Presentation is loading. Please wait.

Presentation is loading. Please wait.

Criticality of Monitoring in Digital World Ananth Kumar Mysore Subbarao 24 July 2016 presentation at 19 th Conference of ISACA Bangalore

Published byMadison Hunt Modified over 8 years ago

Similar presentations

Presentation on theme: "Criticality of Monitoring in Digital World Ananth Kumar Mysore Subbarao 24 July 2016 presentation at 19 th Conference of ISACA Bangalore"— Presentation transcript:

1 Criticality of Monitoring in Digital World Ananth Kumar Mysore Subbarao 24 July 2016 presentation at 19 th Conference of ISACA Bangalore Ananth.subbarao@iirisconsulting.com www.iirisconsulting.com © 2016

2 Table of Contents ■IT before and after Y2K ■Risk to Data ■User Behaviour ■Monitoring.. Just a formality?? ■Typical Monitoring ■Challenges in SME ■Solution.. ISMC ■Advantages ■Case Studies ■Something to think about.. for future

3 IT before Y2K  IT department was known as EDP  Behind a closed doors  Servers and EDP operators hosted together  Printer in a secure room  Any data is moved out mainly as print out  Floppy only mobile storage  No remote access to Data  Software's like WordStar, Lotus 1-2-3 and dBase used  Storage space was in few hundred MB  Network access is restricted  No Internet or WAN

4 IT after Y2K  IT part of every day life  Not everything behind close doors  Servers located in data center 1000s of miles away  Printer access at every nook and corner  Data access in Air, sea and Land  Terabytes on thumb size mobile storage  Data is always accessed remotely  Variety of software including cloud based  Everything is networked  Internet.. No boundaries

5 Risk to Data HackersInternal ThreatsLack of Awareness Cloud Storage Lack of security of mobile Devices Espionage Ever Changing Threat Landscape

6 User Behaviour  Need Data Access 24 / 7  End device controls very weak (especially smart or mobile devices)  Security awareness is just another activity  Working for remote locations (less secure areas)  Security controls are always meant to be for others…  Security.. What is that ?? That is not my responsibility..!!!

7 Monitoring.. Just a formality  Clients / auditors ask for it.. so do some logging  Default setting on devices  Physical and Technology are independent no correlation  Check logs only when there is a incident  More worried about avaliabity of server rather than data movement  User access logging not done since they need large storage space  Advanced tools used but no training of resources

8 Traditional Monitoring CCTV Access Control User Access Network Monitoring Independent systems not interconnected

9 Challenges in SME  Security requirements are high  User awareness issues  Management focus on security is distributed  Budget are low  Security team is multi tasked

10 Solution.. ISMC Integrated Security Monitoring Center

11 Advantages  Correlated View of security controls  Better control over User access and Behavior  Proactive measure to prevent any incidents  Centralized data asset monitoring  Meets International Security standards requirements  Better Management oversight

12 Information Lost to Competitor One of the manufacturing company lost several key market sensitive information to competitor When incident was investigated it was found one of the employee’s who was serving his notice period had stayed back in office after all this colleagues had left for the day. He printed out several documents and carried with him to his new job Could ISMC have prevent it? Yes, provide the access control logs and system access logs were integrated and review in real time

13 Potential Information theft prevented An Alert Security Guard found a camera phone with an employee who was coming out of a secure work area When the employee was investigated it was found, he was come on every weekend to office to take pictures of a confidential process document. Could ISMC have prevent it? Yes, provide the access control logs and system access logs were integrated and reviewed in real time

14 Administrator had unauthorized remote access to servers During a routine walk of system administrator bay one of the managers found a monitor had not screen locked and cursor was moving. That system was assigned to an administrator who was not in office that day. Manager enquired with other system administrators. It was found that system administrator had installed an unauthorized remote login software and was accessing that system from home. This particular system had server farm access. ISMC was a solution in this case as well. This would have helped in real time reconciliation of physical access to system logs

15 Something to think about..  Management will continue to see security as non-revenue generation  Security budgets are shrinking  New technologies available but very expensive  We do lots of certification for personal growth.. Learning should be put to practical use  C.I.A and P.P.T need to be integrated for better results  Expectations from security professional will continue to increase.. Need to find “out of box” solutions

16 THANK YOU www.iirisconsulting.c om

Download ppt "Criticality of Monitoring in Digital World Ananth Kumar Mysore Subbarao 24 July 2016 presentation at 19 th Conference of ISACA Bangalore"

Similar presentations

GCSE ICT Networks & Security..

GCSE ICT Networks & Security..
!! Are we under attack !! Consumer devices continue to invade *Corporate enterprise – just wanting to plug in* Mobile Device Management.

!! Are we under attack !! Consumer devices continue to invade *Corporate enterprise – just wanting to plug in* Mobile Device Management.
CS898T Mobile and Wireless Network Handheld Device Security By Yuan Chen July 25 th, 2005.

CS898T Mobile and Wireless Network Handheld Device Security By Yuan Chen July 25 th, 2005.
The Lucernex Cloud: A software-as-a-service solution delivered via the Cloud What is the Cloud? Cloud Computing is the future of all software applications,

The Lucernex Cloud: A software-as-a-service solution delivered via the Cloud What is the Cloud? Cloud Computing is the future of all software applications,
RbitPoint Computer Network Monitoring Software Complete Software Solution for Controlling all computers from your desk www. samaysoftware. net.

RbitPoint Computer Network Monitoring Software Complete Software Solution for Controlling all computers from your desk www. samaysoftware. net.
General Operation and Facts As of 3/24/2014. Virtual Desktop 1. What is a Virtual Desktop? 2. Why VDI? 3. Installing the Virtual Desktop 4. Accessing.

General Operation and Facts As of 3/24/2014. Virtual Desktop 1. What is a Virtual Desktop? 2. Why VDI? 3. Installing the Virtual Desktop 4. Accessing.
Which server is right for you? Get in Contact with us 021- 671 2170

Which server is right for you? Get in Contact with us
Cloud Computing COMP 1631, Winter 2011 Yanggang Chen.

Cloud Computing COMP 1631, Winter 2011 Yanggang Chen.
Network+ Guide to Networks, Fourth Edition

Network+ Guide to Networks, Fourth Edition
DHS SECURITY INCIDENT REPORTING AND RESPONSE SECURITY INCIDENT REPORTING AND RESPONSE DHS managers, employees, and other authorized information users.

DHS SECURITY INCIDENT REPORTING AND RESPONSE SECURITY INCIDENT REPORTING AND RESPONSE DHS managers, employees, and other authorized information users.
310KM Mobile Commerce Applications Lab/Tutorial 8 Part 3 Team members: Li Chun Yin Pun Hoi Lam Pun Hoi Lam Shek Hin Shing Shek Hin Shing.

310KM Mobile Commerce Applications Lab/Tutorial 8 Part 3 Team members: Li Chun Yin Pun Hoi Lam Pun Hoi Lam Shek Hin Shing Shek Hin Shing.
Discovering Computers Fundamentals, 2011 Edition Living in a Digital World.

Discovering Computers Fundamentals, 2011 Edition Living in a Digital World.
© 2014 Level 3 Communications, LLC. All Rights Reserved. Proprietary and Confidential. Polycom event Security Briefing 12/03/14 Level 3 Managed Security.

© 2014 Level 3 Communications, LLC. All Rights Reserved. Proprietary and Confidential. Polycom event Security Briefing 12/03/14 Level 3 Managed Security.
Network+ Guide to Networks, Fourth Edition Chapter 1 An Introduction to Networking.

Network+ Guide to Networks, Fourth Edition Chapter 1 An Introduction to Networking.
Data Centers and IP PBXs LAN Structures Private Clouds IP PBX Architecture IP PBX Hosting.

Data Centers and IP PBXs LAN Structures Private Clouds IP PBX Architecture IP PBX Hosting.
Mobility Methods for document access while away from the office.

Mobility Methods for document access while away from the office.
1 Networks, advantages & types of What is a network? Two or more computers that are interconnected so they can exchange data, information & resources.

1 Networks, advantages & types of What is a network? Two or more computers that are interconnected so they can exchange data, information & resources.
Network+ Guide to Networks, Fourth Edition Chapter 1 An Introduction to Networking.

Network+ Guide to Networks, Fourth Edition Chapter 1 An Introduction to Networking.
Security Baseline. Definition A preliminary assessment of a newly implemented system Serves as a starting point to measure changes in configurations and.

Security Baseline. Definition A preliminary assessment of a newly implemented system Serves as a starting point to measure changes in configurations and.
1 Panda Malware Radar Discovering hidden threats Channel Presentation Name Date.

1 Panda Malware Radar Discovering hidden threats Channel Presentation Name Date.

Similar presentations

Ads by Google