Presentation is loading. Please wait.

Presentation is loading. Please wait.

Taking on Tomorrow's Challenges Today Taking on Tomorrow's Challenges Today Almost every organisation has been attacked …. But most don’t know about it!

Published byCharlene French Modified over 8 years ago

Similar presentations

Presentation on theme: "Taking on Tomorrow's Challenges Today Taking on Tomorrow's Challenges Today Almost every organisation has been attacked …. But most don’t know about it!"— Presentation transcript:

1 Taking on Tomorrow's Challenges Today Taking on Tomorrow's Challenges Today Almost every organisation has been attacked …. But most don’t know about it! 13 th February 2013

2 What are we going to cover … Why should I care? What is going on out there – and do you really know what is going in your estate? What can I do? Questions?

3 Hands up – if you trust the security of your IT systems? Do you feel safe?…

4 1.Breach of Bar Council Guidelines on Information Security and thus the Data Protection Act 1998 2.Barristers have to work around current IT performance / device limitations 3.ICO attempting to place a fine of £500,000 and the associated bad press ”The policies and procedures of my chamber, not only guarantees, but enforces me and my colleagues to be in breach of the Bar Council Guidelines and the Data Protection Act!!!!” What do legal folk worry about, when it comes to IT security?

5 How are they getting in so easily?...

6 ClientServer Clients Environment

7 Clients environment

8 Accessing a compromised (hacked) website ClientServer Full control of the client

9 Compromised Server Client’s command shell with user’s permission Run commands Found a “protect” folder Inside the “protect” folder, a confidential.txt The content is confidential A closer look at the attack

10 The content is confidential Checking user’s information and domain Discovered Active Directory IP address Discovered user’s privilege in the domain A closer look at the attack Compromised Server

11 Legitimate website, but compromised Runs a Java exploit and starts a Fake AV Fake AV disables firewall, real AV, installs keylogger and hides. Finally creates beacon to C&C server and adds the system to a botnet A common attack – is to just replace the security products on the desktop

12 Client examples Financial ServicesPublic SectorTelecomUK Retailer  Global think tank  Results in 2 weeks of monitoring of one office with 80 users: ▪ 9 Infections (11%) including one zero- day attack ▪ 6 Unique malware types ▪ 5 Successful Call Backs  Top 100; Fortune 500  Results in 2 weeks of monitoring of one office with over 750 employees, covering most of the IT administrators: ▪ 120+ endpoints infected (16%) ▪ ~7k callbacks detected ▪ 15 unique types of malware  2000 Outlets  Results in 3 weeks monitoring communication out of a single UK datacentre: ▪ 34 endpoints infected ▪ 8 Callbacks detected with 2 successful to German C&Cs ▪ 6 unique types of malware  Over $150B in assets  Results from 2 weeks of monitoring of one office with 600 users: ▪ 6 Infections (Help desk, Back Office and a Fund Manager) ▪ Unique malware types ▪ Successful callbacks detected Is the Legal sector a target? …

13 Overview 4 - “Rule 702 of the Code of Conduct states:... must preserve the confidentiality of the lay client's affairs...” Overview 6 - “The use of the term "should" in these guidelines refers to good practice,.....; a general practice which deviates is unlikely to be acceptable.” Overview 8 - “Monetary penalties of up to £500,000 may be imposed....... Such penalties may not be covered by professional indemnity insurance.” Overview 18 – Regular Scans and keep operating systems up to date Overview 19 – Take care to avoid infection Overview 20 – All passwords should be 9 characters and contain at least 3 out of 4 (Upper, Lower, Number, Symbols) Overview 23 – Encrypt portable media Overview 24 – Encrypt disk and folders (when used at home) Overview 28 – Encrypt email Overview 30 – If PDA, smartphone is used for email, strong password and encryption should be used Overview 31/34 – EU email / storage providers should be used Overview 33 – Assure 3 rd party providers Overview 40 – Retention of PII should be reviewed regularly Overview 42 – Strong Disposal What is the Bar Council Guidelines on InfoSec…

14 Text Firewalls NGFW WAF IPS Secure Web Gateways Anti-Spam Gateways Network DLP Host IDS HostEncryption Peirmeter Malware Protection HostAV Host DLP HostApplicationControl Anti- DDOS Info. Rights Encryption NAC and I&AM Patch Management Security Information Event Management Information Security Response (including forensics) Governance, Risk, and Compliance Management Security Testing, Vulnerability Management & Assurance Security Awareness Cloud Encryption Appliances MDM and BYOD Security Organisations need a comprehensive Security Architecture, with the professionals to operate it

15 3 Make everyone aware and make them care Encrypt, Encrypt and then Encrypt some more (31) Monitor your IT estate – incidents can escalate very quickly 1 2

16 16 But don’t forget the basics... Data IdentifyAssessAddressControl

17 Questions?

Download ppt "Taking on Tomorrow's Challenges Today Taking on Tomorrow's Challenges Today Almost every organisation has been attacked …. But most don’t know about it!"

Similar presentations

Embrace Mobility. Without Compromise. The apps they need. On the devices they want. Without sacrificing compliance. Strategic Approach to Mobile Security.

Embrace Mobility. Without Compromise. The apps they need. On the devices they want. Without sacrificing compliance. Strategic Approach to Mobile Security.
INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.

INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.
Palo Alto Networks Jay Flanyak Channel Business Manager

Palo Alto Networks Jay Flanyak Channel Business Manager
Introducing WatchGuard Dimension. Oceans of Log Data The 3 Dimensions of Big Data Volume –“Log Everything - Storage is Cheap” –Becomes too much data –

Introducing WatchGuard Dimension. Oceans of Log Data The 3 Dimensions of Big Data Volume –“Log Everything - Storage is Cheap” –Becomes too much data –
© 2012 IBM Corporation IBM Security Systems 1 © 2014 IBM Corporation IBM Security Network Protection (XGS) Advanced Threat Protection Integration Framework.

© 2012 IBM Corporation IBM Security Systems 1 © 2014 IBM Corporation IBM Security Network Protection (XGS) Advanced Threat Protection Integration Framework.
Website Hardening HUIT IT Security | Sep 30 2011.

Website Hardening HUIT IT Security | Sep
©2012 Check Point Software Technologies Ltd. | [Confidential] For Check Point users and approved third parties Building Your Security Strategy with 3D.

©2012 Check Point Software Technologies Ltd. | [Confidential] For Check Point users and approved third parties Building Your Security Strategy with 3D.
Agenda Do You Need to Be Concerned? Information Risk at Nationwide

Agenda Do You Need to Be Concerned? Information Risk at Nationwide
PCI: As complicated as it sounds? Gerry Lawrence CTO

PCI: As complicated as it sounds? Gerry Lawrence CTO
E-Security: 10 Steps to Protect Your School’s Network NEN – the education network.

E-Security: 10 Steps to Protect Your School’s Network NEN – the education network.
Group 2: Marco Hidalgo Wesley Lao Michelle Marquez-Lim

Group 2: Marco Hidalgo Wesley Lao Michelle Marquez-Lim
Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.

Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.
 INADEQUATE SECURITY POLICIES ›Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA.

 INADEQUATE SECURITY POLICIES ›Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA.
PRIVACY, SECURITY & ID THEFT PREVENTION - TIPS FOR THE VIGILANT BUSINESS - SMALL BUSINESS & ECONOMIC DEVELOPMENT FORUM October 21, 2014 -WITH THANKS TO.

PRIVACY, SECURITY & ID THEFT PREVENTION - TIPS FOR THE VIGILANT BUSINESS - SMALL BUSINESS & ECONOMIC DEVELOPMENT FORUM October 21, WITH THANKS TO.
The Changing World of Endpoint Protection

The Changing World of Endpoint Protection
Data Security and Payment Card Acceptance Presented by: Brian Ridder Senior Vice President First National September 10, 2009.

Data Security and Payment Card Acceptance Presented by: Brian Ridder Senior Vice President First National September 10, 2009.
KTAC Security Task Force Superintendents Update April 23, 2015.

KTAC Security Task Force Superintendents Update April 23, 2015.
BUFFERZONE Advanced Endpoint Security Data Connectors-Charlotte January 2016 Company Confidential.

BUFFERZONE Advanced Endpoint Security Data Connectors-Charlotte January 2016 Company Confidential.
“Lines of Defense” against Malware.. Prevention: Keep Malware off your computer. Limit Damage: Stop Malware that gets onto your computer from doing any.

“Lines of Defense” against Malware.. Prevention: Keep Malware off your computer. Limit Damage: Stop Malware that gets onto your computer from doing any.
Www.cygnia.co.uk 1 1 Advanced Cyber Security Event - Introduction 11 th May 2016 Matt Locker.

1 1 Advanced Cyber Security Event - Introduction 11 th May 2016 Matt Locker.

Similar presentations

Ads by Google