Presentation is loading. Please wait.

Presentation is loading. Please wait.

What are the common problems facing Database Security? Presenters: Group 13 Yichen Jiang, Yingxu Liu Ericka Chickowski, “Five Hurdles That Slow Database.

Published byGerald Todd Modified over 9 years ago

Similar presentations

Presentation on theme: "What are the common problems facing Database Security? Presenters: Group 13 Yichen Jiang, Yingxu Liu Ericka Chickowski, “Five Hurdles That Slow Database."— Presentation transcript:

1 What are the common problems facing Database Security? Presenters: Group 13 Yichen Jiang, Yingxu Liu Ericka Chickowski, “Five Hurdles That Slow Database Security Adoption”, Dark Reading, Mar 20, 2013

2 Overview Why database security is so important? Current technologies Challenges: scale, tech integration, tradeoff

3 Why Database Security is So Important? On March 20, a wave of cyberattacks that targeted South Korean banks and media networks. [1] On March 8, the U.S. National Vulnerability Database (NVD) was taken down due to suspicious activity detected. [2]

4 Why Database Security is So Important? On early March, an anonymous hacker claimed to have attacked a website belonging to the U.S. Department of State. An analyze indicated 199 Email Addresses, 207 Possible Hashed Passwords leaked.[3]

5 Current technologies Database Activity Monitoring (DAM) Interchangeably: ◦ Security Information and Event Management (SIEM) ◦ Security event manager (SEM) ◦ Security information management (SIM)

6 Challenges - Scale (1/3) A small or midsize operation has only dozens or even hundreds of database servers to protect. 40% of Fortune 500 companies have more than 10,000 database servers. Even 20% of those databases require activity monitor and enforce separation of duties, it can easily cost millions.

7 Challenges - Tech integration (2/3) Use DAM for failed log-in detection DAM and SIEM don’t work well together

8 Challenges - Trade off (3/3) Security comes second to performance. When administrators focus on availability, they often overlook configuration issues that can introduce security vulnerabilities and expose confidential data.

9 Reference [1] Kelly Jackson Higgins, “'Loud' Data-Annihilation Cyberattacks Hit South Korean Banks, Media Outlets”, Dark Reading, Mar 20, 2013. [2] Larry Seltzer, “U.S. National Vulnerability Database Hacked”, Dark Reading, Mar 14, 2013. [3] “Anonymous Attacks US State Department Careers Website”, Dark Reading, Mar 14, 2013. [4] Ericka Chickowski, “Five Hurdles That Slow Database Security Adoption”, Dark Reading, Mar 20, 2013

Download ppt "What are the common problems facing Database Security? Presenters: Group 13 Yichen Jiang, Yingxu Liu Ericka Chickowski, “Five Hurdles That Slow Database."

Similar presentations

Protecting Cyber-TA Contributors: Risks and Challenges Vitaly Shmatikov The University of Texas at Austin.

Protecting Cyber-TA Contributors: Risks and Challenges Vitaly Shmatikov The University of Texas at Austin.
UNIT 20 The ex-hacker.

UNIT 20 The ex-hacker.
ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.

ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.
7 Effective Habits when using the Internet Philip O’Kane 1.

7 Effective Habits when using the Internet Philip O’Kane 1.
Csci5931 Web Security1 Case Study: A Forensic Lesson for Web Security (MSS, part one)

Csci5931 Web Security1 Case Study: A Forensic Lesson for Web Security (MSS, part one)
Information Security Jim Cusson, CISSP. Largest Breaches 110,000 2009-11-27 NorthgateArinso, Verity Trustees 6,400 2009-11-25 Aurora St. Luke's Medical.

Information Security Jim Cusson, CISSP. Largest Breaches 110, NorthgateArinso, Verity Trustees 6, Aurora St. Luke's Medical.
ICT & Crime Data theft, phishing & pharming. Data loss/theft Data is often the most valuable commodity any business has. The cost of creating data again.

ICT & Crime Data theft, phishing & pharming. Data loss/theft Data is often the most valuable commodity any business has. The cost of creating data again.
1Balaji.S. 2 COMPUTER NETWORK AND SECURITY 3Balaji.S.

1Balaji.S. 2 COMPUTER NETWORK AND SECURITY 3Balaji.S.
Honeypots Presented by Javier Garcia April 21, 2010.

Honeypots Presented by Javier Garcia April 21, 2010.
Netezza Mantra Cutting edge database activity monitoring technology Shehba Shahab ISM 158 Spring 2010 Prakash Mehra.

Netezza Mantra Cutting edge database activity monitoring technology Shehba Shahab ISM 158 Spring 2010 Prakash Mehra.
Access Control Chapter 3 Part 5 Pages 248 to 252.

Access Control Chapter 3 Part 5 Pages 248 to 252.
Prepared by: Nahed Al-Salah

Prepared by: Nahed Al-Salah
Akamai Confidential©2011 Akamai. In the Cloud Security Highlighting the Need for Defense-in-Depth R. H. Powell IV Director, Government Solutions CISSP.

Akamai Confidential©2011 Akamai. In the Cloud Security Highlighting the Need for Defense-in-Depth R. H. Powell IV Director, Government Solutions CISSP.
1 UNIT 20 The ex-hacker Lecturer: Ghadah Aldehim.

1 UNIT 20 The ex-hacker Lecturer: Ghadah Aldehim.
Ethical Hacking Introduction.  What is Ethical Hacking?  Types of Ethical Hacking  Responsibilities of a ethical hacker  Customer Expectations  Skills.

Ethical Hacking Introduction.  What is Ethical Hacking?  Types of Ethical Hacking  Responsibilities of a ethical hacker  Customer Expectations  Skills.
Ethical Hacking by Shivam.

Ethical Hacking by Shivam.
ITIS 3200: Introduction to Information Security and Privacy Dr. Weichao Wang.

ITIS 3200: Introduction to Information Security and Privacy Dr. Weichao Wang.
Lesson 13-Intrusion Detection. Overview Define the types of Intrusion Detection Systems (IDS). Set up an IDS. Manage an IDS. Understand intrusion prevention.

Lesson 13-Intrusion Detection. Overview Define the types of Intrusion Detection Systems (IDS). Set up an IDS. Manage an IDS. Understand intrusion prevention.
ITIS 6200/8200: Principles of Information Security and Privacy Dr. Weichao Wang.

ITIS 6200/8200: Principles of Information Security and Privacy Dr. Weichao Wang.
Network security policy: best practices

Network security policy: best practices

Similar presentations

Ads by Google