Taking on Tomorrow's Challenges Today Taking on Tomorrow's Challenges Today Almost every organisation has been attacked …. But most don’t know about it!

Slides:



Advertisements
Similar presentations
Embrace Mobility. Without Compromise. The apps they need. On the devices they want. Without sacrificing compliance. Strategic Approach to Mobile Security.
Advertisements

INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.
Palo Alto Networks Jay Flanyak Channel Business Manager
Introducing WatchGuard Dimension. Oceans of Log Data The 3 Dimensions of Big Data Volume –“Log Everything - Storage is Cheap” –Becomes too much data –
© 2012 IBM Corporation IBM Security Systems 1 © 2014 IBM Corporation IBM Security Network Protection (XGS) Advanced Threat Protection Integration Framework.
Website Hardening HUIT IT Security | Sep
©2012 Check Point Software Technologies Ltd. | [Confidential] For Check Point users and approved third parties Building Your Security Strategy with 3D.
Agenda Do You Need to Be Concerned? Information Risk at Nationwide
PCI: As complicated as it sounds? Gerry Lawrence CTO
E-Security: 10 Steps to Protect Your School’s Network NEN – the education network.
Group 2: Marco Hidalgo Wesley Lao Michelle Marquez-Lim
Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.
 INADEQUATE SECURITY POLICIES ›Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA.
PRIVACY, SECURITY & ID THEFT PREVENTION - TIPS FOR THE VIGILANT BUSINESS - SMALL BUSINESS & ECONOMIC DEVELOPMENT FORUM October 21, WITH THANKS TO.
The Changing World of Endpoint Protection
Data Security and Payment Card Acceptance Presented by: Brian Ridder Senior Vice President First National September 10, 2009.
KTAC Security Task Force Superintendents Update April 23, 2015.
BUFFERZONE Advanced Endpoint Security Data Connectors-Charlotte January 2016 Company Confidential.
“Lines of Defense” against Malware.. Prevention: Keep Malware off your computer. Limit Damage: Stop Malware that gets onto your computer from doing any.
1 1 Advanced Cyber Security Event - Introduction 11 th May 2016 Matt Locker.
Company Proprietary and Confidential Texas Association of Community Health Centers - Proprietary and Confidential Fourth and Goal: Score with Meaningful.
The Payment Card Industry Data Security Standard (PCI DSS) is a proprietary information security standard for organizations that handle branded credit.
David Wigley HCC Security Architect Security Trends for 2016.
Protect your Digital Enterprise
Stopping Attacks Before They Stop Business
Advanced Endpoint Security Data Connectors-Charlotte January 2016
Information Technology Acceptable Use An Overview
Performing Risk Analysis and Testing: Outsource or In-house
Ilija Jovičić Sophos Consultant.
Payment Card Industry (PCI) Data Security Standard (DSS) Compliance
Cybersecurity - What’s Next? June 2017
Chapter 7: Identifying Advanced Attacks
Module 3 (Ground Rules and Rules of Engagement)
EN Lecture Notes Spring 2016
Some Methods Phishing Database & Password Exploits Social Engineering & Networking Weak Controls Default Accounts & Passwords Dated Software & Patch.
Data Compromises: A Tax Practitioners “Nightmare”
OWASP CONSUMER TOP TEN SAFE WEB HABITS
Current ‘Hot Topics’ in Information Security Governance Auditing
Your Computer Wants To Ruin Your Life
DETAILED Global CYBERSECURITY SURVEY Summary RESULTS
Forensics Week 11.
Jon Peppler, Menlo Security Channels
MEASURE I CITIZEN’S OVERSIGHT COMMITTEE MEETING
McAfee Security Connected – Next Generation Security
Cybersecurity Awareness
Unfortunately, any small business could face the risk of a data breach or cyber attack. Regardless of how big or small your business is, if your data,
Myths About Web Application Security That You Need To Ignore.
Robert Leonard Information Security Manager Hamilton
Determined Human Adversaries: Mitigations
Risks & Reality Cyber Security Risks & Reality
Payment Card Industry (PCI) Data Security Standard (DSS) Compliance
Intercept X for Server Early Access Program Sophos Tester
Company Overview & Strategy
Cybersecurity Strategy
Payment Card Industry (PCI) Data Security Standard (DSS) Compliance
Security Essentials for Small Businesses
Securing Your Web Application and Database
Protecting Your Information Assets
Securing the Threats of Tomorrow, Today.
County HIPAA Review All Rights Reserved 2002.
Information Security Awareness
Chapter 4: Protecting the Organization
How to Mitigate the Consequences What are the Countermeasures?
REDCap and Data Governance
Faculty of Science IT Department By Raz Dara MA.
Bethesda Cybersecurity Club
Drew Hunt Network Security Analyst Valley Medical Center
Determined Human Adversaries: Mitigations
Introduction to the PACS Security
OSL150 – Get Hands on with Ivanti Endpoint Security
Presentation transcript:

Taking on Tomorrow's Challenges Today Taking on Tomorrow's Challenges Today Almost every organisation has been attacked …. But most don’t know about it! 13 th February 2013

What are we going to cover … Why should I care? What is going on out there – and do you really know what is going in your estate? What can I do? Questions?

Hands up – if you trust the security of your IT systems? Do you feel safe?…

1.Breach of Bar Council Guidelines on Information Security and thus the Data Protection Act Barristers have to work around current IT performance / device limitations 3.ICO attempting to place a fine of £500,000 and the associated bad press ”The policies and procedures of my chamber, not only guarantees, but enforces me and my colleagues to be in breach of the Bar Council Guidelines and the Data Protection Act!!!!” What do legal folk worry about, when it comes to IT security?

How are they getting in so easily?...

ClientServer Clients Environment

Clients environment

Accessing a compromised (hacked) website ClientServer Full control of the client

Compromised Server Client’s command shell with user’s permission Run commands Found a “protect” folder Inside the “protect” folder, a confidential.txt The content is confidential A closer look at the attack

The content is confidential Checking user’s information and domain Discovered Active Directory IP address Discovered user’s privilege in the domain A closer look at the attack Compromised Server

Legitimate website, but compromised Runs a Java exploit and starts a Fake AV Fake AV disables firewall, real AV, installs keylogger and hides. Finally creates beacon to C&C server and adds the system to a botnet A common attack – is to just replace the security products on the desktop

Client examples Financial ServicesPublic SectorTelecomUK Retailer  Global think tank  Results in 2 weeks of monitoring of one office with 80 users: ▪ 9 Infections (11%) including one zero- day attack ▪ 6 Unique malware types ▪ 5 Successful Call Backs  Top 100; Fortune 500  Results in 2 weeks of monitoring of one office with over 750 employees, covering most of the IT administrators: ▪ 120+ endpoints infected (16%) ▪ ~7k callbacks detected ▪ 15 unique types of malware  2000 Outlets  Results in 3 weeks monitoring communication out of a single UK datacentre: ▪ 34 endpoints infected ▪ 8 Callbacks detected with 2 successful to German C&Cs ▪ 6 unique types of malware  Over $150B in assets  Results from 2 weeks of monitoring of one office with 600 users: ▪ 6 Infections (Help desk, Back Office and a Fund Manager) ▪ Unique malware types ▪ Successful callbacks detected Is the Legal sector a target? …

Overview 4 - “Rule 702 of the Code of Conduct states:... must preserve the confidentiality of the lay client's affairs...” Overview 6 - “The use of the term "should" in these guidelines refers to good practice,.....; a general practice which deviates is unlikely to be acceptable.” Overview 8 - “Monetary penalties of up to £500,000 may be imposed Such penalties may not be covered by professional indemnity insurance.” Overview 18 – Regular Scans and keep operating systems up to date Overview 19 – Take care to avoid infection Overview 20 – All passwords should be 9 characters and contain at least 3 out of 4 (Upper, Lower, Number, Symbols) Overview 23 – Encrypt portable media Overview 24 – Encrypt disk and folders (when used at home) Overview 28 – Encrypt Overview 30 – If PDA, smartphone is used for , strong password and encryption should be used Overview 31/34 – EU / storage providers should be used Overview 33 – Assure 3 rd party providers Overview 40 – Retention of PII should be reviewed regularly Overview 42 – Strong Disposal What is the Bar Council Guidelines on InfoSec…

Text Firewalls NGFW WAF IPS Secure Web Gateways Anti-Spam Gateways Network DLP Host IDS HostEncryption Peirmeter Malware Protection HostAV Host DLP HostApplicationControl Anti- DDOS Info. Rights Encryption NAC and I&AM Patch Management Security Information Event Management Information Security Response (including forensics) Governance, Risk, and Compliance Management Security Testing, Vulnerability Management & Assurance Security Awareness Cloud Encryption Appliances MDM and BYOD Security Organisations need a comprehensive Security Architecture, with the professionals to operate it

3 Make everyone aware and make them care Encrypt, Encrypt and then Encrypt some more (31) Monitor your IT estate – incidents can escalate very quickly 1 2

16 But don’t forget the basics... Data IdentifyAssessAddressControl

Questions?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.