SlideShare a Scribd company logo

Mca Erg Oct 09

Donald Tabone
Donald Tabone

9th October 2009, CERT and NIS - a local corporate perspective, on behalf of MCA for the #20 meeting of the European Regulatory Group held in Malta

Technology
1 of 13
Download to read offline
C.E.R.T. A corporate perspective ERG meeting #20 Network and Information Security MALTA 9th October 2009 Donald Tabone B.Sc (Hons)
2
Some of our clients 3
The idea behind CERT • Provide for post incident analysis • Compliance with laws and regulations governing breaches • Preservation of company goodwill The main corporate drivers for IS & CERT • Compliance – top down strategy • Minimise company loss of revenue and customers • Company reputation
The reality corporate IS faces • 60% of corporate date resides unprotected on PC desktops and laptops • Statistically 1-out-of-10 laptops are stolen with 12 months of purchase • 66% of USB thumb drive owners report losing them – over 60% with private corporate data on them • Data problem: Users want to access their data anytime, from anywhere
CCBill’s approach to IS ..1.. • Logical level – Securing all endpoints – AV alone is no longer effective – Employing dual-factor authentication for sensitive servers – Instilling a security mindset throughout our SDLC – Disallow USB and WiFi devices company-wide – Automated user account de/provisioning – HIDS implementations on secured servers – Effective patch management – Full-disk encryption for laptops – End to end encryption (IPSEC, SSH, SSL etc..) – Inherently redundant network architectures
Inherently redundant network architectures AMSTERDAM PHOENIX OVERALL OBJECTIVES • MAXIMISE NETWORK UPTIME ASHBURN • MINIMISE IMPACT TO OUR SYSTEMS AUSTRALIA
CCBill’s approach to IS ..2.. • Organisational level – Business Continuity Planning (BCP) – Periodic business impact analysis (BIA) – Service level agreements -> transfer of risk – Inherent fail-over strategies – Separation of duties – Periodic security awareness training – Acceptable usage policy (AUP)
Security Monitoring • Augments prevention, doesn’t replace it • Monitoring Incident response cycle – Feedback from forensics into monitoring • Policy review team • Effective change management procedures • Typical network monitoring tools – Snort (IDS) – Ntop – Rancid CISCO logs – Splunk SIEM • Periodic gap analysis by third parties • Syslog aggregation from all devices and endpoints
Syslog network topology
IS implementation challenges • Balancing security with usability • Minimising human error • Instilling a security mindset • Keeping abreast with technology shifts • Mitigating and reducing risks to an acceptable level • Preventing breaches • Responding to incidents in a timely manner • Enforcing confidentiality, integrity and availability
CERT challenges • Post incident analysis is expensive and time consuming – Companies are sometimes ready to suffer the brunt • Time is money – Release today, get the business and patch tomorrow • Often, business strategies win hands down over security best practices
Q&A THANK YOU!

Recommended

SanerNow Endpoint Management
SanerNow Endpoint ManagementSanerNow Endpoint Management
SanerNow Endpoint Management
SecPod Technologies
 
PITA Technical and Business Session: Cybersecurity outside the office
PITA Technical and Business Session: Cybersecurity outside the officePITA Technical and Business Session: Cybersecurity outside the office
PITA Technical and Business Session: Cybersecurity outside the office
APNIC
 
Locking down server and workstation operating systems
Locking down server and workstation operating systemsLocking down server and workstation operating systems
Locking down server and workstation operating systems
Ben Rothke
 
7 Habits of Highly Secure Organizations
7 Habits of Highly Secure Organizations7 Habits of Highly Secure Organizations
7 Habits of Highly Secure Organizations
HelpSystems
 
2012 06-19 --ncc_group_-_iet_seminar_-_mobile_apps_and_secure_by_design
2012 06-19 --ncc_group_-_iet_seminar_-_mobile_apps_and_secure_by_design2012 06-19 --ncc_group_-_iet_seminar_-_mobile_apps_and_secure_by_design
2012 06-19 --ncc_group_-_iet_seminar_-_mobile_apps_and_secure_by_designNCC Group
 
End User Brochure
End User BrochureEnd User Brochure
End User Brochure
proitsolutions
 
Hem infotech company profile
Hem infotech company profileHem infotech company profile
Hem infotech company profile
Hem Infotech
 
Logic Monitoring Service
Logic Monitoring ServiceLogic Monitoring Service
Logic Monitoring Service
jhulsey
 

Recommended

SanerNow Endpoint Management
SanerNow Endpoint ManagementSanerNow Endpoint Management
SanerNow Endpoint Management
SecPod Technologies
 
PITA Technical and Business Session: Cybersecurity outside the office
PITA Technical and Business Session: Cybersecurity outside the officePITA Technical and Business Session: Cybersecurity outside the office
PITA Technical and Business Session: Cybersecurity outside the office
APNIC
 
Locking down server and workstation operating systems
Locking down server and workstation operating systemsLocking down server and workstation operating systems
Locking down server and workstation operating systems
Ben Rothke
 
7 Habits of Highly Secure Organizations
7 Habits of Highly Secure Organizations7 Habits of Highly Secure Organizations
7 Habits of Highly Secure Organizations
HelpSystems
 
2012 06-19 --ncc_group_-_iet_seminar_-_mobile_apps_and_secure_by_design
2012 06-19 --ncc_group_-_iet_seminar_-_mobile_apps_and_secure_by_design2012 06-19 --ncc_group_-_iet_seminar_-_mobile_apps_and_secure_by_design
2012 06-19 --ncc_group_-_iet_seminar_-_mobile_apps_and_secure_by_designNCC Group
 
End User Brochure
End User BrochureEnd User Brochure
End User Brochure
proitsolutions
 
Hem infotech company profile
Hem infotech company profileHem infotech company profile
Hem infotech company profile
Hem Infotech
 
Logic Monitoring Service
Logic Monitoring ServiceLogic Monitoring Service
Logic Monitoring Service
jhulsey
 
CTG Logic monitor
CTG Logic monitor CTG Logic monitor
CTG Logic monitor
jhulsey
 
Lock it or Lose It: Why Every Company Should be Concerned About Data Security
Lock it or Lose It: Why Every Company Should be Concerned About Data SecurityLock it or Lose It: Why Every Company Should be Concerned About Data Security
Lock it or Lose It: Why Every Company Should be Concerned About Data Security
SmartCompliance
 
Selling to The IT Department
Selling to The IT DepartmentSelling to The IT Department
Selling to The IT Department3VR Inc.
 
Old Dogs, New Tricks: Big Data from and for Mainframe IT
Old Dogs, New Tricks: Big Data from and for Mainframe ITOld Dogs, New Tricks: Big Data from and for Mainframe IT
Old Dogs, New Tricks: Big Data from and for Mainframe IT
Precisely
 
12 Simple Cybersecurity Rules For Your Small Business
12 Simple Cybersecurity Rules For Your Small Business 12 Simple Cybersecurity Rules For Your Small Business
12 Simple Cybersecurity Rules For Your Small Business
NSUGSCIS
 
Outsourcing small cell deployment - How process automation tools can enable ...
Outsourcing small cell deployment - How process automation tools can enable ...Outsourcing small cell deployment - How process automation tools can enable ...
Outsourcing small cell deployment - How process automation tools can enable ...
David Chambers
 
Commercial And Government Cyberwarfare
Commercial And Government CyberwarfareCommercial And Government Cyberwarfare
Commercial And Government CyberwarfareNicholas Davis
 
SIEM - Your Complete IT Security Arsenal
SIEM - Your Complete IT Security ArsenalSIEM - Your Complete IT Security Arsenal
SIEM - Your Complete IT Security Arsenal
ManageEngine EventLog Analyzer
 
Cyber Rangers S1 E2
Cyber Rangers S1 E2Cyber Rangers S1 E2
Cyber Rangers S1 E2
JudyEvans8
 
The Datacenter Security Continuum
The Datacenter Security ContinuumThe Datacenter Security Continuum
The Datacenter Security Continuum
Martin Hingley
 
Frontier Backupand Recovery Presentation 110311
Frontier Backupand Recovery Presentation 110311Frontier Backupand Recovery Presentation 110311
Frontier Backupand Recovery Presentation 110311JohnMDoe
 
Just Trust Everyone and We Will Be Fine, Right?
Just Trust Everyone and We Will Be Fine, Right?Just Trust Everyone and We Will Be Fine, Right?
Just Trust Everyone and We Will Be Fine, Right?
Scott Carlson
 
NARCA Presentation - IT Best Practice
NARCA Presentation - IT Best PracticeNARCA Presentation - IT Best Practice
NARCA Presentation - IT Best PracticeBrenda Majewski
 
Website homepage presentation
Website homepage presentationWebsite homepage presentation
Website homepage presentation
peaceofmintech
 
Network Security, Change Control, Outsourcing
Network Security, Change Control, OutsourcingNetwork Security, Change Control, Outsourcing
Network Security, Change Control, OutsourcingNicholas Davis
 
AccelOps & SOC-NOC Convergence
AccelOps & SOC-NOC ConvergenceAccelOps & SOC-NOC Convergence
AccelOps & SOC-NOC Convergence
Stephen Tsuchiyama
 
Practical SME Security on a Shoestring
Practical SME Security on a ShoestringPractical SME Security on a Shoestring
Practical SME Security on a ShoestringNCC Group
 
How To Secure MIS
How To Secure MISHow To Secure MIS
How To Secure MIS
AaDi Malik
 
Software-Brochure-2
Software-Brochure-2Software-Brochure-2
Software-Brochure-2Prahlad Reddy
 
Lessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
Lessons Learned Fighting Modern Cyberthreats in Critical ICS NetworksLessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
Lessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
Angeloluca Barba
 
An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)
Ahmad Haghighi
 
DTS Solution - Building a SOC (Security Operations Center)
DTS Solution - Building a SOC (Security Operations Center)DTS Solution - Building a SOC (Security Operations Center)
DTS Solution - Building a SOC (Security Operations Center)
Shah Sheikh
 

More Related Content

What's hot

CTG Logic monitor
CTG Logic monitor CTG Logic monitor
CTG Logic monitor
jhulsey
 
Lock it or Lose It: Why Every Company Should be Concerned About Data Security
Lock it or Lose It: Why Every Company Should be Concerned About Data SecurityLock it or Lose It: Why Every Company Should be Concerned About Data Security
Lock it or Lose It: Why Every Company Should be Concerned About Data Security
SmartCompliance
 
Selling to The IT Department
Selling to The IT DepartmentSelling to The IT Department
Selling to The IT Department3VR Inc.
 
Old Dogs, New Tricks: Big Data from and for Mainframe IT
Old Dogs, New Tricks: Big Data from and for Mainframe ITOld Dogs, New Tricks: Big Data from and for Mainframe IT
Old Dogs, New Tricks: Big Data from and for Mainframe IT
Precisely
 
12 Simple Cybersecurity Rules For Your Small Business
12 Simple Cybersecurity Rules For Your Small Business 12 Simple Cybersecurity Rules For Your Small Business
12 Simple Cybersecurity Rules For Your Small Business
NSUGSCIS
 
Outsourcing small cell deployment - How process automation tools can enable ...
Outsourcing small cell deployment - How process automation tools can enable ...Outsourcing small cell deployment - How process automation tools can enable ...
Outsourcing small cell deployment - How process automation tools can enable ...
David Chambers
 
Commercial And Government Cyberwarfare
Commercial And Government CyberwarfareCommercial And Government Cyberwarfare
Commercial And Government CyberwarfareNicholas Davis
 
SIEM - Your Complete IT Security Arsenal
SIEM - Your Complete IT Security ArsenalSIEM - Your Complete IT Security Arsenal
SIEM - Your Complete IT Security Arsenal
ManageEngine EventLog Analyzer
 
Cyber Rangers S1 E2
Cyber Rangers S1 E2Cyber Rangers S1 E2
Cyber Rangers S1 E2
JudyEvans8
 
The Datacenter Security Continuum
The Datacenter Security ContinuumThe Datacenter Security Continuum
The Datacenter Security Continuum
Martin Hingley
 
Frontier Backupand Recovery Presentation 110311
Frontier Backupand Recovery Presentation 110311Frontier Backupand Recovery Presentation 110311
Frontier Backupand Recovery Presentation 110311JohnMDoe
 
Just Trust Everyone and We Will Be Fine, Right?
Just Trust Everyone and We Will Be Fine, Right?Just Trust Everyone and We Will Be Fine, Right?
Just Trust Everyone and We Will Be Fine, Right?
Scott Carlson
 
NARCA Presentation - IT Best Practice
NARCA Presentation - IT Best PracticeNARCA Presentation - IT Best Practice
NARCA Presentation - IT Best PracticeBrenda Majewski
 
Website homepage presentation
Website homepage presentationWebsite homepage presentation
Website homepage presentation
peaceofmintech
 
Network Security, Change Control, Outsourcing
Network Security, Change Control, OutsourcingNetwork Security, Change Control, Outsourcing
Network Security, Change Control, OutsourcingNicholas Davis
 
AccelOps & SOC-NOC Convergence
AccelOps & SOC-NOC ConvergenceAccelOps & SOC-NOC Convergence
AccelOps & SOC-NOC Convergence
Stephen Tsuchiyama
 
Practical SME Security on a Shoestring
Practical SME Security on a ShoestringPractical SME Security on a Shoestring
Practical SME Security on a ShoestringNCC Group
 
How To Secure MIS
How To Secure MISHow To Secure MIS
How To Secure MIS
AaDi Malik
 

What's hot (19)

CTG Logic monitor
CTG Logic monitor CTG Logic monitor
CTG Logic monitor
 
Lock it or Lose It: Why Every Company Should be Concerned About Data Security
Lock it or Lose It: Why Every Company Should be Concerned About Data SecurityLock it or Lose It: Why Every Company Should be Concerned About Data Security
Lock it or Lose It: Why Every Company Should be Concerned About Data Security
 
Selling to The IT Department
Selling to The IT DepartmentSelling to The IT Department
Selling to The IT Department
 
Old Dogs, New Tricks: Big Data from and for Mainframe IT
Old Dogs, New Tricks: Big Data from and for Mainframe ITOld Dogs, New Tricks: Big Data from and for Mainframe IT
Old Dogs, New Tricks: Big Data from and for Mainframe IT
 
12 Simple Cybersecurity Rules For Your Small Business
12 Simple Cybersecurity Rules For Your Small Business 12 Simple Cybersecurity Rules For Your Small Business
12 Simple Cybersecurity Rules For Your Small Business
 
Outsourcing small cell deployment - How process automation tools can enable ...
Outsourcing small cell deployment - How process automation tools can enable ...Outsourcing small cell deployment - How process automation tools can enable ...
Outsourcing small cell deployment - How process automation tools can enable ...
 
Commercial And Government Cyberwarfare
Commercial And Government CyberwarfareCommercial And Government Cyberwarfare
Commercial And Government Cyberwarfare
 
SIEM - Your Complete IT Security Arsenal
SIEM - Your Complete IT Security ArsenalSIEM - Your Complete IT Security Arsenal
SIEM - Your Complete IT Security Arsenal
 
Cyber Rangers S1 E2
Cyber Rangers S1 E2Cyber Rangers S1 E2
Cyber Rangers S1 E2
 
The Datacenter Security Continuum
The Datacenter Security ContinuumThe Datacenter Security Continuum
The Datacenter Security Continuum
 
Frontier Backupand Recovery Presentation 110311
Frontier Backupand Recovery Presentation 110311Frontier Backupand Recovery Presentation 110311
Frontier Backupand Recovery Presentation 110311
 
Just Trust Everyone and We Will Be Fine, Right?
Just Trust Everyone and We Will Be Fine, Right?Just Trust Everyone and We Will Be Fine, Right?
Just Trust Everyone and We Will Be Fine, Right?
 
NARCA Presentation - IT Best Practice
NARCA Presentation - IT Best PracticeNARCA Presentation - IT Best Practice
NARCA Presentation - IT Best Practice
 
Website homepage presentation
Website homepage presentationWebsite homepage presentation
Website homepage presentation
 
Network Security, Change Control, Outsourcing
Network Security, Change Control, OutsourcingNetwork Security, Change Control, Outsourcing
Network Security, Change Control, Outsourcing
 
AccelOps & SOC-NOC Convergence
AccelOps & SOC-NOC ConvergenceAccelOps & SOC-NOC Convergence
AccelOps & SOC-NOC Convergence
 
Practical SME Security on a Shoestring
Practical SME Security on a ShoestringPractical SME Security on a Shoestring
Practical SME Security on a Shoestring
 
How To Secure MIS
How To Secure MISHow To Secure MIS
How To Secure MIS
 
Software-Brochure-2
Software-Brochure-2Software-Brochure-2
Software-Brochure-2
 

Similar to Mca Erg Oct 09

Lessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
Lessons Learned Fighting Modern Cyberthreats in Critical ICS NetworksLessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
Lessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
Angeloluca Barba
 
An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)
Ahmad Haghighi
 
DTS Solution - Building a SOC (Security Operations Center)
DTS Solution - Building a SOC (Security Operations Center)DTS Solution - Building a SOC (Security Operations Center)
DTS Solution - Building a SOC (Security Operations Center)
Shah Sheikh
 
Building a Cyber Security Operations Center for SCADA/ICS Environments
Building a Cyber Security Operations Center for SCADA/ICS EnvironmentsBuilding a Cyber Security Operations Center for SCADA/ICS Environments
Building a Cyber Security Operations Center for SCADA/ICS Environments
Shah Sheikh
 
Effective Security Monitoring for IBM i: What You Need to Know
Effective Security Monitoring for IBM i: What You Need to KnowEffective Security Monitoring for IBM i: What You Need to Know
Effective Security Monitoring for IBM i: What You Need to Know
Precisely
 
Application Security Done Right
Application Security Done RightApplication Security Done Right
Application Security Done Right
pvanwoud
 
Rothke secure360 building a security operations center (soc)
Rothke secure360 building a security operations center (soc)Rothke secure360 building a security operations center (soc)
Rothke secure360 building a security operations center (soc)
Ben Rothke
 
Inside SecOps at bet365
Inside SecOps at bet365 Inside SecOps at bet365
Inside SecOps at bet365
Splunk
 
Nozomi networks-solution brief
Nozomi networks-solution briefNozomi networks-solution brief
Nozomi networks-solution brief
Nozomi Networks
 
FINAL_SCFm50000_JonPapp_CAA_The_Practical_Benefits_of_a_Behavioral_Solution_f...
FINAL_SCFm50000_JonPapp_CAA_The_Practical_Benefits_of_a_Behavioral_Solution_f...FINAL_SCFm50000_JonPapp_CAA_The_Practical_Benefits_of_a_Behavioral_Solution_f...
FINAL_SCFm50000_JonPapp_CAA_The_Practical_Benefits_of_a_Behavioral_Solution_f...Jon Papp
 
Cybersecurity: Challenges, Initiatives, and Best Practices
Cybersecurity: Challenges, Initiatives, and Best PracticesCybersecurity: Challenges, Initiatives, and Best Practices
Cybersecurity: Challenges, Initiatives, and Best Practices
John Gilligan
 
Cloud monitoring - An essential Platform Service
Cloud monitoring - An essential Platform ServiceCloud monitoring - An essential Platform Service
Cloud monitoring - An essential Platform Service
Soumitra Bhattacharyya
 
Securing Industrial Control System
Securing Industrial Control SystemSecuring Industrial Control System
Securing Industrial Control System
Hemanth M
 
Acture Solutions - 5 Efficient Ways To Align Your District's Cybersecurity w/...
Acture Solutions - 5 Efficient Ways To Align Your District's Cybersecurity w/...Acture Solutions - 5 Efficient Ways To Align Your District's Cybersecurity w/...
Acture Solutions - 5 Efficient Ways To Align Your District's Cybersecurity w/...
ActureSolutions
 
Managing security threats in today’s enterprise
Managing security threats in today’s enterpriseManaging security threats in today’s enterprise
Managing security threats in today’s enterprise
Quick Heal Technologies Ltd.
 
The Benefits of Digitizing Manufacturing
The Benefits of Digitizing ManufacturingThe Benefits of Digitizing Manufacturing
The Benefits of Digitizing Manufacturing
Christopher Kelley
 
10. industrial networks safety and security tom hammond
10. industrial networks safety and security tom hammond10. industrial networks safety and security tom hammond
10. industrial networks safety and security tom hammond
PROFIBUS and PROFINET InternationaI - PI UK
 
Decrypting the security mystery with SIEM (Part 1) ​
Decrypting the security mystery with SIEM (Part 1) ​Decrypting the security mystery with SIEM (Part 1) ​
Decrypting the security mystery with SIEM (Part 1) ​
Zoho Corporation
 
Panduit Enteprise Network Infrastructure Security Solution
Panduit Enteprise Network Infrastructure Security SolutionPanduit Enteprise Network Infrastructure Security Solution
Panduit Enteprise Network Infrastructure Security Solution
Panduit
 

Similar to Mca Erg Oct 09 (20)

Lessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
Lessons Learned Fighting Modern Cyberthreats in Critical ICS NetworksLessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
Lessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
 
An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)
 
DTS Solution - Building a SOC (Security Operations Center)
DTS Solution - Building a SOC (Security Operations Center)DTS Solution - Building a SOC (Security Operations Center)
DTS Solution - Building a SOC (Security Operations Center)
 
Building a Cyber Security Operations Center for SCADA/ICS Environments
Building a Cyber Security Operations Center for SCADA/ICS EnvironmentsBuilding a Cyber Security Operations Center for SCADA/ICS Environments
Building a Cyber Security Operations Center for SCADA/ICS Environments
 
Effective Security Monitoring for IBM i: What You Need to Know
Effective Security Monitoring for IBM i: What You Need to KnowEffective Security Monitoring for IBM i: What You Need to Know
Effective Security Monitoring for IBM i: What You Need to Know
 
Application Security Done Right
Application Security Done RightApplication Security Done Right
Application Security Done Right
 
Rothke secure360 building a security operations center (soc)
Rothke secure360 building a security operations center (soc)Rothke secure360 building a security operations center (soc)
Rothke secure360 building a security operations center (soc)
 
Why ips slide share
Why ips slide shareWhy ips slide share
Why ips slide share
 
Inside SecOps at bet365
Inside SecOps at bet365 Inside SecOps at bet365
Inside SecOps at bet365
 
Nozomi networks-solution brief
Nozomi networks-solution briefNozomi networks-solution brief
Nozomi networks-solution brief
 
FINAL_SCFm50000_JonPapp_CAA_The_Practical_Benefits_of_a_Behavioral_Solution_f...
FINAL_SCFm50000_JonPapp_CAA_The_Practical_Benefits_of_a_Behavioral_Solution_f...FINAL_SCFm50000_JonPapp_CAA_The_Practical_Benefits_of_a_Behavioral_Solution_f...
FINAL_SCFm50000_JonPapp_CAA_The_Practical_Benefits_of_a_Behavioral_Solution_f...
 
Cybersecurity: Challenges, Initiatives, and Best Practices
Cybersecurity: Challenges, Initiatives, and Best PracticesCybersecurity: Challenges, Initiatives, and Best Practices
Cybersecurity: Challenges, Initiatives, and Best Practices
 
Cloud monitoring - An essential Platform Service
Cloud monitoring - An essential Platform ServiceCloud monitoring - An essential Platform Service
Cloud monitoring - An essential Platform Service
 
Securing Industrial Control System
Securing Industrial Control SystemSecuring Industrial Control System
Securing Industrial Control System
 
Acture Solutions - 5 Efficient Ways To Align Your District's Cybersecurity w/...
Acture Solutions - 5 Efficient Ways To Align Your District's Cybersecurity w/...Acture Solutions - 5 Efficient Ways To Align Your District's Cybersecurity w/...
Acture Solutions - 5 Efficient Ways To Align Your District's Cybersecurity w/...
 
Managing security threats in today’s enterprise
Managing security threats in today’s enterpriseManaging security threats in today’s enterprise
Managing security threats in today’s enterprise
 
The Benefits of Digitizing Manufacturing
The Benefits of Digitizing ManufacturingThe Benefits of Digitizing Manufacturing
The Benefits of Digitizing Manufacturing
 
10. industrial networks safety and security tom hammond
10. industrial networks safety and security tom hammond10. industrial networks safety and security tom hammond
10. industrial networks safety and security tom hammond
 
Decrypting the security mystery with SIEM (Part 1) ​
Decrypting the security mystery with SIEM (Part 1) ​Decrypting the security mystery with SIEM (Part 1) ​
Decrypting the security mystery with SIEM (Part 1) ​
 
Panduit Enteprise Network Infrastructure Security Solution
Panduit Enteprise Network Infrastructure Security SolutionPanduit Enteprise Network Infrastructure Security Solution
Panduit Enteprise Network Infrastructure Security Solution
 

More from Donald Tabone

Manning Information Security Strategy
Manning Information Security StrategyManning Information Security Strategy
Manning Information Security Strategy
Donald Tabone
 
ISACA_21st century technologist
ISACA_21st century technologistISACA_21st century technologist
ISACA_21st century technologistDonald Tabone
 
MARM State of Security v2
MARM State of Security v2MARM State of Security v2
MARM State of Security v2Donald Tabone
 
Selling security to the C-level
Selling security to the C-levelSelling security to the C-level
Selling security to the C-level
Donald Tabone
 
Dealing with Information Security, Risk Management & Cyber Resilience
Dealing with Information Security, Risk Management & Cyber ResilienceDealing with Information Security, Risk Management & Cyber Resilience
Dealing with Information Security, Risk Management & Cyber Resilience
Donald Tabone
 
The Realm Of Digital Forensics
The Realm Of Digital ForensicsThe Realm Of Digital Forensics
The Realm Of Digital Forensics
Donald Tabone
 

More from Donald Tabone (8)

Manning Information Security Strategy
Manning Information Security StrategyManning Information Security Strategy
Manning Information Security Strategy
 
ICTSA v2
ICTSA v2ICTSA v2
ICTSA v2
 
ISACA_21st century technologist
ISACA_21st century technologistISACA_21st century technologist
ISACA_21st century technologist
 
ELPUB_2015
ELPUB_2015ELPUB_2015
ELPUB_2015
 
MARM State of Security v2
MARM State of Security v2MARM State of Security v2
MARM State of Security v2
 
Selling security to the C-level
Selling security to the C-levelSelling security to the C-level
Selling security to the C-level
 
Dealing with Information Security, Risk Management & Cyber Resilience
Dealing with Information Security, Risk Management & Cyber ResilienceDealing with Information Security, Risk Management & Cyber Resilience
Dealing with Information Security, Risk Management & Cyber Resilience
 
The Realm Of Digital Forensics
The Realm Of Digital ForensicsThe Realm Of Digital Forensics
The Realm Of Digital Forensics
 

Recently uploaded

Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
Alan Dix
 
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
James Anderson
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance
 
Microsoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdfMicrosoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdf
Uni Systems S.M.S.A.
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Albert Hoitingh
 
GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...
ThomasParaiso2
 
PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)
Ralf Eggert
 
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
Neo4j
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance
 
Video Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the FutureVideo Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the Future
Alpen-Adria-Universität
 
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
Dorra BARTAGUIZ
 
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
SOFTTECHHUB
 
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
Neo4j
 
Pushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 daysPushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 days
Adtran
 
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Nexer Digital
 
20240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 202420240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 2024
Matthew Sinclair
 
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
Quotidiano Piemontese
 
UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5
DianaGray10
 

Recently uploaded (20)

Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
 
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
 
Microsoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdfMicrosoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdf
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
 
GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...
 
PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)
 
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
 
Video Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the FutureVideo Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the Future
 
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
 
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
 
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
 
Pushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 daysPushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 days
 
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
 
20240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 202420240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 2024
 
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
 
UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5
 

Mca Erg Oct 09

  • 1. C.E.R.T. A corporate perspective ERG meeting #20 Network and Information Security MALTA 9th October 2009 Donald Tabone B.Sc (Hons)
  • 2. 2
  • 3. Some of our clients 3
  • 4. The idea behind CERT • Provide for post incident analysis • Compliance with laws and regulations governing breaches • Preservation of company goodwill The main corporate drivers for IS & CERT • Compliance – top down strategy • Minimise company loss of revenue and customers • Company reputation
  • 5. The reality corporate IS faces • 60% of corporate date resides unprotected on PC desktops and laptops • Statistically 1-out-of-10 laptops are stolen with 12 months of purchase • 66% of USB thumb drive owners report losing them – over 60% with private corporate data on them • Data problem: Users want to access their data anytime, from anywhere
  • 6. CCBill’s approach to IS ..1.. • Logical level – Securing all endpoints – AV alone is no longer effective – Employing dual-factor authentication for sensitive servers – Instilling a security mindset throughout our SDLC – Disallow USB and WiFi devices company-wide – Automated user account de/provisioning – HIDS implementations on secured servers – Effective patch management – Full-disk encryption for laptops – End to end encryption (IPSEC, SSH, SSL etc..) – Inherently redundant network architectures
  • 7. Inherently redundant network architectures AMSTERDAM PHOENIX OVERALL OBJECTIVES • MAXIMISE NETWORK UPTIME ASHBURN • MINIMISE IMPACT TO OUR SYSTEMS AUSTRALIA
  • 8. CCBill’s approach to IS ..2.. • Organisational level – Business Continuity Planning (BCP) – Periodic business impact analysis (BIA) – Service level agreements -> transfer of risk – Inherent fail-over strategies – Separation of duties – Periodic security awareness training – Acceptable usage policy (AUP)
  • 9. Security Monitoring • Augments prevention, doesn’t replace it • Monitoring Incident response cycle – Feedback from forensics into monitoring • Policy review team • Effective change management procedures • Typical network monitoring tools – Snort (IDS) – Ntop – Rancid CISCO logs – Splunk SIEM • Periodic gap analysis by third parties • Syslog aggregation from all devices and endpoints
  • 11. IS implementation challenges • Balancing security with usability • Minimising human error • Instilling a security mindset • Keeping abreast with technology shifts • Mitigating and reducing risks to an acceptable level • Preventing breaches • Responding to incidents in a timely manner • Enforcing confidentiality, integrity and availability
  • 12. CERT challenges • Post incident analysis is expensive and time consuming – Companies are sometimes ready to suffer the brunt • Time is money – Release today, get the business and patch tomorrow • Often, business strategies win hands down over security best practices