The Post Covid-19 Cybersecurity World - Where Is It Headed?
Report
Jun. 12, 2021•0 likes•145 views
The Post Covid-19 Cybersecurity World - Where Is It Headed?
Jun. 12, 2021•0 likes•145 views
Download to read offline
Report
Internet
The Post Covid-19 Cybersecurity World - Where Is It Headed?
Recommended
Supply Chain Attack Backdooring Your Networks Bangladesh Network Operators Group
Extending Network Visibility: Down to the EndpointLancope, Inc.
Topics in network securityNasir Bhutta
StealthWatch & Point-of-Sale (POS) Malware Lancope, Inc.
IoT - the Next Wave of DDoS Threat LandscapeAPNIC
Network security - Defense in DepthDilum Bandara
More Related Content
What's hot
Network securitySri Manakula Vinayagar Engineering College
Data security in local network using distributed firewall ppt Sabreen Irfana
DDOS ATTACK - MIRAI BOTNET Sukhdeep Singh Sandhu
Firewallthinkahead.net
Wireless Network SecurityGyana Ranjana
NTXISSACSC4 - Security for a New WorldNorth Texas Chapter of the ISSA
Similar to The Post Covid-19 Cybersecurity World - Where Is It Headed?
CLASS 2022 - Marty Edwards (Tenable) - O perigo crescente de ransomware crimi...TI Safe
Don’t Sweat the Small Stuff – Protect What Matters Most - Interop 2014 Unisys Corporation
Cyber Securityfrcarlson
Compliance made easy. Pass your audits stress-free.AlgoSec
Webinar: Insights from CYREN's Q3 trend reportCyren, Inc
IoT DDoS Attacks: the stakes have changed Great Bay Software
![[CLASS 2014] Palestra Técnica - Michael Firstenberg](https://cdn.slidesharecdn.com/ss_thumbnails/ptclass24-michaelfirstenberg-141113070416-conversion-gate02-thumbnail.jpg?width=1600&height=908&fit=bounds)
More from Bangladesh Network Operators Group
IPv6 Deployment
in South Asia 2022Bangladesh Network Operators Group
Introduction to Software Defined Networking (SDN)Bangladesh Network Operators Group
RPKI Deployment Status in BangladeshBangladesh Network Operators Group
An Overview about open UDP ServicesBangladesh Network Operators Group
12 Years in DNS Security As a DefenderBangladesh Network Operators Group
Contents Localization Initiatives to get better User ExperienceBangladesh Network Operators Group
Recently uploaded
September 2023 CIAOPS Need to Know WebinarRobert Crane
mnNOG 2023: State of IPv6 in MongoliaAPNIC
D2C Insider Elevate , Global Selling Summit Bengaluru - Developing Brand Posi...D2C Insider
roland barthes theory hw.pptxSerraSalci
pdfjupitercpanel.pdfclay99
AusNOG 2023: RPKI and whois updatesAPNIC
The Post Covid-19 Cybersecurity World - Where Is It Headed?
- 1. 1 © UNIPHORE 2021 uniphore.com The Post Covid-19 Cybersecurity World: Where Is It Headed? bdNOG13 June 12, 2021 Merike Kaeo, CISO (merike.kaeo@uniphore.com)
- 2. 2 © UNIPHORE 2021 uniphore.com DAILY BREACHES AND RANSOMWARE ATTACKS – THE VIRTUAL PANDEMIC
- 3. 3 © UNIPHORE 2021 uniphore.com WHY ARE THINGS SO BROKEN? Scale • Billions of new devices • Large amounts of bandwidth Criminal Sophistication • Network architecture clue • Prevalent use of tunneling • More use of encryption • Social media ‘weaponization’ Automation • Outsourced infrastructures • Persistent continuous attacks on targets
- 4. 4 © UNIPHORE 2021 uniphore.com THE REALITIES OF WORKING FROM HOME • Increased Stress • Less Privacy • Multiple Demands • Shared Devices • Shared Network • No Physical Security
- 5. 5 © UNIPHORE 2021 uniphore.com COVID-19 EXACERBATED ONLINE CRIME • Increased Threat Vectors • Home networks • VPN (lack of) • Routing/DNS • Emails • Unresolved Technical Debt • RPKI • DNSSEC • Digital Certificate Management • Ineffective Monitoring
- 6. 6 © UNIPHORE 2021 uniphore.com STEALING CREDENTIALS IS TOO EASY Being a victim of a phishing attack Laptop gets stolen Sharing your password with another person Re-using same password on many systems Spyware on your computer installed a keylogger Storing your private key in an easily accessed file Sending credentials in cleartext emails Unpatched security vulnerabilities are exploited HUMAN TECH
- 7. 7 © UNIPHORE 2021 uniphore.com WE HAVE BLIND TRUST ISSUES • Protocol Standards • Implementation Guidelines • Device Certifications • Compliance Mandates • Documented Policies But…There’s The Human Factor You can do everything right and still screw up Question the status quo
- 8. 8 © UNIPHORE 2021 uniphore.com INCIDENT RESPONSE NEEDS IMPROVEMENT Everyone Gets Vilified • Why not detected sooner • Why not fixed quicker • Why notifications delayed Issues To Be Resolved • Breach notification laws • Lack of transparency • Escalation chain • Cross sector sharing (DNS, ISP) • Media hype with incomplete information
- 9. 9 © UNIPHORE 2021 uniphore.com THE BASIC DETAILS NEED ATTENTION Incident Response / Crisis Plan • Routing and DNS Compromise Vulnerability Disclosure/Patch Plan Fundamental Security Controls • User Authentication/Authorization • Device Authentication/Authorization • Access Control (Packet/Route Filtering) • Data Integrity • Data Confidentiality • Auditing / Logging • DoS Mitigation Most Basic Security Controls Minimize Impact Of Sophisticated Attacks • Don’t rely on defaults • Implement 2FA • Use cryptographically protected protocols • Get alerted for unauthorized changes
- 10. 10 © UNIPHORE 2021 uniphore.com Home workstations are now ‘mobile devices’ • What level of control do you have? • What is backed up where? • What is going into a personal cloud? • Who has access to devices? • Who uses screen savers at home? Single home router for Internet access • Where is traffic going? • Can traffic be observed? • Where are DNS queries going? HOME NETWORK AS EXTENSION OF BUSINESS Think Before You Click Lock Down Your Login Connect Via Secure Network Separate Your Networks Limit Access To Work Devices Update Your Software
- 11. 11 © UNIPHORE 2021 uniphore.com THANK YOU !