Dean carey - data loss-prevention - atlseccon2011
•
1 like•262 views
Dean carey - data loss-prevention - atlseccon2011
Recommended
More Related Content
What's hot
What's hot (20)
Viewers also liked
Viewers also liked (20)
Similar to Dean carey - data loss-prevention - atlseccon2011
Similar to Dean carey - data loss-prevention - atlseccon2011 (20)
More from Atlantic Security Conference
More from Atlantic Security Conference (12)
Recently uploaded
Recently uploaded (20)
Dean carey - data loss-prevention - atlseccon2011
- 1. Don't Be The Next Data Loss Story
- 2. SC Magazine Data Breaches Don’t Discriminate “DuPont scientist downloaded 22,000 sensitive documents as he got ready to take a job with a competitor…” “Royal London Mutual Insurance Society loses eight laptops and the personal details of 2,135 people” “The FSA has fined Nationwide £980,000 for a stolen laptop” “Personal data of 600,000 on lost laptop” “ChoicePoint to pay $15 million over data breach—Data broker sold info on 163,000 people”
- 3. Increasing Risk of Information Theft • 19 people a minute become new victims of identity theft due to data breaches1 • During a 3 year period, over 217 million Americans were victims of identity theft or exposure2 • Each data breach costs an average of $6.3 million3 • A typical Fortune 1000 company can’t locate 2% of their PC’s4 • A typical Fortune 1000 financial institution loses 1 laptop a day5
- 4. Understanding the risk Market value of your sensitive data $490 Credit Card Number with PIN $78-$294 Billing data $147 Driver's license $147 Birth certificate $98 Social Security card $6-$24 Credit card number $6 PayPal account logon and password $980-$4,900 Trojan to steal account information
- 5. Anyone else been caught with one of these?
- 6. Full Disclosure and what’s your data worth?
- 7. Is Your Data in the Wild? 80% of CISOs see employees as the greatest data threat 73% of data breaches come from internal sources 77% unable to audit or quantify loss after a data breach
- 8. The Problem is Rapidly Escalating 300% 2008 - 2009 Security Breach Increase
- 9. ...Send company confidential data to your private email account? …Print a confidential document on the wrong printer? ...Send an email to the wrong recipient? Innocent But Risky Actions …Copy data to an non-encrypted USB device? DID YOU EVER...
- 10. ―User‖ is a Four Letter Word 86% Regularly forward documents via corporate email 26% Sent customer information using web-based email such as Yahoo or Hotmail 83% Admitted printing out customer records to remove from the business 26% Admit regularly using USB flash drives to take confidential information out of the company (an uncomplimentary way to indicate that a computer problem is the fault of the user) ―PEBKAC‖ – Problem Exists Between Keyboard And Chair ...but are they IT security experts or employees?
- 11. USA Today – 29 Sep 2010
- 12. Use Case: Insider Threat and The Internet 1 Scenario • An employee disagrees with company policy or action • Has access to ―evidence‖ of perceived issues or abuse • Uploads this data to a web-based whistleblower site DLP can stop unauthorized uploads • Set policies to protect your sensitive data or communications • Either block or require explicit permission to upload such data
- 13. Data Protection Challenges Enabling Business 2.0 Sensitive Data Regulated Data • Easily comply with multiple regulations • Reduce costs associated with audit • Protect reputation & reduce penalties • Support supply chain & partner integration • Support safe, flexible use of business data • Enable safe, two-way, B2B/B2C communication • Protect sensitive data & intellectual property • Maintain competitive advantage • Ensure appropriate chain of custody
- 14. Managing Risk • Access + Mobility = Risk • Protection needed 24/7/365 – Not just during business hours • Data is constantly on the move, replicating and changing organically • Imperative to be both legally compliant and protect your most precious assets – your data, your competitive position, and your brand • Holistic thinking required – Networks, laptops, mobile devices, etc.
- 15. Securing Data Requires Different Thinking
- 16. Today’s Security Solution Gap • Most ―security‖ products don’t actually ―secure information‖ – They are designed to protect networks and servers – They do little to protect the confidentiality and integrity of information • Information is in constant motion —making it difficult to lock down Anti-spyware Authentication Anti-virus Threat Detection Change/Patch Management Clients Servers LAN Firewall Anti-virus Web Filtering VPN
- 17. Data Protection Requires Different Thinking Data is not static, so security cannot be static – it must persist with the data itself. This is Data-Centric Protection. Data Loss Prevention Encryption Strong Authentication Device Control
- 18. Data Protection Requires Different Thinking Data must be protected regardless of: Easy to Lose Enticing to StealEasy to Transfer AccessUsage DeviceLocation Cybercrime “Black Market” Value $98 $490 $147 $147 ®
- 19. Data Protection Platforms Data-at- Rest Data-in- Motion Data-in- Use Monitor, Notify, and Prevent Enforce, Audit, and Respond Identify, Classify, and Protect Incident and case management Workflow and reportingDLP Manager Full endpoint management and deployment Network DLP Discover Endpoint Encryption Encrypted USB Network DLP Monitor Network DLP Prevent Host DLP Host DLP Device Control Encrypted USB
- 20. What is DLP? Data Sources At rest In use In motion User Actions Copy to device Burn to disc Cut, copy, paste Print Email Web IM Enforced to Destination Take home Post to web Send via net Policy Actions Encrypt Monitor Educate Block Move
- 21. DLP - Learning and Data Mining Instant Manual
- 22. Violations Data Analytics Data Capture Fast, accurate policy creation and rapid, in-depth investigations DLP Leverages DataWhat Capture Makes Possible Define Policy Tune Rules Search Mine Data
- 23. DLP is the Enabler • DLP integrates all data protection – It is the coordinating technology of a comprehensive data protection solution • DLP provides data workflow oversight – It responds to events & coordinates the responses of other components • DLP is the one tool that enables the safe and flexible use of data – Stop having to say ―NO‖ to your users and start enabling ―YES‖ DLP provides integrated workflows & flexibility resulting in simplified processes, lower costs and more comprehensive protection for your business without constraining your employees!
- 24. 2010 2011 APRIL Publishes classified Baghdad airstrike video showing 2007 attacks by U.S. helicopter that killed a dozen people. JULY Publishes 91,000 documents, majority secret U.S. military files about war in Afghanistan, back to 2004 OCTOBER Releases 400,000 classified U.S. military files from Iraq War (2004- 2009) NOVEMBER Releases 250,000 classified U.S. diplomatic cables with assessments of world leaders and Iran’s nuclear missile program NOVEMBER Forbes reports that WikiLeaks plans to release tens of thousands of internal documents from major U.S. banks in early 2011 Julian Assange DECEMBER 2 Amazon.com ceases hosting WikiLeaks website DECEMBER 7 Internet activists attack PayPal, Mastercard and Visa which have withdrawn services from WikiLeaks DECEMBER 21 Apple removes WikiLeaks apps from App Store JANUARY 8 U.S. relocates some people named in WikiLeaks cables JANUARY 17 Swiss whistleblower hands over data on hundreds of offshore bank acct. holders to WikiLeaks FEBRUARY WikiLeaks still online, but DNS records removed WikiLeaks
- 25. 25 NFSDatabase Web Server SharePointLaptopDesktop Documentum Discover data…. If (ConfidentialData(){PreventSendTo()… Build Policies…. Prevent data leakage…. Where to start?