras We join the neighborhood watch We set our security alarm We have our alarm monitored We buy homeowner's insurance ! We buy firearms DETECTIVE
  16. 16. PHOTO CREDIT: DPREVITE [bit.ly/1mC8QBi] We lock our doors We put our lights on timers We close the blinds We install security cameras We join the neighborhood watch We set our security alarm We have our alarm monitored We buy homeowner's insurance ! We buy firearms CORRECTIVE
  17. 17. You now know two other concepts
  18. 18. DEFENSE IN DEPTHASSUME THE WORST AND BUILD LAYERS OF DEFENSE PHOTO CREDIT: SZEKE [bit.ly/1mxjkzl]
  19. 19. RISK MANAGEMENTINVEST YOUR TIME SPENT ON SECURITY WISELY PHOTO CREDIT: LORENZOCLICK [bit.ly/1f40rns]
  20. 20. Do your third party vendors invest in security as much as you do?
  21. 21. How will you know for sure?
  22. 22. IT'S NOT EASY PHOTO CREDIT: KEVIN DOOLEY [bit.ly/1ri0hej]
  23. 23. Let's review the facts
  24. 24. "Target gave network access to a third-party vendor, a small Pennsylvania HVAC company, which did not appear to follow broadly accepted information security practices. The vendor’s weak security allowed the attackers to gain a foothold in Target’s network."
  25. 25. "Target appears to have failed to respond to multiple automated warnings from the company’s anti-intrusion software that the attackers were installing malware on Target’s system."
  26. 26. "Attackers who infiltrated Target’s network with a vendor credential appear to have successfully moved from less sensitive areas of Target’s network to areas storing consumer data, suggesting that Target failed to properly isolate its most sensitive network assets."
  27. 27. "Target appears to have failed to respond to multiple warnings from the company’s anti-intrusion software regarding the escape routes the attackers planned to use to exfiltrate data from Target’s network."
  28. 28. What can we learn from the Target breach?
  29. 29. Target's situation isn't unique to Target
  30. 30. It's your responsibility to insulate yourself from third parties
  31. 31. Continually test your security layers so you can trust them in an emergency
  32. 32. What about the vendors that don't show up on your books? PHOTO CREDIT: CLASPINGWALNUT [BIT.LY/1K5J5DT]
  33. 33. HOW ABOUT THE OPENSSL SOFTWARE FOUNDATION?
  34. 34. HEARTBLEED: A QUICK SUMMARY • Small coding error allows attackers to steal chunks of memory from remote servers • Attackers repeatedly send requests to get different data from the server • Announcement of the vulnerability was handled extremely poorly • Much of the internet is still still vulnerable almost a month after the announcements
  35. 35. HEARTBLEED: LESSONS LEARNED Layer your defenses Segregate server duties Make emergency plans
  36. 36. Rackspace has joined many other companies in support of the Core Infrastructure Initiative that provides funding for open source projects that need assistance
  37. 37. LET'S WRAP IT UP PHOTO CREDIT: TANAKAWHO [bit.ly/1mxiEd3]
  38. 38. Three takeaways: (Or, if you fell asleep during the last half hour, here's what I was talking about)
  39. 39. 1. Layer your defenses
  40. 40. 2. The security of your business is your business
  41. 41. 3. Better security requires changes in people, process, and technology
  42. 42. THANK YOU! ! PHOTO CREDIT: STUCK IN CUSTOMS [bit.ly/1k5nqha] Blog: major.io Twitter: @majorhayden Email: major.hayden@rackspace.com

×