No fracasa el que sufre un ataque de seguridad, es parte del juego, fracasas si no tienes capacidad de respuesta
0% De las fugas de información fueron detectados por programas de anti-virus o sistemas de prevención de intrusos
Solo 6% De las empresas utilizan análisis de datos para minimizar el impacto económico del cibercrimen
2. 2
“You are going to get hacked. The bad guy will get you. Whether you are viewed as a success by
your board of directors is going to depend on your response.” Charles Blauner, Citigroup
30. La unica forma de atender las
vulnerabilidades y
amenzas sin afectar al
negocio es tener una visión
Integral de riesgos
31. Speed Response
Severity Exposure Motivation Capability
Vulnerability
Threat
Probability
(Economic)2
(Strategic)2
(Colateral)2
Impact
RISK
Mitigators
x
x
x
÷
x x
32.
33. Suma de
Esfuerzos
1
1
momento
1
canal
1 1 p
1 dispositivo
Autenticada c/x
factores
Riesgo
Intencional
Riesgo
Accidental
∞
Relación / conexión
0
Redundancia
Disponibilidad
Filtrado
Confidencialidad
Amenaza Integridad
Externa
Impacto
Interno
Peor
Esfuerzo
Mejor
Esfuerzo
Riesgo
Oportunista
This is a Title Slide with Picture slide ideal for including a picture with a brief title, subtitle and presenter information.
To customize this slide with your own picture:
Right-click the slide area and choose Format Background from the pop-up menu. From the Fill menu, click Picture and texture fill. Under Insert from: click File. Locate your new picture and click Insert.
Data centers are built to resist physical attacks but the risks are inside.
94% of the breaches are against servers.. And 66% of all sensitive data is stored in databases within the data center. Focusing on the data center can greatly reduce your risk.
So Oracle’s approach is to start inside… and Engineer for security at every layer of the stack
While we can’t control how many hackers try to attack our business we can control the configuration of our system internally and the security of our infrastructure from the applications to storage.
First – we think about security inside each layer
At the apps level this means access to data and business transactions – proactively looking for fraud
At the middleware level it means integrating identity and access management horizontally across all components in middleware
At the VM level we incorporate security into Java so that in in memory databases and apps can be built on a foundation of security
At the OS layer it means VM isolation directly on Solaris and Trusted extensions for Solaris – trusted by the us military
At the Infrastructure later it means security without performance overhead so we include hardware acceleration for encryption
At the file system encryption on disk and ZFS
And in the ILM process we include symmetric encryption across multiple ILM tiers.
Second we secure between each later – because data flows up and down the stack… access control and data security is pervasive
We provide monitoring and patch management with Oracle Enterprise manager that allows the entire stack to be monitored patched for total controls. Hardware and software optimized together.
Third we secure between systems
The way data is passed to other systems portals etc. So that data is portable for example data masking that allows data to leave the data center masking private data and preserving relational integrity
In collaboration with Federated authentication and adaptive access to detect fraud and prevent intrusion
With SOA security at the middleware level to stop payloads from being breached
At the portal laver with document level security that addresses compliance and data privacy rules
The velocity of change and the pressure to comply has made businesses reactive. As an example after the RSA breach a survey of security professionals found that approximately 30% planned to increase security spending as a result of the breach.
The media attention on cyber security and hacking has shifted attention away from the real vulnerabilities. At UBS the trader that caused the billion dollar fraud was not a hacker from a rogue nation. This was an insider who was trusted and who gained excessive access because of the trust the bank placed on him
When criminals break in they go for the low hanging fruit or they come in with stolen credentials. Users with simple passwords and databases that are un-encrypted create more risk than a team of external hackers.
The cost of remediating a breach exceeds the cost of preventing a breach 10X .. And we need to start taking a proactive approach to it.
We need to put the right technologies in place so we don’t have to make excuses later to our customers and our upper management.
So we have to start inside … our opportunity is to transform IT security and secure the business inside out. The most successful businesses will take a proactive approach to safeguarding their intellectual property and the information of their customers
[First Build ]
We have to start by being proactive and focusing on the risks. Look at your audits and see where your vulnerabilities are. If your organizations have data that is un-encrypted target that first before you lock down every cell phone. If you have accounts on systems for people who have resigned disable or de-provision these. Make sure you can address the bar on compliance and governance standards.
[Second Build]
Focus on preventing the threats. Look at fraud detection as a PROACTIVE way to prevent breaches before they happen. Protect your data in the applications where they are accessed and created, on the infrastructure & database where it is managed and on the disks where they are archived and stored.
[Third Build]
Unlock the opportunities. The companies that can make security a competitive advantage can unlock the potential of the cloud and harness mobile and social applications to find new paths to market.
Instead of building a wall and hoping it’s strong enough, you need to take control of access in the enterprise – don’t ignore perimeter or endpoint security, but build a security strategy that can prevent, detect and respond to internal as well as external threats.
The endpoints will continue to change and new devices will continuously be introduced. By securing the information when it is created, accessed and stored we can better reduce the risk long term. This kind of inside-out approach to security will help you manage the risk, prevent threats and unlock the opportunities that a secure business can bring.