SlideShare a Scribd company logo
Security Awareness
Termphong Tanakulpaisal
Technical Manager – IT Distribution Co.,LTD
Agenda

• Introduction to network security
–
–
–
–
–
–

How many type of assets in IT system?
Which’s the most important asset?
Why protect information? (most important one)
So we need information security
How to achieve the information security >> CIA concept
Key success factor summary

• Network threats
– What’s threat and example?
– How to overcome threat? (with security protection concept)
– How to overcome threat? (with tools)
• Network based protection system
• Host based protection system

• Case Study
Company Assets

• Hardware (Physical Assets)
• Software
• System interfaces (e.g., internal and external
connectivity)
• Data and information
• Persons who support and use the IT system
• System mission (e.g., the processes performed by
the IT system)
• System and data criticality (e.g., the system’s value
or importance to an organization)
• System and data sensitivity

NIST SP 800-30
Information Assets

• Information is an asset which, like
other important business assets,
has value to an organization and
consequently needs to be suitably
protected
» ISO/IEC17799: 2000
Why Information Assets are the most important?

• Business Requirements
–
–
–
–

Client / customer / stakeholder
Marketing
Trustworthy
Internal management tool

• Legal Requirements

s
ine
s
Bu

– Revenue Department
– Stock Exchange of Thailand
– Copyright, patents, ….
m
Co

t
en
em
ag
n
Ma
ity
inu
t
on
sC

c
lian
p

L
ith
ew

qu
Re
l
ga
e

t
en
m
ire
Why Information Assets are the most important?
(2)

• Contractual Security Obligations
–
–
–
–
–
–
–
–

Intranet connections to other BU
Extranets to business partners
I
rity
Remote connections to staff
ecu
S
ion
VPN
at
rm
o
Inf
Customer networks
Supplier chains
SLA, contracts, outsourcing arrangement
Third party access

re
ct u
u
str
a
nfr
Why we need information Security?

• Information security protects information from
wide range of threats in order to
– Ensure Business Continuity
– Minimize Business Damage
– Maximize ROI and Business Opportunities
• Business : Stable service to customer
• Education : Availability of resources and integrity of
information e.g. grade, profile, etc.
» ISO/IEC17799: 2000 page iii, Introduction
How much should we spend on IT security?
Q: How much for that each
company should spend or plan
for their Information System?
A: …………… Baht / year
Q: How much for that each
company should spend or plan
for their Information Security?
A: …………… Baht / year
Why we need information Security?(2)
Business impact Analysis
How much does it cost per hour if people in your organization
cannot access their information?
(Business Impact Analysis)
One big Organization -> approx 10 mil / day
-> working hours 8 hrs
-> 1.25 mil / hr
-> 10% margin = 125k / hr
if we’ve got 10 sale persons it means that we’ve lose
12,500 baht / hr if 1 salesperson can’t access their information
…. some more calculations…
•
•

100 people start their day clearing junk mails, each receives 20 junk
mails per day, each mail needs 10 seconds to open/read/delete
Each of these staffs gets average THB18,000 income/month from
the company
– Company pays THB 102.27/staff/hr
– 100 people x 10 sec/mail x 20 mails/day x 220 days/yr = 1,222.2
hrs/year
– Company pays for this “clearing junk mail” 125,000 Baht/year

•

Do you believe that
– There are only 20 junk mails per day?
– Average time spent is only 10 seconds/junk mail?
– You pay only 18,000 Baht/month?
…. some more calculations…

• What is a typical cost when the system is attack by
virus / worm?
–
–
–
–
–

Amount of data destroyed and its cost
Man-hour of support staff to clean the virus
Idle time of other staff waiting for the system to come back
Your customers’ satisfaction
Your company’s reputation

 So, a company spends …….. Baht each time the
virus attacks
Security Concept
• Security is preservation of confidentiality, integrity
and availability of information
• Confidentiality
– Ensuring that information is accessible only to those
authorized to have access

• Integrity
– Safeguarding the accuracy and completeness of
information and processing methods

• Availability
– Ensuring that authorized users have access to information
and associated assets when required
» BS7799-2: 2002 page3, 3.1, 3.2, 3.3
Key success to obtain CIA

• Policy/Process/Pocedure
– Clear
– Coverage
– Compliance – Legal, Standard, guideline etc.

• People
– Awareness (e.g. Password on screen)
– Discipline

• Technology
– Enablers
– Management Tools
What is Threat?

• Could be anything that harm your system
e.g.
–
–
–
–
–

User
Hacker/ cracker
Virus
Spam
Etc.
Key Factors Driving Threat over network

•

Internet connection speeds are increasing for SMB as prices and
technology improves:
– DSL, cable modem, T1 (business class connection services)

•

Increase in real-time Internet applications
– Web apps, VoIP, downloads, etc. require real-time security processing

•

Everything become online
Nowadays threat to you IT system

• Non-Computerized system
–
–
–
–

Masquerade
Social Engineering
Theft
System malfunction (disaster, power interruption)

• IT Network Threat
– Network Level
– Application Level
Threat – Network Level
• Denial of Services
– Services has been disable by excessive
workload.

• Information sniffing
– Information has been tapped and viewed by
unauthorized person

• Unauthorized access
– Low level worker can access to critical
information.
Sample of Threats

 Snooping

202.104.10.5

m-y-p-a-s-s-w-o-r-d
203.152.145.121

Telnet 203.152.145.121
username:daeng
password:
Sample of Threats (cont.)

 3-way handshake
3-way handshake
SYN REQ
SYN ACK
ACK
DATA TRANSFER

WWW
Sample of Threats (cont.)

 SYN attack
202.104.10.5

203.152.145.121

2
SYN ACK D=202.104.10.5 S=203.152.145.121

WAIT

Internet

WWW

Attacker

1
SYN REQ D=203.152.145.121 S=202.104.10.5
Sample of Threats (cont.)

 Smurf Attack
ICMP REPLY D=203.152.149.1 S=192.168.1.1
ICMP REPLY D=203.152.149.1 S=192.168.1.2
Internet

ICMP REPLY D=203.152.149.1 S=192.168.1.3
ICMP REPLY D=203.152.149.1 S=192.168.1.4

203.152.149.1

ICMP REPLY D=203.152.149.1 S=192.168.1.5
ICMP REPLY D=203.152.149.1 S=192.168.1.6
ICMP REPLY D=203.152.149.1 S=192.168.1.7
ICMP REPLY D=203.152.149.1 S=192.168.1.8
192.168.1.0

ICMP REQ D=192.168.1.255 S=203.152.149.2
Threat – Application Level - Virus
• Virus vs Worms..?
– Virus
• Viruses are computer programs that are designed to spread
themselves from one file to another on a single computer.
• A virus might rapidly infect every application file on an
individual computer, or slowly infect the documents on that
computer,
• but it does not intentionally try to spread itself from that
computer to other computers.

– Worms
• Worms, on the other hand, are insidious
• because they rely less (or not at all) upon human behavior in
order to spread themselves from one computer to others.
• The computer worm is a program that is designed to copy
itself from one computer to another over a network (e.g.
by using e-mail).
Threat – Application Level – Spam Mail

• E-mail spoofing
– Pretend to be someone e.g.
bill_gate@microsoft.com,

• Spam Mail
– Unsolicited or unwanted e-mail or Phising
Threat – Application Level - Desktop

 Desktop Threat






Viruses, worms, Trojan, Backdoor
Cookies
Java Script and Java Applet
Zombies network
Key logger (Game-Online)
How to overcome Threat?

• We need “control” which are
– Policy & Process security control to provide
guideline and framework
– People to control user behavior
– Technology will be a tool in order to enforced
Policy throughout the organization effectively.
Policy & Process Control

• Policy Compliance
– ISO 17799

• Compliance Checking
– CobiT Audit Tools

• NIST security standard guideline
– NIST – 800 series

• Organization Control
– Business Continuity Plan
People Control

• Security Awareness Training
• Security Learning Continuum
– Awareness, Training, Education

• Responsibility Control
– Need to know basis
People Control - Example (2)
• Don't install free utilities on your computer
• Run the current version of supported antivirus
software and set it for regular, automatic updates
• Assign a complex, hard-to-guess password to your
computer (on-screen, pool)
• Be alert for "phishing" scams that can result in
identity theft
• Promptly apply security "patches" for your operating
system.
• Activate your system’s firewall (Windows XP &
Macintosh OS X)
Technology Control

• Computer Security is the process of preventing
and detecting unauthorized use of your computer
• Prevention measures help you to stop unauthorized
users (intruders) from accessing any part of you
computer network
• Detection helps you to determine whether or not
someone attempted to break into your system, if
they were successful, and what they may have
done.
• Network and Host Based Security
– Security Devices (Hardware) or Security Software
Network Security Protection

•
•
•
•
•

Firewall (Access control)
IDS/IPS
VPN & SSL VPN (Data Encryption)
Anti-Spam (preventing un-wanted email)
QoS (Quality of Services - Bandwidth
Management)
• Web Content Filtering
• IM & P2P
Firewall (Access Control)

Web Traffic—
customers, partners, employees
Email Traffic
Applications/Web Services Traffic
partners, customers, internal
Remote user

VPN Traffic
remote and mobile users
Internal security threat
Contractors/disgruntled employees
Type of firewall
Packet Filter

• Type of firewall
– Packet filtering
– Application Firewall
– Stateful Inspection

• Type of implementation
–
–
–
–

Packet Filter
Screened host
Dual home Host
Screen Subnet (DMZ)

References: CISSP Certification

Screened Host

Dual home Host

Screened Subnet
Basic Firewall Implementation
Intrusion Detection & Intrusion Prevention Solution

Known
Attacks

Laptop

Desktop

Host IPS

Zero-day
Attacks

Server

Core

DOS/DDOS

Edge

Branch Office

Network IPS
IDS/IPS

• Detection & Prevention System
• Signature & Behavior & Anomaly based
Virtual Private Network (VPN)

• Encryption & Decryption
• Public Key & Private Key
• Encryption Technology
– DES
– 3DES
– AES
Anti-Spam

Source: Symantec/
Brightmail
How serious spam is?

• Why do they spam?
– 0.0005$ vs 1.21$ -> 0.02B vs 48.4B
– 1/100,000 count as success

• How much does spam is? <spamcorp.net>
– ~6 e-mail/sec 360 e-mail/min 21,600 e-mail/hr

• How do they get my e-mail?
– Webboard, forum, etc.

• Does spam legal?
• How to Protect yourself from getting spam?
Why Spam Matters for Business
• Before: a nuisance -> Today: a serious business problem

Problems
1) Lost Employee
Productivity

Symptoms
• Employees deleting spam
• Employees complaining
about spam

2) Unnecessary
IT Costs

•
•
•
•

3) Phishing and
email fraud

• Employees and customers
falling victim to fraud and
identify theft

IT administrator salary
Mail server CPU
Storage
Bandwidth

Business Impacts
• Employees are spending 50 or more
hours per year dealing with spam
• With AntiSpam solutions costing $10-15
per year – significant positive ROI
• IT administrators responding to help desk
tickets to fight spam with no tools
• Spam requiring constant upgrading of
mail infrastructure capacity
• Damage to brand
• Support cost
Phising Example
Phising Example
Phishing Example (2)
Spam control
Web-Content Filtering

• Cracks and Hacks Tools Website
– Spyware, Trojan, Virus, etc.

• Banner & Advertising
– Adware, Toolbar, Spam – Subscribe, Credit card
no., etc.

• Drugs, Gambling, Weapon, etc.
• Pornography, Nude, Adult Materials
• Shopping Online (Credit card issues)
FortiGuard Web Filtering Enhancements
•

Block Override
– Authoritative user logs in to enable
site block override
– Bypasses filter block on a user’s
session and lasts until timer expires

•

Rate Image
– URL rating capabilities are extended
to include image URLs contained in
web page – rates gif, jpeg, png,
bmp, and tiff images

•

Web Filter Consolidation
– Web filter menu items of URL
Exempt, URL Block, and Web
Pattern have been consolidated to a
single menu item to speed
configuration

•

Active Directory Integration
– Single sign-on
– Policy based on AD User/Group
– Requires FSAE agent software
Web Filtering: Banned Word
Desktop Security

•
•
•
•
•

Anti – Virus
VPN - Client
Personal Firewall
IDS
Web-Filtering
– Small group, Home used, Computer Laboratory,
etc.
URL Filtering
Instant Messaging(IM)/Peer-to-Peer(P2P)

• IM
– Virus
– Exploit
– Voice Chat

• P2P
– Bandwidth Usage
– Spyware
– BackDoor
Enterprise IM, P2P Challenges
Viruses, worms

Worms programmed to chat
Virus via malicious URL
Rootkit via file install

Internet
Internet
Traffic bottlenecks
Confidentiality breech

Lack of visibility / management tools

•
•
•
•

Lack of usage & user controls
Protecting against new threats
Gaining control of bandwidth usage
Management & reporting insight
IM & P2P Access Control
Gartner’s Analysis
Regulations Don’t Matter, but Auditors Do
Convergence Brings Evolutionary Efficiencies
Cyberthreat Hype Cycle
Conclusion

• PPT
• Security system without performance degradation
• "You don't put brakes on a car to go slower, you put
brakes on a car to go faster, more safely. Along the
same lines, IT security is not meant to slow down a
company, but rather to enhance and facilitate the
growth of a company... safer growth."--Quoted from
Gartner Group's Information Security Show, June
2001
Security Awareness Training by Fortinet

More Related Content

What's hot

Security Awareness Training
Security Awareness TrainingSecurity Awareness Training
Security Awareness Training
Dmitriy Scherbina
 
Building An Information Security Awareness Program
Building An Information Security Awareness ProgramBuilding An Information Security Awareness Program
Building An Information Security Awareness Program
Bill Gardner
 
Employee Security Awareness Program
Employee Security Awareness ProgramEmployee Security Awareness Program
Employee Security Awareness Program
davidcurriecia
 
Cybersecurity Awareness
Cybersecurity AwarenessCybersecurity Awareness
Cybersecurity Awareness
JoshuaWisniewski3
 
Cybersecurity Awareness Training
Cybersecurity Awareness TrainingCybersecurity Awareness Training
Cybersecurity Awareness Training
Dave Monahan
 
IT Security Awareness-v1.7.ppt
IT Security Awareness-v1.7.pptIT Security Awareness-v1.7.ppt
IT Security Awareness-v1.7.ppt
OoXair
 
Employee Security Training[1]@
Employee Security Training[1]@Employee Security Training[1]@
Employee Security Training[1]@
R_Yanus
 
Cyber Security and Cyber Awareness
Cyber Security and Cyber Awareness Cyber Security and Cyber Awareness
Cyber Security and Cyber Awareness
Jay Nagar
 
Cyber security training
Cyber security trainingCyber security training
Cyber security training
Wilmington University
 
Cybercrime and Security
Cybercrime and SecurityCybercrime and Security
Cybercrime and Security
Noushad Hasan
 
Introduction to Cybersecurity
Introduction to CybersecurityIntroduction to Cybersecurity
Introduction to Cybersecurity
Krutarth Vasavada
 
Information Security Awareness Training by Mount Auburn Hospital
Information Security Awareness Training by Mount Auburn HospitalInformation Security Awareness Training by Mount Auburn Hospital
Information Security Awareness Training by Mount Auburn Hospital
Atlantic Training, LLC.
 
Cybersecurity Awareness Training Presentation v1.0
Cybersecurity Awareness Training Presentation v1.0Cybersecurity Awareness Training Presentation v1.0
Cybersecurity Awareness Training Presentation v1.0
DallasHaselhorst
 
Information Security Awareness Training Open
Information Security Awareness Training OpenInformation Security Awareness Training Open
Information Security Awareness Training Open
Fred Beck MBA, CPA
 
Information Security Awareness Training
Information Security Awareness TrainingInformation Security Awareness Training
Information Security Awareness Training
Randy Bowman
 
Customer information security awareness training
Customer information security awareness trainingCustomer information security awareness training
Customer information security awareness training
AbdalrhmanTHassan
 
Cybersecurity Awareness Training Presentation v2021.08
Cybersecurity Awareness Training Presentation v2021.08Cybersecurity Awareness Training Presentation v2021.08
Cybersecurity Awareness Training Presentation v2021.08
DallasHaselhorst
 
Cyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionalsCyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionals
Krishna Srikanth Manda
 
Cybersecurity Awareness Session by Adam
Cybersecurity Awareness Session by AdamCybersecurity Awareness Session by Adam
Cybersecurity Awareness Session by Adam
Mohammed Adam
 
Awareness Training on Information Security
Awareness Training on Information SecurityAwareness Training on Information Security
Awareness Training on Information Security
Ken Holmes
 

What's hot (20)

Security Awareness Training
Security Awareness TrainingSecurity Awareness Training
Security Awareness Training
 
Building An Information Security Awareness Program
Building An Information Security Awareness ProgramBuilding An Information Security Awareness Program
Building An Information Security Awareness Program
 
Employee Security Awareness Program
Employee Security Awareness ProgramEmployee Security Awareness Program
Employee Security Awareness Program
 
Cybersecurity Awareness
Cybersecurity AwarenessCybersecurity Awareness
Cybersecurity Awareness
 
Cybersecurity Awareness Training
Cybersecurity Awareness TrainingCybersecurity Awareness Training
Cybersecurity Awareness Training
 
IT Security Awareness-v1.7.ppt
IT Security Awareness-v1.7.pptIT Security Awareness-v1.7.ppt
IT Security Awareness-v1.7.ppt
 
Employee Security Training[1]@
Employee Security Training[1]@Employee Security Training[1]@
Employee Security Training[1]@
 
Cyber Security and Cyber Awareness
Cyber Security and Cyber Awareness Cyber Security and Cyber Awareness
Cyber Security and Cyber Awareness
 
Cyber security training
Cyber security trainingCyber security training
Cyber security training
 
Cybercrime and Security
Cybercrime and SecurityCybercrime and Security
Cybercrime and Security
 
Introduction to Cybersecurity
Introduction to CybersecurityIntroduction to Cybersecurity
Introduction to Cybersecurity
 
Information Security Awareness Training by Mount Auburn Hospital
Information Security Awareness Training by Mount Auburn HospitalInformation Security Awareness Training by Mount Auburn Hospital
Information Security Awareness Training by Mount Auburn Hospital
 
Cybersecurity Awareness Training Presentation v1.0
Cybersecurity Awareness Training Presentation v1.0Cybersecurity Awareness Training Presentation v1.0
Cybersecurity Awareness Training Presentation v1.0
 
Information Security Awareness Training Open
Information Security Awareness Training OpenInformation Security Awareness Training Open
Information Security Awareness Training Open
 
Information Security Awareness Training
Information Security Awareness TrainingInformation Security Awareness Training
Information Security Awareness Training
 
Customer information security awareness training
Customer information security awareness trainingCustomer information security awareness training
Customer information security awareness training
 
Cybersecurity Awareness Training Presentation v2021.08
Cybersecurity Awareness Training Presentation v2021.08Cybersecurity Awareness Training Presentation v2021.08
Cybersecurity Awareness Training Presentation v2021.08
 
Cyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionalsCyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionals
 
Cybersecurity Awareness Session by Adam
Cybersecurity Awareness Session by AdamCybersecurity Awareness Session by Adam
Cybersecurity Awareness Session by Adam
 
Awareness Training on Information Security
Awareness Training on Information SecurityAwareness Training on Information Security
Awareness Training on Information Security
 

Similar to Security Awareness Training by Fortinet

Basics of IT security
Basics of IT securityBasics of IT security
Basics of IT security
Dr. Ramkumar Lakshminarayanan
 
Cyber-Espionage: Understanding the Advanced Threat Landscape
Cyber-Espionage: Understanding the Advanced Threat LandscapeCyber-Espionage: Understanding the Advanced Threat Landscape
Cyber-Espionage: Understanding the Advanced Threat Landscape
Aaron White
 
Managing security threats in today’s enterprise
Managing security threats in today’s enterpriseManaging security threats in today’s enterprise
Managing security threats in today’s enterprise
Quick Heal Technologies Ltd.
 
Cyber security for business
Cyber security for businessCyber security for business
Cyber security for business
Daniel Thomas
 
Outpost networksecurity
Outpost networksecurityOutpost networksecurity
Outpost networksecurity
ehsangha
 
Decrypting the security mystery with SIEM (Part 1) ​
Decrypting the security mystery with SIEM (Part 1)  ​Decrypting the security mystery with SIEM (Part 1)  ​
Decrypting the security mystery with SIEM (Part 1) ​
Zoho Corporation
 
Tictaclabs Managed Cyber Security Services
Tictaclabs Managed Cyber Security ServicesTictaclabs Managed Cyber Security Services
Tictaclabs Managed Cyber Security Services
TicTac Data Recovery
 
Enterprise IT Security| CIO Innovation and Leadership
Enterprise IT Security| CIO Innovation and LeadershipEnterprise IT Security| CIO Innovation and Leadership
Enterprise IT Security| CIO Innovation and Leadership
RedZone Technologies
 
Securityandethicalchallengesofinfornationtechnology 090902132631-phpapp02
Securityandethicalchallengesofinfornationtechnology 090902132631-phpapp02Securityandethicalchallengesofinfornationtechnology 090902132631-phpapp02
Securityandethicalchallengesofinfornationtechnology 090902132631-phpapp02
anjalee990
 
IBM i Security: Identifying the Events That Matter Most
IBM i Security: Identifying the Events That Matter MostIBM i Security: Identifying the Events That Matter Most
IBM i Security: Identifying the Events That Matter Most
Precisely
 
Build a Cyber Resilient Network with Symantec
Build a Cyber Resilient Network with SymantecBuild a Cyber Resilient Network with Symantec
Build a Cyber Resilient Network with Symantec
Arrow ECS UK
 
Corona| COVID IT Tactical Security Preparedness: Threat Management
Corona| COVID IT Tactical Security Preparedness: Threat ManagementCorona| COVID IT Tactical Security Preparedness: Threat Management
Corona| COVID IT Tactical Security Preparedness: Threat Management
RedZone Technologies
 
Ecommerce Security
Ecommerce SecurityEcommerce Security
Ecommerce Security
Rebecca Jones
 
Unit v
Unit vUnit v
Information Security Seminar
Information Security SeminarInformation Security Seminar
Information Security Seminar
Acend Corporate Learning
 
Symantec Security Refresh Webinar
Symantec Security Refresh WebinarSymantec Security Refresh Webinar
Symantec Security Refresh Webinar
Arrow ECS UK
 
The myth of secure computing; management information system; MIS
The myth of secure computing; management information system; MISThe myth of secure computing; management information system; MIS
The myth of secure computing; management information system; MIS
Saazan Shrestha
 
Lessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
Lessons Learned Fighting Modern Cyberthreats in Critical ICS NetworksLessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
Lessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
Angeloluca Barba
 
Cyber security presentation by Mr Navneet baboo, RN College Hajipur.pptx
Cyber security presentation by Mr Navneet baboo, RN College Hajipur.pptxCyber security presentation by Mr Navneet baboo, RN College Hajipur.pptx
Cyber security presentation by Mr Navneet baboo, RN College Hajipur.pptx
kamleshabss
 
Introduction to cyber security amos
Introduction to cyber security amosIntroduction to cyber security amos
Introduction to cyber security amos
Amos Oyoo
 

Similar to Security Awareness Training by Fortinet (20)

Basics of IT security
Basics of IT securityBasics of IT security
Basics of IT security
 
Cyber-Espionage: Understanding the Advanced Threat Landscape
Cyber-Espionage: Understanding the Advanced Threat LandscapeCyber-Espionage: Understanding the Advanced Threat Landscape
Cyber-Espionage: Understanding the Advanced Threat Landscape
 
Managing security threats in today’s enterprise
Managing security threats in today’s enterpriseManaging security threats in today’s enterprise
Managing security threats in today’s enterprise
 
Cyber security for business
Cyber security for businessCyber security for business
Cyber security for business
 
Outpost networksecurity
Outpost networksecurityOutpost networksecurity
Outpost networksecurity
 
Decrypting the security mystery with SIEM (Part 1) ​
Decrypting the security mystery with SIEM (Part 1)  ​Decrypting the security mystery with SIEM (Part 1)  ​
Decrypting the security mystery with SIEM (Part 1) ​
 
Tictaclabs Managed Cyber Security Services
Tictaclabs Managed Cyber Security ServicesTictaclabs Managed Cyber Security Services
Tictaclabs Managed Cyber Security Services
 
Enterprise IT Security| CIO Innovation and Leadership
Enterprise IT Security| CIO Innovation and LeadershipEnterprise IT Security| CIO Innovation and Leadership
Enterprise IT Security| CIO Innovation and Leadership
 
Securityandethicalchallengesofinfornationtechnology 090902132631-phpapp02
Securityandethicalchallengesofinfornationtechnology 090902132631-phpapp02Securityandethicalchallengesofinfornationtechnology 090902132631-phpapp02
Securityandethicalchallengesofinfornationtechnology 090902132631-phpapp02
 
IBM i Security: Identifying the Events That Matter Most
IBM i Security: Identifying the Events That Matter MostIBM i Security: Identifying the Events That Matter Most
IBM i Security: Identifying the Events That Matter Most
 
Build a Cyber Resilient Network with Symantec
Build a Cyber Resilient Network with SymantecBuild a Cyber Resilient Network with Symantec
Build a Cyber Resilient Network with Symantec
 
Corona| COVID IT Tactical Security Preparedness: Threat Management
Corona| COVID IT Tactical Security Preparedness: Threat ManagementCorona| COVID IT Tactical Security Preparedness: Threat Management
Corona| COVID IT Tactical Security Preparedness: Threat Management
 
Ecommerce Security
Ecommerce SecurityEcommerce Security
Ecommerce Security
 
Unit v
Unit vUnit v
Unit v
 
Information Security Seminar
Information Security SeminarInformation Security Seminar
Information Security Seminar
 
Symantec Security Refresh Webinar
Symantec Security Refresh WebinarSymantec Security Refresh Webinar
Symantec Security Refresh Webinar
 
The myth of secure computing; management information system; MIS
The myth of secure computing; management information system; MISThe myth of secure computing; management information system; MIS
The myth of secure computing; management information system; MIS
 
Lessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
Lessons Learned Fighting Modern Cyberthreats in Critical ICS NetworksLessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
Lessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
 
Cyber security presentation by Mr Navneet baboo, RN College Hajipur.pptx
Cyber security presentation by Mr Navneet baboo, RN College Hajipur.pptxCyber security presentation by Mr Navneet baboo, RN College Hajipur.pptx
Cyber security presentation by Mr Navneet baboo, RN College Hajipur.pptx
 
Introduction to cyber security amos
Introduction to cyber security amosIntroduction to cyber security amos
Introduction to cyber security amos
 

More from Atlantic Training, LLC.

Wellness for Supervisors by SWOSU
Wellness for Supervisors by SWOSUWellness for Supervisors by SWOSU
Wellness for Supervisors by SWOSU
Atlantic Training, LLC.
 
Workplace Wellness by PHA
Workplace Wellness by PHAWorkplace Wellness by PHA
Workplace Wellness by PHA
Atlantic Training, LLC.
 
Stress Management Training by SG
Stress Management Training by  SGStress Management Training by  SG
Stress Management Training by SG
Atlantic Training, LLC.
 
Stress Management Training by SW
Stress Management Training by SWStress Management Training by SW
Stress Management Training by SW
Atlantic Training, LLC.
 
Stress and Worker Safety by Pennsylvania L&I
Stress and Worker Safety by Pennsylvania L&IStress and Worker Safety by Pennsylvania L&I
Stress and Worker Safety by Pennsylvania L&I
Atlantic Training, LLC.
 
Respectful Workplace by RDTC
Respectful Workplace by RDTCRespectful Workplace by RDTC
Respectful Workplace by RDTC
Atlantic Training, LLC.
 
Workplace Harassment by CLGW
Workplace Harassment by CLGWWorkplace Harassment by CLGW
Workplace Harassment by CLGW
Atlantic Training, LLC.
 
Workplace Harassment Prevention by UT EAP
Workplace Harassment Prevention by  UT EAPWorkplace Harassment Prevention by  UT EAP
Workplace Harassment Prevention by UT EAP
Atlantic Training, LLC.
 
Welding Safety by Pennsylvania L&I
Welding Safety by Pennsylvania L&IWelding Safety by Pennsylvania L&I
Welding Safety by Pennsylvania L&I
Atlantic Training, LLC.
 
Slips Trips & Falls Training by Signal
Slips Trips & Falls Training by SignalSlips Trips & Falls Training by Signal
Slips Trips & Falls Training by Signal
Atlantic Training, LLC.
 
Preventing Falls, Slips and Trips by MGSU
Preventing Falls, Slips and Trips by MGSUPreventing Falls, Slips and Trips by MGSU
Preventing Falls, Slips and Trips by MGSU
Atlantic Training, LLC.
 
Preventing Workplace Harassment by Pennsylvania L&I
Preventing Workplace Harassment by Pennsylvania L&IPreventing Workplace Harassment by Pennsylvania L&I
Preventing Workplace Harassment by Pennsylvania L&I
Atlantic Training, LLC.
 
Warehouses In Emergencies by WFP Logistics
Warehouses In Emergencies by WFP LogisticsWarehouses In Emergencies by WFP Logistics
Warehouses In Emergencies by WFP Logistics
Atlantic Training, LLC.
 
Prevention of Sexual Harassment by USMC
Prevention of Sexual Harassment by USMCPrevention of Sexual Harassment by USMC
Prevention of Sexual Harassment by USMC
Atlantic Training, LLC.
 
Sexual Harassment by DEOMI
Sexual Harassment by DEOMISexual Harassment by DEOMI
Sexual Harassment by DEOMI
Atlantic Training, LLC.
 
Sexual Harassment in the Workplace Training by Shumaker
Sexual Harassment in the Workplace Training by ShumakerSexual Harassment in the Workplace Training by Shumaker
Sexual Harassment in the Workplace Training by Shumaker
Atlantic Training, LLC.
 
Sexual Harassment Training by NAP
Sexual Harassment Training by NAPSexual Harassment Training by NAP
Sexual Harassment Training by NAP
Atlantic Training, LLC.
 
Scaffolds Training by Pennsylvania L&I
Scaffolds Training by Pennsylvania L&IScaffolds Training by Pennsylvania L&I
Scaffolds Training by Pennsylvania L&I
Atlantic Training, LLC.
 
Supervision
SupervisionSupervision
New Employee Safety Orientation by Oregon State University
New Employee Safety Orientation by Oregon State UniversityNew Employee Safety Orientation by Oregon State University
New Employee Safety Orientation by Oregon State University
Atlantic Training, LLC.
 

More from Atlantic Training, LLC. (20)

Wellness for Supervisors by SWOSU
Wellness for Supervisors by SWOSUWellness for Supervisors by SWOSU
Wellness for Supervisors by SWOSU
 
Workplace Wellness by PHA
Workplace Wellness by PHAWorkplace Wellness by PHA
Workplace Wellness by PHA
 
Stress Management Training by SG
Stress Management Training by  SGStress Management Training by  SG
Stress Management Training by SG
 
Stress Management Training by SW
Stress Management Training by SWStress Management Training by SW
Stress Management Training by SW
 
Stress and Worker Safety by Pennsylvania L&I
Stress and Worker Safety by Pennsylvania L&IStress and Worker Safety by Pennsylvania L&I
Stress and Worker Safety by Pennsylvania L&I
 
Respectful Workplace by RDTC
Respectful Workplace by RDTCRespectful Workplace by RDTC
Respectful Workplace by RDTC
 
Workplace Harassment by CLGW
Workplace Harassment by CLGWWorkplace Harassment by CLGW
Workplace Harassment by CLGW
 
Workplace Harassment Prevention by UT EAP
Workplace Harassment Prevention by  UT EAPWorkplace Harassment Prevention by  UT EAP
Workplace Harassment Prevention by UT EAP
 
Welding Safety by Pennsylvania L&I
Welding Safety by Pennsylvania L&IWelding Safety by Pennsylvania L&I
Welding Safety by Pennsylvania L&I
 
Slips Trips & Falls Training by Signal
Slips Trips & Falls Training by SignalSlips Trips & Falls Training by Signal
Slips Trips & Falls Training by Signal
 
Preventing Falls, Slips and Trips by MGSU
Preventing Falls, Slips and Trips by MGSUPreventing Falls, Slips and Trips by MGSU
Preventing Falls, Slips and Trips by MGSU
 
Preventing Workplace Harassment by Pennsylvania L&I
Preventing Workplace Harassment by Pennsylvania L&IPreventing Workplace Harassment by Pennsylvania L&I
Preventing Workplace Harassment by Pennsylvania L&I
 
Warehouses In Emergencies by WFP Logistics
Warehouses In Emergencies by WFP LogisticsWarehouses In Emergencies by WFP Logistics
Warehouses In Emergencies by WFP Logistics
 
Prevention of Sexual Harassment by USMC
Prevention of Sexual Harassment by USMCPrevention of Sexual Harassment by USMC
Prevention of Sexual Harassment by USMC
 
Sexual Harassment by DEOMI
Sexual Harassment by DEOMISexual Harassment by DEOMI
Sexual Harassment by DEOMI
 
Sexual Harassment in the Workplace Training by Shumaker
Sexual Harassment in the Workplace Training by ShumakerSexual Harassment in the Workplace Training by Shumaker
Sexual Harassment in the Workplace Training by Shumaker
 
Sexual Harassment Training by NAP
Sexual Harassment Training by NAPSexual Harassment Training by NAP
Sexual Harassment Training by NAP
 
Scaffolds Training by Pennsylvania L&I
Scaffolds Training by Pennsylvania L&IScaffolds Training by Pennsylvania L&I
Scaffolds Training by Pennsylvania L&I
 
Supervision
SupervisionSupervision
Supervision
 
New Employee Safety Orientation by Oregon State University
New Employee Safety Orientation by Oregon State UniversityNew Employee Safety Orientation by Oregon State University
New Employee Safety Orientation by Oregon State University
 

Recently uploaded

NewBase 05 July 2024 Energy News issue - 1736 by Khaled Al Awadi_compresse...
NewBase   05 July 2024  Energy News issue - 1736 by Khaled Al Awadi_compresse...NewBase   05 July 2024  Energy News issue - 1736 by Khaled Al Awadi_compresse...
NewBase 05 July 2024 Energy News issue - 1736 by Khaled Al Awadi_compresse...
Khaled Al Awadi
 
PAWFESSIONAL ELVA MAX.pdfAAAAAAAAAAAAAAAAAAA
PAWFESSIONAL ELVA MAX.pdfAAAAAAAAAAAAAAAAAAAPAWFESSIONAL ELVA MAX.pdfAAAAAAAAAAAAAAAAAAA
PAWFESSIONAL ELVA MAX.pdfAAAAAAAAAAAAAAAAAAA
lawrenceads01
 
Cryptocurrency KYC Policies: Comparing Binance KYC Bypass with Rivals
Cryptocurrency KYC Policies: Comparing Binance KYC Bypass with RivalsCryptocurrency KYC Policies: Comparing Binance KYC Bypass with Rivals
Cryptocurrency KYC Policies: Comparing Binance KYC Bypass with Rivals
Any kyc Account
 
Destor.one - One Pager for Investment Round Dec22.pdf
Destor.one - One Pager for Investment Round Dec22.pdfDestor.one - One Pager for Investment Round Dec22.pdf
Destor.one - One Pager for Investment Round Dec22.pdf
Thales Jacobi
 
Transforming the Future of Limo Services.pptx
Transforming the Future of Limo Services.pptxTransforming the Future of Limo Services.pptx
Transforming the Future of Limo Services.pptx
limocaptaincom
 
KineMaster Diamond APK v7.3.11.32200 (4K HD, No Watermark)
KineMaster Diamond APK v7.3.11.32200 (4K HD, No Watermark)KineMaster Diamond APK v7.3.11.32200 (4K HD, No Watermark)
KineMaster Diamond APK v7.3.11.32200 (4K HD, No Watermark)
APKs Pure
 
Importance of Quality Transformations in VUCA World
Importance of Quality Transformations in VUCA WorldImportance of Quality Transformations in VUCA World
Importance of Quality Transformations in VUCA World
Ankur860831
 
PETAVIT SIP-05.pdfAAAAAAAAAAAAAAAAAAAAAAAAA
PETAVIT SIP-05.pdfAAAAAAAAAAAAAAAAAAAAAAAAAPETAVIT SIP-05.pdfAAAAAAAAAAAAAAAAAAAAAAAAA
PETAVIT SIP-05.pdfAAAAAAAAAAAAAAAAAAAAAAAAA
lawrenceads01
 
Introduction to Islamic Banking, concept, principal, practice .pdf
Introduction to Islamic Banking, concept, principal, practice .pdfIntroduction to Islamic Banking, concept, principal, practice .pdf
Introduction to Islamic Banking, concept, principal, practice .pdf
FaysalMahmud22
 
Abortion pills in Kuwait))௵+918133066128௹Get Cytotec Pills IN Kuwait City
Abortion pills in Kuwait))௵+918133066128௹Get Cytotec Pills IN Kuwait CityAbortion pills in Kuwait))௵+918133066128௹Get Cytotec Pills IN Kuwait City
Abortion pills in Kuwait))௵+918133066128௹Get Cytotec Pills IN Kuwait City
maishakhanam230
 
THE IMPORTANCE OF CODING IN DEVOPS EXPLANATION
THE IMPORTANCE OF CODING IN DEVOPS EXPLANATIONTHE IMPORTANCE OF CODING IN DEVOPS EXPLANATION
THE IMPORTANCE OF CODING IN DEVOPS EXPLANATION
hrajkumar444
 
Cheslyn Jacobs- TymeBank: Building Consumer Trust in Digital Banking
Cheslyn Jacobs- TymeBank: Building Consumer Trust in Digital  BankingCheslyn Jacobs- TymeBank: Building Consumer Trust in Digital  Banking
Cheslyn Jacobs- TymeBank: Building Consumer Trust in Digital Banking
itnewsafrica
 
How AI is Disrupting Service Industry More Than Design Thinking
How AI is Disrupting Service Industry More Than Design ThinkingHow AI is Disrupting Service Industry More Than Design Thinking
How AI is Disrupting Service Industry More Than Design Thinking
Body of Knowledge
 
Travel Tech Pitch Deck | ByeByeCity,com - Short Breaks Discovery & Booking Pl...
Travel Tech Pitch Deck | ByeByeCity,com - Short Breaks Discovery & Booking Pl...Travel Tech Pitch Deck | ByeByeCity,com - Short Breaks Discovery & Booking Pl...
Travel Tech Pitch Deck | ByeByeCity,com - Short Breaks Discovery & Booking Pl...
Rajesh Math
 
BBA Final SML 501 INTERNATIONAL BUSINESS .pdf
BBA Final SML 501 INTERNATIONAL BUSINESS .pdfBBA Final SML 501 INTERNATIONAL BUSINESS .pdf
BBA Final SML 501 INTERNATIONAL BUSINESS .pdf
mcdopex6
 
Guide to Obtaining a Money Changer License in Singapore
Guide to Obtaining a Money Changer License in SingaporeGuide to Obtaining a Money Changer License in Singapore
Guide to Obtaining a Money Changer License in Singapore
Enterslice
 
TALENT ACQUISITION AND MANAGEMENT LECTURE 5
TALENT ACQUISITION AND MANAGEMENT LECTURE 5TALENT ACQUISITION AND MANAGEMENT LECTURE 5
TALENT ACQUISITION AND MANAGEMENT LECTURE 5
projectseasy
 
ConvertKit: Best Email Marketing Tool for 2024
ConvertKit: Best Email Marketing Tool for 2024ConvertKit: Best Email Marketing Tool for 2024
ConvertKit: Best Email Marketing Tool for 2024
Rakesh Jalan
 
Mandated reporting powerpoint to help with understanding your role
Mandated reporting powerpoint to help with understanding your roleMandated reporting powerpoint to help with understanding your role
Mandated reporting powerpoint to help with understanding your role
khidalgo2
 
Navigating Change Strategies for Effective Transition and Operational Plannin...
Navigating Change Strategies for Effective Transition and Operational Plannin...Navigating Change Strategies for Effective Transition and Operational Plannin...
Navigating Change Strategies for Effective Transition and Operational Plannin...
Brian Frerichs
 

Recently uploaded (20)

NewBase 05 July 2024 Energy News issue - 1736 by Khaled Al Awadi_compresse...
NewBase   05 July 2024  Energy News issue - 1736 by Khaled Al Awadi_compresse...NewBase   05 July 2024  Energy News issue - 1736 by Khaled Al Awadi_compresse...
NewBase 05 July 2024 Energy News issue - 1736 by Khaled Al Awadi_compresse...
 
PAWFESSIONAL ELVA MAX.pdfAAAAAAAAAAAAAAAAAAA
PAWFESSIONAL ELVA MAX.pdfAAAAAAAAAAAAAAAAAAAPAWFESSIONAL ELVA MAX.pdfAAAAAAAAAAAAAAAAAAA
PAWFESSIONAL ELVA MAX.pdfAAAAAAAAAAAAAAAAAAA
 
Cryptocurrency KYC Policies: Comparing Binance KYC Bypass with Rivals
Cryptocurrency KYC Policies: Comparing Binance KYC Bypass with RivalsCryptocurrency KYC Policies: Comparing Binance KYC Bypass with Rivals
Cryptocurrency KYC Policies: Comparing Binance KYC Bypass with Rivals
 
Destor.one - One Pager for Investment Round Dec22.pdf
Destor.one - One Pager for Investment Round Dec22.pdfDestor.one - One Pager for Investment Round Dec22.pdf
Destor.one - One Pager for Investment Round Dec22.pdf
 
Transforming the Future of Limo Services.pptx
Transforming the Future of Limo Services.pptxTransforming the Future of Limo Services.pptx
Transforming the Future of Limo Services.pptx
 
KineMaster Diamond APK v7.3.11.32200 (4K HD, No Watermark)
KineMaster Diamond APK v7.3.11.32200 (4K HD, No Watermark)KineMaster Diamond APK v7.3.11.32200 (4K HD, No Watermark)
KineMaster Diamond APK v7.3.11.32200 (4K HD, No Watermark)
 
Importance of Quality Transformations in VUCA World
Importance of Quality Transformations in VUCA WorldImportance of Quality Transformations in VUCA World
Importance of Quality Transformations in VUCA World
 
PETAVIT SIP-05.pdfAAAAAAAAAAAAAAAAAAAAAAAAA
PETAVIT SIP-05.pdfAAAAAAAAAAAAAAAAAAAAAAAAAPETAVIT SIP-05.pdfAAAAAAAAAAAAAAAAAAAAAAAAA
PETAVIT SIP-05.pdfAAAAAAAAAAAAAAAAAAAAAAAAA
 
Introduction to Islamic Banking, concept, principal, practice .pdf
Introduction to Islamic Banking, concept, principal, practice .pdfIntroduction to Islamic Banking, concept, principal, practice .pdf
Introduction to Islamic Banking, concept, principal, practice .pdf
 
Abortion pills in Kuwait))௵+918133066128௹Get Cytotec Pills IN Kuwait City
Abortion pills in Kuwait))௵+918133066128௹Get Cytotec Pills IN Kuwait CityAbortion pills in Kuwait))௵+918133066128௹Get Cytotec Pills IN Kuwait City
Abortion pills in Kuwait))௵+918133066128௹Get Cytotec Pills IN Kuwait City
 
THE IMPORTANCE OF CODING IN DEVOPS EXPLANATION
THE IMPORTANCE OF CODING IN DEVOPS EXPLANATIONTHE IMPORTANCE OF CODING IN DEVOPS EXPLANATION
THE IMPORTANCE OF CODING IN DEVOPS EXPLANATION
 
Cheslyn Jacobs- TymeBank: Building Consumer Trust in Digital Banking
Cheslyn Jacobs- TymeBank: Building Consumer Trust in Digital  BankingCheslyn Jacobs- TymeBank: Building Consumer Trust in Digital  Banking
Cheslyn Jacobs- TymeBank: Building Consumer Trust in Digital Banking
 
How AI is Disrupting Service Industry More Than Design Thinking
How AI is Disrupting Service Industry More Than Design ThinkingHow AI is Disrupting Service Industry More Than Design Thinking
How AI is Disrupting Service Industry More Than Design Thinking
 
Travel Tech Pitch Deck | ByeByeCity,com - Short Breaks Discovery & Booking Pl...
Travel Tech Pitch Deck | ByeByeCity,com - Short Breaks Discovery & Booking Pl...Travel Tech Pitch Deck | ByeByeCity,com - Short Breaks Discovery & Booking Pl...
Travel Tech Pitch Deck | ByeByeCity,com - Short Breaks Discovery & Booking Pl...
 
BBA Final SML 501 INTERNATIONAL BUSINESS .pdf
BBA Final SML 501 INTERNATIONAL BUSINESS .pdfBBA Final SML 501 INTERNATIONAL BUSINESS .pdf
BBA Final SML 501 INTERNATIONAL BUSINESS .pdf
 
Guide to Obtaining a Money Changer License in Singapore
Guide to Obtaining a Money Changer License in SingaporeGuide to Obtaining a Money Changer License in Singapore
Guide to Obtaining a Money Changer License in Singapore
 
TALENT ACQUISITION AND MANAGEMENT LECTURE 5
TALENT ACQUISITION AND MANAGEMENT LECTURE 5TALENT ACQUISITION AND MANAGEMENT LECTURE 5
TALENT ACQUISITION AND MANAGEMENT LECTURE 5
 
ConvertKit: Best Email Marketing Tool for 2024
ConvertKit: Best Email Marketing Tool for 2024ConvertKit: Best Email Marketing Tool for 2024
ConvertKit: Best Email Marketing Tool for 2024
 
Mandated reporting powerpoint to help with understanding your role
Mandated reporting powerpoint to help with understanding your roleMandated reporting powerpoint to help with understanding your role
Mandated reporting powerpoint to help with understanding your role
 
Navigating Change Strategies for Effective Transition and Operational Plannin...
Navigating Change Strategies for Effective Transition and Operational Plannin...Navigating Change Strategies for Effective Transition and Operational Plannin...
Navigating Change Strategies for Effective Transition and Operational Plannin...
 

Security Awareness Training by Fortinet

  • 1. Security Awareness Termphong Tanakulpaisal Technical Manager – IT Distribution Co.,LTD
  • 2. Agenda • Introduction to network security – – – – – – How many type of assets in IT system? Which’s the most important asset? Why protect information? (most important one) So we need information security How to achieve the information security >> CIA concept Key success factor summary • Network threats – What’s threat and example? – How to overcome threat? (with security protection concept) – How to overcome threat? (with tools) • Network based protection system • Host based protection system • Case Study
  • 3. Company Assets • Hardware (Physical Assets) • Software • System interfaces (e.g., internal and external connectivity) • Data and information • Persons who support and use the IT system • System mission (e.g., the processes performed by the IT system) • System and data criticality (e.g., the system’s value or importance to an organization) • System and data sensitivity NIST SP 800-30
  • 4. Information Assets • Information is an asset which, like other important business assets, has value to an organization and consequently needs to be suitably protected » ISO/IEC17799: 2000
  • 5. Why Information Assets are the most important? • Business Requirements – – – – Client / customer / stakeholder Marketing Trustworthy Internal management tool • Legal Requirements s ine s Bu – Revenue Department – Stock Exchange of Thailand – Copyright, patents, …. m Co t en em ag n Ma ity inu t on sC c lian p L ith ew qu Re l ga e t en m ire
  • 6. Why Information Assets are the most important? (2) • Contractual Security Obligations – – – – – – – – Intranet connections to other BU Extranets to business partners I rity Remote connections to staff ecu S ion VPN at rm o Inf Customer networks Supplier chains SLA, contracts, outsourcing arrangement Third party access re ct u u str a nfr
  • 7. Why we need information Security? • Information security protects information from wide range of threats in order to – Ensure Business Continuity – Minimize Business Damage – Maximize ROI and Business Opportunities • Business : Stable service to customer • Education : Availability of resources and integrity of information e.g. grade, profile, etc. » ISO/IEC17799: 2000 page iii, Introduction
  • 8. How much should we spend on IT security? Q: How much for that each company should spend or plan for their Information System? A: …………… Baht / year Q: How much for that each company should spend or plan for their Information Security? A: …………… Baht / year
  • 9. Why we need information Security?(2) Business impact Analysis How much does it cost per hour if people in your organization cannot access their information? (Business Impact Analysis) One big Organization -> approx 10 mil / day -> working hours 8 hrs -> 1.25 mil / hr -> 10% margin = 125k / hr if we’ve got 10 sale persons it means that we’ve lose 12,500 baht / hr if 1 salesperson can’t access their information
  • 10. …. some more calculations… • • 100 people start their day clearing junk mails, each receives 20 junk mails per day, each mail needs 10 seconds to open/read/delete Each of these staffs gets average THB18,000 income/month from the company – Company pays THB 102.27/staff/hr – 100 people x 10 sec/mail x 20 mails/day x 220 days/yr = 1,222.2 hrs/year – Company pays for this “clearing junk mail” 125,000 Baht/year • Do you believe that – There are only 20 junk mails per day? – Average time spent is only 10 seconds/junk mail? – You pay only 18,000 Baht/month?
  • 11. …. some more calculations… • What is a typical cost when the system is attack by virus / worm? – – – – – Amount of data destroyed and its cost Man-hour of support staff to clean the virus Idle time of other staff waiting for the system to come back Your customers’ satisfaction Your company’s reputation  So, a company spends …….. Baht each time the virus attacks
  • 12. Security Concept • Security is preservation of confidentiality, integrity and availability of information • Confidentiality – Ensuring that information is accessible only to those authorized to have access • Integrity – Safeguarding the accuracy and completeness of information and processing methods • Availability – Ensuring that authorized users have access to information and associated assets when required » BS7799-2: 2002 page3, 3.1, 3.2, 3.3
  • 13. Key success to obtain CIA • Policy/Process/Pocedure – Clear – Coverage – Compliance – Legal, Standard, guideline etc. • People – Awareness (e.g. Password on screen) – Discipline • Technology – Enablers – Management Tools
  • 14. What is Threat? • Could be anything that harm your system e.g. – – – – – User Hacker/ cracker Virus Spam Etc.
  • 15. Key Factors Driving Threat over network • Internet connection speeds are increasing for SMB as prices and technology improves: – DSL, cable modem, T1 (business class connection services) • Increase in real-time Internet applications – Web apps, VoIP, downloads, etc. require real-time security processing • Everything become online
  • 16. Nowadays threat to you IT system • Non-Computerized system – – – – Masquerade Social Engineering Theft System malfunction (disaster, power interruption) • IT Network Threat – Network Level – Application Level
  • 17. Threat – Network Level • Denial of Services – Services has been disable by excessive workload. • Information sniffing – Information has been tapped and viewed by unauthorized person • Unauthorized access – Low level worker can access to critical information.
  • 18. Sample of Threats  Snooping 202.104.10.5 m-y-p-a-s-s-w-o-r-d 203.152.145.121 Telnet 203.152.145.121 username:daeng password:
  • 19. Sample of Threats (cont.)  3-way handshake 3-way handshake SYN REQ SYN ACK ACK DATA TRANSFER WWW
  • 20. Sample of Threats (cont.)  SYN attack 202.104.10.5 203.152.145.121 2 SYN ACK D=202.104.10.5 S=203.152.145.121 WAIT Internet WWW Attacker 1 SYN REQ D=203.152.145.121 S=202.104.10.5
  • 21. Sample of Threats (cont.)  Smurf Attack ICMP REPLY D=203.152.149.1 S=192.168.1.1 ICMP REPLY D=203.152.149.1 S=192.168.1.2 Internet ICMP REPLY D=203.152.149.1 S=192.168.1.3 ICMP REPLY D=203.152.149.1 S=192.168.1.4 203.152.149.1 ICMP REPLY D=203.152.149.1 S=192.168.1.5 ICMP REPLY D=203.152.149.1 S=192.168.1.6 ICMP REPLY D=203.152.149.1 S=192.168.1.7 ICMP REPLY D=203.152.149.1 S=192.168.1.8 192.168.1.0 ICMP REQ D=192.168.1.255 S=203.152.149.2
  • 22. Threat – Application Level - Virus • Virus vs Worms..? – Virus • Viruses are computer programs that are designed to spread themselves from one file to another on a single computer. • A virus might rapidly infect every application file on an individual computer, or slowly infect the documents on that computer, • but it does not intentionally try to spread itself from that computer to other computers. – Worms • Worms, on the other hand, are insidious • because they rely less (or not at all) upon human behavior in order to spread themselves from one computer to others. • The computer worm is a program that is designed to copy itself from one computer to another over a network (e.g. by using e-mail).
  • 23. Threat – Application Level – Spam Mail • E-mail spoofing – Pretend to be someone e.g. bill_gate@microsoft.com, • Spam Mail – Unsolicited or unwanted e-mail or Phising
  • 24. Threat – Application Level - Desktop  Desktop Threat      Viruses, worms, Trojan, Backdoor Cookies Java Script and Java Applet Zombies network Key logger (Game-Online)
  • 25. How to overcome Threat? • We need “control” which are – Policy & Process security control to provide guideline and framework – People to control user behavior – Technology will be a tool in order to enforced Policy throughout the organization effectively.
  • 26. Policy & Process Control • Policy Compliance – ISO 17799 • Compliance Checking – CobiT Audit Tools • NIST security standard guideline – NIST – 800 series • Organization Control – Business Continuity Plan
  • 27. People Control • Security Awareness Training • Security Learning Continuum – Awareness, Training, Education • Responsibility Control – Need to know basis
  • 28. People Control - Example (2) • Don't install free utilities on your computer • Run the current version of supported antivirus software and set it for regular, automatic updates • Assign a complex, hard-to-guess password to your computer (on-screen, pool) • Be alert for "phishing" scams that can result in identity theft • Promptly apply security "patches" for your operating system. • Activate your system’s firewall (Windows XP & Macintosh OS X)
  • 29. Technology Control • Computer Security is the process of preventing and detecting unauthorized use of your computer • Prevention measures help you to stop unauthorized users (intruders) from accessing any part of you computer network • Detection helps you to determine whether or not someone attempted to break into your system, if they were successful, and what they may have done. • Network and Host Based Security – Security Devices (Hardware) or Security Software
  • 30. Network Security Protection • • • • • Firewall (Access control) IDS/IPS VPN & SSL VPN (Data Encryption) Anti-Spam (preventing un-wanted email) QoS (Quality of Services - Bandwidth Management) • Web Content Filtering • IM & P2P
  • 31. Firewall (Access Control) Web Traffic— customers, partners, employees Email Traffic Applications/Web Services Traffic partners, customers, internal Remote user VPN Traffic remote and mobile users Internal security threat Contractors/disgruntled employees
  • 32. Type of firewall Packet Filter • Type of firewall – Packet filtering – Application Firewall – Stateful Inspection • Type of implementation – – – – Packet Filter Screened host Dual home Host Screen Subnet (DMZ) References: CISSP Certification Screened Host Dual home Host Screened Subnet
  • 34. Intrusion Detection & Intrusion Prevention Solution Known Attacks Laptop Desktop Host IPS Zero-day Attacks Server Core DOS/DDOS Edge Branch Office Network IPS
  • 35. IDS/IPS • Detection & Prevention System • Signature & Behavior & Anomaly based
  • 36. Virtual Private Network (VPN) • Encryption & Decryption • Public Key & Private Key • Encryption Technology – DES – 3DES – AES
  • 38. How serious spam is? • Why do they spam? – 0.0005$ vs 1.21$ -> 0.02B vs 48.4B – 1/100,000 count as success • How much does spam is? <spamcorp.net> – ~6 e-mail/sec 360 e-mail/min 21,600 e-mail/hr • How do they get my e-mail? – Webboard, forum, etc. • Does spam legal? • How to Protect yourself from getting spam?
  • 39. Why Spam Matters for Business • Before: a nuisance -> Today: a serious business problem Problems 1) Lost Employee Productivity Symptoms • Employees deleting spam • Employees complaining about spam 2) Unnecessary IT Costs • • • • 3) Phishing and email fraud • Employees and customers falling victim to fraud and identify theft IT administrator salary Mail server CPU Storage Bandwidth Business Impacts • Employees are spending 50 or more hours per year dealing with spam • With AntiSpam solutions costing $10-15 per year – significant positive ROI • IT administrators responding to help desk tickets to fight spam with no tools • Spam requiring constant upgrading of mail infrastructure capacity • Damage to brand • Support cost
  • 44. Web-Content Filtering • Cracks and Hacks Tools Website – Spyware, Trojan, Virus, etc. • Banner & Advertising – Adware, Toolbar, Spam – Subscribe, Credit card no., etc. • Drugs, Gambling, Weapon, etc. • Pornography, Nude, Adult Materials • Shopping Online (Credit card issues)
  • 45. FortiGuard Web Filtering Enhancements • Block Override – Authoritative user logs in to enable site block override – Bypasses filter block on a user’s session and lasts until timer expires • Rate Image – URL rating capabilities are extended to include image URLs contained in web page – rates gif, jpeg, png, bmp, and tiff images • Web Filter Consolidation – Web filter menu items of URL Exempt, URL Block, and Web Pattern have been consolidated to a single menu item to speed configuration • Active Directory Integration – Single sign-on – Policy based on AD User/Group – Requires FSAE agent software
  • 47. Desktop Security • • • • • Anti – Virus VPN - Client Personal Firewall IDS Web-Filtering – Small group, Home used, Computer Laboratory, etc.
  • 49. Instant Messaging(IM)/Peer-to-Peer(P2P) • IM – Virus – Exploit – Voice Chat • P2P – Bandwidth Usage – Spyware – BackDoor
  • 50. Enterprise IM, P2P Challenges Viruses, worms Worms programmed to chat Virus via malicious URL Rootkit via file install Internet Internet Traffic bottlenecks Confidentiality breech Lack of visibility / management tools • • • • Lack of usage & user controls Protecting against new threats Gaining control of bandwidth usage Management & reporting insight
  • 51. IM & P2P Access Control
  • 53. Regulations Don’t Matter, but Auditors Do
  • 56. Conclusion • PPT • Security system without performance degradation • "You don't put brakes on a car to go slower, you put brakes on a car to go faster, more safely. Along the same lines, IT security is not meant to slow down a company, but rather to enhance and facilitate the growth of a company... safer growth."--Quoted from Gartner Group's Information Security Show, June 2001

Editor's Notes

  1. (The purpose of this slide is to educate customers on why they need both technologies): McAfee Intrusion Prevention delivers business availability by reliably stopping known and unknown attacks on your IT infrastructure. Industry’s most comprehensive intrusion prevention solution protecting servers to desktops and network core to edge from the threat of known, Zero-day and encrypted attacks Utilizing the complementary, overlapping technologies of Entercept and IntruShield, customers benefit from the best of both products: McAfee Entercept 5.0 Firewall and host IPS Integration Behavioral rules &amp; signatures Application-specific protection McAfee IntruShield 2.1 Firewall and network IPS Integration Protection against encrypted attacks Host &amp; network IPS event integration Why customers need both: Network IPS has broad network visibility and is ideal place to detect and block malicious traffic before it can arrive at a host: Frees up host IPS from having to process high volumes of suspicious traffic Platform &amp; application independence means broad coverage for heterogeneous environment Ease of deployment of protection Host IPS is ‘last line of defense’ for attacks that evade other tools, ensuring protection when all other tools fail. Some traffic may avoid detection by NIPS: Contractor plugging in a segment that is behind of a NIPS sensor &amp; attacking a server farm VPN/IP SEC encrypted traffic that appears normal to NIPS Local attack at the server itself
  2. We’re talking about network PROTECTION, which is broader than just SECURITY