Blended Threats and Layered Defenses Security Protection in Today’s Environment Marshall Taylor

Slides:

Advertisements

Similar presentations

Current Security Threats WMO CBS ET-CTS Toulouse, France May 2008 Allan Darling, NOAA’s National Weather Service WMO CBS ET-CTS Toulouse, France.

Advertisements

1 Telstra in Confidence Managing Security for our Mobile Technology.

Security Controls – What Works

Firewall Configuration Strategies

Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia

Chapter 7 HARDENING SERVERS.

Web Servers Security: What You Should Know. The World Wide Web (WWW) is one of the best ways to develop an e-commerce business presence and interact with.

Know the Client Own the Problem Share the Solution The 2005 Case for Information Technology Security October 14, 2004.

GPUG ® Summit 2011 November 8-11 Caesars Palace – Las Vegas, NV Payment Processing Online and Within Dynamics GP PCI Compliance and Secure Payment Processing.

ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.

UNCLASSIFIED Secure Indirect Routing and An Autonomous Enterprise Intrusion Defense System Applied to Mobile ad hoc Networks J. Leland Langston, Raytheon.

CSE 4482, 2009 Session 21 Personal Information Protection and Electronic Documents Act Payment Card Industry standard Web Trust Sys Trust.

Securing Instant Messaging Matt Hsu. Outline Introduction Instant Messaging Primer Instant Messaging Vulnerabilities and Exploits Securing Instant Messaging.

Security Awareness: Applying Practical Security in Your World Chapter 6: Total Security.

Simple and Complex Threats Shape the Future Linda McCarthy Executive Security Advisor November 22, 2003.

Contact Center Security Strategies Grant Sainsbury Practice Director, Dimension Data.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Stephen S. Yau CSE , Fall Security Strategies.

Small Business Security By Donatas Sumyla. Content Introduction Tools Symantec Corp. Company Overview Symantec.com Microsoft Company Overview Small Business.

Payment Card Industry (PCI) Data Security Standard

Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.

The Difficult Road To Cybersecurity Steve Katz, CISSP Security Risk Solutions Steve Katz, CISSP Security.

Cloud Computing How secure is it? Author: Marziyeh Arabnejad Revised/Edited: James Childress April 2014 Tandy School of Computer Science.

CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.

1 Managed Security. 2 Managed Security provides a comprehensive suite of security services to manage and protect your network assets –Managed Firewall.

NUAGA May 22,  IT Specialist, Utah Department of Technology Services (DTS)  Assigned to Department of Alcoholic Beverage Control  PCI Professional.

SEC835 Database and Web application security Information Security Architecture.

PCI requirements in business language What can happen with the cardholder data?

PCI: As complicated as it sounds? Gerry Lawrence CTO

Credit Card Processing Gail “Montreal” Shoffey Keeler August 14, 2007.

Introduction to Payment Card Industry Data Security Standard

Information Security Management: Protecting IT Assets from Current and Future Threats John McCumber Strategic Program Manager.

PATCH MANAGEMENT: Issues and Practical Solutions Presented by: ISSA Vancouver Chapter March 4, 2004.

Honeypot and Intrusion Detection System

Common Cyber Defenses Tom Chothia Computer Security, Lecture 18.

Introduction To Plastic Card Industry (PCI) Data Security Standards (DSS) April 28,2012 Cathy Pettis, SVP ICUL Service Corporation.

Information Assurance Program Manager U.S. Army Europe and Seventh Army Information Assurance in Large-Scale Practice International Scientific NATO PfP/PWP.

Chapter 6 of the Executive Guide manual Technology.

Sample Security Model. Security Model Secure: Identity management & Authentication Filtering and Stateful Inspection Encryption and VPN’s Monitor: Intrusion.

Intrusion Detection Prepared by: Mohammed Hussein Supervised by: Dr. Lo’ai Tawalbeh NYIT- winter 2007.

JEnterprise Suite For Network Monitoring and Security Dr. Sureswaran Ramadass, Dr. Rahmat Budiarto, Mr. Ahmad Manasrah, Mr. M. F. Pasha.

1 Figure 4-16: Malicious Software (Malware) Malware: Malicious software Essentially an automated attack robot capable of doing much damage Usually target-of-opportunity.

PCI Compliance: The Gateway to Paradise PCI Compliance: The Gateway to Paradise.

Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.

ANTIVIRUS SOFTWARE.  Antivirus software is the most widespread mechanism for defending individual hosts against threats associated with malicious software,

1 Managing A Global Corporate Protection Infrastructure Jeannette Jarvis Association of Anti Virus Asia Researchers November 26, 2004.

Lesson 9-Information Security Best Practices. Overview Understanding administrative security. Security project plans. Understanding technical security.

Data Security and Payment Card Acceptance Presented by: Brian Ridder Senior Vice President First National September 10, 2009.

Module 6: Designing Security for Network Hosts

Module 14: Securing Windows Server Overview Introduction to Securing Servers Implementing Core Server Security Hardening Servers Microsoft Baseline.

Managed Security Vikas Khanduri CCIE#13516,CCSP,CCDP,CCNP,MCSE.

Small Business Security Keith Slagle April 24, 2007.

What Can Go Wrong During a Pen-test? Effectively Engaging and Managing a Pen-test.

Module 11: Designing Security for Network Perimeters.

Scott Charney Cybercrime and Risk Management PwC.

Computer Security Status Update FOCUS Meeting, 28 March 2002 Denise Heagerty, CERN Computer Security Officer.

Module 12: Responding to Security Incidents. Overview Introduction to Auditing and Incident Response Designing an Audit Policy Designing an Incident Response.

Computer Security By Duncan Hall.

Implementing Server Security on Windows 2000 and Windows Server 2003 Fabrizio Grossi.

CPT 123 Internet Skills Class Notes Internet Security Session B.

“Lines of Defense” against Malware.. Prevention: Keep Malware off your computer. Limit Damage: Stop Malware that gets onto your computer from doing any.

Sicherheitsaspekte beim Betrieb von IT-Systemen Christian Leichtfried, BDE Smart Energy IBM Austria December 2011.

By: Matt Winkeler.  PCI – Payment Card Industry  DSS – Data Security Standard  PAN – Primary Account Number.

NETWORK SECURITY LAB 1170 REHAB ALFALLAJ CT1406. Introduction There are a number of technologies that exist for the sole purpose of ensuring that the.

Information Security in Laurier Grant Li Wilfrid Laurier University.

Performing Risk Analysis and Testing: Outsource or In-house

Chapter 6: Securing the Cloud

Team 1 – Incident Response

Critical Security Controls

Contact Center Security Strategies

Presentation transcript:

Blended Threats and Layered Defenses Security Protection in Today’s Environment Marshall Taylor

2 – © 2001 Symantec Corporation. Business Trends  Increasing importance of e- business  Disappearing enterprise perimeter  Focus on business continuity  Increasing concern over information attack Frequency Complexity/Virulence Cost Polymorphic Viruses (Tequila) Blended Threats (Code Red, Nimda) Denial-of-Service (Yahoo!, eBay) Mass Mailer Viruses (Love Letter/Melissa) Zombies Viruses Network Intrusions 70,000 60,000 50,000 40,000 30,000 20,000 10,000 Number of Known Threats

3 – © 2001 Symantec Corporation Insider vs. Outsider Attacks (based on % experienced) CSI/FBI Study, 2001 Outsider Insider

4 – © 2001 Symantec Corporation. Policy is Key to Security  Mandate to implement security  Standard to measure security  Basis for all security technology and procedures Policy Standards Procedures, Guidelines & Practices

5 – © 2001 Symantec Corporation. Operational Security Standards  ISO best practice areas  SysTrust requirements established by the AICPA  FISCAM requirements from GAO for U.S. fed. govt.  COBIT requirements established by Information Systems Audit and Control Association (ISACA)  IETF Site and User Security Handbooks  Top 20 Internet Security Threats from SANS  VISA's ten requirements for on-line merchants  Minimum standards of due care from The Center for Internet Security (

6 – © 2001 Symantec Corporation. ISO best practice areas Security Policy Communications & Operations Compliance Environmental & Physical Security Business Continuity Planning Security Organization Personnel Security Classification & Control of Assets System Development & Maintenance System Access Controls

7 – © 2001 Symantec Corporation. Visa’s “Ten Commandments” 1.Install and maintain a working network firewall to protect data accessible via the Internet 2.Keep security patches up-to-date 3.Encrypt stored data accessible from the Internet 4.Encrypt data sent across networks 5.Use and regularly update anti-virus software 6.Restrict access to data by business "need to know" 7.Assign unique IDs to each person with computer access to data 8.Track access to data by unique ID 9.Don't use vendor-supplied defaults for system passwords and other security parameters 10.Regularly test security systems and processes

8 – © 2001 Symantec Corporation. Best Practices that Block Most Attacks  Employ an application layer full inspection firewall  Use automatically updated anti-virus at gateway, server, and client  Ensure security patches are up to date  Ensure passwords are strong  Turn off unnecessary network services

9 – © 2001 Symantec Corporation. Managed Defense In Depth PredictPreventDetectRespondRecover

10 – © 2001 Symantec Corporation. Blended Threats: A Deadly Combination  Blended threats combine hacking, DoS, and worm-like propagation  Can rapidly compromise millions of machines  Often spread without human interaction Klez sadmind BugBear CodeRed Nimda

11 – © 2001 Symantec Corporation. Nimda: 2.2M Systems Infected in 3 Days! 1. Infection of web server via “Code Red”-type attack

12 – © 2001 Symantec Corporation. NIMD A Nimda: 2.2M Systems Infected in 3 Days! 2. Infection via

13 – © 2001 Symantec Corporation. Nimda: 2.2M Systems Infected in 3 Days! 3. Infection via web browsing

14 – © 2001 Symantec Corporation. Nimda: 2.2M Systems Infected in 3 Days! 4. Infection via shared drives

15 – © 2001 Symantec Corporation. NIMDA Nimda: 2.2M Systems Infected in 3 Days! 5. And infection to other files on each infected computer through traditional viral methods

16 – © 2001 Symantec Corporation. Blended Threats Change the Game  Multiple propagation techniques required solutions that are: Multi-function Multi-tier Multi-platform  Blended threats demand superior response capabilities

17 – © 2001 Symantec Corporation. Protecting Against Blended Threats

18 – © 2001 Symantec Corporation. In House Managed Services Best Case Enterprise Security Integrated Solutions Client Security Gateway Security Appliance Point Technologies IDS (host & network) FW/VPN (SW & appliance) AV/CF Vulnerabilities Penetration Testing Decoy Honeypots Early Warning Global Alerts Environment Policy Tools Information Incident Manager Event Managers (AV, FW, IDS) Internal Ghosting Tools External Security Response (LiveUpdate  ) 7x24 Customer Support Consulting Services A lert M anage R espond P rotect Proactive Control

19 – © 2001 Symantec Corporation. Conclusion  Security in the e-Business Age is challenging Perimeter is disappearing, threats are 360 degrees Exploits and hacking tools are readily available Skills required to exploit threats are low and dropping Blended threats will become more sophisticated  Need defense in depth across gateway, server, client Vulnerability management Firewalls and VPNs Anti-virus Content filtering Intrusion detection  Follow best practices to achieve due care  Implement process to manage policy and incidents  Top management support and awareness training are key

20 – © 2001 Symantec Corporation. Marshall Taylor (781)