This document discusses various cybersecurity case studies including network security, data loss prevention, cloud security, intrusion detection systems, ransomware, remote access trojans, and data breaches involving Facebook, Google, WhatsApp, and Wells Fargo. It examines the technical aspects of these security issues and potential discussion points around topics like trust, transparency, data usage, privacy, and responses to security incidents.

1. CyberSecurity–CaseStudies
Moksha Kalyanram Abhiramula

2. Moksha Kalyanram Abhiramula
• Commercial Disputes Mediator | Conciliator |
Author | Brand Auditor | Patent Analyst | Intangible
Valuer - (Trademarks, Patents & Copyrights) |
Investor
• My belief - success of any business entity is
directly proportional to the value derived by its
customers.
AboutMe
2
/mokshakalyanramabhiramula

3. 3
CyberSecurity
Integrity –Confidentiality - Availability

4. 4
Common
Types
Network
Security
Data Loss
Prevention
(DLP)
Cloud
Security
Intrusion
Detection
Systems (IDS)
Intrusion
Prevention
Systems (IPS)
Identity and
Access
Management
(IAM)
Antivirus/anti-
malware

5. NetworkSecurity
5
• Set of Rules & Configurations
• Controls incoming and outgoing
connections
• Prevent threats from entering or
spreading on the network.

6. 6
• Evaluate the efficiency and sufficiency
of Current Set of Rules & Configurations
• Evaluate Risk assessment tools
• Check for vulnerabilities in Fire walls
• Check for vulnerabilities in
• Incoming connections control
• Outgoing connections control
• Verify the updated version of Best
Practices handling security threats
NetworkSecurity

7. DataLossPrevention(DLP)
7
• Protects data by focusing
on
location
classification
monitoring of information
 at rest
 in use
 in motion

8. DataLossPrevention(DLP)
8

9. 9
• Information leak detection and
prevention (ILDP)
• Information leak prevention (ILP)
• content monitoring and filtering (CMF)
• Information protection and control
(IPC)
• Extrusion prevention system (EPS)
DataLossPrevention(DLP)

10. 10
• Standard security measures
• Firewalls
• Intrusion detection systems (IDSs)
• Antivirus software
• Advanced security measures
• employ machine learning and temporal
reasoning algorithms to detect abnormal
access to data
• Designated systems
• Detect and prevent unauthorized
attempts to copy or send sensitive data,
intentionally or unintentionally
DataLossPrevention(DLP)

11. CloudSecurity
11
• Protection for data online
via cloud computing
platforms from theft,
leakage and deletion.
• Threats
• data breaches
• data loss
• account hijacking
• service traffic hijacking

12. 12
• Possible areas for security breach
• Vulnerabilities in data storage devices
• On-site data guardians
• Security threat detection mechanism
Cloud-native Security Challenges
Increased Attack Surface
Lack of Visibility and Tracking
Ever-Changing Workloads
DevOps, DevSecOps and Automation
Granular Privilege and Key Management
Complex Environments
Cloud Compliance and Governance
CloudSecurity

13. 13
• Evaluate and eradicate opportunities
for hackers
• Efficiency of built-in fire walls
• Identification of cloud assets
• Quantify and control for cloud assets
• Enforcement of protection policies for
cloud assets
• Proper and well designed privilege
grant system
• Geographical distribution analyses
CloudSecurity

14. IntrusionDetectionSystem(IDS)
14
• Monitors a network or
systems for malicious activity
or policy violations.
• Types
• Network intrusion detection
system (NIDS)
• Host-based intrusion detection
system (HIDS)
• Perimeter Intrusion Detection
System (PIDS)
• VM based Intrusion Detection
System (VMIDS)

15. IntrusionDetectionSystem(IDS)
15
• Examines network traffic flows to detect and prevent
vulnerability exploits
• Action points
• Sending an alarm to the administrator (as would be seen in an IDS)
• Dropping the malicious packets
• Blocking traffic from the source address
• Resetting the connection

16. IntrusionDetectionSystem(IDS)
16
• Examines network traffic
flows to detect and prevent
vulnerability exploits
• Action points
• Sending an alarm to the
administrator (as would be seen in
an IDS)
• Dropping the malicious packets
• Blocking traffic from the source
address
• Resetting the connection

17. Add a footer 17

18. Add a footer 18

19. Add a footer 19

20. Source: https://www.innominds.com/ 20

21. Add a footer 21

22. Ransomware
Add a footer 22
• Technology kidnapping
• Virus infiltrates a computer device, locks
down its data, and won’t release it until
a ransom is paid.
• The most heavily used form of infection
method is via email

23. Source:
http://www.globaledgesys.com/
23

24. Add a footer 24

25. Add a footer 25

26. RemoteAccessTrojan(RAT)
26
• Allows covert surveillance
• Unfettered and unauthorized remote access to a victim’s machine.
• installing and removing programs, manipulating files, hijacking the webcam, reading
data from the keyboard, harvesting login credentials and monitoring the clipboard

27. 27

28. 28

29. Add a footer 29
DataBreachCase
Facebook Data Centre - New Georgia, USA

30. Senator Kamala Harris questions Facebook's Mark Zuckerberg
Add a footer 30

31. Point of discussion
Add a footer 31
• Trust & transparency issues
• Tracking of browsing activities across devices
• Storage of categories of users information
• Misappropriation of data of users
• Action taken when you become aware of mishaps
• Users awareness about usage of data by Facebook

32. Google Data Center 32
CensoredSearchEngine

33. Google's congressional hearing highlights
Add a footer 33

34. Point of discussion
Add a footer 34
• Paid Ad campaign significance and spread
• Implications of a curative content
• Civic process non partisan way
• Tracking movements by mobile phone being carried
• Google left China market place – possible access to data
• Search products – security issues
• Content moderation

35. WhatsApp’s Breach
Add a footer 35

36. Point of discussion
Add a footer 36
• Spyware target
• Update of patches
• Security breaches
• Ethical hacking

37. Wells Fargo Cross-selling Scandal
Add a footer 37

38. Point of discussion
Add a footer 38
• Cross –selling – data usage rights
• Forging signatures – physical / digital
• Repository mismanagement

39. ThankYou
Moksha Kalyanram Abhiramula
+91 99 48 66 66 22
moksha@lamintage.com
www.lamintage.com
39