SlideShare a Scribd company logo
ARE
 YOU
 READY
 FOR
 
THE
 NEXT
 ATTACK?
Reviewing the SP Security Checklist
Barry Greene - bgreene@senki.org
Checklist Approach
Checklist are one of the most essential tools for
productivity we have in the industry.
Surprisingly, too few “Internet” and “Telecom”
operators use the checklist approach to optimize their
operations.
What follows is the first in several “check list” designed
for Internet Service Providers, be they Mobile,
traditional Telco, Content, of ISPs.
They can be cut/pasted and used in your organization.
Additions to the checklist are always welcomed.
* Thanks to Stephen Stuart @ Google for pointing out Atul Gawande’s book
Note: If this is new to you, read the book “The Checklist Manifesto” and watch the
TED talk:
http://www.ted.com/talks/atul_gawande_how_do_we_heal_medicine
[T]he malware that was used would
have gotten past 90 percent of the Net
defenses that are out there today in
private industry and [would have
been] likely to challenge even state
government,
Joe Demarest, Assistant Director - US
FBI’s Investigation’s Cyberdivision.
Do we have your attention?
Our Traditional View of the World
The Internet is not organized based on countries. It is a
group of “Autonomous System Networks” (ASNs) all
interconnected in a Global Network.
The Reality of the Internet - No Borders
How does a government enforce the rule of law

where the Internet’s risk are all trans-national?
Work on the Right Security Problem
This is nice to know
Who we need to Target
The Good Guys are the Big Part of the Security Problem
Threat Vectors have Evolved
Cyber-Criminal Threats
Cyber-Crime is an International Legal
problem that has no short term resolution.
There will always be someplace in the
Political, Patriotic, Protestors
There are always going to be someone,
somewhere, who is upset with society - with
the ability to make their anxiety know
through any network - any where.
Nation State Threats
Post-Snowden, the secret world of nation
state security is now all in the open. Your
network is a valid “Battle Space” for any
Cyber-War.
What really happens if I’m attacked?
http://www.informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/
The market does not penalize!
http://www.informationisbeautiful.net/
The “market” is forgiving IF you have a
security reaction plan.
A security reaction plan will not prevent
revenue losses, customer churn, and legal
actions, but … organizations do recover
from “big data breaches”
Security Threats are a Force of Nature
Think of the current and future
security threats as a force of of the
environment we live in. This is not
new to human society. We have to
live with the issues of nature all the
time.
Like a hurricane, it is not a matter of
if, but when. Even worse, you can
be in a zone where the hurricane,
tornado, flood, earth quake, and
blizzard are all a major risk.
Forces of Nature cannot be stopped - the only thing
you can do is mitigate risk through your design,
preparation, and investment.
“Security” Excuses
•LaLaLa if I ignore you may be you will go away.
•It is someone else's problem.
•I don’t know where to start?
•I need to wait for someone to tell me what to do.
•No one has been killed ..... Yet.
•I need more training!
•We cannot afford all the security equipment.
•We need to wait for ISO 27001 Certification.
Reality - there is a lot of “talk” about security, but most
operations just do not care …. until the s!@# hits the fan.
Positive Control
Have positive control over all elements in your
network.
Know who is accessing, when they are accessing, and
where they are accessing from. Think beyond TACACS
+. Start asking for Diameter and two factor
authorization with IPv6 only access. Log everything and
expect all there threat vectors probing. Consequences
of neglect is severe.
This is always the #1 issue risk assessors find in
networks! Who is that who logging in? Why does node in
from country X login?
VTY ACLs are Critical
Put VTY Access list everywhere, log it, plot in
MRTG/Cati, and create the alert scripts.
The VTY access list trick is on of the key cost effective
tools that consistently delivers key indicators of
attackers probing the network, exploring the network,
or trying to break into the elements of the network.
The only way to make this work effectively is to build
your own script or use tool from companies like
6Connect.
Why is someone trying to telnet into my eNodeB from
another eNodeB? Why are there a increase in “drops” on
my internal SSH?
Force Vendor Security Partnerships
Use the Vendor Security Checklist with all your
vendors now.
Set up the meetings, have them comply, and push if
non-compliant. Then have these items part of all your
RFPs. Vendors will NOT pay attention to security until
their customers demand security …. or if you take legal
action for liability against the vendors.
Waiting for the dialog is going to create problems when
the s!@# with a specific vendor.
* E-mail and ask for a copy with the Security “RFP” questions.
What is the Upgrade Plan?
Every element in your system needs a tested Upgrade
Plan.
Don’t wait for an emergency patch to find out that a major
routers take 6 hours to upgrade! Create the upgrade plan. Write
the MOP for the test as a template. Rest the plan in your lab, or I
the vendor's lab. Table top exercise how you would have a rolling
upgrade through out the entire system. Map the other systems
which are coupled dependencies or collaterally impacted. Once
all of this is done, start working on designs where you can do
these upgrades without the massive service impact.
Your first reaction would be “isn’t this basic?” Start asking
for details and you will be surprised. One vendor thought is
was normal for a router to be upgraded in 4 hours!
IPv6 Check = Security
Bring in all your vendors and review the IPv6
Check list.
Don't wait for the next RFP. The Cyber-Criminal and
Nation-State threat vectors both know that IPv6 is the
easy entry for getting into and through a network.
There is way too many 1/2 completed IPv6
deployments with equipment that is not ready (I.e. No
IPv6 security features).
Cyber-Criminals figured out that IPv6 was a
backdoor into a network 5 years ago.
Build your Attack Trees
Learn Attack Trees, build your attack trees, explore
all the ways you can break and network.
Once you have your own list of dirty tricks to break your
network, start building reaction plans with the tools you
have in place right now. If brave, get someone to facilitate
a Red Team - Blue Team table top exercise.
Write your BGP Policy!
Write your BGP policy down so that your CEO
understands it!
What are you going to send? What are you going to
receive? How are you going to monitor? How are you going
to enforce? How do you manage your customers? The
days when “BGP policy” is in a “Cisco config script” will not
work when the threat environment is so hostile. One of the
barriers to RPKI ROA registration is the lack of proactive
thinking, planning, and documentation around an
operator’s interconnection policy.
You will make important discoveries of “BGP risk” when
you write it down in a way that everyone can understand!
Review your DNS Architecture!
Review all of your DNS Architecture to Ensure it is
Resilient.
Several of the major “DNS outages” in 2014 had a root
cause in how they were designed. Do not listen to the
vendors, they would want to sell you a solution that will
put all the DNS functionality into one box, creating
single points of failure.

More Related Content

What's hot

Oliver Schuermann - Integrated Software in Networking - the Mystery of SDN
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDNOliver Schuermann - Integrated Software in Networking - the Mystery of SDN
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDN
centralohioissa
 
The state of endpoint defense in 2021
The state of endpoint defense in 2021The state of endpoint defense in 2021
The state of endpoint defense in 2021
Adrian Sanabria
 
Putting MITRE ATT&CK into Action with What You Have, Where You Are
Putting MITRE ATT&CK into Action with What You Have, Where You ArePutting MITRE ATT&CK into Action with What You Have, Where You Are
Putting MITRE ATT&CK into Action with What You Have, Where You Are
Katie Nickels
 
Ponemon Report: Cyber Security Incident Response: Are we as prepared as we th...
Ponemon Report: Cyber Security Incident Response: Are we as prepared as we th...Ponemon Report: Cyber Security Incident Response: Are we as prepared as we th...
Ponemon Report: Cyber Security Incident Response: Are we as prepared as we th...
Lancope, Inc.
 
How would you handle and prevent fires from IoT forests?
How would you handle and prevent fires from IoT forests?How would you handle and prevent fires from IoT forests?
How would you handle and prevent fires from IoT forests?
0 0
 
Why Zero Trust Yields Maximum Security
Why Zero Trust Yields Maximum SecurityWhy Zero Trust Yields Maximum Security
Why Zero Trust Yields Maximum Security
Priyanka Aash
 
Mitre ATT&CK by Mattias Almeflo Nixu
Mitre ATT&CK by Mattias Almeflo NixuMitre ATT&CK by Mattias Almeflo Nixu
Mitre ATT&CK by Mattias Almeflo Nixu
Nixu Corporation
 
The Intersection Between Open Source and Cybersecurity
The Intersection Between Open Source and CybersecurityThe Intersection Between Open Source and Cybersecurity
The Intersection Between Open Source and Cybersecurity
Black Duck by Synopsys
 
Jack Whitsitt - Yours, Anecdotally
Jack Whitsitt - Yours, AnecdotallyJack Whitsitt - Yours, Anecdotally
Jack Whitsitt - Yours, Anecdotally
EnergySec
 
MITRE ATT&CKcon 2018: Playing Devil’s Advocate to Security Initiatives with A...
MITRE ATT&CKcon 2018: Playing Devil’s Advocate to Security Initiatives with A...MITRE ATT&CKcon 2018: Playing Devil’s Advocate to Security Initiatives with A...
MITRE ATT&CKcon 2018: Playing Devil’s Advocate to Security Initiatives with A...
MITRE - ATT&CKcon
 
MITRE ATT&CKcon 2.0: AMITT - ATT&CK-based Standards for Misinformation Threat...
MITRE ATT&CKcon 2.0: AMITT - ATT&CK-based Standards for Misinformation Threat...MITRE ATT&CKcon 2.0: AMITT - ATT&CK-based Standards for Misinformation Threat...
MITRE ATT&CKcon 2.0: AMITT - ATT&CK-based Standards for Misinformation Threat...
MITRE - ATT&CKcon
 
MITRE ATT&CKcon 2.0: Prioritizing ATT&CK Informed Defenses the CIS Way; Phili...
MITRE ATT&CKcon 2.0: Prioritizing ATT&CK Informed Defenses the CIS Way; Phili...MITRE ATT&CKcon 2.0: Prioritizing ATT&CK Informed Defenses the CIS Way; Phili...
MITRE ATT&CKcon 2.0: Prioritizing ATT&CK Informed Defenses the CIS Way; Phili...
MITRE - ATT&CKcon
 
NDIA 2021 - solar winds overview and takeaways
NDIA 2021 - solar winds overview and takeawaysNDIA 2021 - solar winds overview and takeaways
NDIA 2021 - solar winds overview and takeaways
Bryson Bort
 
Kent King - PKI: Do You Know Your Exposure?
Kent King - PKI: Do You Know Your Exposure?Kent King - PKI: Do You Know Your Exposure?
Kent King - PKI: Do You Know Your Exposure?
centralohioissa
 
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...
Kaspersky
 
Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...
Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...
Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...
Shawn Tuma
 
Good Guys vs Bad Guys: Using Big Data to Counteract Advanced Threats
Good Guys vs Bad Guys: Using Big Data to Counteract Advanced ThreatsGood Guys vs Bad Guys: Using Big Data to Counteract Advanced Threats
Good Guys vs Bad Guys: Using Big Data to Counteract Advanced Threats
Zivaro Inc
 
RSAC 365 2021 Virtual Summit Spotlite Presentation on Security Chaos Engineering
RSAC 365 2021 Virtual Summit Spotlite Presentation on Security Chaos EngineeringRSAC 365 2021 Virtual Summit Spotlite Presentation on Security Chaos Engineering
RSAC 365 2021 Virtual Summit Spotlite Presentation on Security Chaos Engineering
Aaron Rinehart
 
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...
APNIC
 
Tomorrow Starts Here - Security Everywhere
Tomorrow Starts Here - Security Everywhere Tomorrow Starts Here - Security Everywhere
Tomorrow Starts Here - Security Everywhere
Cisco Canada
 

What's hot (20)

Oliver Schuermann - Integrated Software in Networking - the Mystery of SDN
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDNOliver Schuermann - Integrated Software in Networking - the Mystery of SDN
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDN
 
The state of endpoint defense in 2021
The state of endpoint defense in 2021The state of endpoint defense in 2021
The state of endpoint defense in 2021
 
Putting MITRE ATT&CK into Action with What You Have, Where You Are
Putting MITRE ATT&CK into Action with What You Have, Where You ArePutting MITRE ATT&CK into Action with What You Have, Where You Are
Putting MITRE ATT&CK into Action with What You Have, Where You Are
 
Ponemon Report: Cyber Security Incident Response: Are we as prepared as we th...
Ponemon Report: Cyber Security Incident Response: Are we as prepared as we th...Ponemon Report: Cyber Security Incident Response: Are we as prepared as we th...
Ponemon Report: Cyber Security Incident Response: Are we as prepared as we th...
 
How would you handle and prevent fires from IoT forests?
How would you handle and prevent fires from IoT forests?How would you handle and prevent fires from IoT forests?
How would you handle and prevent fires from IoT forests?
 
Why Zero Trust Yields Maximum Security
Why Zero Trust Yields Maximum SecurityWhy Zero Trust Yields Maximum Security
Why Zero Trust Yields Maximum Security
 
Mitre ATT&CK by Mattias Almeflo Nixu
Mitre ATT&CK by Mattias Almeflo NixuMitre ATT&CK by Mattias Almeflo Nixu
Mitre ATT&CK by Mattias Almeflo Nixu
 
The Intersection Between Open Source and Cybersecurity
The Intersection Between Open Source and CybersecurityThe Intersection Between Open Source and Cybersecurity
The Intersection Between Open Source and Cybersecurity
 
Jack Whitsitt - Yours, Anecdotally
Jack Whitsitt - Yours, AnecdotallyJack Whitsitt - Yours, Anecdotally
Jack Whitsitt - Yours, Anecdotally
 
MITRE ATT&CKcon 2018: Playing Devil’s Advocate to Security Initiatives with A...
MITRE ATT&CKcon 2018: Playing Devil’s Advocate to Security Initiatives with A...MITRE ATT&CKcon 2018: Playing Devil’s Advocate to Security Initiatives with A...
MITRE ATT&CKcon 2018: Playing Devil’s Advocate to Security Initiatives with A...
 
MITRE ATT&CKcon 2.0: AMITT - ATT&CK-based Standards for Misinformation Threat...
MITRE ATT&CKcon 2.0: AMITT - ATT&CK-based Standards for Misinformation Threat...MITRE ATT&CKcon 2.0: AMITT - ATT&CK-based Standards for Misinformation Threat...
MITRE ATT&CKcon 2.0: AMITT - ATT&CK-based Standards for Misinformation Threat...
 
MITRE ATT&CKcon 2.0: Prioritizing ATT&CK Informed Defenses the CIS Way; Phili...
MITRE ATT&CKcon 2.0: Prioritizing ATT&CK Informed Defenses the CIS Way; Phili...MITRE ATT&CKcon 2.0: Prioritizing ATT&CK Informed Defenses the CIS Way; Phili...
MITRE ATT&CKcon 2.0: Prioritizing ATT&CK Informed Defenses the CIS Way; Phili...
 
NDIA 2021 - solar winds overview and takeaways
NDIA 2021 - solar winds overview and takeawaysNDIA 2021 - solar winds overview and takeaways
NDIA 2021 - solar winds overview and takeaways
 
Kent King - PKI: Do You Know Your Exposure?
Kent King - PKI: Do You Know Your Exposure?Kent King - PKI: Do You Know Your Exposure?
Kent King - PKI: Do You Know Your Exposure?
 
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...
 
Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...
Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...
Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...
 
Good Guys vs Bad Guys: Using Big Data to Counteract Advanced Threats
Good Guys vs Bad Guys: Using Big Data to Counteract Advanced ThreatsGood Guys vs Bad Guys: Using Big Data to Counteract Advanced Threats
Good Guys vs Bad Guys: Using Big Data to Counteract Advanced Threats
 
RSAC 365 2021 Virtual Summit Spotlite Presentation on Security Chaos Engineering
RSAC 365 2021 Virtual Summit Spotlite Presentation on Security Chaos EngineeringRSAC 365 2021 Virtual Summit Spotlite Presentation on Security Chaos Engineering
RSAC 365 2021 Virtual Summit Spotlite Presentation on Security Chaos Engineering
 
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...
 
Tomorrow Starts Here - Security Everywhere
Tomorrow Starts Here - Security Everywhere Tomorrow Starts Here - Security Everywhere
Tomorrow Starts Here - Security Everywhere
 

Viewers also liked

Security acqua 4 0 telecontrollo 2015 versione_estesa
Security acqua 4 0 telecontrollo 2015 versione_estesaSecurity acqua 4 0 telecontrollo 2015 versione_estesa
Security acqua 4 0 telecontrollo 2015 versione_estesa
Enzo M. Tieghi
 
Red Teaming and the Supply Chain
Red Teaming and the Supply ChainRed Teaming and the Supply Chain
Red Teaming and the Supply Chain
Ollie Whitehouse
 
Ciclo de vida
Ciclo de vidaCiclo de vida
Ciclo de vida
ellie rey
 
Security in the New World of Content and Documents
Security in the New World of Content and DocumentsSecurity in the New World of Content and Documents
Security in the New World of Content and Documents
Nitro, Inc.
 
Retail Week: Cloud Security
Retail Week: Cloud SecurityRetail Week: Cloud Security
Retail Week: Cloud Security
Datapipe
 
The Technology Horizon & Cyber Security from EISIC 2015
The Technology Horizon & Cyber Security from EISIC 2015The Technology Horizon & Cyber Security from EISIC 2015
The Technology Horizon & Cyber Security from EISIC 2015
Ollie Whitehouse
 
IBM Security Portfolio - 2015
IBM Security Portfolio - 2015IBM Security Portfolio - 2015
IBM Security Portfolio - 2015
IBM Thailand Co Ltd
 
Innomantra - Intellectual Property Consulting & Services
Innomantra - Intellectual Property Consulting & ServicesInnomantra - Intellectual Property Consulting & Services
Innomantra - Intellectual Property Consulting & Services
Innomantra
 
Are Your CPG Brands Maximizing the Return on Your Digital Investment?
Are Your CPG Brands Maximizing the Return on Your Digital Investment?Are Your CPG Brands Maximizing the Return on Your Digital Investment?
Are Your CPG Brands Maximizing the Return on Your Digital Investment?
dunnhumby
 
Data breach-response-planning-laying-the-right-foundation
Data breach-response-planning-laying-the-right-foundationData breach-response-planning-laying-the-right-foundation
Data breach-response-planning-laying-the-right-foundation
Bradley Arant Boult Cummings LLP
 
2015 09-22 Is it time for a Security and Compliance Assessment?
2015 09-22 Is it time for a Security and Compliance Assessment?2015 09-22 Is it time for a Security and Compliance Assessment?
2015 09-22 Is it time for a Security and Compliance Assessment?
Raffa Learning Community
 
Cyber Security, IP Theft, and Data Breaches
Cyber Security, IP Theft, and Data BreachesCyber Security, IP Theft, and Data Breaches
Cyber Security, IP Theft, and Data Breaches
Ethisphere
 
Symantec Cyber Security Solutions | MSS and Advanced Threat Protection
Symantec Cyber Security Solutions | MSS and Advanced Threat ProtectionSymantec Cyber Security Solutions | MSS and Advanced Threat Protection
Symantec Cyber Security Solutions | MSS and Advanced Threat Protection
infoLock Technologies
 
Assuring the Security of the Supply Chain - Designing best practices for cybe...
Assuring the Security of the Supply Chain - Designing best practices for cybe...Assuring the Security of the Supply Chain - Designing best practices for cybe...
Assuring the Security of the Supply Chain - Designing best practices for cybe...
Ollie Whitehouse
 
Managed Security Services from Symantec
Managed Security Services from SymantecManaged Security Services from Symantec
Managed Security Services from Symantec
Arrow ECS UK
 
Talking To The Board: How To Improve Your Board's Cyber Security Literacy – U...
Talking To The Board: How To Improve Your Board's Cyber Security Literacy – U...Talking To The Board: How To Improve Your Board's Cyber Security Literacy – U...
Talking To The Board: How To Improve Your Board's Cyber Security Literacy – U...
Tripwire
 
Cyber Security - Things you need to know
Cyber Security - Things you need to knowCyber Security - Things you need to know
Cyber Security - Things you need to know
Nathan Desfontaines
 
Cyber supply chain risk management ASDE
Cyber supply chain risk management   ASDECyber supply chain risk management   ASDE
Cyber supply chain risk management ASDE
Engineers Australia
 
Black Hat USA 2015: A Visual Snapshot of Security Threats, Trends and Ideas
Black Hat USA 2015: A Visual Snapshot of Security Threats, Trends and IdeasBlack Hat USA 2015: A Visual Snapshot of Security Threats, Trends and Ideas
Black Hat USA 2015: A Visual Snapshot of Security Threats, Trends and Ideas
Tripwire
 
IDC Best Practices in Private Sector Cyber Security
IDC Best Practices in Private Sector Cyber SecurityIDC Best Practices in Private Sector Cyber Security
IDC Best Practices in Private Sector Cyber Security
inside-BigData.com
 

Viewers also liked (20)

Security acqua 4 0 telecontrollo 2015 versione_estesa
Security acqua 4 0 telecontrollo 2015 versione_estesaSecurity acqua 4 0 telecontrollo 2015 versione_estesa
Security acqua 4 0 telecontrollo 2015 versione_estesa
 
Red Teaming and the Supply Chain
Red Teaming and the Supply ChainRed Teaming and the Supply Chain
Red Teaming and the Supply Chain
 
Ciclo de vida
Ciclo de vidaCiclo de vida
Ciclo de vida
 
Security in the New World of Content and Documents
Security in the New World of Content and DocumentsSecurity in the New World of Content and Documents
Security in the New World of Content and Documents
 
Retail Week: Cloud Security
Retail Week: Cloud SecurityRetail Week: Cloud Security
Retail Week: Cloud Security
 
The Technology Horizon & Cyber Security from EISIC 2015
The Technology Horizon & Cyber Security from EISIC 2015The Technology Horizon & Cyber Security from EISIC 2015
The Technology Horizon & Cyber Security from EISIC 2015
 
IBM Security Portfolio - 2015
IBM Security Portfolio - 2015IBM Security Portfolio - 2015
IBM Security Portfolio - 2015
 
Innomantra - Intellectual Property Consulting & Services
Innomantra - Intellectual Property Consulting & ServicesInnomantra - Intellectual Property Consulting & Services
Innomantra - Intellectual Property Consulting & Services
 
Are Your CPG Brands Maximizing the Return on Your Digital Investment?
Are Your CPG Brands Maximizing the Return on Your Digital Investment?Are Your CPG Brands Maximizing the Return on Your Digital Investment?
Are Your CPG Brands Maximizing the Return on Your Digital Investment?
 
Data breach-response-planning-laying-the-right-foundation
Data breach-response-planning-laying-the-right-foundationData breach-response-planning-laying-the-right-foundation
Data breach-response-planning-laying-the-right-foundation
 
2015 09-22 Is it time for a Security and Compliance Assessment?
2015 09-22 Is it time for a Security and Compliance Assessment?2015 09-22 Is it time for a Security and Compliance Assessment?
2015 09-22 Is it time for a Security and Compliance Assessment?
 
Cyber Security, IP Theft, and Data Breaches
Cyber Security, IP Theft, and Data BreachesCyber Security, IP Theft, and Data Breaches
Cyber Security, IP Theft, and Data Breaches
 
Symantec Cyber Security Solutions | MSS and Advanced Threat Protection
Symantec Cyber Security Solutions | MSS and Advanced Threat ProtectionSymantec Cyber Security Solutions | MSS and Advanced Threat Protection
Symantec Cyber Security Solutions | MSS and Advanced Threat Protection
 
Assuring the Security of the Supply Chain - Designing best practices for cybe...
Assuring the Security of the Supply Chain - Designing best practices for cybe...Assuring the Security of the Supply Chain - Designing best practices for cybe...
Assuring the Security of the Supply Chain - Designing best practices for cybe...
 
Managed Security Services from Symantec
Managed Security Services from SymantecManaged Security Services from Symantec
Managed Security Services from Symantec
 
Talking To The Board: How To Improve Your Board's Cyber Security Literacy – U...
Talking To The Board: How To Improve Your Board's Cyber Security Literacy – U...Talking To The Board: How To Improve Your Board's Cyber Security Literacy – U...
Talking To The Board: How To Improve Your Board's Cyber Security Literacy – U...
 
Cyber Security - Things you need to know
Cyber Security - Things you need to knowCyber Security - Things you need to know
Cyber Security - Things you need to know
 
Cyber supply chain risk management ASDE
Cyber supply chain risk management   ASDECyber supply chain risk management   ASDE
Cyber supply chain risk management ASDE
 
Black Hat USA 2015: A Visual Snapshot of Security Threats, Trends and Ideas
Black Hat USA 2015: A Visual Snapshot of Security Threats, Trends and IdeasBlack Hat USA 2015: A Visual Snapshot of Security Threats, Trends and Ideas
Black Hat USA 2015: A Visual Snapshot of Security Threats, Trends and Ideas
 
IDC Best Practices in Private Sector Cyber Security
IDC Best Practices in Private Sector Cyber SecurityIDC Best Practices in Private Sector Cyber Security
IDC Best Practices in Private Sector Cyber Security
 

Similar to Are you ready for the next attack? Reviewing the SP Security Checklist

Are you ready for the next attack? Reviewing the SP Security Checklist
Are you ready for the next attack? Reviewing the SP Security ChecklistAre you ready for the next attack? Reviewing the SP Security Checklist
Are you ready for the next attack? Reviewing the SP Security Checklist
MyNOG
 
Prevent Getting Hacked by Using a Network Vulnerability Scanner
Prevent Getting Hacked by Using a Network Vulnerability ScannerPrevent Getting Hacked by Using a Network Vulnerability Scanner
Prevent Getting Hacked by Using a Network Vulnerability Scanner
GFI Software
 
Security Opportunities A Silicon Valley VC Perspective
Security Opportunities  A Silicon Valley VC PerspectiveSecurity Opportunities  A Silicon Valley VC Perspective
Security Opportunities A Silicon Valley VC Perspective
Positive Hack Days
 
COMPLETE NETWORK SECURITY PROTECTION FOR SME’SWITHIN LIMITED RESOURCES
COMPLETE NETWORK SECURITY PROTECTION FOR SME’SWITHIN LIMITED RESOURCESCOMPLETE NETWORK SECURITY PROTECTION FOR SME’SWITHIN LIMITED RESOURCES
COMPLETE NETWORK SECURITY PROTECTION FOR SME’SWITHIN LIMITED RESOURCES
IJNSA Journal
 
Complete network security protection for sme's within limited resources
Complete network security protection for sme's within limited resourcesComplete network security protection for sme's within limited resources
Complete network security protection for sme's within limited resources
IJNSA Journal
 
Abb e guide3
Abb e guide3Abb e guide3
Abb e guide3
Claricio Gobbo
 
BsidesMCR_2016-what-can-infosec-learn-from-devops
BsidesMCR_2016-what-can-infosec-learn-from-devopsBsidesMCR_2016-what-can-infosec-learn-from-devops
BsidesMCR_2016-what-can-infosec-learn-from-devops
James '​-- Mckinlay
 
Solnet dev secops meetup
Solnet dev secops meetupSolnet dev secops meetup
Solnet dev secops meetup
pbink
 
Securing Systems - Still Crazy After All These Years
Securing Systems - Still Crazy After All These YearsSecuring Systems - Still Crazy After All These Years
Securing Systems - Still Crazy After All These Years
Adrian Sanabria
 
Sourcefire Webinar - NEW GENERATION IPS
Sourcefire Webinar -  NEW GENERATION IPSSourcefire Webinar -  NEW GENERATION IPS
Sourcefire Webinar - NEW GENERATION IPS
mmiznoni
 
Bulletproof IT Security
Bulletproof IT SecurityBulletproof IT Security
Bulletproof IT Security
London School of Cyber Security
 
Top 10 Software to Detect & Prevent Security Vulnerabilities from BlackHat US...
Top 10 Software to Detect & Prevent Security Vulnerabilities from BlackHat US...Top 10 Software to Detect & Prevent Security Vulnerabilities from BlackHat US...
Top 10 Software to Detect & Prevent Security Vulnerabilities from BlackHat US...
Mobodexter
 
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!
Michele Chubirka
 
Behind the Curtain: Exposing Advanced Threats
Behind the Curtain: Exposing Advanced ThreatsBehind the Curtain: Exposing Advanced Threats
Behind the Curtain: Exposing Advanced Threats
Cisco Canada
 
Mongoose H4D 2021 Lessons Learned
Mongoose H4D 2021 Lessons LearnedMongoose H4D 2021 Lessons Learned
Mongoose H4D 2021 Lessons Learned
Stanford University
 
Network cloaking sansv2_
Network cloaking sansv2_Network cloaking sansv2_
Network cloaking sansv2_
CMR WORLD TECH
 
IDS+Honeypots Making Security Simple
IDS+Honeypots Making Security SimpleIDS+Honeypots Making Security Simple
IDS+Honeypots Making Security Simple
Gregory Hanis
 
Ben Rothke - NBA for The Security Professional
Ben Rothke - NBA for The Security ProfessionalBen Rothke - NBA for The Security Professional
Ben Rothke - NBA for The Security Professional
Ben Rothke
 
Logging "BrainBox" Short Article
Logging "BrainBox" Short ArticleLogging "BrainBox" Short Article
Logging "BrainBox" Short Article
Anton Chuvakin
 
Chapter 5Overview of SecurityTechnologiesWe can’t h
Chapter 5Overview of SecurityTechnologiesWe can’t hChapter 5Overview of SecurityTechnologiesWe can’t h
Chapter 5Overview of SecurityTechnologiesWe can’t h
WilheminaRossi174
 

Similar to Are you ready for the next attack? Reviewing the SP Security Checklist (20)

Are you ready for the next attack? Reviewing the SP Security Checklist
Are you ready for the next attack? Reviewing the SP Security ChecklistAre you ready for the next attack? Reviewing the SP Security Checklist
Are you ready for the next attack? Reviewing the SP Security Checklist
 
Prevent Getting Hacked by Using a Network Vulnerability Scanner
Prevent Getting Hacked by Using a Network Vulnerability ScannerPrevent Getting Hacked by Using a Network Vulnerability Scanner
Prevent Getting Hacked by Using a Network Vulnerability Scanner
 
Security Opportunities A Silicon Valley VC Perspective
Security Opportunities  A Silicon Valley VC PerspectiveSecurity Opportunities  A Silicon Valley VC Perspective
Security Opportunities A Silicon Valley VC Perspective
 
COMPLETE NETWORK SECURITY PROTECTION FOR SME’SWITHIN LIMITED RESOURCES
COMPLETE NETWORK SECURITY PROTECTION FOR SME’SWITHIN LIMITED RESOURCESCOMPLETE NETWORK SECURITY PROTECTION FOR SME’SWITHIN LIMITED RESOURCES
COMPLETE NETWORK SECURITY PROTECTION FOR SME’SWITHIN LIMITED RESOURCES
 
Complete network security protection for sme's within limited resources
Complete network security protection for sme's within limited resourcesComplete network security protection for sme's within limited resources
Complete network security protection for sme's within limited resources
 
Abb e guide3
Abb e guide3Abb e guide3
Abb e guide3
 
BsidesMCR_2016-what-can-infosec-learn-from-devops
BsidesMCR_2016-what-can-infosec-learn-from-devopsBsidesMCR_2016-what-can-infosec-learn-from-devops
BsidesMCR_2016-what-can-infosec-learn-from-devops
 
Solnet dev secops meetup
Solnet dev secops meetupSolnet dev secops meetup
Solnet dev secops meetup
 
Securing Systems - Still Crazy After All These Years
Securing Systems - Still Crazy After All These YearsSecuring Systems - Still Crazy After All These Years
Securing Systems - Still Crazy After All These Years
 
Sourcefire Webinar - NEW GENERATION IPS
Sourcefire Webinar -  NEW GENERATION IPSSourcefire Webinar -  NEW GENERATION IPS
Sourcefire Webinar - NEW GENERATION IPS
 
Bulletproof IT Security
Bulletproof IT SecurityBulletproof IT Security
Bulletproof IT Security
 
Top 10 Software to Detect & Prevent Security Vulnerabilities from BlackHat US...
Top 10 Software to Detect & Prevent Security Vulnerabilities from BlackHat US...Top 10 Software to Detect & Prevent Security Vulnerabilities from BlackHat US...
Top 10 Software to Detect & Prevent Security Vulnerabilities from BlackHat US...
 
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!
 
Behind the Curtain: Exposing Advanced Threats
Behind the Curtain: Exposing Advanced ThreatsBehind the Curtain: Exposing Advanced Threats
Behind the Curtain: Exposing Advanced Threats
 
Mongoose H4D 2021 Lessons Learned
Mongoose H4D 2021 Lessons LearnedMongoose H4D 2021 Lessons Learned
Mongoose H4D 2021 Lessons Learned
 
Network cloaking sansv2_
Network cloaking sansv2_Network cloaking sansv2_
Network cloaking sansv2_
 
IDS+Honeypots Making Security Simple
IDS+Honeypots Making Security SimpleIDS+Honeypots Making Security Simple
IDS+Honeypots Making Security Simple
 
Ben Rothke - NBA for The Security Professional
Ben Rothke - NBA for The Security ProfessionalBen Rothke - NBA for The Security Professional
Ben Rothke - NBA for The Security Professional
 
Logging "BrainBox" Short Article
Logging "BrainBox" Short ArticleLogging "BrainBox" Short Article
Logging "BrainBox" Short Article
 
Chapter 5Overview of SecurityTechnologiesWe can’t h
Chapter 5Overview of SecurityTechnologiesWe can’t hChapter 5Overview of SecurityTechnologiesWe can’t h
Chapter 5Overview of SecurityTechnologiesWe can’t h
 

More from APNIC

APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024
APNIC
 
Registry Data Accuracy Improvements, presented by Chimi Dorji at SANOG 41 / I...
Registry Data Accuracy Improvements, presented by Chimi Dorji at SANOG 41 / I...Registry Data Accuracy Improvements, presented by Chimi Dorji at SANOG 41 / I...
Registry Data Accuracy Improvements, presented by Chimi Dorji at SANOG 41 / I...
APNIC
 
APNIC Updates presented by Paul Wilson at CaribNOG 27
APNIC Updates presented by Paul Wilson at  CaribNOG 27APNIC Updates presented by Paul Wilson at  CaribNOG 27
APNIC Updates presented by Paul Wilson at CaribNOG 27
APNIC
 
APNIC Policy Roundup presented by Sunny Chendi at TWNOG 5.0
APNIC Policy Roundup presented by Sunny Chendi at TWNOG 5.0APNIC Policy Roundup presented by Sunny Chendi at TWNOG 5.0
APNIC Policy Roundup presented by Sunny Chendi at TWNOG 5.0
APNIC
 
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC
 
APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53
APNIC
 
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
APNIC
 
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
APNIC
 
On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024
APNIC
 
Networking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOGNetworking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOG
APNIC
 
IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119
APNIC
 
draft-harrison-sidrops-manifest-number-01, presented at IETF 119
draft-harrison-sidrops-manifest-number-01, presented at IETF 119draft-harrison-sidrops-manifest-number-01, presented at IETF 119
draft-harrison-sidrops-manifest-number-01, presented at IETF 119
APNIC
 
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
APNIC
 
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
APNIC
 
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
APNIC
 
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
APNIC
 
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
APNIC
 
NANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff HustonNANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff Huston
APNIC
 
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff HustonDNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
APNIC
 
APAN 57: APNIC Report at APAN 57, Bangkok, Thailand
APAN 57: APNIC Report at APAN 57, Bangkok, ThailandAPAN 57: APNIC Report at APAN 57, Bangkok, Thailand
APAN 57: APNIC Report at APAN 57, Bangkok, Thailand
APNIC
 

More from APNIC (20)

APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024
 
Registry Data Accuracy Improvements, presented by Chimi Dorji at SANOG 41 / I...
Registry Data Accuracy Improvements, presented by Chimi Dorji at SANOG 41 / I...Registry Data Accuracy Improvements, presented by Chimi Dorji at SANOG 41 / I...
Registry Data Accuracy Improvements, presented by Chimi Dorji at SANOG 41 / I...
 
APNIC Updates presented by Paul Wilson at CaribNOG 27
APNIC Updates presented by Paul Wilson at  CaribNOG 27APNIC Updates presented by Paul Wilson at  CaribNOG 27
APNIC Updates presented by Paul Wilson at CaribNOG 27
 
APNIC Policy Roundup presented by Sunny Chendi at TWNOG 5.0
APNIC Policy Roundup presented by Sunny Chendi at TWNOG 5.0APNIC Policy Roundup presented by Sunny Chendi at TWNOG 5.0
APNIC Policy Roundup presented by Sunny Chendi at TWNOG 5.0
 
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
 
APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53
 
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
 
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
 
On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024
 
Networking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOGNetworking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOG
 
IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119
 
draft-harrison-sidrops-manifest-number-01, presented at IETF 119
draft-harrison-sidrops-manifest-number-01, presented at IETF 119draft-harrison-sidrops-manifest-number-01, presented at IETF 119
draft-harrison-sidrops-manifest-number-01, presented at IETF 119
 
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
 
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
 
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
 
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
 
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
 
NANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff HustonNANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff Huston
 
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff HustonDNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
 
APAN 57: APNIC Report at APAN 57, Bangkok, Thailand
APAN 57: APNIC Report at APAN 57, Bangkok, ThailandAPAN 57: APNIC Report at APAN 57, Bangkok, Thailand
APAN 57: APNIC Report at APAN 57, Bangkok, Thailand
 

Recently uploaded

7 Best Cloud Hosting Services to Try Out in 2024
7 Best Cloud Hosting Services to Try Out in 20247 Best Cloud Hosting Services to Try Out in 2024
7 Best Cloud Hosting Services to Try Out in 2024
Danica Gill
 
制作原版1:1(Monash毕业证)莫纳什大学毕业证成绩单办理假
制作原版1:1(Monash毕业证)莫纳什大学毕业证成绩单办理假制作原版1:1(Monash毕业证)莫纳什大学毕业证成绩单办理假
制作原版1:1(Monash毕业证)莫纳什大学毕业证成绩单办理假
ukwwuq
 
可查真实(Monash毕业证)西澳大学毕业证成绩单退学买
可查真实(Monash毕业证)西澳大学毕业证成绩单退学买可查真实(Monash毕业证)西澳大学毕业证成绩单退学买
可查真实(Monash毕业证)西澳大学毕业证成绩单退学买
cuobya
 
办理新西兰奥克兰大学毕业证学位证书范本原版一模一样
办理新西兰奥克兰大学毕业证学位证书范本原版一模一样办理新西兰奥克兰大学毕业证学位证书范本原版一模一样
办理新西兰奥克兰大学毕业证学位证书范本原版一模一样
xjq03c34
 
Gen Z and the marketplaces - let's translate their needs
Gen Z and the marketplaces - let's translate their needsGen Z and the marketplaces - let's translate their needs
Gen Z and the marketplaces - let's translate their needs
Laura Szabó
 
Discover the benefits of outsourcing SEO to India
Discover the benefits of outsourcing SEO to IndiaDiscover the benefits of outsourcing SEO to India
Discover the benefits of outsourcing SEO to India
davidjhones387
 
[HUN][hackersuli] Red Teaming alapok 2024
[HUN][hackersuli] Red Teaming alapok 2024[HUN][hackersuli] Red Teaming alapok 2024
[HUN][hackersuli] Red Teaming alapok 2024
hackersuli
 
办理毕业证(NYU毕业证)纽约大学毕业证成绩单官方原版办理
办理毕业证(NYU毕业证)纽约大学毕业证成绩单官方原版办理办理毕业证(NYU毕业证)纽约大学毕业证成绩单官方原版办理
办理毕业证(NYU毕业证)纽约大学毕业证成绩单官方原版办理
uehowe
 
快速办理(新加坡SMU毕业证书)新加坡管理大学毕业证文凭证书一模一样
快速办理(新加坡SMU毕业证书)新加坡管理大学毕业证文凭证书一模一样快速办理(新加坡SMU毕业证书)新加坡管理大学毕业证文凭证书一模一样
快速办理(新加坡SMU毕业证书)新加坡管理大学毕业证文凭证书一模一样
3a0sd7z3
 
成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
ysasp1
 
国外证书(Lincoln毕业证)新西兰林肯大学毕业证成绩单不能毕业办理
国外证书(Lincoln毕业证)新西兰林肯大学毕业证成绩单不能毕业办理国外证书(Lincoln毕业证)新西兰林肯大学毕业证成绩单不能毕业办理
国外证书(Lincoln毕业证)新西兰林肯大学毕业证成绩单不能毕业办理
zoowe
 
不能毕业如何获得(USYD毕业证)悉尼大学毕业证成绩单一比一原版制作
不能毕业如何获得(USYD毕业证)悉尼大学毕业证成绩单一比一原版制作不能毕业如何获得(USYD毕业证)悉尼大学毕业证成绩单一比一原版制作
不能毕业如何获得(USYD毕业证)悉尼大学毕业证成绩单一比一原版制作
bseovas
 
重新申请毕业证书(RMIT毕业证)皇家墨尔本理工大学毕业证成绩单精仿办理
重新申请毕业证书(RMIT毕业证)皇家墨尔本理工大学毕业证成绩单精仿办理重新申请毕业证书(RMIT毕业证)皇家墨尔本理工大学毕业证成绩单精仿办理
重新申请毕业证书(RMIT毕业证)皇家墨尔本理工大学毕业证成绩单精仿办理
vmemo1
 
manuaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaal
manuaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaalmanuaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaal
manuaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaal
wolfsoftcompanyco
 
留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理
留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理
留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理
uehowe
 
假文凭国外(Adelaide毕业证)澳大利亚国立大学毕业证成绩单办理
假文凭国外(Adelaide毕业证)澳大利亚国立大学毕业证成绩单办理假文凭国外(Adelaide毕业证)澳大利亚国立大学毕业证成绩单办理
假文凭国外(Adelaide毕业证)澳大利亚国立大学毕业证成绩单办理
cuobya
 
Should Repositories Participate in the Fediverse?
Should Repositories Participate in the Fediverse?Should Repositories Participate in the Fediverse?
Should Repositories Participate in the Fediverse?
Paul Walk
 
Azure EA Sponsorship - Customer Guide.pdf
Azure EA Sponsorship - Customer Guide.pdfAzure EA Sponsorship - Customer Guide.pdf
Azure EA Sponsorship - Customer Guide.pdf
AanSulistiyo
 
Ready to Unlock the Power of Blockchain!
Ready to Unlock the Power of Blockchain!Ready to Unlock the Power of Blockchain!
Ready to Unlock the Power of Blockchain!
Toptal Tech
 
留学学历(UoA毕业证)奥克兰大学毕业证成绩单官方原版办理
留学学历(UoA毕业证)奥克兰大学毕业证成绩单官方原版办理留学学历(UoA毕业证)奥克兰大学毕业证成绩单官方原版办理
留学学历(UoA毕业证)奥克兰大学毕业证成绩单官方原版办理
bseovas
 

Recently uploaded (20)

7 Best Cloud Hosting Services to Try Out in 2024
7 Best Cloud Hosting Services to Try Out in 20247 Best Cloud Hosting Services to Try Out in 2024
7 Best Cloud Hosting Services to Try Out in 2024
 
制作原版1:1(Monash毕业证)莫纳什大学毕业证成绩单办理假
制作原版1:1(Monash毕业证)莫纳什大学毕业证成绩单办理假制作原版1:1(Monash毕业证)莫纳什大学毕业证成绩单办理假
制作原版1:1(Monash毕业证)莫纳什大学毕业证成绩单办理假
 
可查真实(Monash毕业证)西澳大学毕业证成绩单退学买
可查真实(Monash毕业证)西澳大学毕业证成绩单退学买可查真实(Monash毕业证)西澳大学毕业证成绩单退学买
可查真实(Monash毕业证)西澳大学毕业证成绩单退学买
 
办理新西兰奥克兰大学毕业证学位证书范本原版一模一样
办理新西兰奥克兰大学毕业证学位证书范本原版一模一样办理新西兰奥克兰大学毕业证学位证书范本原版一模一样
办理新西兰奥克兰大学毕业证学位证书范本原版一模一样
 
Gen Z and the marketplaces - let's translate their needs
Gen Z and the marketplaces - let's translate their needsGen Z and the marketplaces - let's translate their needs
Gen Z and the marketplaces - let's translate their needs
 
Discover the benefits of outsourcing SEO to India
Discover the benefits of outsourcing SEO to IndiaDiscover the benefits of outsourcing SEO to India
Discover the benefits of outsourcing SEO to India
 
[HUN][hackersuli] Red Teaming alapok 2024
[HUN][hackersuli] Red Teaming alapok 2024[HUN][hackersuli] Red Teaming alapok 2024
[HUN][hackersuli] Red Teaming alapok 2024
 
办理毕业证(NYU毕业证)纽约大学毕业证成绩单官方原版办理
办理毕业证(NYU毕业证)纽约大学毕业证成绩单官方原版办理办理毕业证(NYU毕业证)纽约大学毕业证成绩单官方原版办理
办理毕业证(NYU毕业证)纽约大学毕业证成绩单官方原版办理
 
快速办理(新加坡SMU毕业证书)新加坡管理大学毕业证文凭证书一模一样
快速办理(新加坡SMU毕业证书)新加坡管理大学毕业证文凭证书一模一样快速办理(新加坡SMU毕业证书)新加坡管理大学毕业证文凭证书一模一样
快速办理(新加坡SMU毕业证书)新加坡管理大学毕业证文凭证书一模一样
 
成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
 
国外证书(Lincoln毕业证)新西兰林肯大学毕业证成绩单不能毕业办理
国外证书(Lincoln毕业证)新西兰林肯大学毕业证成绩单不能毕业办理国外证书(Lincoln毕业证)新西兰林肯大学毕业证成绩单不能毕业办理
国外证书(Lincoln毕业证)新西兰林肯大学毕业证成绩单不能毕业办理
 
不能毕业如何获得(USYD毕业证)悉尼大学毕业证成绩单一比一原版制作
不能毕业如何获得(USYD毕业证)悉尼大学毕业证成绩单一比一原版制作不能毕业如何获得(USYD毕业证)悉尼大学毕业证成绩单一比一原版制作
不能毕业如何获得(USYD毕业证)悉尼大学毕业证成绩单一比一原版制作
 
重新申请毕业证书(RMIT毕业证)皇家墨尔本理工大学毕业证成绩单精仿办理
重新申请毕业证书(RMIT毕业证)皇家墨尔本理工大学毕业证成绩单精仿办理重新申请毕业证书(RMIT毕业证)皇家墨尔本理工大学毕业证成绩单精仿办理
重新申请毕业证书(RMIT毕业证)皇家墨尔本理工大学毕业证成绩单精仿办理
 
manuaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaal
manuaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaalmanuaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaal
manuaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaal
 
留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理
留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理
留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理
 
假文凭国外(Adelaide毕业证)澳大利亚国立大学毕业证成绩单办理
假文凭国外(Adelaide毕业证)澳大利亚国立大学毕业证成绩单办理假文凭国外(Adelaide毕业证)澳大利亚国立大学毕业证成绩单办理
假文凭国外(Adelaide毕业证)澳大利亚国立大学毕业证成绩单办理
 
Should Repositories Participate in the Fediverse?
Should Repositories Participate in the Fediverse?Should Repositories Participate in the Fediverse?
Should Repositories Participate in the Fediverse?
 
Azure EA Sponsorship - Customer Guide.pdf
Azure EA Sponsorship - Customer Guide.pdfAzure EA Sponsorship - Customer Guide.pdf
Azure EA Sponsorship - Customer Guide.pdf
 
Ready to Unlock the Power of Blockchain!
Ready to Unlock the Power of Blockchain!Ready to Unlock the Power of Blockchain!
Ready to Unlock the Power of Blockchain!
 
留学学历(UoA毕业证)奥克兰大学毕业证成绩单官方原版办理
留学学历(UoA毕业证)奥克兰大学毕业证成绩单官方原版办理留学学历(UoA毕业证)奥克兰大学毕业证成绩单官方原版办理
留学学历(UoA毕业证)奥克兰大学毕业证成绩单官方原版办理
 

Are you ready for the next attack? Reviewing the SP Security Checklist

  • 1. ARE
  • 7.  ATTACK? Reviewing the SP Security Checklist Barry Greene - bgreene@senki.org
  • 8. Checklist Approach Checklist are one of the most essential tools for productivity we have in the industry. Surprisingly, too few “Internet” and “Telecom” operators use the checklist approach to optimize their operations. What follows is the first in several “check list” designed for Internet Service Providers, be they Mobile, traditional Telco, Content, of ISPs. They can be cut/pasted and used in your organization. Additions to the checklist are always welcomed. * Thanks to Stephen Stuart @ Google for pointing out Atul Gawande’s book Note: If this is new to you, read the book “The Checklist Manifesto” and watch the TED talk: http://www.ted.com/talks/atul_gawande_how_do_we_heal_medicine
  • 9. [T]he malware that was used would have gotten past 90 percent of the Net defenses that are out there today in private industry and [would have been] likely to challenge even state government, Joe Demarest, Assistant Director - US FBI’s Investigation’s Cyberdivision. Do we have your attention?
  • 10. Our Traditional View of the World The Internet is not organized based on countries. It is a group of “Autonomous System Networks” (ASNs) all interconnected in a Global Network.
  • 11. The Reality of the Internet - No Borders How does a government enforce the rule of law
 where the Internet’s risk are all trans-national?
  • 12. Work on the Right Security Problem This is nice to know Who we need to Target The Good Guys are the Big Part of the Security Problem
  • 13. Threat Vectors have Evolved Cyber-Criminal Threats Cyber-Crime is an International Legal problem that has no short term resolution. There will always be someplace in the Political, Patriotic, Protestors There are always going to be someone, somewhere, who is upset with society - with the ability to make their anxiety know through any network - any where. Nation State Threats Post-Snowden, the secret world of nation state security is now all in the open. Your network is a valid “Battle Space” for any Cyber-War.
  • 14. What really happens if I’m attacked? http://www.informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/
  • 15. The market does not penalize! http://www.informationisbeautiful.net/ The “market” is forgiving IF you have a security reaction plan. A security reaction plan will not prevent revenue losses, customer churn, and legal actions, but … organizations do recover from “big data breaches”
  • 16. Security Threats are a Force of Nature Think of the current and future security threats as a force of of the environment we live in. This is not new to human society. We have to live with the issues of nature all the time. Like a hurricane, it is not a matter of if, but when. Even worse, you can be in a zone where the hurricane, tornado, flood, earth quake, and blizzard are all a major risk. Forces of Nature cannot be stopped - the only thing you can do is mitigate risk through your design, preparation, and investment.
  • 17. “Security” Excuses •LaLaLa if I ignore you may be you will go away. •It is someone else's problem. •I don’t know where to start? •I need to wait for someone to tell me what to do. •No one has been killed ..... Yet. •I need more training! •We cannot afford all the security equipment. •We need to wait for ISO 27001 Certification. Reality - there is a lot of “talk” about security, but most operations just do not care …. until the s!@# hits the fan.
  • 18. Positive Control Have positive control over all elements in your network. Know who is accessing, when they are accessing, and where they are accessing from. Think beyond TACACS +. Start asking for Diameter and two factor authorization with IPv6 only access. Log everything and expect all there threat vectors probing. Consequences of neglect is severe. This is always the #1 issue risk assessors find in networks! Who is that who logging in? Why does node in from country X login?
  • 19. VTY ACLs are Critical Put VTY Access list everywhere, log it, plot in MRTG/Cati, and create the alert scripts. The VTY access list trick is on of the key cost effective tools that consistently delivers key indicators of attackers probing the network, exploring the network, or trying to break into the elements of the network. The only way to make this work effectively is to build your own script or use tool from companies like 6Connect. Why is someone trying to telnet into my eNodeB from another eNodeB? Why are there a increase in “drops” on my internal SSH?
  • 20. Force Vendor Security Partnerships Use the Vendor Security Checklist with all your vendors now. Set up the meetings, have them comply, and push if non-compliant. Then have these items part of all your RFPs. Vendors will NOT pay attention to security until their customers demand security …. or if you take legal action for liability against the vendors. Waiting for the dialog is going to create problems when the s!@# with a specific vendor. * E-mail and ask for a copy with the Security “RFP” questions.
  • 21. What is the Upgrade Plan? Every element in your system needs a tested Upgrade Plan. Don’t wait for an emergency patch to find out that a major routers take 6 hours to upgrade! Create the upgrade plan. Write the MOP for the test as a template. Rest the plan in your lab, or I the vendor's lab. Table top exercise how you would have a rolling upgrade through out the entire system. Map the other systems which are coupled dependencies or collaterally impacted. Once all of this is done, start working on designs where you can do these upgrades without the massive service impact. Your first reaction would be “isn’t this basic?” Start asking for details and you will be surprised. One vendor thought is was normal for a router to be upgraded in 4 hours!
  • 22. IPv6 Check = Security Bring in all your vendors and review the IPv6 Check list. Don't wait for the next RFP. The Cyber-Criminal and Nation-State threat vectors both know that IPv6 is the easy entry for getting into and through a network. There is way too many 1/2 completed IPv6 deployments with equipment that is not ready (I.e. No IPv6 security features). Cyber-Criminals figured out that IPv6 was a backdoor into a network 5 years ago.
  • 23. Build your Attack Trees Learn Attack Trees, build your attack trees, explore all the ways you can break and network. Once you have your own list of dirty tricks to break your network, start building reaction plans with the tools you have in place right now. If brave, get someone to facilitate a Red Team - Blue Team table top exercise.
  • 24. Write your BGP Policy! Write your BGP policy down so that your CEO understands it! What are you going to send? What are you going to receive? How are you going to monitor? How are you going to enforce? How do you manage your customers? The days when “BGP policy” is in a “Cisco config script” will not work when the threat environment is so hostile. One of the barriers to RPKI ROA registration is the lack of proactive thinking, planning, and documentation around an operator’s interconnection policy. You will make important discoveries of “BGP risk” when you write it down in a way that everyone can understand!
  • 25. Review your DNS Architecture! Review all of your DNS Architecture to Ensure it is Resilient. Several of the major “DNS outages” in 2014 had a root cause in how they were designed. Do not listen to the vendors, they would want to sell you a solution that will put all the DNS functionality into one box, creating single points of failure.
  • 26. Review your DNS Architecture! Example: Generic DNS Authoritative Infrastructure EXAMPLE.COM Authoritative Module Zone Updates Where is www.example.com? 12 3 3 3
  • 27. Review your DNS Architecture! Example: Generic DNS Resolver Infrastructure Customers Users Where is www.example.com? DNS Resolver Cluster Optional www.example.com Optional
  • 28. Review your DNS Architecture! Example: LTE has Five Separate DNS “Architectures!” IMS E-UTRAN Operator’s IP Services Gxc (Gx+) S11 (GTP-C) S1-U (GTP-U) S6a (DIAMETER) S1-MME (S1-AP) S5 (GTP-C,GTP-U) Gx (Gx+) SWx (DIAMETER) S6b (DIAMETER) SGi Rx+ Tracking Area/APN DNS Resolver DNS S10 (GTP-C Infrastructure DNS Authoritative DNS Roam DNS (ENUM)
  • 29. Where is your “Security Community?” Proactively build a security community of peers. The Internet is a network of people! Major security issues on the Internet are solved by communities of people who have aligned interest. These communities take proactive investment. Many times you will be working with your competitors. Yet, the effort will save your network. If not tomorrow, then next year or the year after. Can you pick up the phone, call several of your peers, and start working on a security issue that is impacting everyone?
  • 30. Checklist Summary Positive Control VTY ACLs are Critical Force Vendor Security Partnerships Every element in your system needs a tested Upgrade Plan. Bring in all your vendors and review the IPv6 Check list. Learn Attack Trees, build your attack trees, explore all the ways you can break and network. Write your BGP policy down so that your CEO understands it! Review all of your DNS Architecture to Ensure it is Resilient. Proactively build a security community of peers. More to come …..
  • 31. What’s Next? Commit to do something to prepare your organization. You do not need to ask permission, just start doing something ….. Where to get the “Checklist?” www.senki.org Barry’s Linkedin Post - http://www.linkedin.com/ in/barryrgreene/ or Twitter: @BarryRGreene Reach out and Build a Community