WhatsApp 📞 9892124323 ✅Call Girls In Juhu ( Mumbai )
Data Leakage Prevention (DLP)
1. Copyright of the presentation and its contents but limited to the information, text, images, graphics, sound files, video files and
their arrangement, and material therein, is owned by the presenter unless otherwise indicated. No part or parts of this
presentation may be modified, copied, distributed, retransmitted, broadcasted, displayed, reproduced, published, licensed,
transferred, sold or commercially dealt with any manner without the express prior written consent of the presenter.
https://shaolininteger.blogspot.com
haris@mycert.org
https://www.linkedin.com/in/shaolinint
@shaolinint
HarisTahir@
Slash The Underground
in
DATA LEAKAGE PREVENTION
2. ¤ Challenges and Threat Landscape
¤ Why Data Breaches Happen
¤ Data Leakage Prevention
Copyright of the presentation and its contents but limited to the information, text, images, graphics, sound files, video files and their arrangement, and
material therein, is owned by the presenter unless otherwise indicated. No part or parts of this presentation may be modified, copied, distributed,
retransmitted, broadcasted, displayed, reproduced, published, licensed, transferred, sold or commercially dealt with any manner without the express
prior written consent of the presenter.
3. Copyright of the presentation and its contents but limited to the information, text, images, graphics, sound files, video files and their arrangement, and
material therein, is owned by the presenter unless otherwise indicated. No part or parts of this presentation may be modified, copied, distributed,
retransmitted, broadcasted, displayed, reproduced, published, licensed, transferred, sold or commercially dealt with any manner without the express
prior written consent of the presenter.
4. knowledge
empowerment to
the masses
CHALLENGES AND THREAT LANDSCAPE 4
Challenges and Threat Landscape Evolution
efficiency and effectiveness
Problems
² Modern attacks have moved up on the
architectural layer, there are content based.
² Criminals have started to leverage online
marketing as a tool to promote and sell their
services on the black market.
² Modern malicious software (malware) is stealth
and getting better, smarter, faster and stronger.
² The growing popularity of the “Internet of
Things” makes the threat landscape a moving
target.
² Abundant resources, data collection and mining
unable to process millions or billions of data daily
Copyright of the presentation and its contents but limited to the information, text, images, graphics, sound files, video files and their arrangement, and material therein, is owned by the presenter
unless otherwise indicated. No part or parts of this presentation may be modified, copied, distributed, retransmitted, broadcasted, displayed, reproduced, published, licensed, transferred, sold or
commercially dealt with any manner without the express prior written consent of the presenter.
5. knowledge
empowerment to
the masses
CHALLENGES AND THREAT LANDSCAPE 5
Data Breach Investigation Report
past data breaches
Epsilon
$4B, names/email
Saudi Aramco
30,000+ PCs infected
Adobe
$152M (IDs, pwd, data)
Target
$110M affected and CEO/CIO gone
2011 2012 2013 2014
eBay
$145M credentials
Copyright of the presentation and its contents but limited to the information, text, images, graphics, sound files, video files and their arrangement, and material therein, is owned by the presenter
unless otherwise indicated. No part or parts of this presentation may be modified, copied, distributed, retransmitted, broadcasted, displayed, reproduced, published, licensed, transferred, sold or
commercially dealt with any manner without the express prior written consent of the presenter.
6. knowledge
empowerment to
the masses
CHALLENGES AND THREAT LANDSCAPE 6
Data Breach Investigation Report
impact on industries
² IP: 70% of value of public companies
² Annual losses: estimated over $300B
² China: +$107B sales and +2.1M jobs
² 2013: 856 reported breaches
² Q1 2014: 98.3% of data exposed
² 37%: Breaches affected the sector
² 43%: ITRC account of breaches
² 2013: 8.8M records stolen
² 1.8M: Victims of Identity Theft
Copyright of the presentation and its contents but limited to the information, text, images, graphics, sound files, video files and their arrangement, and material therein, is owned by the presenter
unless otherwise indicated. No part or parts of this presentation may be modified, copied, distributed, retransmitted, broadcasted, displayed, reproduced, published, licensed, transferred, sold or
commercially dealt with any manner without the express prior written consent of the presenter.
7. knowledge
empowerment to
the masses
CHALLENGES AND THREAT LANDSCAPE 7
Data Breach Investigation Report
transition from geopolitical to large-scale attacks
² 95 countries
² 64,347 confirmed security
incidents
² 1,367 confirmed data
breaches
² Others reports:
Copyright of the presentation and its contents but limited to the information, text, images, graphics, sound files, video files and their arrangement, and material therein, is owned by the presenter
unless otherwise indicated. No part or parts of this presentation may be modified, copied, distributed, retransmitted, broadcasted, displayed, reproduced, published, licensed, transferred, sold or
commercially dealt with any manner without the express prior written consent of the presenter.
8. Copyright of the presentation and its contents but limited to the information, text, images, graphics, sound files, video files and their arrangement, and
material therein, is owned by the presenter unless otherwise indicated. No part or parts of this presentation may be modified, copied, distributed,
retransmitted, broadcasted, displayed, reproduced, published, licensed, transferred, sold or commercially dealt with any manner without the express
prior written consent of the presenter.
9. knowledge
empowerment to
the masses
Meet Your Whistleblower
threat actors is about people
WHY DATA BREACHES HAPPEN 9
59% of threat actors leave the organization with sensitive data
Criminals
Hacktivist
Insiders
Copyright of the presentation and its contents but limited to the information, text, images, graphics, sound files, video files and their arrangement, and material therein, is owned by the presenter
unless otherwise indicated. No part or parts of this presentation may be modified, copied, distributed, retransmitted, broadcasted, displayed, reproduced, published, licensed, transferred, sold or
commercially dealt with any manner without the express prior written consent of the presenter.
10. knowledge
empowerment to
the masses
WHY DATA BREACHES HAPPEN 10
Knowledge is Power
enough time and equipped with offensive security tools
Threat actors spend most of their time understanding the target environment, operations
and information system, and preparing attacking platform before the actual execution.
Define mission
1
2
3
Information gathering
Scoping
4
Scanning
5
Simulation
6
Execution
7
Exploit development
8
Rootkit and C2 cultivation
Copyright of the presentation and its contents but limited to the information, text, images, graphics, sound files, video files and their arrangement, and material therein, is owned by the presenter
unless otherwise indicated. No part or parts of this presentation may be modified, copied, distributed, retransmitted, broadcasted, displayed, reproduced, published, licensed, transferred, sold or
commercially dealt with any manner without the express prior written consent of the presenter.
11. Copyright of the presentation and its contents but limited to the information, text, images, graphics, sound files, video files and their arrangement, and
material therein, is owned by the presenter unless otherwise indicated. No part or parts of this presentation may be modified, copied, distributed,
retransmitted, broadcasted, displayed, reproduced, published, licensed, transferred, sold or commercially dealt with any manner without the express
prior written consent of the presenter.
12. knowledge
empowerment to
the masses
DATA LEAKAGE PREVENTION 12
Defense-in-Depth
think about people, process and technology
Defense-in-Depth is an Information Assurance (IA) concept to defend a system against attacks
by placing multiple layers of security controls throughout an information technology system.
Data in use Data in transit
Data at rest
Copyright of the presentation and its contents but limited to the information, text, images, graphics, sound files, video files and their arrangement, and material therein, is owned by the presenter
unless otherwise indicated. No part or parts of this presentation may be modified, copied, distributed, retransmitted, broadcasted, displayed, reproduced, published, licensed, transferred, sold or
commercially dealt with any manner without the express prior written consent of the presenter.
13. knowledge
empowerment to
the masses
DATA LEAKAGE PREVENTION 13
Critical Path
decision should be based on acceptable risk treatment plan
“In preparing for battle I have always found that plans are useless, but planning is indispensable.”
~Dwight D. Eisenhower
1 2 3 4 5
RA Results
People
Process
Technology
What is the mission
Who are the
What is the gap
Minimal disruption
statement and
resources required
analysis results?
with greatest
business objective?
to execute the plan?
coverage
Leverage
Utilize others for
what they know
You are about to invest a substantial amount of the company's money, time and resources. Consult with
research analysts such as Forrester or Gartner and gain a basic to intermediate understanding of the industry,
the vendors and solutions available, and their particular strengths and weaknesses. DLP is solving different
problem space to ensure data confidentiality.
Copyright of the presentation and its contents but limited to the information, text, images, graphics, sound files, video files and their arrangement, and material therein, is owned by the presenter
unless otherwise indicated. No part or parts of this presentation may be modified, copied, distributed, retransmitted, broadcasted, displayed, reproduced, published, licensed, transferred, sold or
commercially dealt with any manner without the express prior written consent of the presenter.
14. knowledge
empowerment to
the masses
DLP Technology
four simple explanation
DATA LEAKAGE PREVENTION 14
DLP is about preserving organization sensitive information from unauthorized access
DLP means different things to different people
þ data loss prevention
þ data loss protection
þ data leakage prevention
3
1
2
4
DLP technology is content aware
Driven by significant insider threats
and by rigorous privacy laws
Use rules to examine file content
and classification tag
Copyright of the presentation and its contents but limited to the information, text, images, graphics, sound files, video files and their arrangement, and material therein, is owned by the presenter
unless otherwise indicated. No part or parts of this presentation may be modified, copied, distributed, retransmitted, broadcasted, displayed, reproduced, published, licensed, transferred, sold or
commercially dealt with any manner without the express prior written consent of the presenter.
15. knowledge
empowerment to
the masses
Key DLP Questions
what kind of animal is this?
DATA LEAKAGE PREVENTION 15
It’s about governance and compliance, what is the business objective?
What problem space?
Unauthorized access of data due to
an improper implementation,
inadequacy of a technology, process
and/or policy.
What problem DLP does not solve?
DLP are not designed to address
data leakage issues resulting from
external attacks.
Do I have existing DLP protection?
Surprisingly, firewalls, IDS and
encryption solutions are part of
overall data security strategy.
Does the enterprise need DLP
solution?
Start with Risk Assessment and
identify what are data type the
enterprise processes and/or stores.
FAQ
Copyright of the presentation and its contents but limited to the information, text, images, graphics, sound files, video files and their arrangement, and material therein, is owned by the presenter
unless otherwise indicated. No part or parts of this presentation may be modified, copied, distributed, retransmitted, broadcasted, displayed, reproduced, published, licensed, transferred, sold or
commercially dealt with any manner without the express prior written consent of the presenter.
16. knowledge
empowerment to
the masses
Preliminary Risk Assessment
risk mitigated by DLP
DATA LEAKAGE PREVENTION 16
The problem space is not solved comprehensively by DLP solutions!
Example: an employee can still take a picture of sensitive data
1 Identifying insecure
business processes 2 Accidental data
disclosure by
employee
3 Intentional data
leakage by employee
Copyright of the presentation and its contents but limited to the information, text, images, graphics, sound files, video files and their arrangement, and material therein, is owned by the presenter
unless otherwise indicated. No part or parts of this presentation may be modified, copied, distributed, retransmitted, broadcasted, displayed, reproduced, published, licensed, transferred, sold or
commercially dealt with any manner without the express prior written consent of the presenter.
17. knowledge
empowerment to
the masses
Benefits of DLP
something to consider
DATA LEAKAGE PREVENTION 17
Benefits
² Visibility – visibility to data and information that leaves the
organization and exposing bad business processes.
² Compliance – Helps demonstrate compliance with privacy
regulations such as Data protection Act, PDPA, PCI-DSS and
HIPAA-HITECH
² Flexible security environment – Provide an alternative by
allowing the organizations to say “Yes” to social media and
personal email and other channels, but with ability to control
the content posted to those destinations.
² Malicious activity detection – Stops malicious insiders from
stealing valuable intellectual property such as product
designs and financial reports.
² Employee education and awareness – Educates well-meaning
employees of policy violations and prevents accidental data
leaks.
² Reduce financial impact – By reducing the risk of data leaks,
the financial risk to the enterprise decrease.
Copyright of the presentation and its contents but limited to the information, text, images, graphics, sound files, video files and their arrangement, and material therein, is owned by the presenter
unless otherwise indicated. No part or parts of this presentation may be modified, copied, distributed, retransmitted, broadcasted, displayed, reproduced, published, licensed, transferred, sold or
commercially dealt with any manner without the express prior written consent of the presenter.
18. This slide can be downloaded from:
http://www.slideshare.net/shaolinint
Copyright of the presentation and its contents but limited to the information, text, images, graphics, sound files, video files and
their arrangement, and material therein, is owned by the presenter unless otherwise indicated. No part or parts of this
presentation may be modified, copied, distributed, retransmitted, broadcasted, displayed, reproduced, published, licensed,
transferred, sold or commercially dealt with any manner without the express prior written consent of the presenter.
https://shaolininteger.blogspot.com
haris@mycert.org
https://www.linkedin.com/in/shaolinint
@shaolinint
HarisTahir@
Slash The Underground
in
Thank You
Q&A “no duty is more urgent than that of returning thanks”