SlideShare a Scribd company logo

Security, Present And Future (Dec 2011)

Marco Raposo
Marco Raposo
1 of 16
Download to read offline
Security, Present and Future Marco Melo Raposo Marco Raposo 2011 http://pt.linkedin.com/in/marcoraposo Free to copy, distribute. You must attribute the work in the manner specified by the author. You may not use this work for commercial purposes.
Marco Raposo 2011 http://pt.linkedin.com/in/marcoraposo Free to copy, distribute. You must attribute the work in the manner specified by the author. You may not use this work for commercial purposes.
Present Day… Marco Raposo 2011 http://pt.linkedin.com/in/marcoraposo Free to copy, distribute. You must attribute the work in the manner specified by the author. You may not use this work for commercial purposes.
World in 201x… Source: Economist, world in 2012 Marco Raposo 2011 http://pt.linkedin.com/in/marcoraposo Free to copy, distribute. You must attribute the work in the manner specified by the author. You may not use this work for commercial purposes.
2010 CSI Annual report • Malware infection continued to be the most commonly seen attack • Fewer financial fraud incidents than in previous years (8.7%) • 45.6% subject of at least one targeted attack. • Fewer organizations are willing to share specific information about losses. • Regulatory compliance efforts have had a positive effect. • Activities of malicious insiders NOT perceived as source of losses (59.1%). Only 39.5 can confirm the fact for sure. • 51.1 % still not using cloud computing. Source: CSI annual report 2011 Marco Raposo 2011 http://pt.linkedin.com/in/marcoraposo Free to copy, distribute. You must attribute the work in the manner specified by the author. You may not use this work for commercial purposes.
2010 - Attacks Experienced • Malware and Bot activity increasing • Phishing almost on 40% • Inside abuse decreasing • “Legacy” menaces decreasing impact Source: CSI annual report 2011 Marco Raposo 2011 http://pt.linkedin.com/in/marcoraposo Free to copy, distribute. You must attribute the work in the manner specified by the author. You may not use this work for commercial purposes.
Security Spending 2011-2015 Source: IDC, 2011 • Security spending will almost double in 4 years • NAR spends twice as much as EMEA or APAC Marco Raposo 2011 http://pt.linkedin.com/in/marcoraposo Free to copy, distribute. You must attribute the work in the manner specified by the author. You may not use this work for commercial purposes.
Accelerators & Inhibitors Compliance Convergence Economy Industry transformation Profits Customer Demand The digital marketplace Hardware Pervasive computing Services Green IT Saturation Source: IDC Jan 2011 Marco Raposo 2011 http://pt.linkedin.com/in/marcoraposo Free to copy, distribute. You must attribute the work in the manner specified by the author. You may not use this work for commercial purposes.
Regulation Relevant Regulation • Directive 2009/136/CE - Serviço universal e aos direitos dos utilizadores, tratamento de dados pessoais e à protecção da privacidade e cooperação entre as autoridades nacionais • Lei n.º 109/2009 - Lei do cibercrime • Lei 67/ 98 – Lei da Protecção de Dados Pessoais Recent Changes in Portuguese Regulation • “Segurança e Integridade de Redes e Serviços” (lei n.º 51/2011) • “Protecção de Infra-estruturas Críticas” (dl n.º 62/2011 Marco Raposo 2011 http://pt.linkedin.com/in/marcoraposo Free to copy, distribute. You must attribute the work in the manner specified by the author. You may not use this work for commercial purposes.
Marco Raposo 2011 http://pt.linkedin.com/in/marcoraposo Free to copy, distribute. You must attribute the work in the manner specified by the author. You may not use this work for commercial purposes.
The Hot Topics Consumer devices gone Society wild Web 2.0 (Or not) Electronic Cloud Payments Security Digital Corporate footprint Reputation Information Endpoint Systems Warfare Security Electronic ID Privacy, accountability and trust Marco Raposo 2011 http://pt.linkedin.com/in/marcoraposo Free to copy, distribute. You must attribute the work in the manner specified by the author. You may not use this work for commercial purposes.
Work-Life balance Community Organization Cu re ltu ltu re Cu Human People Processes Emergence Emergence Relations s Hum ct or a nF a act a nF ors Hum World Technology Marco Raposo 2011 http://pt.linkedin.com/in/marcoraposo Free to copy, distribute. You must attribute the work in the manner specified by the author. You may not use this work for commercial purposes.
The Ghost Net March, 2009 A study revealed the a malware-based cyber espionage network called GhostNet Four control servers allowed attacker to control and receive data from compromised computers. A wide-ranging network of compromised computers: At least 1,295 infected computers in 103 countries was detected. 30% of the infected computers considered high-value: Ministries of foreign affairs of Iran, Bangladesh, Latvia, Indonesia, Philippines, Brunei, Barbados and Bhutan; embassies of India, South Korea, Indonesia, Romania, Cyprus, Malta, Thailand, Taiwan, Portugal, Germany and Pakistan; the ASEAN ,Secretariat, SAARC, Asian Development Bank; news organizations; and an unclassified computer located at NATO headquarters. The GhostNet system directs infected computers to download a Trojan known as gh0st RAT that allows attackers to gain complete, real-time control. Instances of gh0st RAT are consistently controlled from commercial Internet access accounts located on the island of Hainan, People’s Republic of China. Marco Raposo 2011 http://pt.linkedin.com/in/marcoraposo Free to copy, distribute. You must attribute the work in the manner specified by the author. You may not use this work for commercial purposes. http://www.infowar-monitor.net/ghostnet/
Closing Remarks • Entering Information Age • Threats are moving from enterprise to consumer • Blending of physical instances • Blending of corporate and private • Security matters people • Concerns will focus on – Privacy – Critical Infrastructures – Information warfare Marco Raposo 2011 http://pt.linkedin.com/in/marcoraposo Free to copy, distribute. You must attribute the work in the manner specified by the author. You may not use this work for commercial purposes.
More Info ?? • ENISA www.enisa.europa.eu • NIST csrc.nist.gov • EC ec.europa.eu/justice/data-protection/index_en.htm • Cloudsecurity cloudsecurityalliance.org/ • CNPD Legislação Nacional www.cnpd.pt/bin/legis/leis_nacional.htm Marco Raposo 2011 http://pt.linkedin.com/in/marcoraposo Free to copy, distribute. You must attribute the work in the manner specified by the author. You may not use this work for commercial purposes.
THANK YOU! marco.raposo@alcatel-lucent.com Marco Raposo 2011 http://pt.linkedin.com/in/marcoraposo pt.linkedin.com/in/marcoraposo Free to copy, distribute. You must attribute the work in the manner specified by the author. You may not use this work for commercial purposes.

Recommended

Business Model For Information Security
Business Model For Information SecurityBusiness Model For Information Security
Business Model For Information SecurityMarco Raposo
 
E-marketing for Entrepreneurs (Start with Google crash course)
E-marketing for Entrepreneurs (Start with Google crash course)E-marketing for Entrepreneurs (Start with Google crash course)
E-marketing for Entrepreneurs (Start with Google crash course)Interact
 
Colaboración - la Nueva Plataforma para los Negocios
Colaboración - la Nueva Plataforma para los NegociosColaboración - la Nueva Plataforma para los Negocios
Colaboración - la Nueva Plataforma para los NegociosMundo Contact
 
Webinar: Top 5 Mistakes Your Don't Want to Make When Moving to the Cloud
Webinar: Top 5 Mistakes Your Don't Want to Make When Moving to the CloudWebinar: Top 5 Mistakes Your Don't Want to Make When Moving to the Cloud
Webinar: Top 5 Mistakes Your Don't Want to Make When Moving to the CloudInternap
 
The rise of the web 3.0 company, by Mr. Jacques Bughin
The rise of the web 3.0 company, by Mr. Jacques BughinThe rise of the web 3.0 company, by Mr. Jacques Bughin
The rise of the web 3.0 company, by Mr. Jacques BughinVlerick_Alumni
 
DMA Win-back Keynote
DMA Win-back KeynoteDMA Win-back Keynote
DMA Win-back Keynotee-Dialog
 
Jeremiah Caron, Context, Google+ for businesses and brands
Jeremiah Caron, Context, Google+ for businesses and brandsJeremiah Caron, Context, Google+ for businesses and brands
Jeremiah Caron, Context, Google+ for businesses and brandsCommunicate Magazine
 
Communications-Based Process Automation (CBPA)
Communications-Based Process Automation (CBPA)Communications-Based Process Automation (CBPA)
Communications-Based Process Automation (CBPA)Mundo Contact
 

Recommended

Business Model For Information Security
Business Model For Information SecurityBusiness Model For Information Security
Business Model For Information SecurityMarco Raposo
 
E-marketing for Entrepreneurs (Start with Google crash course)
E-marketing for Entrepreneurs (Start with Google crash course)E-marketing for Entrepreneurs (Start with Google crash course)
E-marketing for Entrepreneurs (Start with Google crash course)Interact
 
Colaboración - la Nueva Plataforma para los Negocios
Colaboración - la Nueva Plataforma para los NegociosColaboración - la Nueva Plataforma para los Negocios
Colaboración - la Nueva Plataforma para los NegociosMundo Contact
 
Webinar: Top 5 Mistakes Your Don't Want to Make When Moving to the Cloud
Webinar: Top 5 Mistakes Your Don't Want to Make When Moving to the CloudWebinar: Top 5 Mistakes Your Don't Want to Make When Moving to the Cloud
Webinar: Top 5 Mistakes Your Don't Want to Make When Moving to the CloudInternap
 
The rise of the web 3.0 company, by Mr. Jacques Bughin
The rise of the web 3.0 company, by Mr. Jacques BughinThe rise of the web 3.0 company, by Mr. Jacques Bughin
The rise of the web 3.0 company, by Mr. Jacques BughinVlerick_Alumni
 
DMA Win-back Keynote
DMA Win-back KeynoteDMA Win-back Keynote
DMA Win-back Keynotee-Dialog
 
Jeremiah Caron, Context, Google+ for businesses and brands
Jeremiah Caron, Context, Google+ for businesses and brandsJeremiah Caron, Context, Google+ for businesses and brands
Jeremiah Caron, Context, Google+ for businesses and brandsCommunicate Magazine
 
Communications-Based Process Automation (CBPA)
Communications-Based Process Automation (CBPA)Communications-Based Process Automation (CBPA)
Communications-Based Process Automation (CBPA)Mundo Contact
 
Measuring the ROI of Your Sales Performance Initiative (Messaging Matters web...
Measuring the ROI of Your Sales Performance Initiative (Messaging Matters web...Measuring the ROI of Your Sales Performance Initiative (Messaging Matters web...
Measuring the ROI of Your Sales Performance Initiative (Messaging Matters web...Corporate Visions
 
Developing softwareformobilesandtablets
Developing softwareformobilesandtabletsDeveloping softwareformobilesandtablets
Developing softwareformobilesandtabletsAtul Nene
 
Can invisible also be amazing? Designing fluid and connected experiences
Can invisible also be amazing? Designing fluid and connected experiencesCan invisible also be amazing? Designing fluid and connected experiences
Can invisible also be amazing? Designing fluid and connected experiencesFjord
 
Web 3.0 - Concepts, Technologies, and Evolving Business Models
Web 3.0 - Concepts, Technologies, and Evolving Business ModelsWeb 3.0 - Concepts, Technologies, and Evolving Business Models
Web 3.0 - Concepts, Technologies, and Evolving Business Modelscghollins
 
Divyanshu open stack presentation -osi-ppt
Divyanshu open stack presentation -osi-pptDivyanshu open stack presentation -osi-ppt
Divyanshu open stack presentation -osi-pptOpenSourceIndia
 
Divyanshu open stack presentation -osi-ppt
Divyanshu open stack presentation -osi-pptDivyanshu open stack presentation -osi-ppt
Divyanshu open stack presentation -osi-pptsuniltomar04
 
South Florida HDI AOY & IT Industry Award Celebration Dec 13, 2011
South Florida HDI AOY & IT Industry Award Celebration Dec 13, 2011South Florida HDI AOY & IT Industry Award Celebration Dec 13, 2011
South Florida HDI AOY & IT Industry Award Celebration Dec 13, 2011Eddie Vidal
 
Gil yehuda commoditization open source
Gil yehuda commoditization open sourceGil yehuda commoditization open source
Gil yehuda commoditization open sourceOpenSourceIndia
 
Gil yehuda commoditization open source
Gil yehuda commoditization open sourceGil yehuda commoditization open source
Gil yehuda commoditization open sourcesuniltomar04
 
Bigdata Final NSF I-Corps Presentation
Bigdata Final NSF I-Corps PresentationBigdata Final NSF I-Corps Presentation
Bigdata Final NSF I-Corps PresentationStanford University
 
Intellectual Property Study
Intellectual Property StudyIntellectual Property Study
Intellectual Property Studycalancom
 
Giovanni DeCarli at SpeechTEK Europe, London 25-26 may 2011
Giovanni DeCarli at SpeechTEK Europe, London 25-26 may 2011Giovanni DeCarli at SpeechTEK Europe, London 25-26 may 2011
Giovanni DeCarli at SpeechTEK Europe, London 25-26 may 2011Giovanni DeCarli
 
Realising Business Strategy wuth EA
Realising Business Strategy wuth EARealising Business Strategy wuth EA
Realising Business Strategy wuth EAVenkatesh Balakumar
 
Vikas swarankar portfolio_25_oct_2011
Vikas swarankar portfolio_25_oct_2011Vikas swarankar portfolio_25_oct_2011
Vikas swarankar portfolio_25_oct_2011Rakesh Ranjan
 
Sony Corporation:
Sony Corporation:Sony Corporation:
Sony Corporation:4Ventures Legacy (4VL)
 
Vineet Choudhry Portfolio
Vineet Choudhry PortfolioVineet Choudhry Portfolio
Vineet Choudhry PortfolioRakesh Ranjan
 
CAKE LIVE Brochure
CAKE LIVE BrochureCAKE LIVE Brochure
CAKE LIVE Brochuresamarasnoh
 
Keynote - Cloud Transformation, Guus Krabbenborg
Keynote - Cloud Transformation, Guus KrabbenborgKeynote - Cloud Transformation, Guus Krabbenborg
Keynote - Cloud Transformation, Guus Krabbenborgdynamicscom
 
1112 agile approach to pci dss development
1112 agile approach to pci dss development1112 agile approach to pci dss development
1112 agile approach to pci dss developmentbezpiecznik
 
Mobile Cloud Architectures
Mobile Cloud ArchitecturesMobile Cloud Architectures
Mobile Cloud ArchitecturesDavid Coallier
 

More Related Content

Similar to Security, Present And Future (Dec 2011)

Measuring the ROI of Your Sales Performance Initiative (Messaging Matters web...
Measuring the ROI of Your Sales Performance Initiative (Messaging Matters web...Measuring the ROI of Your Sales Performance Initiative (Messaging Matters web...
Measuring the ROI of Your Sales Performance Initiative (Messaging Matters web...Corporate Visions
 
Developing softwareformobilesandtablets
Developing softwareformobilesandtabletsDeveloping softwareformobilesandtablets
Developing softwareformobilesandtabletsAtul Nene
 
Can invisible also be amazing? Designing fluid and connected experiences
Can invisible also be amazing? Designing fluid and connected experiencesCan invisible also be amazing? Designing fluid and connected experiences
Can invisible also be amazing? Designing fluid and connected experiencesFjord
 
Web 3.0 - Concepts, Technologies, and Evolving Business Models
Web 3.0 - Concepts, Technologies, and Evolving Business ModelsWeb 3.0 - Concepts, Technologies, and Evolving Business Models
Web 3.0 - Concepts, Technologies, and Evolving Business Modelscghollins
 
Divyanshu open stack presentation -osi-ppt
Divyanshu open stack presentation -osi-pptDivyanshu open stack presentation -osi-ppt
Divyanshu open stack presentation -osi-pptOpenSourceIndia
 
Divyanshu open stack presentation -osi-ppt
Divyanshu open stack presentation -osi-pptDivyanshu open stack presentation -osi-ppt
Divyanshu open stack presentation -osi-pptsuniltomar04
 
South Florida HDI AOY & IT Industry Award Celebration Dec 13, 2011
South Florida HDI AOY & IT Industry Award Celebration Dec 13, 2011South Florida HDI AOY & IT Industry Award Celebration Dec 13, 2011
South Florida HDI AOY & IT Industry Award Celebration Dec 13, 2011Eddie Vidal
 
Gil yehuda commoditization open source
Gil yehuda commoditization open sourceGil yehuda commoditization open source
Gil yehuda commoditization open sourceOpenSourceIndia
 
Gil yehuda commoditization open source
Gil yehuda commoditization open sourceGil yehuda commoditization open source
Gil yehuda commoditization open sourcesuniltomar04
 
Bigdata Final NSF I-Corps Presentation
Bigdata Final NSF I-Corps PresentationBigdata Final NSF I-Corps Presentation
Bigdata Final NSF I-Corps PresentationStanford University
 
Intellectual Property Study
Intellectual Property StudyIntellectual Property Study
Intellectual Property Studycalancom
 
Giovanni DeCarli at SpeechTEK Europe, London 25-26 may 2011
Giovanni DeCarli at SpeechTEK Europe, London 25-26 may 2011Giovanni DeCarli at SpeechTEK Europe, London 25-26 may 2011
Giovanni DeCarli at SpeechTEK Europe, London 25-26 may 2011Giovanni DeCarli
 
Realising Business Strategy wuth EA
Realising Business Strategy wuth EARealising Business Strategy wuth EA
Realising Business Strategy wuth EAVenkatesh Balakumar
 
Vikas swarankar portfolio_25_oct_2011
Vikas swarankar portfolio_25_oct_2011Vikas swarankar portfolio_25_oct_2011
Vikas swarankar portfolio_25_oct_2011Rakesh Ranjan
 
Vineet Choudhry Portfolio
Vineet Choudhry PortfolioVineet Choudhry Portfolio
Vineet Choudhry PortfolioRakesh Ranjan
 
CAKE LIVE Brochure
CAKE LIVE BrochureCAKE LIVE Brochure
CAKE LIVE Brochuresamarasnoh
 
Keynote - Cloud Transformation, Guus Krabbenborg
Keynote - Cloud Transformation, Guus KrabbenborgKeynote - Cloud Transformation, Guus Krabbenborg
Keynote - Cloud Transformation, Guus Krabbenborgdynamicscom
 
1112 agile approach to pci dss development
1112 agile approach to pci dss development1112 agile approach to pci dss development
1112 agile approach to pci dss developmentbezpiecznik
 
Mobile Cloud Architectures
Mobile Cloud ArchitecturesMobile Cloud Architectures
Mobile Cloud ArchitecturesDavid Coallier
 

Similar to Security, Present And Future (Dec 2011) (20)

Measuring the ROI of Your Sales Performance Initiative (Messaging Matters web...
Measuring the ROI of Your Sales Performance Initiative (Messaging Matters web...Measuring the ROI of Your Sales Performance Initiative (Messaging Matters web...
Measuring the ROI of Your Sales Performance Initiative (Messaging Matters web...
 
Developing softwareformobilesandtablets
Developing softwareformobilesandtabletsDeveloping softwareformobilesandtablets
Developing softwareformobilesandtablets
 
Can invisible also be amazing? Designing fluid and connected experiences
Can invisible also be amazing? Designing fluid and connected experiencesCan invisible also be amazing? Designing fluid and connected experiences
Can invisible also be amazing? Designing fluid and connected experiences
 
Web 3.0 - Concepts, Technologies, and Evolving Business Models
Web 3.0 - Concepts, Technologies, and Evolving Business ModelsWeb 3.0 - Concepts, Technologies, and Evolving Business Models
Web 3.0 - Concepts, Technologies, and Evolving Business Models
 
Divyanshu open stack presentation -osi-ppt
Divyanshu open stack presentation -osi-pptDivyanshu open stack presentation -osi-ppt
Divyanshu open stack presentation -osi-ppt
 
Divyanshu open stack presentation -osi-ppt
Divyanshu open stack presentation -osi-pptDivyanshu open stack presentation -osi-ppt
Divyanshu open stack presentation -osi-ppt
 
South Florida HDI AOY & IT Industry Award Celebration Dec 13, 2011
South Florida HDI AOY & IT Industry Award Celebration Dec 13, 2011South Florida HDI AOY & IT Industry Award Celebration Dec 13, 2011
South Florida HDI AOY & IT Industry Award Celebration Dec 13, 2011
 
Gil yehuda commoditization open source
Gil yehuda commoditization open sourceGil yehuda commoditization open source
Gil yehuda commoditization open source
 
Gil yehuda commoditization open source
Gil yehuda commoditization open sourceGil yehuda commoditization open source
Gil yehuda commoditization open source
 
Bigdata Final NSF I-Corps Presentation
Bigdata Final NSF I-Corps PresentationBigdata Final NSF I-Corps Presentation
Bigdata Final NSF I-Corps Presentation
 
Intellectual Property Study
Intellectual Property StudyIntellectual Property Study
Intellectual Property Study
 
Giovanni DeCarli at SpeechTEK Europe, London 25-26 may 2011
Giovanni DeCarli at SpeechTEK Europe, London 25-26 may 2011Giovanni DeCarli at SpeechTEK Europe, London 25-26 may 2011
Giovanni DeCarli at SpeechTEK Europe, London 25-26 may 2011
 
Realising Business Strategy wuth EA
Realising Business Strategy wuth EARealising Business Strategy wuth EA
Realising Business Strategy wuth EA
 
Vikas swarankar portfolio_25_oct_2011
Vikas swarankar portfolio_25_oct_2011Vikas swarankar portfolio_25_oct_2011
Vikas swarankar portfolio_25_oct_2011
 
Sony Corporation:
Sony Corporation:Sony Corporation:
Sony Corporation:
 
Vineet Choudhry Portfolio
Vineet Choudhry PortfolioVineet Choudhry Portfolio
Vineet Choudhry Portfolio
 
CAKE LIVE Brochure
CAKE LIVE BrochureCAKE LIVE Brochure
CAKE LIVE Brochure
 
Keynote - Cloud Transformation, Guus Krabbenborg
Keynote - Cloud Transformation, Guus KrabbenborgKeynote - Cloud Transformation, Guus Krabbenborg
Keynote - Cloud Transformation, Guus Krabbenborg
 
1112 agile approach to pci dss development
1112 agile approach to pci dss development1112 agile approach to pci dss development
1112 agile approach to pci dss development
 
Mobile Cloud Architectures
Mobile Cloud ArchitecturesMobile Cloud Architectures
Mobile Cloud Architectures
 

Security, Present And Future (Dec 2011)

  • 1. Security, Present and Future Marco Melo Raposo Marco Raposo 2011 http://pt.linkedin.com/in/marcoraposo Free to copy, distribute. You must attribute the work in the manner specified by the author. You may not use this work for commercial purposes.
  • 2. Marco Raposo 2011 http://pt.linkedin.com/in/marcoraposo Free to copy, distribute. You must attribute the work in the manner specified by the author. You may not use this work for commercial purposes.
  • 3. Present Day… Marco Raposo 2011 http://pt.linkedin.com/in/marcoraposo Free to copy, distribute. You must attribute the work in the manner specified by the author. You may not use this work for commercial purposes.
  • 4. World in 201x… Source: Economist, world in 2012 Marco Raposo 2011 http://pt.linkedin.com/in/marcoraposo Free to copy, distribute. You must attribute the work in the manner specified by the author. You may not use this work for commercial purposes.
  • 5. 2010 CSI Annual report • Malware infection continued to be the most commonly seen attack • Fewer financial fraud incidents than in previous years (8.7%) • 45.6% subject of at least one targeted attack. • Fewer organizations are willing to share specific information about losses. • Regulatory compliance efforts have had a positive effect. • Activities of malicious insiders NOT perceived as source of losses (59.1%). Only 39.5 can confirm the fact for sure. • 51.1 % still not using cloud computing. Source: CSI annual report 2011 Marco Raposo 2011 http://pt.linkedin.com/in/marcoraposo Free to copy, distribute. You must attribute the work in the manner specified by the author. You may not use this work for commercial purposes.
  • 6. 2010 - Attacks Experienced • Malware and Bot activity increasing • Phishing almost on 40% • Inside abuse decreasing • “Legacy” menaces decreasing impact Source: CSI annual report 2011 Marco Raposo 2011 http://pt.linkedin.com/in/marcoraposo Free to copy, distribute. You must attribute the work in the manner specified by the author. You may not use this work for commercial purposes.
  • 7. Security Spending 2011-2015 Source: IDC, 2011 • Security spending will almost double in 4 years • NAR spends twice as much as EMEA or APAC Marco Raposo 2011 http://pt.linkedin.com/in/marcoraposo Free to copy, distribute. You must attribute the work in the manner specified by the author. You may not use this work for commercial purposes.
  • 8. Accelerators & Inhibitors Compliance Convergence Economy Industry transformation Profits Customer Demand The digital marketplace Hardware Pervasive computing Services Green IT Saturation Source: IDC Jan 2011 Marco Raposo 2011 http://pt.linkedin.com/in/marcoraposo Free to copy, distribute. You must attribute the work in the manner specified by the author. You may not use this work for commercial purposes.
  • 9. Regulation Relevant Regulation • Directive 2009/136/CE - Serviço universal e aos direitos dos utilizadores, tratamento de dados pessoais e à protecção da privacidade e cooperação entre as autoridades nacionais • Lei n.º 109/2009 - Lei do cibercrime • Lei 67/ 98 – Lei da Protecção de Dados Pessoais Recent Changes in Portuguese Regulation • “Segurança e Integridade de Redes e Serviços” (lei n.º 51/2011) • “Protecção de Infra-estruturas Críticas” (dl n.º 62/2011 Marco Raposo 2011 http://pt.linkedin.com/in/marcoraposo Free to copy, distribute. You must attribute the work in the manner specified by the author. You may not use this work for commercial purposes.
  • 10. Marco Raposo 2011 http://pt.linkedin.com/in/marcoraposo Free to copy, distribute. You must attribute the work in the manner specified by the author. You may not use this work for commercial purposes.
  • 11. The Hot Topics Consumer devices gone Society wild Web 2.0 (Or not) Electronic Cloud Payments Security Digital Corporate footprint Reputation Information Endpoint Systems Warfare Security Electronic ID Privacy, accountability and trust Marco Raposo 2011 http://pt.linkedin.com/in/marcoraposo Free to copy, distribute. You must attribute the work in the manner specified by the author. You may not use this work for commercial purposes.
  • 12. Work-Life balance Community Organization Cu re ltu ltu re Cu Human People Processes Emergence Emergence Relations s Hum ct or a nF a act a nF ors Hum World Technology Marco Raposo 2011 http://pt.linkedin.com/in/marcoraposo Free to copy, distribute. You must attribute the work in the manner specified by the author. You may not use this work for commercial purposes.
  • 13. The Ghost Net March, 2009 A study revealed the a malware-based cyber espionage network called GhostNet Four control servers allowed attacker to control and receive data from compromised computers. A wide-ranging network of compromised computers: At least 1,295 infected computers in 103 countries was detected. 30% of the infected computers considered high-value: Ministries of foreign affairs of Iran, Bangladesh, Latvia, Indonesia, Philippines, Brunei, Barbados and Bhutan; embassies of India, South Korea, Indonesia, Romania, Cyprus, Malta, Thailand, Taiwan, Portugal, Germany and Pakistan; the ASEAN ,Secretariat, SAARC, Asian Development Bank; news organizations; and an unclassified computer located at NATO headquarters. The GhostNet system directs infected computers to download a Trojan known as gh0st RAT that allows attackers to gain complete, real-time control. Instances of gh0st RAT are consistently controlled from commercial Internet access accounts located on the island of Hainan, People’s Republic of China. Marco Raposo 2011 http://pt.linkedin.com/in/marcoraposo Free to copy, distribute. You must attribute the work in the manner specified by the author. You may not use this work for commercial purposes. http://www.infowar-monitor.net/ghostnet/
  • 14. Closing Remarks • Entering Information Age • Threats are moving from enterprise to consumer • Blending of physical instances • Blending of corporate and private • Security matters people • Concerns will focus on – Privacy – Critical Infrastructures – Information warfare Marco Raposo 2011 http://pt.linkedin.com/in/marcoraposo Free to copy, distribute. You must attribute the work in the manner specified by the author. You may not use this work for commercial purposes.
  • 15. More Info ?? • ENISA www.enisa.europa.eu • NIST csrc.nist.gov • EC ec.europa.eu/justice/data-protection/index_en.htm • Cloudsecurity cloudsecurityalliance.org/ • CNPD Legislação Nacional www.cnpd.pt/bin/legis/leis_nacional.htm Marco Raposo 2011 http://pt.linkedin.com/in/marcoraposo Free to copy, distribute. You must attribute the work in the manner specified by the author. You may not use this work for commercial purposes.
  • 16. THANK YOU! marco.raposo@alcatel-lucent.com Marco Raposo 2011 http://pt.linkedin.com/in/marcoraposo pt.linkedin.com/in/marcoraposo Free to copy, distribute. You must attribute the work in the manner specified by the author. You may not use this work for commercial purposes.