More Related Content
Similar to Rochester Security Event
Similar to Rochester Security Event (20)
Rochester Security Event
- 1. 2013 Information Security Risks
Year-End Review
Caleb Barlow
Director – IBM Application, Data, Mobile,
Critical Infrastructure Security
www.facebook.com/barlow.caleb
www.youtube.com/calebbarlow
- 3. Threat landscape is growing fast
In 2000
In 2012
361the Internet
million
people using
5.8%
of the world’s population
3
2.67 billion
people using the Internet
33%
of the world’s population
© 2013 IBM Corporation
- 4. …. and becoming Mobile
In 2000
720 million
mobile subscribers worldwide
12%
of the world’s population
4
In 2012
6 billion worldwide
mobile subscribers
87% population
of the world’s
© 2013 IBM Corporation
- 5. Innovative technology changes everything
1 trillion connected
objects
Social
business
5
1 billion mobile
workers
Cloud and virtualization
Bring your
own IT
© 2013 IBM Corporation
- 6. QR Codes
§ QR Code can contain a URL
to download malware
§ The malware can then send SMS
messages to a premium rate number
(US $6 per message)
• Samsung Galaxy S3 can be reset from a
QR Code wiping all data
• Google Glass vulnerability identified by
Lookout Security
6
© 2013 IBM Corporation
- 7. How do Mobile Applications treat you?
7
© 2013 IBM Corporation
- 9. Motivation and sophistication is evolving rapidly
Nation-state
actors, APTs
Stuxnet, Aurora,
APT-1
MOTIVATION
National Security,
Economic Espionage
Hacktivists
Lulzsec,
Anonymous
Notoriety, Activism,
Defamation
Monetary
Gain
Nuisance,
Curiosity
Organized crime
Zeus, ZeroAccess,
Blackhole Exploit Pack
Insiders, Spammers,
Script-kiddies
Nigerian 419 Scams, Code Red
SOPHISTICATION
9
© 2013 IBM Corporation
- 10. X-Force Trend and Risk Report
Crawler
• Over 1000 CPUs scanning the Internet 24x7
Darknet and Honeypots
• Capturing information from virgin IP addresses
SpamTrap
• Obtains Spam IPs and samples
Managed Services
• 15B security events a day across 133 countries
and over 20,000 devices under contract
10
© 2013 IBM Corporation
- 12. 2012 Sampling of Security Incidents by Attack Type, Time and Impact
Conjecture of relative breach impact is based on publicly disclosed information regarding leaked records and financial losses
12
Source: IBM X-Force® Research 2013 Trend and Risk Report
© 2013 IBM Corporation
- 14. still reliable for breaching databases
of tracked
disclosed
breaches
Low risk / high reward
§ Old CMS installations
§ CMS Plugins
§ Forum software
§ Other popular 3rd party
scripts
© 2013 IBM Corporation
- 15. continue to disrupt businesses
High traffic volume as much as
Industries affected:
§ Banks
§ Governments
§ DNS Providers
© 2013 IBM Corporation
- 16. attacks compromise end user trust
Tainting legitimate sites
with zero-day exploits
Targeting Savvy Users
§ Tech company developers
§ Government Employees
§ Unsuspecting viewers of
trusted sites
© 2013 IBM Corporation
- 17. foreign branch or local language sites tarnish brands
Global brands targeted
in foreign countries
outside of home office
Attackers rely on
§ Lower security on local
language sites
§ Temporary micro-sites
which gather user data
§ Tarnish brands with
path of least resistance
© 2013 IBM Corporation
- 18. countries most impacted by security incidents
The United States
most reported breach
target location
Taiwan was targeted
in several foreign
branch security
incidents
© 2013 IBM Corporation
- 19. has become a new playground
for attackers
Social Media top target for attacks
and mobile devices are expanding
those targets
- Pre-attack intelligence gathering
- Criminals selling accounts
- Campaigns enticing user to click
on malicious links
© 2013 IBM Corporation
- 24. Security challenges are a complex, four-dimensional puzzle
People
Employees
Outsourcers
Attackers
Consultants
Suppliers
Customers
Partners
Data
Structured
Unstructured
At rest
In motion
Applications
Systems
Applications
Web
Applications
Web 2.0
Mobile
Applications
Infrastructure
Datacenters
PCs
Laptops
Mobile
Cloud
Non-traditional
…that requires a new approach
© 2013 IBM Corporation
- 25. …that requires a new approach
Then
Now
Administration
Insight
Data
Basiccontrol
Laserfocused
Applications
Bolt-on
Built-in
Infrastructure
Thicker
walls
Smarter
defenses
People
Collect and Analyze Everything
25
© 2013 IBM Corporation
- 26. A change in mindset is already happening
26
© 2013 IBM Corporation
- 33. With Fiberlink, only IBM will provide the full spectrum of mobile management and security needs
Requirements for Mobile Management and Security:
Business Span
of Control
High
Corporate Owned
Assets
Employees w/BYOD
Task/Temp Workers
Business Partners
Low
Consumer
Transactions
Solution Approaches:
Mobile Device Management
Containers – App Wrapping and SDKs
Secure Transactions
IBM / Fiberlink Offerings:
IBM Security Access
Manager for Mobile
Planned Integration Points:
• SDKs will be packaged in Worklight IDE so all apps can be secured (IBM Worklight)
• Security information and events will feed into QRadar for analysis and actions will return to mobile tools
(IBM QRadar)
• Code scans will be integrated into the process before apps are deployed into app store/catalog
(IBM AppScan)
33
© 2013 IBM Corporation
- 34. Mobile Security
Framework
Personal
Secure the Application
Trusted Transactions
Mobile Access Mgmt
Identity Federation
Application Level VPN
Secure API Connectivity
Malware & Fraud Detection
Device & Location Risk
Account Takeover
Jailbreak w Device Rooted
Security Intelligence
SIEM
Threat Research
Enterprise
Applications
iOS / Android Static Scanning
Worklight Mobile IDE
Experience Management
Tamper Proofing *partner
Enterprise
Container
Cloud Services
Secure the Device
Enroll w Configurew Monitor
Provision w Wipe w Fingerprint
- 35. Who is Fiberlink?
§ Founded in 1991, Fiberlink has built expertise in delivering mobile management and security services
as a service
§ Headquartered in Blue Bell, PA
§ Provides Mobile Device Management, Mobile Application Management, Enterprise Container with
SDK and App-Wrapping, Secure Document Sharing and Mobile Expense Management as a
Service helping enterprises connect, control and secure mobile devices to gain competitive advantage,
increase employee productivity, and implement proper security measures
§ Industry leading and award winning
§ Cloud-based mobility management platform
§ Seamless integration with existing enterprise systems
§ Broad range of mobile OS support
§ Robust policies for Bring Your Own Device (BYOD) security and privacy
§ 3500+ clients
§ Marquee financial, healthcare, public sector, education, and retail customers
§ Delivering value to enterprises of all sizes: small to large
35
© 2013 IBM Corporation
- 36. Industry analysts rank IBM Security as leading the market
Security Analyst Report Rankings
Domain
Security Intelligence
Market Segment / Report
Security Information and Event Management (SIEM)
Identity and Access Governance
Gartner Magic
Quadrant
User Provisioning and Administration
Leader
2013
2011
Challenger
2013
Strong Performer
2013
Leader
2013
Contender
2011
Leader
2013 MarketScope
Leader
Database Auditing and Real-Time Protection
Data
Leader
2013
Role Management and Access Recertification
Web Access Management (WAM)
IDC Market
Share
Leader
Identity and Access Management Suites
People
Forrester
Wave
2011
Data Masking
Applications
Leader
Application Security Testing (dynamic and static)
Leader
Leader
2013
2013
Network Intrusion Prevention Systems (NIPS)
Infrastructure
EndPoint Protection Platforms (EPP)
Managed Security Services (MSS)
Services
Information Security Consulting Services
2013
Challenger
2012
Visionary
Strong Performer
2013
2013
Leader
Leader
2012
2012
Leader
2013
No report available
Note: Rankings compiled from latest available analyst reports as of September, 2013
36
© 2013 IBM Corporation
- 37. Chief Information Security Officers:
2013 IBM CISO Study
Formalize your role as a CISO
Establish a security strategy
Focus on overall risk
Develop effective business relations - build trust, share information, meet with the Csuite and board
Invest in advanced technology when it meets a business need
Fortify your mobile security
Track risk to brand reputation and customer satisfaction
Integrate metrics
“Strategic vision… Global consistency… Lots of communication… speak business value,
understand risk… minimize the impact… be on the bleeding edge…”© 2013 IBM Corporation
IBM Confidential
37
- 38. Trusteer Advanced Fraud and Malware Protection
Helping to protect against financial fraud and advanced security threats
Among the capabilities Trusteer brings to IBMs security portfolio:
Web Fraud Protection
Leading web fraud capabilities for financial services
and web commerce
Secure Mobile Transactions
Embedded security for mobile devices
and applications helps enables
secure transactions from devices
to the back office
Extended Advanced Threat Protection
Unique endpoint solution for identifying
and protecting against Advanced Persistent Threats
38
Security-as-a-Service
Cloud based deployment enabling rapid
and real-time updates
© 2013 IBM Corporation
- 39. About
Trusteer
Global
Hundreds
of
Customers
100,000,000
Endpoints
Financial
Fraud
Preven;on
Solu;ons
Advanced
Threat
Protec;on
Intelligence
Technology
Leader
©
Trusteer
2013
Leading
Global
Organiza;ons
Put
Their
TRUST
In
Us
7/10
Top
US
Banks
4/5
Top
Canadian
Banks
9/10
Top
UK
Banks
Major
European
Banks
Exper;se
39
- 40. Malware
and
Phishing
Common
threat
to
online
channels
&
internal
systems
Social
Engineering
(Phishing)
Vulnerability
Exploit
Malware
Infec;on
Fraud
Scheme
Execu;on
Data
Exfiltra;on
Three Losing Battles
Money
Loss
Enterprise
Breach
Two Major Impacts
• Humans will always make mistakes
Widespread
Fraud
• System and application
vulnerabilities continue to emerge
• $3.4B
est
lost
to
online
fraud
in
20121
Advanced
Threats
and
Breaches
• 85%
of
breaches
go
undetected2
1JPMorgan: 2012 Online Fraud Report , 2Gartner: 2290415,
• $8.9M
average
cost
of
cyber-‐aDacks3
3
• Malware detection will always lag
©
Trusteer
2013
Ponemon Institute: 2012 Cost of Cybercrime Report: US
- 41. The
Specific
Problems
Trusteer
Solves
Online
Banking
Account
Takeover,
New
Account
Fraud
Phishing
and
Malware
Fraud
Mobile
Fraud
Risk
WWW
Advanced
Threats
(Employees)
Wire,
ACH,
Internal
Apps
©
Trusteer
2013
- 42. Trusteer
Solu;ons
Trusteer
Pinpoint
Malware
Detec;on
Phishing
and
Malware
Fraud
Trusteer
Rapport
Trusteer
Mobile
Risk
Engine
Trusteer
Mobile
SDK/
APP
Mobile
Fraud
Risk
WWW
Trusteer
Apex
Advanced
Threats
(Employees)
Wire,
ACH,
Internal
Apps
©
Trusteer
2013
Trusteer
Pinpoint
Account
Takeover
(ATO)
Detec;on
Online
Banking
Account
Takeover,
New
Account
Fraud
- 48. Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access
from within and outside your enterprise. Improper access can result in information being altered, destroyed or misappropriated or can result in damage to or misuse of
your systems, including to attack others. No IT system or product should be considered completely secure and no single product or security measure can be completely
effective in preventing improper access. IBM systems and products are designed to be part of a comprehensive security approach, which will necessarily involve
additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT SYSTEMS AND
PRODUCTS ARE IMMUNE FROM THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY.
© Copyright IBM Corporation 2012. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS
without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing
contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the
terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not
imply that they will be available in all countries in which IBM operates. Product release dates and/or capabilities referenced in these materials may change at any time at
IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM,
the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both.
Other company, product, or service names may be trademarks or service marks of others.
© 2013 IBM Corporation