Network Security Overview Ali Shayan 2008.08.06. Network Security Management’s Perspective Dangers: – Negligence – Dereliction of duty – Liable for damaged.

Slides:

Advertisements

Similar presentations

General Security Concepts Ali SHAYAN ZAKARIA 12.May.2010 Kish Island – CITELEX 2010 " The best way to predict the future is to invent it. Alan Kay 1General.

Advertisements

1© Copyright 2014 EMC Corporation. All rights reserved. Securing the Cloud Gintaras Pelenis Field Technologist RSA, the Security Division of EMC

PAGE 1 | Gradient colors RGBRGB Diagrams RGBRGB RGBRGB 166.

Forensic and Investigative Accounting Chapter 16 Cybercrime Loss Valuations © 2011 CCH. All Rights Reserved W. Peterson Ave. Chicago, IL

The costs and benefits related to cyber security breaches Chapter 3 – Gordon & Loeb.

Peter Brudenall & Caroline Evans- Simmons & Simmons Marsh Technology Conference 2005 Zurich, Switzerland. Managing the Security Landscape – Legal and Risk.

Course ILT Security overview Unit objectives Discuss network security Discuss security threat trends and their ramifications Determine the factors involved.

1 An Overview of Computer Security computer security.

Know the Client Own the Problem Share the Solution The 2005 Case for Information Technology Security October 14, 2004.

Reliability and Security. Security How big a problem is security? Perfect security is unattainable Security in the context of a socio- technical system.

What Are Malicious Attacks? Malicious Attacks are any intentional attempts that can compromise the state of your computer. Including but not limited to:

Lecture 11 Reliability and Security in IT infrastructure.

EDUCAUSE/Internet2 Computer and Network Security Task Force Update Jack Suess February 3, 2004.

Unifying the Global Response to Cybercrime Measurement of cybercrime Standardisation across Member States CAMINO’s 3rd Experts Workshop 15th-16th June.

CYBER CRIME AND SECURITY TRENDS

Lecture 11 Reliability and Security in IT infrastructure.

The Difficult Road To Cybersecurity Steve Katz, CISSP Security Risk Solutions Steve Katz, CISSP Security.

Security. If I get 7.5% interest on $5,349.44, how much do I get in a month? (.075/12) = * 5, = $ What happens to the.004? =

© 2009 IDBI Intech, Inc. All rights reserved.IDBI Intech Confidential 1 Information (Data) Security & Risk Mitigation.

1 Internet Security Threat Report X Internet Security Threat Report VI Figure 1.Distribution Of Attacks Targeting Web Browsers.

Copyright, 2005 Pinnacle Entertainment, Inc. 1 Auditing the Windows Network Bart A. Lewin Chief Technology Officer Pinnacle Entertainment, Inc. CS 3-2.

Protecting Mainframe and Distributed Corporate Data from FTP Attacks: Introducing FTP/Security Suite Alessandro Braccia, DBA Sistemi.

2011 / 9/11/ S V E Security for Virtualized Environments The first comprehensive security solution for.

WHAT EVERY RISK MANAGER NEEDS TO KNOW ABOUT DATA SECURITY RIMS Rocky Mountain Chapter Meeting Thursday, July 25, :30 am – 12:30 pm.

Cyber crime & Security Prepared by : Rughani Zarana.

What does “secure” mean? Protecting Valuables

PATCH MANAGEMENT: Issues and Practical Solutions Presented by: ISSA Vancouver Chapter March 4, 2004.

Cyber Security Action against cyber crime. What is cyber security?  Cyber security standards are security standards which enable organizations to practice.

W h y D o I N e e d C y b e r L i a b i l i t y I n s u r a n c e ?

HIPS Host-Based Intrusion Prevention System By Ali Adlavaran & Mahdi Mohamad Pour (M.A. Team) Life’s Live in Code Life.

Note1 (Admi1) Overview of administering security.

International Telecommunication Union Geneva, 9(pm)-10 February 2009 BEST PRACTICES FOR ORGANIZING NATIONAL CYBERSECURITY EFFORTS James Ennis US Department.

Forensic and Investigative Accounting Chapter 16 Cybercrime Loss Valuations © 2013 CCH Incorporated. All Rights Reserved W. Peterson Ave. Chicago,

AUB Department of Electrical and Computer Engineering Imad H. Elhajj American University of Beirut Electrical and Computer Engineering

Enterprise Data Solutions A Better Network. A Better ROI. Martin Matthews Technical Sales Engineer.

OESAI COMPREHENSIVE GENERAL INSURANCE TECHNICAL TRAINING.

CYBER RESILIENCE BEST PRACTICE. To Discuss Why cyber risk management is increasingly challenging How everyone has a role to play in your cyber risk management.

Pacific Northwest Digital Government Summit Security – How Much is Enough? June 20, 2006 SA Kenneth A. Schmutz.

A threat to global security and economy Koushik Mannepalli CMPE 294.

NATIONAL CYBER SECURITY GOVERNANCE & EMERGING CYBER SECURITY THREATS

Security Mindset Lesson Introduction Why is cyber security important?

DATA PROTECTION 2003 THEORY AND PRACTICE OF HANDLING WITH THE COMPUTER CRIME IN THE REPUBLIC OF MACEDONIA Belgrad.

Framework Chapter 1 Panko, Corporate Computer and Network Security Copyright 2002 Prentice-Hall.

FBI Phoenix Computer Crime Squad SA Tom Liffiton 10/23/2003 Maricopa Association of Governments Telecommunications Advisory Group.

Centre of Expertise - Security Securing your business against cybercrime Or surely we do not have anything to worry about...do we?

Network Immunization Real-Time Network Security Raymond R. Hoare, Assistant Professor Department of Electrical Engineering University of Pittsburgh

BY: AUSTIN NEIGH. WHAT IS CYBER WARFARE? Hacking that is politically motivated to conduct sabotage or espionage Form of information warfare Typically.

Information Management System Ali Saeed Khan 29 th April, 2016.

S ECURE E-S YSTEMS AS A COMPETITIVE ADVANTAGE IN A GLOBAL MARKETS By Cade Zvavanjanja Cybersecurity Strategist By Cade Zvavanjanja Cybersecurity Strategist.

PROTECTING YOUR DATA THREATS TO YOUR DATA SECURITY.

Proactive Incident Response

CYBERSECURITY INCIDENCE IN THE FINANCIAL SERVICES SECTOR March 28, 2017 Presented by Osato Omogiafo Head IT Audit.

How Cyber Adversaries Exploit the USA

Cyber Security Zafar Sadik

Executive Director and Endowed Chair

Public Facilities and Cyber Security

Compliance with hardening standards

CSI Survey 2007 Tiffany Gorman

Today’s Risk. Today’s Solutions. Cyber security and

Andy Hall – Cyber & Tech INSURANCE Specialist

Risk of the Internet At Home

Security Agility: Creating a Multi-Disciplinary Framework

LINUX SECURITY Dongmei Wu ID: /25/00.

ISMS Information Security Management System

Threat Trends and Protection Strategies Barbara Laswell, Ph. D

Four Generations of Security Devices Putting IDS in Context

Identity & Access Management

Chapter 9 E-Commerce Security and Fraud Protection

Philip Nichilo Vincent Carestia

Forensic and Investigative Accounting

Presentation transcript:

Network Security Overview Ali Shayan

Network Security Management’s Perspective Dangers: – Negligence – Dereliction of duty – Liable for damaged – Misconduct – Sabotage – Aiding and abetting crime

Network Security Management’s Perspective Issues – Training – Continuity and crisis planning – Assume information security is YOUR responsibility Lack of awareness can lead to negligence and liability!

Understanding Components of an IT Security Audit

Modern Technology Roadmap Early 1990s: Virus scanners Mid 1990s: Firewalls Late 1990s: Over-reliance on encryption (PKI) Early 2000s: Over-reliance on intrusion detection systems (IDS) Late 2000s: Over-reliance on intrusion prevention systems/artificial intelligence

Vulnerabilities There was a total of 7,247 vulnerabilities in 2006, 39.5% more than June was the busiest month of the year with 696 vulnerabilities. Week 46 (the week before Thanksgiving) was the busiest week of 2006 for new vulnerabilities. The most popular day for vulnerability discloser was Tuesday. The top three vulnerable vendor in 2006 were Microsoft, Oracle and Apple percent of all 2006 vulnerabilities could be exploited remotely. Over half (50.6%) of 2006 vulnerabilities would allow an attacker to gain access to the host after successful exploitation.

Vulnerabilities Per Annum Vulnerabilities Count

Vulnerabilities Per Month

Vulnerabilities by Day of Week

Vulnerabilities Weekdays vs. Weekends

Vulnerabilities Top Ten Vulnerable Vendors

From which countries does spam originate?

Incident and Events by Sector

Quantifying by Losses 9 out of 10 businesses affected by cybercrime (FBI 2005) $67.2 billion per year is lost to cybercrime in the USA (FBI 2005) 61% of US computers are compromised (Cyber Security Alliance 2006) Estimated 14,000 – 17,000 Botnet C&Cs (Shadowserver.org)

Notable Trends in Cyber Criminality Motivation: Financial motives are making attackers more sophisticated. Targeted attacks: Attacks are much more targeted than before. Targets: The user and the user workstation (desktop or laptop) becomes the easiest path into the network.

References

Thanks