Download presentation
Presentation is loading. Please wait.
Published byCaren Marshall Modified over 9 years ago
1
© 2014 PayPal Inc. All rights reserved. Confidential and proprietary. Leveraging Information to Detect and Prevent Insider Attacks Phoram Mehta Senior Manager, Information Security Management, PayPal
2
© 2014 PayPal Inc. All rights reserved. Confidential and proprietary. 2 AGENDA Problem Definition Solution Challenges Current approaches A (New*) Proposal Q&A
3
© 2014 PayPal Inc. All rights reserved. Confidential and proprietary. 3 Threatsposed by employees, third parties, or malicious software that use legitimate access rights to networks, applications, and sensitive data DEFINITION
4
© 2014 PayPal Inc. All rights reserved. Confidential and proprietary. Is this really a problem? Regular or Rare? T Childs San Francisco Network Administrator Changed admin passwords $900,000, and 60 percent of city services were affected Snowden CIA/NSA/Dell/BAH Leaked top-secret US gov surveillance details National security, and Privacy Phishing RSA SecurID Twitter May 2014? 4
5
© 2014 PayPal Inc. All rights reserved. Confidential and proprietary. Why should I care? 5 Impact Minority but more Damage 40% of data breaches and 1/3 of all malicious attacks 50% more vulnerable – ESG survey
6
© 2014 PayPal Inc. All rights reserved. Confidential and proprietary. 6 Challenges to Solution Scale Cloud Volume APT/New attacks Privacy/Trust
7
© 2014 PayPal Inc. All rights reserved. Confidential and proprietary. A (New*) Approach ALARM AuthN and AuthZ Leakage Detection/Prevention Analytics Risk Management 7 Pre-requisites: Data classification BIA Segmentation like the 80’s
8
© 2014 PayPal Inc. All rights reserved. Confidential and proprietary. 8 Authentication and Authorization They are different In the right places Strong – 2FA, Biometric or SMS Review Don’t forget Physical
9
© 2014 PayPal Inc. All rights reserved. Confidential and proprietary. 9 Leakage Detection and Prevention Each workstation/BYOD Outbound traffic IM/Email/SM Consequences Prevention is very hard
10
© 2014 PayPal Inc. All rights reserved. Confidential and proprietary. 10 Analytics End-to-End event correlation Priv User Pattern recognition Data Visualization Threat models/rules for known incidents Advanced heuristics and prediction
11
© 2014 PayPal Inc. All rights reserved. Confidential and proprietary. 11 Risk Management Current State Business Drivers IP vs Customer data Critical systems Physical Security Vendor Management Cost of Mitigation Company Culture External Obligations Roadmap for Growth
12
Some Sources for Additional Information ESG Insider Threat research - http://www.vormetric.com/sites/default/files/ap_Vor metric-Insider_Threat_ESG_Research_Brief.pdf http://www.vormetric.com/sites/default/files/ap_Vor metric-Insider_Threat_ESG_Research_Brief.pdf SANS Reading Room - http://www.sans.org/reading- room/whitepapers/incident/protecting-insider- attacks-33168 http://www.sans.org/reading- room/whitepapers/incident/protecting-insider- attacks-33168 CINDER (US Mil Insider Threat program) - http://www.darpa.mil/Our_Work/I2O/Programs/Cyb er-Insider_Threat_(CINDER).aspx http://www.darpa.mil/Our_Work/I2O/Programs/Cyb er-Insider_Threat_(CINDER).aspx
13
© 2014 PayPal Inc. All rights reserved. Confidential and proprietary. Q & A Thank You 13
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.