SlideShare a Scribd company logo

Follow the Money, Follow the Crime

Download as PPTX, PDF
IBM Security
IBM Security
Technology
1 of 42
© 2012 IBM Corporation IBM Security Systems 1© 2014 IBM Corporation Things Gone Wild: When Your Devices Behave Badly
© 2014 IBM Corporation IBM Security Systems 2 “Things” hacker
© 2014 IBM Corporation IBM Security Systems 3 This is the “maker” corner of my office
© 2014 IBM Corporation IBM Security Systems 4 A man is stuck in traffic on his way to work.
© 2014 IBM Corporation IBM Security Systems 5 His mind wanders, Did I leave the fridge open?
© 2014 IBM Corporation IBM Security Systems 6 He pulls his smart phone out.
© 2014 IBM Corporation IBM Security Systems 7 The man taps an app on his smart phone labeled “Home Automation”
© 2014 IBM Corporation IBM Security Systems 8 The man taps an app on his smart phone labeled “Home Automation”
© 2014 IBM Corporation IBM Security Systems 9 The man taps an app on his smart phone labeled “Home Automation”
© 2014 IBM Corporation IBM Security Systems 10 Everything is fine at home. The man rolls his eyes and grins at his own obsessive concern
© 2014 IBM Corporation IBM Security Systems 11 But in reality, someone has hacked his home area network. The refrigerator is spewing ice cubes…
© 2014 IBM Corporation IBM Security Systems 12 The dishwasher is overflowing…
© 2014 IBM Corporation IBM Security Systems 13 The toaster is aflame while the ZoomBot bumps the counter, sending the toaster toward the curtains.
© 2013 IBM Corporation IBM Security Systems IBM X-Force is the foundation for advanced security and threat research across the IBM Security Framework.
© 2013 IBM Corporation IBM Security Systems IBM X-Force® Research and Development Vulnerability Protection IP Reputation Anti-Spam Malware Analysis Web Application Control URL / Web Filtering The IBM X-Force Mission  Monitor and evaluate the rapidly changing threat landscape  Research new attack techniques and develop protection for tomorrow’s security challenges  Educate our customers and the general public  Integrate and distribute Threat Protection and Intelligence to make IBM solutions smarter Expert analysis and data sharing on the global threat landscape Zero-day Research
© 2013 IBM Corporation IBM Security Systems Coverage 20,000+ devices under contract 15B+ events managed per day 133 monitored countries (MSS) 1,000+ security related patents 100M+ customers protected from fraudulent transactions Depth 25B analyzed web pages & images 12M spam & phishing attacks daily 86K documented vulnerabilities 860K malicious IP addresses Millions of unique malware samples IBM X-Force monitors and analyzes the changing threat landscape.
© 2014 IBM Corporation IBM Security Systems 17 The Internet of Things (IoT): a revolution is occurring just like Cloud, Mobile, Social & Analytics The Internet of Things will represent 30 billion connected “things” by 2020, growing from 9.9 billion in 2013.1 These connected "things" are largely driven by intelligent systems-all collecting and transmitting data. Source: IDC, “Worldwide and Regional Internet of Things 2014-2020 Forecast Update by Technology Split”
© 2014 IBM Corporation IBM Security Systems 18 Smart Homes
© 2014 IBM Corporation IBM Security Systems 19 Smart Energy / Smart Meters (AMI)
© 2014 IBM Corporation IBM Security Systems 20 Side Channel Security Information Monitor usage and determine: When fridge is runs its defrost cycle When the coffee maker kicks on When you run your electric razor What you’re watching on TV To some extent, this can be done now Smart meters give much more granular information Source: http://www.h-online.com/security/news/item/Smart-meters-reveal-TV-viewing-habits-1346385.html
© 2014 IBM Corporation IBM Security Systems 21 Smart Meter Event Monitoring Reverse Rotation Detected Inversion tamper Removal Tamper Power Outage / Restoration Remote Disconnect / Reconnect Failure / Success RF Transceiver Reset New device joined HAN Configuration Changed Firmware Change Complete Replay Attack
© 2014 IBM Corporation IBM Security Systems 22 Industrial Control / SCADA Systems Most SCADA systems are to IoT what flip phones are to mobile
© 2014 IBM Corporation IBM Security Systems 23 Traffic / transport Utilities / energy Telecommunications Public safety HVAC systems Occupancy Elevators/escalators Smart Cities / Smart Buildings
© 2014 IBM Corporation IBM Security Systems 24 Smarter Prisons?
© 2014 IBM Corporation IBM Security Systems 25 Wearables
© 2014 IBM Corporation IBM Security Systems 26 Medical Devices
© 2014 IBM Corporation IBM Security Systems 27 Biohacking How are you going to control this type of BYOD?
© 2014 IBM Corporation IBM Security Systems 28 The instrumented vehicle; automobile threat surface Engine Control Unit Transmission Control Unit Airbag Control Unit Anti-lock Braking System Tire Pressure Monitor Vehicle to Vehicle Communications Instrument Cluster / Telematics Keyless Entry / Anti-theft OBD-II Car Multimedia Dynamic Stability Control
© 2014 IBM Corporation IBM Security Systems 29 IBM Confidential
© 2014 IBM Corporation IBM Security Systems 30 The IBM model for the Internet of Things At IBM, we’ve created a model of the IoT that’s useful for understanding the security threats at various data flow and control transition points.
© 2014 IBM Corporation IBM Security Systems 31 Home automation systems are driving comfort and security enhancements. • Smart appliances • Lighting and sound systems • Televisions • Thermostats • Smoke detectors and alarm systems • Garage doors and door locks Includes technologies like: • Local home network, which is often wireless, and then connected to the Internet via a service provider • Security systems may also have a secondary connection using a mobile network Connected via: • Service providers or utilities providing home automation services • Hobbyists can build their solutions, bypassing the cloud layer, opting instead to connect to their home area network directly from a mobile device or computer. Available from:
© 2014 IBM Corporation IBM Security Systems 32 Connected vehicles can enhance both safety and control for drivers. • Emergency assistance • Remote telemetry reporting, such as speed, location and engine temp • Remote start • Remote cabin climate control Includes technologies like: • The local network is a controller area network (CAN), to which the electronic control units (ECUs) for brakes, engine, power windows and other components connect. • Global network is a mobile carrier • Cloud service is often the auto manufacturer’s network, to which the car identifies itself and is authenticated with an app on a mobile device. Connected via: • Automobile manufacturers Available from:
© 2014 IBM Corporation IBM Security Systems 33 Industrial control and SCADA systems vary wildly by industry, age, and use. • HVAC systems • Access control systems • Energy consumption • Infrastructure processes like water treatment, oil and gas pipelines, and electrical power transmission and distribution systems Includes technologies like: • Older SCADA systems can be controlled over a dial-up line by an operator console segmented from the rest of the network, with no Internet connectivity or ability to control the system from outside the factory network. • Newer industrial control systems are built on a general-purpose OS, designed to connect to an IP network. Connected via: • Legacy designs embedded in factories • Industrial control service providers Available from:
© 2014 IBM Corporation IBM Security Systems 34 Smart meters are driving the convergence of operational technology and traditional IT networks. • Electric, natural gas, or water meters • Alternative fuels like solar energy and wind power • Locally sourced microgrids, which generate, distribute, and regulate the flow of electricity to consumers in a small geographic area Includes technologies like: • Connection from meter to energy provider’s cloud using communication methods like cell and pager networks, satellite, licensed radio, combination licensed and unlicensed radio, or power line communication • Analyzed telemetry is provided to billing systems and available to customers through a web portal or mobile app Connected via: • Electric utilities • Municipalities Available from:
© 2014 IBM Corporation IBM Security Systems 35 Implantable medical devices are improving levels of patient care. • Pacemakers and cardioverter defibrillators • Cochlear implants • Insulin pumps • Camera capsules • Neuromonitoring systems Includes technologies like: • Current connectivity provided over radio frequency to specialized control devices and is limited in range • There is pressure to widen connectivity so patients would have access to their data over patient portals, with the entire ecosystem of healthcare providers and insurers accessing a unified view of patient care information Connected via: • Medical device manufacturers Available from:
© 2014 IBM Corporation IBM Security Systems 36 The Internet of Things brings a range of threats and attack vectors. Threat vectors • Web application vulnerabilities • Exploits • Man in the middle • Password attacks • Information gathering / data leakage / eavesdropping • Rogue clients Backdoor access to a building maintenance program was used to access floor plans for a business. Using a CD playing MP3 files in a car’s audio system, researchers were able to access all the ECUs in the vehicle, and disable brake functions while the car was travelling at 40 mph. Network-connected lighting was compromised to access local Wi-Fi network passwords.
© 2013 IBM Corporation IBM Security Systems Each layer in the Internet of Things is susceptible to a variety of attack vectors. A. Password attacks B. Web application vulnerabilities C. Rogue clients / malicious firmware D. Man in the middle attacks E. Information gathering / data leakage / eavesdropping F. Command injection and data corruption Things Local network Global network Cloud service Controlling device A A B A A B B D D D C C F E E E
© 2014 IBM Corporation IBM Security Systems 38 IoT exposes varying threat surfaces, and requires security specific to each category of device. Hardware manufacturers need strategies specific to each category of device: A secure operating system with trusted firmware guarantees A unique identifier Strong authentication and access control Data privacy protection Strong application security
© 2014 IBM Corporation IBM Security Systems 39 IBM recommends manufacturers adhere to a set of best practices to address the security challenges of the IoT. Follow the Open Web Application Security Project (OWASP) IoT Top 10 practices. Build a secure design and development practice Perform regular penetration testing on products Follow industry guidance, such as the IBM Automotive Security Point of View.
© 2014 IBM Corporation IBM Security Systems 40
© 2014 IBM Corporation IBM Security Systems 41 Connect with IBM X-Force Research & Development Find more on SecurityIntelligence.com IBM X-Force Threat Intelligence Reports and Research http://www.ibm.com/security/xforce/ Twitter @ibmsecurity and @ibmxforce IBM X-Force Security Insights Blog www.SecurityIntelligence.com/topics/x-force
© 2014 IBM Corporation IBM Security Systems 42 www.ibm.com/security © Copyright IBM Corporation 2013. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or capabilities referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others. Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed or misappropriated or can result in damage to or misuse of your systems, including to attack others. No IT system or product should be considered completely secure and no single product or security measure can be completely effective in preventing improper access. IBM systems and products are designed to be part of a comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT SYSTEMS AND PRODUCTS ARE IMMUNE FROM THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY. www.ibm.com/security © Copyright IBM Corporation 2014. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or capabilities referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others. Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed or misappropriated or can result in damage to or misuse of your systems, including to attack others. No IT system or product should be considered completely secure and no single product or security measure can be completely effective in preventing improper access. IBM systems and products are designed to be part of a comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT SYSTEMS AND PRODUCTS ARE IMMUNE FROM THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY.

Recommended

How to Hack a Cryptographic Key
How to Hack a Cryptographic KeyHow to Hack a Cryptographic Key
How to Hack a Cryptographic KeyIBM Security
 
Securing Mobile Banking Apps - You Are Only as Strong as Your Weakest Link
Securing Mobile Banking Apps - You Are Only as Strong as Your Weakest LinkSecuring Mobile Banking Apps - You Are Only as Strong as Your Weakest Link
Securing Mobile Banking Apps - You Are Only as Strong as Your Weakest LinkIBM Security
 
IBM Mobile Security: A Comprehensive Approach to Securing and Managing the Mo...
IBM Mobile Security: A Comprehensive Approach to Securing and Managing the Mo...IBM Mobile Security: A Comprehensive Approach to Securing and Managing the Mo...
IBM Mobile Security: A Comprehensive Approach to Securing and Managing the Mo...IBM Security
 
IBM Mobile Analyzer Saves the Day
IBM Mobile Analyzer Saves the DayIBM Mobile Analyzer Saves the Day
IBM Mobile Analyzer Saves the DayIBM Security
 
How to Keep Hackers Out of Your Organisation
How to Keep Hackers Out of Your OrganisationHow to Keep Hackers Out of Your Organisation
How to Keep Hackers Out of Your OrganisationIBM Danmark
 
Améliorer la productivité des employés et se protéger contre les menaces ...
Améliorer la productivité des employés et se protéger contre les menaces ...Améliorer la productivité des employés et se protéger contre les menaces ...
Améliorer la productivité des employés et se protéger contre les menaces ...AGILLY
 
MaaS360 with Watson
MaaS360 with WatsonMaaS360 with Watson
MaaS360 with WatsonSylvia Low
 
New trends in Payments Security: NFC & Mobile
New trends in Payments Security: NFC & MobileNew trends in Payments Security: NFC & Mobile
New trends in Payments Security: NFC & MobileSISA Information Security Pvt.Ltd
 

Recommended

How to Hack a Cryptographic Key
How to Hack a Cryptographic KeyHow to Hack a Cryptographic Key
How to Hack a Cryptographic KeyIBM Security
 
Securing Mobile Banking Apps - You Are Only as Strong as Your Weakest Link
Securing Mobile Banking Apps - You Are Only as Strong as Your Weakest LinkSecuring Mobile Banking Apps - You Are Only as Strong as Your Weakest Link
Securing Mobile Banking Apps - You Are Only as Strong as Your Weakest LinkIBM Security
 
IBM Mobile Security: A Comprehensive Approach to Securing and Managing the Mo...
IBM Mobile Security: A Comprehensive Approach to Securing and Managing the Mo...IBM Mobile Security: A Comprehensive Approach to Securing and Managing the Mo...
IBM Mobile Security: A Comprehensive Approach to Securing and Managing the Mo...IBM Security
 
IBM Mobile Analyzer Saves the Day
IBM Mobile Analyzer Saves the DayIBM Mobile Analyzer Saves the Day
IBM Mobile Analyzer Saves the DayIBM Security
 
How to Keep Hackers Out of Your Organisation
How to Keep Hackers Out of Your OrganisationHow to Keep Hackers Out of Your Organisation
How to Keep Hackers Out of Your OrganisationIBM Danmark
 
Améliorer la productivité des employés et se protéger contre les menaces ...
Améliorer la productivité des employés et se protéger contre les menaces ...Améliorer la productivité des employés et se protéger contre les menaces ...
Améliorer la productivité des employés et se protéger contre les menaces ...AGILLY
 
MaaS360 with Watson
MaaS360 with WatsonMaaS360 with Watson
MaaS360 with WatsonSylvia Low
 
New trends in Payments Security: NFC & Mobile
New trends in Payments Security: NFC & MobileNew trends in Payments Security: NFC & Mobile
New trends in Payments Security: NFC & MobileSISA Information Security Pvt.Ltd
 
Are We There Yet? The Path Towards Securing the Mobile Enterprise
Are We There Yet? The Path Towards Securing the Mobile EnterpriseAre We There Yet? The Path Towards Securing the Mobile Enterprise
Are We There Yet? The Path Towards Securing the Mobile EnterpriseIBM Security
 
Surviving the Mobile Phenomenon: Securing Mobile Access with Risk-Based Authe...
Surviving the Mobile Phenomenon: Securing Mobile Access with Risk-Based Authe...Surviving the Mobile Phenomenon: Securing Mobile Access with Risk-Based Authe...
Surviving the Mobile Phenomenon: Securing Mobile Access with Risk-Based Authe...IBM Security
 
Pulse 2013 - How to run a successful BYOD initiative
Pulse 2013 - How to run a successful BYOD initiativePulse 2013 - How to run a successful BYOD initiative
Pulse 2013 - How to run a successful BYOD initiativeChris Pepin
 
Mobile Security for Banking and Finance
Mobile Security for Banking and FinanceMobile Security for Banking and Finance
Mobile Security for Banking and FinanceSierraware
 
WEBINAR - August 9, 2016: New Legal Requirements for Mobile Security
WEBINAR - August 9, 2016: New Legal Requirements for Mobile SecurityWEBINAR - August 9, 2016: New Legal Requirements for Mobile Security
WEBINAR - August 9, 2016: New Legal Requirements for Mobile SecurityMobileIron
 
Growing internet of things solution in industries and mobile
Growing internet of things solution in industries and mobile Growing internet of things solution in industries and mobile
Growing internet of things solution in industries and mobile Qian Li Jin
 
Retail Mobility, Productivity and Security
Retail Mobility, Productivity and SecurityRetail Mobility, Productivity and Security
Retail Mobility, Productivity and SecurityIBM Security
 
Micro Technologies India ltd
Micro Technologies India ltdMicro Technologies India ltd
Micro Technologies India ltdNehul Gupta
 
Secure your Future with IoT Security Testing | Application Security
Secure your Future with IoT Security Testing | Application SecuritySecure your Future with IoT Security Testing | Application Security
Secure your Future with IoT Security Testing | Application SecurityCigniti Technologies Ltd
 
SmartDevCon - Katowice - 2013
SmartDevCon - Katowice - 2013SmartDevCon - Katowice - 2013
SmartDevCon - Katowice - 2013Petr Dvorak
 
DSS ITSEC Webinars 2013 - Network Access Control + Mobile Security (MobileIron)
DSS ITSEC Webinars 2013 - Network Access Control + Mobile Security (MobileIron)DSS ITSEC Webinars 2013 - Network Access Control + Mobile Security (MobileIron)
DSS ITSEC Webinars 2013 - Network Access Control + Mobile Security (MobileIron)Andris Soroka
 
Simple and secure mobile cloud access
Simple and secure mobile cloud accessSimple and secure mobile cloud access
Simple and secure mobile cloud accessAGILLY
 
BYOD / Mobile-Device Security Guidelines for CxO's
BYOD / Mobile-Device Security Guidelines for CxO'sBYOD / Mobile-Device Security Guidelines for CxO's
BYOD / Mobile-Device Security Guidelines for CxO'sPatrick Angel - MBA, CISSP(c) CISM(c) CRISC(c) CISA(c)
 
IRJET - Cyber Security Threats and Measures in Context with IoT
IRJET - Cyber Security Threats and Measures in Context with IoTIRJET - Cyber Security Threats and Measures in Context with IoT
IRJET - Cyber Security Threats and Measures in Context with IoTIRJET Journal
 
Mobile Device Security
Mobile Device SecurityMobile Device Security
Mobile Device SecurityJohn Rhoton
 
IBM InterConnect 2103 - Institute a MobileFirst IT Infrastructure
IBM InterConnect 2103 - Institute a MobileFirst IT InfrastructureIBM InterConnect 2103 - Institute a MobileFirst IT Infrastructure
IBM InterConnect 2103 - Institute a MobileFirst IT InfrastructureChris Pepin
 
SierraVMI Virtual Mobile Infrastructure (VMI). Android-based VDI.
SierraVMI Virtual Mobile Infrastructure (VMI). Android-based VDI.SierraVMI Virtual Mobile Infrastructure (VMI). Android-based VDI.
SierraVMI Virtual Mobile Infrastructure (VMI). Android-based VDI.Sierraware
 
CIS14: Providing Security and Identity for a Mobile-First World
CIS14: Providing Security and Identity for a Mobile-First WorldCIS14: Providing Security and Identity for a Mobile-First World
CIS14: Providing Security and Identity for a Mobile-First WorldCloudIDSummit
 
MobileIron Presentation
MobileIron PresentationMobileIron Presentation
MobileIron PresentationWing Venture Capital
 
Securing 3-Mode Mobile Banking
Securing 3-Mode Mobile BankingSecuring 3-Mode Mobile Banking
Securing 3-Mode Mobile BankingJay McLaughlin
 
Building the internet of things with ibm (slideshare)
Building the internet of things with ibm (slideshare)Building the internet of things with ibm (slideshare)
Building the internet of things with ibm (slideshare)Bernard Kufluk
 
IAM for mobile and BYOD
IAM for mobile and BYODIAM for mobile and BYOD
IAM for mobile and BYODMichel de Goede
 

More Related Content

What's hot

Are We There Yet? The Path Towards Securing the Mobile Enterprise
Are We There Yet? The Path Towards Securing the Mobile EnterpriseAre We There Yet? The Path Towards Securing the Mobile Enterprise
Are We There Yet? The Path Towards Securing the Mobile EnterpriseIBM Security
 
Surviving the Mobile Phenomenon: Securing Mobile Access with Risk-Based Authe...
Surviving the Mobile Phenomenon: Securing Mobile Access with Risk-Based Authe...Surviving the Mobile Phenomenon: Securing Mobile Access with Risk-Based Authe...
Surviving the Mobile Phenomenon: Securing Mobile Access with Risk-Based Authe...IBM Security
 
Pulse 2013 - How to run a successful BYOD initiative
Pulse 2013 - How to run a successful BYOD initiativePulse 2013 - How to run a successful BYOD initiative
Pulse 2013 - How to run a successful BYOD initiativeChris Pepin
 
Mobile Security for Banking and Finance
Mobile Security for Banking and FinanceMobile Security for Banking and Finance
Mobile Security for Banking and FinanceSierraware
 
WEBINAR - August 9, 2016: New Legal Requirements for Mobile Security
WEBINAR - August 9, 2016: New Legal Requirements for Mobile SecurityWEBINAR - August 9, 2016: New Legal Requirements for Mobile Security
WEBINAR - August 9, 2016: New Legal Requirements for Mobile SecurityMobileIron
 
Growing internet of things solution in industries and mobile
Growing internet of things solution in industries and mobile Growing internet of things solution in industries and mobile
Growing internet of things solution in industries and mobile Qian Li Jin
 
Retail Mobility, Productivity and Security
Retail Mobility, Productivity and SecurityRetail Mobility, Productivity and Security
Retail Mobility, Productivity and SecurityIBM Security
 
Micro Technologies India ltd
Micro Technologies India ltdMicro Technologies India ltd
Micro Technologies India ltdNehul Gupta
 
Secure your Future with IoT Security Testing | Application Security
Secure your Future with IoT Security Testing | Application SecuritySecure your Future with IoT Security Testing | Application Security
Secure your Future with IoT Security Testing | Application SecurityCigniti Technologies Ltd
 
SmartDevCon - Katowice - 2013
SmartDevCon - Katowice - 2013SmartDevCon - Katowice - 2013
SmartDevCon - Katowice - 2013Petr Dvorak
 
DSS ITSEC Webinars 2013 - Network Access Control + Mobile Security (MobileIron)
DSS ITSEC Webinars 2013 - Network Access Control + Mobile Security (MobileIron)DSS ITSEC Webinars 2013 - Network Access Control + Mobile Security (MobileIron)
DSS ITSEC Webinars 2013 - Network Access Control + Mobile Security (MobileIron)Andris Soroka
 
Simple and secure mobile cloud access
Simple and secure mobile cloud accessSimple and secure mobile cloud access
Simple and secure mobile cloud accessAGILLY
 
IRJET - Cyber Security Threats and Measures in Context with IoT
IRJET - Cyber Security Threats and Measures in Context with IoTIRJET - Cyber Security Threats and Measures in Context with IoT
IRJET - Cyber Security Threats and Measures in Context with IoTIRJET Journal
 
Mobile Device Security
Mobile Device SecurityMobile Device Security
Mobile Device SecurityJohn Rhoton
 
IBM InterConnect 2103 - Institute a MobileFirst IT Infrastructure
IBM InterConnect 2103 - Institute a MobileFirst IT InfrastructureIBM InterConnect 2103 - Institute a MobileFirst IT Infrastructure
IBM InterConnect 2103 - Institute a MobileFirst IT InfrastructureChris Pepin
 
SierraVMI Virtual Mobile Infrastructure (VMI). Android-based VDI.
SierraVMI Virtual Mobile Infrastructure (VMI). Android-based VDI.SierraVMI Virtual Mobile Infrastructure (VMI). Android-based VDI.
SierraVMI Virtual Mobile Infrastructure (VMI). Android-based VDI.Sierraware
 
CIS14: Providing Security and Identity for a Mobile-First World
CIS14: Providing Security and Identity for a Mobile-First WorldCIS14: Providing Security and Identity for a Mobile-First World
CIS14: Providing Security and Identity for a Mobile-First WorldCloudIDSummit
 
Securing 3-Mode Mobile Banking
Securing 3-Mode Mobile BankingSecuring 3-Mode Mobile Banking
Securing 3-Mode Mobile BankingJay McLaughlin
 

What's hot (20)

Are We There Yet? The Path Towards Securing the Mobile Enterprise
Are We There Yet? The Path Towards Securing the Mobile EnterpriseAre We There Yet? The Path Towards Securing the Mobile Enterprise
Are We There Yet? The Path Towards Securing the Mobile Enterprise
 
Surviving the Mobile Phenomenon: Securing Mobile Access with Risk-Based Authe...
Surviving the Mobile Phenomenon: Securing Mobile Access with Risk-Based Authe...Surviving the Mobile Phenomenon: Securing Mobile Access with Risk-Based Authe...
Surviving the Mobile Phenomenon: Securing Mobile Access with Risk-Based Authe...
 
Pulse 2013 - How to run a successful BYOD initiative
Pulse 2013 - How to run a successful BYOD initiativePulse 2013 - How to run a successful BYOD initiative
Pulse 2013 - How to run a successful BYOD initiative
 
Mobile Security for Banking and Finance
Mobile Security for Banking and FinanceMobile Security for Banking and Finance
Mobile Security for Banking and Finance
 
WEBINAR - August 9, 2016: New Legal Requirements for Mobile Security
WEBINAR - August 9, 2016: New Legal Requirements for Mobile SecurityWEBINAR - August 9, 2016: New Legal Requirements for Mobile Security
WEBINAR - August 9, 2016: New Legal Requirements for Mobile Security
 
Growing internet of things solution in industries and mobile
Growing internet of things solution in industries and mobile Growing internet of things solution in industries and mobile
Growing internet of things solution in industries and mobile
 
Retail Mobility, Productivity and Security
Retail Mobility, Productivity and SecurityRetail Mobility, Productivity and Security
Retail Mobility, Productivity and Security
 
Micro Technologies India ltd
Micro Technologies India ltdMicro Technologies India ltd
Micro Technologies India ltd
 
Secure your Future with IoT Security Testing | Application Security
Secure your Future with IoT Security Testing | Application SecuritySecure your Future with IoT Security Testing | Application Security
Secure your Future with IoT Security Testing | Application Security
 
SmartDevCon - Katowice - 2013
SmartDevCon - Katowice - 2013SmartDevCon - Katowice - 2013
SmartDevCon - Katowice - 2013
 
DSS ITSEC Webinars 2013 - Network Access Control + Mobile Security (MobileIron)
DSS ITSEC Webinars 2013 - Network Access Control + Mobile Security (MobileIron)DSS ITSEC Webinars 2013 - Network Access Control + Mobile Security (MobileIron)
DSS ITSEC Webinars 2013 - Network Access Control + Mobile Security (MobileIron)
 
Simple and secure mobile cloud access
Simple and secure mobile cloud accessSimple and secure mobile cloud access
Simple and secure mobile cloud access
 
BYOD / Mobile-Device Security Guidelines for CxO's
BYOD / Mobile-Device Security Guidelines for CxO'sBYOD / Mobile-Device Security Guidelines for CxO's
BYOD / Mobile-Device Security Guidelines for CxO's
 
IRJET - Cyber Security Threats and Measures in Context with IoT
IRJET - Cyber Security Threats and Measures in Context with IoTIRJET - Cyber Security Threats and Measures in Context with IoT
IRJET - Cyber Security Threats and Measures in Context with IoT
 
Mobile Device Security
Mobile Device SecurityMobile Device Security
Mobile Device Security
 
IBM InterConnect 2103 - Institute a MobileFirst IT Infrastructure
IBM InterConnect 2103 - Institute a MobileFirst IT InfrastructureIBM InterConnect 2103 - Institute a MobileFirst IT Infrastructure
IBM InterConnect 2103 - Institute a MobileFirst IT Infrastructure
 
SierraVMI Virtual Mobile Infrastructure (VMI). Android-based VDI.
SierraVMI Virtual Mobile Infrastructure (VMI). Android-based VDI.SierraVMI Virtual Mobile Infrastructure (VMI). Android-based VDI.
SierraVMI Virtual Mobile Infrastructure (VMI). Android-based VDI.
 
CIS14: Providing Security and Identity for a Mobile-First World
CIS14: Providing Security and Identity for a Mobile-First WorldCIS14: Providing Security and Identity for a Mobile-First World
CIS14: Providing Security and Identity for a Mobile-First World
 
MobileIron Presentation
MobileIron PresentationMobileIron Presentation
MobileIron Presentation
 
Securing 3-Mode Mobile Banking
Securing 3-Mode Mobile BankingSecuring 3-Mode Mobile Banking
Securing 3-Mode Mobile Banking
 

Similar to Follow the Money, Follow the Crime

Building the internet of things with ibm (slideshare)
Building the internet of things with ibm (slideshare)Building the internet of things with ibm (slideshare)
Building the internet of things with ibm (slideshare)Bernard Kufluk
 
Internet of Things and IBM
Internet of Things and IBMInternet of Things and IBM
Internet of Things and IBMArrow ECS UK
 
Countering Cybersecurity Risk in Today's IoT World
Countering Cybersecurity Risk in Today's IoT WorldCountering Cybersecurity Risk in Today's IoT World
Countering Cybersecurity Risk in Today's IoT WorldBrad Nicholas
 
Cyber as WMD- April 2015- GFSU
Cyber as WMD- April 2015- GFSUCyber as WMD- April 2015- GFSU
Cyber as WMD- April 2015- GFSUMohit Rampal
 
CLASS 2016 - Palestra José Antunes
CLASS 2016 - Palestra José AntunesCLASS 2016 - Palestra José Antunes
CLASS 2016 - Palestra José AntunesTI Safe
 
Introduction to MessageSight - gateway to the internet of things and mobile m...
Introduction to MessageSight - gateway to the internet of things and mobile m...Introduction to MessageSight - gateway to the internet of things and mobile m...
Introduction to MessageSight - gateway to the internet of things and mobile m...Bernard Kufluk
 
Webinar: Can a Light Bulb Really Pose a Security Threat? A Practical Look at ...
Webinar: Can a Light Bulb Really Pose a Security Threat? A Practical Look at ...Webinar: Can a Light Bulb Really Pose a Security Threat? A Practical Look at ...
Webinar: Can a Light Bulb Really Pose a Security Threat? A Practical Look at ...Cyren, Inc
 
Smarter Commerce Summit - IBM MobileFirst Services
Smarter Commerce Summit - IBM MobileFirst ServicesSmarter Commerce Summit - IBM MobileFirst Services
Smarter Commerce Summit - IBM MobileFirst ServicesChris Pepin
 
Webinar - Automotive SOC - Security Data Analytics for Connected Vehicles
Webinar - Automotive SOC - Security Data Analytics for Connected VehiclesWebinar - Automotive SOC - Security Data Analytics for Connected Vehicles
Webinar - Automotive SOC - Security Data Analytics for Connected VehiclesHARMAN Connected Services
 
2015 Cybercrime Trends – Things are Going to Get Interesting
2015 Cybercrime Trends – Things are Going to Get Interesting2015 Cybercrime Trends – Things are Going to Get Interesting
2015 Cybercrime Trends – Things are Going to Get InterestingIBM Security
 
Tigerspike - Cybersecurity and Mobility in the Energy Industry
Tigerspike - Cybersecurity and Mobility in the Energy IndustryTigerspike - Cybersecurity and Mobility in the Energy Industry
Tigerspike - Cybersecurity and Mobility in the Energy IndustryChristian Glover Wilson
 
IBM Recipe: 1 part IoT Foundation, 2 parts IBM Bluemix - mix them to create ...
IBM Recipe: 1 part IoT Foundation, 2 parts IBM Bluemix - mix them to create ...IBM Recipe: 1 part IoT Foundation, 2 parts IBM Bluemix - mix them to create ...
IBM Recipe: 1 part IoT Foundation, 2 parts IBM Bluemix - mix them to create ...Foong Yen Lee
 
Informix internet of things
Informix internet of thingsInformix internet of things
Informix internet of thingsIBM Sverige
 
Machines are Talking. Are You Listening?
Machines are Talking. Are You Listening?Machines are Talking. Are You Listening?
Machines are Talking. Are You Listening?Splunk
 
Session 1908 connecting devices to the IBM IoT Cloud
Session 1908 connecting devices to the IBM IoT CloudSession 1908 connecting devices to the IBM IoT Cloud
Session 1908 connecting devices to the IBM IoT CloudPeterNiblett
 

Similar to Follow the Money, Follow the Crime (20)

Building the internet of things with ibm (slideshare)
Building the internet of things with ibm (slideshare)Building the internet of things with ibm (slideshare)
Building the internet of things with ibm (slideshare)
 
IAM for mobile and BYOD
IAM for mobile and BYODIAM for mobile and BYOD
IAM for mobile and BYOD
 
Internet of Things and IBM
Internet of Things and IBMInternet of Things and IBM
Internet of Things and IBM
 
Countering Cybersecurity Risk in Today's IoT World
Countering Cybersecurity Risk in Today's IoT WorldCountering Cybersecurity Risk in Today's IoT World
Countering Cybersecurity Risk in Today's IoT World
 
Cyber as WMD- April 2015- GFSU
Cyber as WMD- April 2015- GFSUCyber as WMD- April 2015- GFSU
Cyber as WMD- April 2015- GFSU
 
MobileFirst
MobileFirstMobileFirst
MobileFirst
 
CLASS 2016 - Palestra José Antunes
CLASS 2016 - Palestra José AntunesCLASS 2016 - Palestra José Antunes
CLASS 2016 - Palestra José Antunes
 
Introduction to MessageSight - gateway to the internet of things and mobile m...
Introduction to MessageSight - gateway to the internet of things and mobile m...Introduction to MessageSight - gateway to the internet of things and mobile m...
Introduction to MessageSight - gateway to the internet of things and mobile m...
 
IBM Xforce Q4 2014
IBM Xforce Q4 2014IBM Xforce Q4 2014
IBM Xforce Q4 2014
 
Webinar: Can a Light Bulb Really Pose a Security Threat? A Practical Look at ...
Webinar: Can a Light Bulb Really Pose a Security Threat? A Practical Look at ...Webinar: Can a Light Bulb Really Pose a Security Threat? A Practical Look at ...
Webinar: Can a Light Bulb Really Pose a Security Threat? A Practical Look at ...
 
Smarter Commerce Summit - IBM MobileFirst Services
Smarter Commerce Summit - IBM MobileFirst ServicesSmarter Commerce Summit - IBM MobileFirst Services
Smarter Commerce Summit - IBM MobileFirst Services
 
Webinar - Automotive SOC - Security Data Analytics for Connected Vehicles
Webinar - Automotive SOC - Security Data Analytics for Connected VehiclesWebinar - Automotive SOC - Security Data Analytics for Connected Vehicles
Webinar - Automotive SOC - Security Data Analytics for Connected Vehicles
 
2015 Cybercrime Trends – Things are Going to Get Interesting
2015 Cybercrime Trends – Things are Going to Get Interesting2015 Cybercrime Trends – Things are Going to Get Interesting
2015 Cybercrime Trends – Things are Going to Get Interesting
 
Tigerspike - Cybersecurity and Mobility in the Energy Industry
Tigerspike - Cybersecurity and Mobility in the Energy IndustryTigerspike - Cybersecurity and Mobility in the Energy Industry
Tigerspike - Cybersecurity and Mobility in the Energy Industry
 
IBM Recipe: 1 part IoT Foundation, 2 parts IBM Bluemix - mix them to create ...
IBM Recipe: 1 part IoT Foundation, 2 parts IBM Bluemix - mix them to create ...IBM Recipe: 1 part IoT Foundation, 2 parts IBM Bluemix - mix them to create ...
IBM Recipe: 1 part IoT Foundation, 2 parts IBM Bluemix - mix them to create ...
 
Informix internet of things
Informix internet of thingsInformix internet of things
Informix internet of things
 
MAJOR_PROJECT
MAJOR_PROJECTMAJOR_PROJECT
MAJOR_PROJECT
 
M2M_IoT_Presentation
M2M_IoT_PresentationM2M_IoT_Presentation
M2M_IoT_Presentation
 
Machines are Talking. Are You Listening?
Machines are Talking. Are You Listening?Machines are Talking. Are You Listening?
Machines are Talking. Are You Listening?
 
Session 1908 connecting devices to the IBM IoT Cloud
Session 1908 connecting devices to the IBM IoT CloudSession 1908 connecting devices to the IBM IoT Cloud
Session 1908 connecting devices to the IBM IoT Cloud
 

More from IBM Security

Automation: Embracing the Future of SecOps
Automation: Embracing the Future of SecOpsAutomation: Embracing the Future of SecOps
Automation: Embracing the Future of SecOpsIBM Security
 
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...IBM Security
 
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...IBM Security
 
Integrated Response with v32 of IBM Resilient
Integrated Response with v32 of IBM ResilientIntegrated Response with v32 of IBM Resilient
Integrated Response with v32 of IBM ResilientIBM Security
 
The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...
The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...
The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...IBM Security
 
Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...
Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...
Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...IBM Security
 
Accelerating SOC Transformation with IBM Resilient and Carbon Black
Accelerating SOC Transformation with IBM Resilient and Carbon BlackAccelerating SOC Transformation with IBM Resilient and Carbon Black
Accelerating SOC Transformation with IBM Resilient and Carbon BlackIBM Security
 
How to Build a Faster, Laser-Sharp SOC with Intelligent Orchestration
How to Build a Faster, Laser-Sharp SOC with Intelligent OrchestrationHow to Build a Faster, Laser-Sharp SOC with Intelligent Orchestration
How to Build a Faster, Laser-Sharp SOC with Intelligent OrchestrationIBM Security
 
Are You Ready to Move Your IAM to the Cloud?
Are You Ready to Move Your IAM to the Cloud?Are You Ready to Move Your IAM to the Cloud?
Are You Ready to Move Your IAM to the Cloud?IBM Security
 
Orchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
Orchestrate Your Security Defenses to Optimize the Impact of Threat IntelligenceOrchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
Orchestrate Your Security Defenses to Optimize the Impact of Threat IntelligenceIBM Security
 
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...IBM Security
 
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...IBM Security
 
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...IBM Security
 
WannaCry Ransomware Attack: What to Do Now
WannaCry Ransomware Attack: What to Do NowWannaCry Ransomware Attack: What to Do Now
WannaCry Ransomware Attack: What to Do NowIBM Security
 
How to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security OperationsHow to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security OperationsIBM Security
 
Mobile Vision 2020
Mobile Vision 2020Mobile Vision 2020
Mobile Vision 2020IBM Security
 
Close the Loop on Incident Response
Close the Loop on Incident ResponseClose the Loop on Incident Response
Close the Loop on Incident ResponseIBM Security
 
Orchestrate Your Security Defenses; Protect Against Insider Threats
Orchestrate Your Security Defenses; Protect Against Insider Threats Orchestrate Your Security Defenses; Protect Against Insider Threats
Orchestrate Your Security Defenses; Protect Against Insider Threats IBM Security
 
Ponemon Institute Reviews Key Findings from “2017 State of Mobile & IoT Appli...
Ponemon Institute Reviews Key Findings from “2017 State of Mobile & IoT Appli...Ponemon Institute Reviews Key Findings from “2017 State of Mobile & IoT Appli...
Ponemon Institute Reviews Key Findings from “2017 State of Mobile & IoT Appli...IBM Security
 

More from IBM Security (20)

Automation: Embracing the Future of SecOps
Automation: Embracing the Future of SecOpsAutomation: Embracing the Future of SecOps
Automation: Embracing the Future of SecOps
 
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
 
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
 
Integrated Response with v32 of IBM Resilient
Integrated Response with v32 of IBM ResilientIntegrated Response with v32 of IBM Resilient
Integrated Response with v32 of IBM Resilient
 
The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...
The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...
The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...
 
Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...
Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...
Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...
 
Accelerating SOC Transformation with IBM Resilient and Carbon Black
Accelerating SOC Transformation with IBM Resilient and Carbon BlackAccelerating SOC Transformation with IBM Resilient and Carbon Black
Accelerating SOC Transformation with IBM Resilient and Carbon Black
 
How to Build a Faster, Laser-Sharp SOC with Intelligent Orchestration
How to Build a Faster, Laser-Sharp SOC with Intelligent OrchestrationHow to Build a Faster, Laser-Sharp SOC with Intelligent Orchestration
How to Build a Faster, Laser-Sharp SOC with Intelligent Orchestration
 
Are You Ready to Move Your IAM to the Cloud?
Are You Ready to Move Your IAM to the Cloud?Are You Ready to Move Your IAM to the Cloud?
Are You Ready to Move Your IAM to the Cloud?
 
Orchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
Orchestrate Your Security Defenses to Optimize the Impact of Threat IntelligenceOrchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
Orchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
 
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
 
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
 
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
 
WannaCry Ransomware Attack: What to Do Now
WannaCry Ransomware Attack: What to Do NowWannaCry Ransomware Attack: What to Do Now
WannaCry Ransomware Attack: What to Do Now
 
How to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security OperationsHow to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security Operations
 
IBM QRadar UBA
IBM QRadar UBA IBM QRadar UBA
IBM QRadar UBA
 
Mobile Vision 2020
Mobile Vision 2020Mobile Vision 2020
Mobile Vision 2020
 
Close the Loop on Incident Response
Close the Loop on Incident ResponseClose the Loop on Incident Response
Close the Loop on Incident Response
 
Orchestrate Your Security Defenses; Protect Against Insider Threats
Orchestrate Your Security Defenses; Protect Against Insider Threats Orchestrate Your Security Defenses; Protect Against Insider Threats
Orchestrate Your Security Defenses; Protect Against Insider Threats
 
Ponemon Institute Reviews Key Findings from “2017 State of Mobile & IoT Appli...
Ponemon Institute Reviews Key Findings from “2017 State of Mobile & IoT Appli...Ponemon Institute Reviews Key Findings from “2017 State of Mobile & IoT Appli...
Ponemon Institute Reviews Key Findings from “2017 State of Mobile & IoT Appli...
 

Recently uploaded

[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdflior mazor
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 

Recently uploaded (20)

[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 

Follow the Money, Follow the Crime

  • 1. © 2012 IBM Corporation IBM Security Systems 1© 2014 IBM Corporation Things Gone Wild: When Your Devices Behave Badly
  • 2. © 2014 IBM Corporation IBM Security Systems 2 “Things” hacker
  • 3. © 2014 IBM Corporation IBM Security Systems 3 This is the “maker” corner of my office
  • 4. © 2014 IBM Corporation IBM Security Systems 4 A man is stuck in traffic on his way to work.
  • 5. © 2014 IBM Corporation IBM Security Systems 5 His mind wanders, Did I leave the fridge open?
  • 6. © 2014 IBM Corporation IBM Security Systems 6 He pulls his smart phone out.
  • 7. © 2014 IBM Corporation IBM Security Systems 7 The man taps an app on his smart phone labeled “Home Automation”
  • 8. © 2014 IBM Corporation IBM Security Systems 8 The man taps an app on his smart phone labeled “Home Automation”
  • 9. © 2014 IBM Corporation IBM Security Systems 9 The man taps an app on his smart phone labeled “Home Automation”
  • 10. © 2014 IBM Corporation IBM Security Systems 10 Everything is fine at home. The man rolls his eyes and grins at his own obsessive concern
  • 11. © 2014 IBM Corporation IBM Security Systems 11 But in reality, someone has hacked his home area network. The refrigerator is spewing ice cubes…
  • 12. © 2014 IBM Corporation IBM Security Systems 12 The dishwasher is overflowing…
  • 13. © 2014 IBM Corporation IBM Security Systems 13 The toaster is aflame while the ZoomBot bumps the counter, sending the toaster toward the curtains.
  • 14. © 2013 IBM Corporation IBM Security Systems IBM X-Force is the foundation for advanced security and threat research across the IBM Security Framework.
  • 15. © 2013 IBM Corporation IBM Security Systems IBM X-Force® Research and Development Vulnerability Protection IP Reputation Anti-Spam Malware Analysis Web Application Control URL / Web Filtering The IBM X-Force Mission  Monitor and evaluate the rapidly changing threat landscape  Research new attack techniques and develop protection for tomorrow’s security challenges  Educate our customers and the general public  Integrate and distribute Threat Protection and Intelligence to make IBM solutions smarter Expert analysis and data sharing on the global threat landscape Zero-day Research
  • 16. © 2013 IBM Corporation IBM Security Systems Coverage 20,000+ devices under contract 15B+ events managed per day 133 monitored countries (MSS) 1,000+ security related patents 100M+ customers protected from fraudulent transactions Depth 25B analyzed web pages & images 12M spam & phishing attacks daily 86K documented vulnerabilities 860K malicious IP addresses Millions of unique malware samples IBM X-Force monitors and analyzes the changing threat landscape.
  • 17. © 2014 IBM Corporation IBM Security Systems 17 The Internet of Things (IoT): a revolution is occurring just like Cloud, Mobile, Social & Analytics The Internet of Things will represent 30 billion connected “things” by 2020, growing from 9.9 billion in 2013.1 These connected "things" are largely driven by intelligent systems-all collecting and transmitting data. Source: IDC, “Worldwide and Regional Internet of Things 2014-2020 Forecast Update by Technology Split”
  • 18. © 2014 IBM Corporation IBM Security Systems 18 Smart Homes
  • 19. © 2014 IBM Corporation IBM Security Systems 19 Smart Energy / Smart Meters (AMI)
  • 20. © 2014 IBM Corporation IBM Security Systems 20 Side Channel Security Information Monitor usage and determine: When fridge is runs its defrost cycle When the coffee maker kicks on When you run your electric razor What you’re watching on TV To some extent, this can be done now Smart meters give much more granular information Source: http://www.h-online.com/security/news/item/Smart-meters-reveal-TV-viewing-habits-1346385.html
  • 21. © 2014 IBM Corporation IBM Security Systems 21 Smart Meter Event Monitoring Reverse Rotation Detected Inversion tamper Removal Tamper Power Outage / Restoration Remote Disconnect / Reconnect Failure / Success RF Transceiver Reset New device joined HAN Configuration Changed Firmware Change Complete Replay Attack
  • 22. © 2014 IBM Corporation IBM Security Systems 22 Industrial Control / SCADA Systems Most SCADA systems are to IoT what flip phones are to mobile
  • 23. © 2014 IBM Corporation IBM Security Systems 23 Traffic / transport Utilities / energy Telecommunications Public safety HVAC systems Occupancy Elevators/escalators Smart Cities / Smart Buildings
  • 24. © 2014 IBM Corporation IBM Security Systems 24 Smarter Prisons?
  • 25. © 2014 IBM Corporation IBM Security Systems 25 Wearables
  • 26. © 2014 IBM Corporation IBM Security Systems 26 Medical Devices
  • 27. © 2014 IBM Corporation IBM Security Systems 27 Biohacking How are you going to control this type of BYOD?
  • 28. © 2014 IBM Corporation IBM Security Systems 28 The instrumented vehicle; automobile threat surface Engine Control Unit Transmission Control Unit Airbag Control Unit Anti-lock Braking System Tire Pressure Monitor Vehicle to Vehicle Communications Instrument Cluster / Telematics Keyless Entry / Anti-theft OBD-II Car Multimedia Dynamic Stability Control
  • 29. © 2014 IBM Corporation IBM Security Systems 29 IBM Confidential
  • 30. © 2014 IBM Corporation IBM Security Systems 30 The IBM model for the Internet of Things At IBM, we’ve created a model of the IoT that’s useful for understanding the security threats at various data flow and control transition points.
  • 31. © 2014 IBM Corporation IBM Security Systems 31 Home automation systems are driving comfort and security enhancements. • Smart appliances • Lighting and sound systems • Televisions • Thermostats • Smoke detectors and alarm systems • Garage doors and door locks Includes technologies like: • Local home network, which is often wireless, and then connected to the Internet via a service provider • Security systems may also have a secondary connection using a mobile network Connected via: • Service providers or utilities providing home automation services • Hobbyists can build their solutions, bypassing the cloud layer, opting instead to connect to their home area network directly from a mobile device or computer. Available from:
  • 32. © 2014 IBM Corporation IBM Security Systems 32 Connected vehicles can enhance both safety and control for drivers. • Emergency assistance • Remote telemetry reporting, such as speed, location and engine temp • Remote start • Remote cabin climate control Includes technologies like: • The local network is a controller area network (CAN), to which the electronic control units (ECUs) for brakes, engine, power windows and other components connect. • Global network is a mobile carrier • Cloud service is often the auto manufacturer’s network, to which the car identifies itself and is authenticated with an app on a mobile device. Connected via: • Automobile manufacturers Available from:
  • 33. © 2014 IBM Corporation IBM Security Systems 33 Industrial control and SCADA systems vary wildly by industry, age, and use. • HVAC systems • Access control systems • Energy consumption • Infrastructure processes like water treatment, oil and gas pipelines, and electrical power transmission and distribution systems Includes technologies like: • Older SCADA systems can be controlled over a dial-up line by an operator console segmented from the rest of the network, with no Internet connectivity or ability to control the system from outside the factory network. • Newer industrial control systems are built on a general-purpose OS, designed to connect to an IP network. Connected via: • Legacy designs embedded in factories • Industrial control service providers Available from:
  • 34. © 2014 IBM Corporation IBM Security Systems 34 Smart meters are driving the convergence of operational technology and traditional IT networks. • Electric, natural gas, or water meters • Alternative fuels like solar energy and wind power • Locally sourced microgrids, which generate, distribute, and regulate the flow of electricity to consumers in a small geographic area Includes technologies like: • Connection from meter to energy provider’s cloud using communication methods like cell and pager networks, satellite, licensed radio, combination licensed and unlicensed radio, or power line communication • Analyzed telemetry is provided to billing systems and available to customers through a web portal or mobile app Connected via: • Electric utilities • Municipalities Available from:
  • 35. © 2014 IBM Corporation IBM Security Systems 35 Implantable medical devices are improving levels of patient care. • Pacemakers and cardioverter defibrillators • Cochlear implants • Insulin pumps • Camera capsules • Neuromonitoring systems Includes technologies like: • Current connectivity provided over radio frequency to specialized control devices and is limited in range • There is pressure to widen connectivity so patients would have access to their data over patient portals, with the entire ecosystem of healthcare providers and insurers accessing a unified view of patient care information Connected via: • Medical device manufacturers Available from:
  • 36. © 2014 IBM Corporation IBM Security Systems 36 The Internet of Things brings a range of threats and attack vectors. Threat vectors • Web application vulnerabilities • Exploits • Man in the middle • Password attacks • Information gathering / data leakage / eavesdropping • Rogue clients Backdoor access to a building maintenance program was used to access floor plans for a business. Using a CD playing MP3 files in a car’s audio system, researchers were able to access all the ECUs in the vehicle, and disable brake functions while the car was travelling at 40 mph. Network-connected lighting was compromised to access local Wi-Fi network passwords.
  • 37. © 2013 IBM Corporation IBM Security Systems Each layer in the Internet of Things is susceptible to a variety of attack vectors. A. Password attacks B. Web application vulnerabilities C. Rogue clients / malicious firmware D. Man in the middle attacks E. Information gathering / data leakage / eavesdropping F. Command injection and data corruption Things Local network Global network Cloud service Controlling device A A B A A B B D D D C C F E E E
  • 38. © 2014 IBM Corporation IBM Security Systems 38 IoT exposes varying threat surfaces, and requires security specific to each category of device. Hardware manufacturers need strategies specific to each category of device: A secure operating system with trusted firmware guarantees A unique identifier Strong authentication and access control Data privacy protection Strong application security
  • 39. © 2014 IBM Corporation IBM Security Systems 39 IBM recommends manufacturers adhere to a set of best practices to address the security challenges of the IoT. Follow the Open Web Application Security Project (OWASP) IoT Top 10 practices. Build a secure design and development practice Perform regular penetration testing on products Follow industry guidance, such as the IBM Automotive Security Point of View.
  • 40. © 2014 IBM Corporation IBM Security Systems 40
  • 41. © 2014 IBM Corporation IBM Security Systems 41 Connect with IBM X-Force Research & Development Find more on SecurityIntelligence.com IBM X-Force Threat Intelligence Reports and Research http://www.ibm.com/security/xforce/ Twitter @ibmsecurity and @ibmxforce IBM X-Force Security Insights Blog www.SecurityIntelligence.com/topics/x-force
  • 42. © 2014 IBM Corporation IBM Security Systems 42 www.ibm.com/security © Copyright IBM Corporation 2013. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or capabilities referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others. Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed or misappropriated or can result in damage to or misuse of your systems, including to attack others. No IT system or product should be considered completely secure and no single product or security measure can be completely effective in preventing improper access. IBM systems and products are designed to be part of a comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT SYSTEMS AND PRODUCTS ARE IMMUNE FROM THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY. www.ibm.com/security © Copyright IBM Corporation 2014. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or capabilities referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others. Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed or misappropriated or can result in damage to or misuse of your systems, including to attack others. No IT system or product should be considered completely secure and no single product or security measure can be completely effective in preventing improper access. IBM systems and products are designed to be part of a comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT SYSTEMS AND PRODUCTS ARE IMMUNE FROM THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY.