SlideShare une entreprise Scribd logo

Cyber Security Management in a Highly Innovative World

SafeNet
SafeNet

Cyber attacks are reaching pandemic levels. State-sponsored groups and organized crime are successfully stealing valuable intellectual property—including critical infrastructure and operational readiness information, businesses’ and consumers’ financial data—often without anyone realizing the attack has occurred! But preparedness cannot be delegated solely to the IT department. The involvement of the entire enterprise, armed with an understanding of the highly dynamic landscape, is vital for warding off potential threats. Author: David Etue, VP of CorpDev Strategy, SafeNet Watch the webcast on demand: https://www.brighttalk.com/webcast/6319/75109

Technologie
1  sur  49
Insert Your Name Insert Your Title Insert Date Cyber Security Management In a Highly Innovative World David Etue, VP Corporate Development Strategy, SafeNet June 2013 © SafeNet - All Rights Reserved
Agenda About Me and SafeNet Context Evolving Adversaries, Evolving Threats Evolving Technology, Evolving Dependence Solutions and Ideas
About David Etue @djetue • VP, Corporate Development Strategy at SafeNet • Former Cyber Security Practice Lead [PRTM Management Consultants] (now PwC) • Former VP Products and Markets [Fidelis Security Systems] • Former Manager, Information Security [General Electric Company] • Industry • Faculty: The Institute for Applied Network Security (IANS) • Certified Information Privacy Professional (CIPP/G) • Certified CISO (C|CISO) • Cyber things that interest me • Adversary innovation • Applying intelligence cycle / OODA loop in cyber • Supply chain security • Cloud and virtualization security
Who We Are Trusted to protect the world’s most sensitive data for the world’s most trusted brands. We protect the most money that moves in the world, $1 trillion daily. We protect the most digital identities in the world. We protect the most sensitive information in the world. FOUNDED 1983 REVENUE ~330m EMPLOYEES +1,400 In 25 countries OWENERSHIP Private GLOBAL FOOTPRINT +25,000 Customers in 100 countries ACCREDITED Products certified to the highest security standard
Insert Your Name Insert Your Title Insert Date Context
We Have Finite Resources… We Can Not Protect Everything! http://commons.wikimedia.org/wiki/File:Fdr_sidefront.jpgLufthansa Airbus A380 D-AIMC with the name "Peking" at Stuttgart Lasse Fuss http://commons.wikimedia.org/wiki/File:Lufthansa_A380_D-AIMC.jpg “Black Box”
Consequences: Value & Replaceability http://blog.cognitivedissidents.com/2011/10/24/a-replaceability-continuum/
Misplaced Focus “With the breach-a-week over the last two years, the key determinate was nothing YOU did… but rather was WHO was after you.”
The Control Continuum
Insert Your Name Insert Your Title Insert Date Evolving Adversaries… …Evolving Threats 10
What is a “Threat”? A Threat is an Actor with a Capability and a Motive Threats Are A “Who”, Not a “What”
A Modern Pantheon of Adversary Classes Methods “MetaSploit” DoS Phishing Rootkit SQLi Auth Exfiltration Malware Physical Impacts Reputational Personal Confidentiality Integrity Availability Target Assets Credit Card #s Web Properties Intellectual Property PII / Identity Cyber Infrastructure Core Business Processes Motivations Financial Industrial Military Ideological Political Prestige Actor Classes States Competitors Organized Crime Script Kiddies Terrorists “Hactivists” Insiders Auditors
Methods “MetaSploit” DoS Phishing Rootkit SQLi Auth Exfiltratio n Malware Physical Impacts Reputational Personal Confidentiality Integrity Availability Target Assets Credit Card #s Web Properties Intellectual Property PII / Identity Cyber Infrastructure Core Business Processes Motivations Financial Industrial Military Ideological Political Prestige Actor Classes States Competitors Organized Crime Script Kiddies Terrorists “Hactivists” Insiders Auditors Profiling a Particular Actor
Script Kiddies (aka Casual Adversary) 14 “MetaSploit”, SQLi, Phishing Confidentially, Reputation CCN/Fungible Profit, Prestige Skiddie
Organized Crime Malware, Botnets, Rootkits Confidentially Fungible, Banking Profit Organized Crime
Custom Malware, SpearPhishing, Physi cal, ++ Intellectual Property Trade Secrets Infrastructure Confidentially, Reputation Industrial/Military State/Espionage Adaptive Persistent Adversaries
Hactivists Chaotic Actors DoS, SQLi, Phishing Availability, Confidentiality, Reputation, Personal Web Properties, Individuals, Po licy Ideological and/or LULZ Chaotic Actor
Insert Your Name Insert Your Title Insert Date Evolving Technology… …Evolving Dependence 18
The Value An Organization Delivers Is Driven By Its Differentiation Suppliers & Partners Your Organization Customers Differentiation Intellectual Property Strategy Core Processes
Competitive Differentiation is Dependent on Information and the IT Infrastructure Intellectual Property Strategy Core Processes Information Security’s Mission Is To Protect These Key Digital Assets
Optimizing Security Management Is a Multi-Faceted Challenge Customer Needs Business Needs Regulators (Compliance) Threats
Branch Office Cloud, Virtualization, Mobile, and Consumerization! Oh My! 22 Web 2.0 Application Remote Replication • Sensitive Data on the Rise • More IT Dependency • Compliance • Variety of Threat Actors Growing Risk • Traditional Perimeter GONE! • SaaS, Cloud & Web 2.0 Apps • Collaboration Partners • Growing Mobile Devices No Physical Controls Internet SaaS Cloud Extranet WAN Docs Offline Folders Shared Folders DatabaseGroupware E-Mail Media Flash- drive Data Center Laptop Mobile
Virtualization and Cloud Computing Are Economically Compelling and Here to Stay 23
What Has Changed? Perimeter Layers Collaboration Integrated Amount of Information and Infrastructure Attack Surface Cost of Failure Time As Organizations Have Embraced Technology, the Amount of Information, Attack Surface, and Cost of Failure Have All Skyrocketed!
Another Change: The New Definition of Privilege 25
Privileged Users Even More Powerful In Cloud/VIrt 26 Virtual Machine Virtual Machine Virtual Machine Compute Storage Network Virtual Compute CPU Virtual Storage NAS / SAN Management Database As- A-Service Application Guest OS Application Application Guest OSGuest OS Virtual Network Physical Network Hypervisor Server Application OS CPU Disk Network BEFORE AFTER
Insert Your Name Insert Your Title Insert Date Solutions and Ideas 27
Insert Your Name Insert Your Title Insert Date Adversary ROI
Why Adversary ROI  Adversaries want assets - vulnerabilities are a means  Our attack surface is approaching infinity  Adversaries have scarce resources too Adversaries care if *they* can get a return on investment from an attack, not you…
Adversary ROI Came About By Looking at Risk A risk requires a threat and a vulnerability that results in a negative consequence We have finite resources, and must optimize the entire risk equation for our success! Current State Threat Vulnerability Consequence Proposed State?
Understanding the Risk Equation Risk = Threat + Vulnerability Most Cyber Security programs focused solely on vulnerability management, which necessary but insufficient: • Technology changes at high rate of speed making vulnerability a moving target • Adversary community changes faster than defenders • Attacks quickly move to the most porous layer • End users likely to remain a significant vulnerability Focus of most cyber security programs The Cyber Security “arms race” today focuses Vulnerabilities—Its time to address other variables!
Value Favors the Attacker Public Sensitive Highly Replicable Sensitive Irreplaceable Information Classification AttackerGains Typical IT Security Budget (1-12% of IT Budget) Are you prepared to address a funded nation state targeting your highest value intellectual property?
The Adversary ROI Equation Adversary ROI = Attack Value Cost of the Attack Probability of Success Deterrence Measures (% Chance of Getting Caught x Cost of Getting Caught) Value of Assets Compromised + Adversary Value of Operational Impact X - [ ] Cost of the Attack - ( )
Ability to respond and recover key Impacting Adversary ROI It is typically not desirable to make your assets less valuable Impact of getting caught is typically a government issue Increase adversary “Work Effort” Ability to respond and recover key Increase adversary “Work Effort” Adversary ROI = Attack Value Cost of the Attack Probability of Success Deterrence Measures (% Chance of Getting Caught x Cost of Getting Caught) Value of Assets Compromised + Adversary Value of Operational Impact X - ( ) Cost of the Attack - ( )
Every Organization Should Know The Key Components to This Model Methods Impacts Target Assets Motivations Actor Classes
Insert Your Name Insert Your Title Insert Date The Control Quotient 36
The Control Quotient Definition  Quotient: (from http://www.merriam-webster.com/dictionary/quotient ) • the number resulting from the division of one number by another • the numerical ratio usually multiplied by 100 between a test score and a standard value • quota, share • the magnitude of a specified characteristic or quality  Control Quotient: optimization of a security control based on the maximum efficacy within sphere of control (or influence or trust) of the underlying infrastructure*  *unless there is an independent variable…
Amazon EC2 - IaaS The lower down the stack the Cloud provider stops, the more security you are tactically responsible for implementing & managing yourself. Salesforce - SaaS Google AppEngine - PaaS The Control Quotient and the SPI Stack Stack by Chris Hoff -> CSA
Security Management & GRC Identity/Entity Security Data Security Host Network Infrastructure Security Application Security CSA Cloud Model The Control Quotient and the SPI Stack
CSA Cloud Model Security Management & GRC Identity/Entity Security Data Security Host Network Infrastructure Security Application Security Virtualization, Software Defined Networks, and Public/Hybrid/Community Cloud Forces a Change in How Security Controls Are Evaluated and Deployed The Control Quotient and the SPI Stack
To Be Successful, We Must Focus on the Control Kept (or Gained!), NOT the Control Lost… Half Full or Half Empty?
http://www.flickr.com/photos/markhillary/6342705495 http://www.flickr.com/photos/tallentshow/2399373550 More Than Just Technology…
Insert Your Name Insert Your Title Insert Date The Secure Breach 43
Crunchy on the Outside… 44 http://www.flickr.com/photos/theilr/2240742119/
Time to Secure the Breach 45 Breach Prevention Era Secure Breach Era
Key Enablers to the Secure Breach Encryption (and Key Management) Identity and Access Management with Strong Authentication Segmentation Privilege User Management Detection and Response Capabilities Asset, Configuration, and Change Management 46
4 Step Program For Ushering In the “Secure Breach” Era • Its time to try something new… Introspection • You can’t prevent a perimeter breach… Acceptance • Know your enemies and what they are after… Understanding • Decrease adversary ROI… Action 47
Insert Your Name Insert Your Title Insert Date Thank You! Any questions David Etue @djetue Watch the full webcast on demand: https://www.brighttalk.com/webcast/6319/75109 48
Follow SafeNet on Social Media [Blog] http://data-protection.safenet-inc.com @safenetinc http://www.linkedin.com/company/safenet http://youtube.com/safenetinc http://facebook.com/safenetinc https://plus.google.com/+safenet http://pinterest.com/safenetinc/ http://www.safenet-inc.com/rss.aspx http://www.slideshare.net/SafeNet http://www.govloop.com/group/safenetgov http://www.brighttalk.com/channel/2037 http://community.spiceworks.com/pages/safenetinc 49

Recommandé

Not Going Quietly: Gracefully Losing Control & Adapting to Cloud and Mobility
Not Going Quietly: Gracefully Losing Control & Adapting to Cloud and MobilityNot Going Quietly: Gracefully Losing Control & Adapting to Cloud and Mobility
Not Going Quietly: Gracefully Losing Control & Adapting to Cloud and Mobility
SafeNet
 
Whose Cloud Is It Anyway: Exploring Data Security Ownership and Control
Whose Cloud Is It Anyway: Exploring Data Security Ownership and ControlWhose Cloud Is It Anyway: Exploring Data Security Ownership and Control
Whose Cloud Is It Anyway: Exploring Data Security Ownership and Control
SafeNet
 
Whose Cloud is It Anyway - Data Security in the Cloud
Whose Cloud is It Anyway - Data Security in the CloudWhose Cloud is It Anyway - Data Security in the Cloud
Whose Cloud is It Anyway - Data Security in the Cloud
SafeNet
 
ProtectV - Data Security for the Cloud
ProtectV - Data Security for the CloudProtectV - Data Security for the Cloud
ProtectV - Data Security for the Cloud
SafeNet
 
The Cloud Crossover
The Cloud CrossoverThe Cloud Crossover
The Cloud Crossover
Armor
 
SECURING THE CLOUD DATA LAKES
SECURING THE CLOUD DATA LAKESSECURING THE CLOUD DATA LAKES
SECURING THE CLOUD DATA LAKES
Happiest Minds Technologies
 
Cybersecurity frameworks globally and saudi arabia
Cybersecurity frameworks globally and saudi arabiaCybersecurity frameworks globally and saudi arabia
Cybersecurity frameworks globally and saudi arabia
Faysal Ghauri
 
Cyber security infotech pvt ltd
Cyber security infotech pvt ltdCyber security infotech pvt ltd
Cyber security infotech pvt ltd
Cyber Security Infotech
 

Recommandé

Not Going Quietly: Gracefully Losing Control & Adapting to Cloud and Mobility
Not Going Quietly: Gracefully Losing Control & Adapting to Cloud and MobilityNot Going Quietly: Gracefully Losing Control & Adapting to Cloud and Mobility
Not Going Quietly: Gracefully Losing Control & Adapting to Cloud and Mobility
SafeNet
 
Whose Cloud Is It Anyway: Exploring Data Security Ownership and Control
Whose Cloud Is It Anyway: Exploring Data Security Ownership and ControlWhose Cloud Is It Anyway: Exploring Data Security Ownership and Control
Whose Cloud Is It Anyway: Exploring Data Security Ownership and Control
SafeNet
 
Whose Cloud is It Anyway - Data Security in the Cloud
Whose Cloud is It Anyway - Data Security in the CloudWhose Cloud is It Anyway - Data Security in the Cloud
Whose Cloud is It Anyway - Data Security in the Cloud
SafeNet
 
ProtectV - Data Security for the Cloud
ProtectV - Data Security for the CloudProtectV - Data Security for the Cloud
ProtectV - Data Security for the Cloud
SafeNet
 
The Cloud Crossover
The Cloud CrossoverThe Cloud Crossover
The Cloud Crossover
Armor
 
SECURING THE CLOUD DATA LAKES
SECURING THE CLOUD DATA LAKESSECURING THE CLOUD DATA LAKES
SECURING THE CLOUD DATA LAKES
Happiest Minds Technologies
 
Cybersecurity frameworks globally and saudi arabia
Cybersecurity frameworks globally and saudi arabiaCybersecurity frameworks globally and saudi arabia
Cybersecurity frameworks globally and saudi arabia
Faysal Ghauri
 
Cyber security infotech pvt ltd
Cyber security infotech pvt ltdCyber security infotech pvt ltd
Cyber security infotech pvt ltd
Cyber Security Infotech
 
LIFT OFF 2017: AWS and Cloud Computing
LIFT OFF 2017: AWS and Cloud ComputingLIFT OFF 2017: AWS and Cloud Computing
LIFT OFF 2017: AWS and Cloud Computing
Robert Herjavec
 
Microsoft threat protection + wdatp+ aatp overview
Microsoft threat protection + wdatp+ aatp overviewMicrosoft threat protection + wdatp+ aatp overview
Microsoft threat protection + wdatp+ aatp overview
Allessandra Negri
 
secureit-cloudsecurity-151130141528-lva1-app6892.pdf
secureit-cloudsecurity-151130141528-lva1-app6892.pdfsecureit-cloudsecurity-151130141528-lva1-app6892.pdf
secureit-cloudsecurity-151130141528-lva1-app6892.pdf
YounesChafi1
 
Data loss prevention by using MRSH-v2 algorithm
Data loss prevention by using MRSH-v2 algorithm Data loss prevention by using MRSH-v2 algorithm
Data loss prevention by using MRSH-v2 algorithm
IJECEIAES
 
Practical Security for the Cloud
Practical Security for the CloudPractical Security for the Cloud
Practical Security for the Cloud
Chirag Joshi, CISA, CISM, CRISC
 
Global Mandate to Secure Cloud Computing
Global Mandate to Secure Cloud ComputingGlobal Mandate to Secure Cloud Computing
Global Mandate to Secure Cloud Computing
CloudSecurityAllianceAustralia
 
2017-10-05 Mitigating Cybersecurity and Cyber Fraud risk in Your Organization
2017-10-05 Mitigating Cybersecurity and Cyber Fraud risk in Your Organization2017-10-05 Mitigating Cybersecurity and Cyber Fraud risk in Your Organization
2017-10-05 Mitigating Cybersecurity and Cyber Fraud risk in Your Organization
Raffa Learning Community
 
ASMC 2017 - Martin Vliem - Security < productivity < security: syntax ...
ASMC 2017 - Martin Vliem - Security < productivity < security: syntax ...ASMC 2017 - Martin Vliem - Security < productivity < security: syntax ...
ASMC 2017 - Martin Vliem - Security < productivity < security: syntax ...
PlatformSecurityManagement
 
cyber-security-reference-architecture
cyber-security-reference-architecturecyber-security-reference-architecture
cyber-security-reference-architecture
Birendra Negi ☁️
 
NIST Cybersecurity Framework (CSF) on the Public Cloud
NIST Cybersecurity Framework (CSF) on the Public CloudNIST Cybersecurity Framework (CSF) on the Public Cloud
NIST Cybersecurity Framework (CSF) on the Public Cloud
CloudHesive
 
Securing Your Cloud Applications
Securing Your Cloud ApplicationsSecuring Your Cloud Applications
Securing Your Cloud Applications
IBM Security
 
Managing Cloud Security Risks in Your Organization
Managing Cloud Security Risks in Your OrganizationManaging Cloud Security Risks in Your Organization
Managing Cloud Security Risks in Your Organization
Charles Lim
 
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec
 
Cloud Security Architecture - a different approach
Cloud Security Architecture - a different approachCloud Security Architecture - a different approach
Cloud Security Architecture - a different approach
EC-Council
 
Microsoft Cloud Application Security Overview
Microsoft Cloud Application Security Overview Microsoft Cloud Application Security Overview
Microsoft Cloud Application Security Overview
Syed Sabhi Haider
 
Debunked: 5 Myths About Zero Trust Security
Debunked: 5 Myths About Zero Trust SecurityDebunked: 5 Myths About Zero Trust Security
Debunked: 5 Myths About Zero Trust Security
Centrify Corporation
 
Cloud Computing Security - Cloud Controls Security
Cloud Computing Security - Cloud Controls SecurityCloud Computing Security - Cloud Controls Security
Cloud Computing Security - Cloud Controls Security
Hari Kumar
 
Msft cloud architecture_security_commonattacks
Msft cloud architecture_security_commonattacksMsft cloud architecture_security_commonattacks
Msft cloud architecture_security_commonattacks
Akram Qureshi
 
cloud security ppt
cloud security ppt cloud security ppt
cloud security ppt
Devyani Vaidya
 
Ransomware webinar may 2016 final version external
Ransomware webinar may 2016 final version externalRansomware webinar may 2016 final version external
Ransomware webinar may 2016 final version external
Zscaler
 
John Walsh, Sypris on Cyber Physical Systems - Boston SECoT MeetUp 2015
John Walsh, Sypris on Cyber Physical Systems - Boston SECoT MeetUp 2015John Walsh, Sypris on Cyber Physical Systems - Boston SECoT MeetUp 2015
John Walsh, Sypris on Cyber Physical Systems - Boston SECoT MeetUp 2015
Paul F. Roberts
 
NUS-ISS Learning Day 2019-Architecting security in the digital age
NUS-ISS Learning Day 2019-Architecting security in the digital ageNUS-ISS Learning Day 2019-Architecting security in the digital age
NUS-ISS Learning Day 2019-Architecting security in the digital age
NUS-ISS
 

Contenu connexe

Tendances

Data loss prevention by using MRSH-v2 algorithm
Data loss prevention by using MRSH-v2 algorithm Data loss prevention by using MRSH-v2 algorithm
Data loss prevention by using MRSH-v2 algorithm
IJECEIAES
 
Ransomware webinar may 2016 final version external
Ransomware webinar may 2016 final version externalRansomware webinar may 2016 final version external
Ransomware webinar may 2016 final version external
Zscaler
 

Tendances (20)

LIFT OFF 2017: AWS and Cloud Computing
LIFT OFF 2017: AWS and Cloud ComputingLIFT OFF 2017: AWS and Cloud Computing
LIFT OFF 2017: AWS and Cloud Computing
 
Microsoft threat protection + wdatp+ aatp overview
Microsoft threat protection + wdatp+ aatp overviewMicrosoft threat protection + wdatp+ aatp overview
Microsoft threat protection + wdatp+ aatp overview
 
secureit-cloudsecurity-151130141528-lva1-app6892.pdf
secureit-cloudsecurity-151130141528-lva1-app6892.pdfsecureit-cloudsecurity-151130141528-lva1-app6892.pdf
secureit-cloudsecurity-151130141528-lva1-app6892.pdf
 
Data loss prevention by using MRSH-v2 algorithm
Data loss prevention by using MRSH-v2 algorithm Data loss prevention by using MRSH-v2 algorithm
Data loss prevention by using MRSH-v2 algorithm
 
Practical Security for the Cloud
Practical Security for the CloudPractical Security for the Cloud
Practical Security for the Cloud
 
Global Mandate to Secure Cloud Computing
Global Mandate to Secure Cloud ComputingGlobal Mandate to Secure Cloud Computing
Global Mandate to Secure Cloud Computing
 
2017-10-05 Mitigating Cybersecurity and Cyber Fraud risk in Your Organization
2017-10-05 Mitigating Cybersecurity and Cyber Fraud risk in Your Organization2017-10-05 Mitigating Cybersecurity and Cyber Fraud risk in Your Organization
2017-10-05 Mitigating Cybersecurity and Cyber Fraud risk in Your Organization
 
ASMC 2017 - Martin Vliem - Security < productivity < security: syntax ...
ASMC 2017 - Martin Vliem - Security < productivity < security: syntax ...ASMC 2017 - Martin Vliem - Security < productivity < security: syntax ...
ASMC 2017 - Martin Vliem - Security < productivity < security: syntax ...
 
cyber-security-reference-architecture
cyber-security-reference-architecturecyber-security-reference-architecture
cyber-security-reference-architecture
 
NIST Cybersecurity Framework (CSF) on the Public Cloud
NIST Cybersecurity Framework (CSF) on the Public CloudNIST Cybersecurity Framework (CSF) on the Public Cloud
NIST Cybersecurity Framework (CSF) on the Public Cloud
 
Securing Your Cloud Applications
Securing Your Cloud ApplicationsSecuring Your Cloud Applications
Securing Your Cloud Applications
 
Managing Cloud Security Risks in Your Organization
Managing Cloud Security Risks in Your OrganizationManaging Cloud Security Risks in Your Organization
Managing Cloud Security Risks in Your Organization
 
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
 
Cloud Security Architecture - a different approach
Cloud Security Architecture - a different approachCloud Security Architecture - a different approach
Cloud Security Architecture - a different approach
 
Microsoft Cloud Application Security Overview
Microsoft Cloud Application Security Overview Microsoft Cloud Application Security Overview
Microsoft Cloud Application Security Overview
 
Debunked: 5 Myths About Zero Trust Security
Debunked: 5 Myths About Zero Trust SecurityDebunked: 5 Myths About Zero Trust Security
Debunked: 5 Myths About Zero Trust Security
 
Cloud Computing Security - Cloud Controls Security
Cloud Computing Security - Cloud Controls SecurityCloud Computing Security - Cloud Controls Security
Cloud Computing Security - Cloud Controls Security
 
Msft cloud architecture_security_commonattacks
Msft cloud architecture_security_commonattacksMsft cloud architecture_security_commonattacks
Msft cloud architecture_security_commonattacks
 
cloud security ppt
cloud security ppt cloud security ppt
cloud security ppt
 
Ransomware webinar may 2016 final version external
Ransomware webinar may 2016 final version externalRansomware webinar may 2016 final version external
Ransomware webinar may 2016 final version external
 

Similaire à Cyber Security Management in a Highly Innovative World

ION-E Defense In Depth Presentation for The Institiute of Internal Auditors
ION-E Defense In Depth Presentation for The Institiute of Internal AuditorsION-E Defense In Depth Presentation for The Institiute of Internal Auditors
ION-E Defense In Depth Presentation for The Institiute of Internal Auditors
mdagrossa
 
InfraGard Webinar March 2016 033016 A
InfraGard Webinar March 2016 033016 AInfraGard Webinar March 2016 033016 A
InfraGard Webinar March 2016 033016 A
Ward Pyles
 
Too Small to Get Hacked? Think Again (Webinar)
Too Small to Get Hacked? Think Again (Webinar)Too Small to Get Hacked? Think Again (Webinar)
Too Small to Get Hacked? Think Again (Webinar)
OnRamp
 

Similaire à Cyber Security Management in a Highly Innovative World (20)

John Walsh, Sypris on Cyber Physical Systems - Boston SECoT MeetUp 2015
John Walsh, Sypris on Cyber Physical Systems - Boston SECoT MeetUp 2015John Walsh, Sypris on Cyber Physical Systems - Boston SECoT MeetUp 2015
John Walsh, Sypris on Cyber Physical Systems - Boston SECoT MeetUp 2015
 
NUS-ISS Learning Day 2019-Architecting security in the digital age
NUS-ISS Learning Day 2019-Architecting security in the digital ageNUS-ISS Learning Day 2019-Architecting security in the digital age
NUS-ISS Learning Day 2019-Architecting security in the digital age
 
WHY SOC Services needed?
WHY SOC Services needed?WHY SOC Services needed?
WHY SOC Services needed?
 
Netwatcher Credit Union Tech Talk
Netwatcher Credit Union Tech TalkNetwatcher Credit Union Tech Talk
Netwatcher Credit Union Tech Talk
 
Cyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdfCyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdf
 
Cyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdfCyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdf
 
The CISO Problems Risk Compliance Management in a Software Development 030420...
The CISO Problems Risk Compliance Management in a Software Development 030420...The CISO Problems Risk Compliance Management in a Software Development 030420...
The CISO Problems Risk Compliance Management in a Software Development 030420...
 
CCA study group
CCA study groupCCA study group
CCA study group
 
Information protection and compliance
Information protection and complianceInformation protection and compliance
Information protection and compliance
 
"Evolving Cybersecurity Strategies" - Identity is the new security boundary
"Evolving Cybersecurity Strategies" - Identity is the new security boundary"Evolving Cybersecurity Strategies" - Identity is the new security boundary
"Evolving Cybersecurity Strategies" - Identity is the new security boundary
 
Ivanti Webinar - How to Win Budget and Influence Non-InfoSec Stakeholders
Ivanti Webinar - How to Win Budget and Influence Non-InfoSec StakeholdersIvanti Webinar - How to Win Budget and Influence Non-InfoSec Stakeholders
Ivanti Webinar - How to Win Budget and Influence Non-InfoSec Stakeholders
 
ION-E Defense In Depth Presentation for The Institiute of Internal Auditors
ION-E Defense In Depth Presentation for The Institiute of Internal AuditorsION-E Defense In Depth Presentation for The Institiute of Internal Auditors
ION-E Defense In Depth Presentation for The Institiute of Internal Auditors
 
The Cyber Attack Risk
The Cyber Attack RiskThe Cyber Attack Risk
The Cyber Attack Risk
 
Big Bang Theory: The Evolution of Pentesting High Security Environments
Big Bang Theory: The Evolution of Pentesting High Security EnvironmentsBig Bang Theory: The Evolution of Pentesting High Security Environments
Big Bang Theory: The Evolution of Pentesting High Security Environments
 
Application security meetup 27012021
Application security meetup 27012021Application security meetup 27012021
Application security meetup 27012021
 
InfraGard Webinar March 2016 033016 A
InfraGard Webinar March 2016 033016 AInfraGard Webinar March 2016 033016 A
InfraGard Webinar March 2016 033016 A
 
Too Small to Get Hacked? Think Again (Webinar)
Too Small to Get Hacked? Think Again (Webinar)Too Small to Get Hacked? Think Again (Webinar)
Too Small to Get Hacked? Think Again (Webinar)
 
CSO CXO Series Breakfast
CSO CXO Series BreakfastCSO CXO Series Breakfast
CSO CXO Series Breakfast
 
"Evolving Cybersecurity Strategies" - Threat protection and incident managment
"Evolving Cybersecurity Strategies" - Threat protection and incident managment"Evolving Cybersecurity Strategies" - Threat protection and incident managment
"Evolving Cybersecurity Strategies" - Threat protection and incident managment
 
The Journey to Cyber Resilience in a World of Fear, Uncertainty and Doubt
The Journey to Cyber Resilience in a World of Fear, Uncertainty and DoubtThe Journey to Cyber Resilience in a World of Fear, Uncertainty and Doubt
The Journey to Cyber Resilience in a World of Fear, Uncertainty and Doubt
 

Plus de SafeNet

A Single Strong Authentication Platform for Cloud and On-Premise Applications
A Single Strong Authentication Platform for Cloud and On-Premise ApplicationsA Single Strong Authentication Platform for Cloud and On-Premise Applications
A Single Strong Authentication Platform for Cloud and On-Premise Applications
SafeNet
 
Securing Digital Identities and Transactions in the Cloud Security Guide
Securing Digital Identities and Transactions in the Cloud Security GuideSecuring Digital Identities and Transactions in the Cloud Security Guide
Securing Digital Identities and Transactions in the Cloud Security Guide
SafeNet
 
Securing Network-Attached HSMs: The SafeNet Luna SA Three-Layer Authenticatio...
Securing Network-Attached HSMs: The SafeNet Luna SA Three-Layer Authenticatio...Securing Network-Attached HSMs: The SafeNet Luna SA Three-Layer Authenticatio...
Securing Network-Attached HSMs: The SafeNet Luna SA Three-Layer Authenticatio...
SafeNet
 
Cloud Computing and the Federal Government: Maximizing Trust Supporting the M...
Cloud Computing and the Federal Government: Maximizing Trust Supporting the M...Cloud Computing and the Federal Government: Maximizing Trust Supporting the M...
Cloud Computing and the Federal Government: Maximizing Trust Supporting the M...
SafeNet
 
Hardware Security Modules: Critical to Information Risk Management
Hardware Security Modules: Critical to Information Risk ManagementHardware Security Modules: Critical to Information Risk Management
Hardware Security Modules: Critical to Information Risk Management
SafeNet
 
Strong Authentication: Securing Identities and Enabling Business
Strong Authentication: Securing Identities and Enabling BusinessStrong Authentication: Securing Identities and Enabling Business
Strong Authentication: Securing Identities and Enabling Business
SafeNet
 
A Question of Trust: How Service Providers Can Attract More Customers by Deli...
A Question of Trust: How Service Providers Can Attract More Customers by Deli...A Question of Trust: How Service Providers Can Attract More Customers by Deli...
A Question of Trust: How Service Providers Can Attract More Customers by Deli...
SafeNet
 
Payment Card Security: 12-Steps to Meeting PCI-DSS Compliance with SafeNet
Payment Card Security: 12-Steps to Meeting PCI-DSS Compliance with SafeNetPayment Card Security: 12-Steps to Meeting PCI-DSS Compliance with SafeNet
Payment Card Security: 12-Steps to Meeting PCI-DSS Compliance with SafeNet
SafeNet
 
An Enterprise Guide to Understanding Key Management
An Enterprise Guide to Understanding Key ManagementAn Enterprise Guide to Understanding Key Management
An Enterprise Guide to Understanding Key Management
SafeNet
 
4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...
4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...
4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...
SafeNet
 

Plus de SafeNet (20)

eIDAS Reference Guide
eIDAS Reference GuideeIDAS Reference Guide
eIDAS Reference Guide
 
Cloud Monetization: A Step-by-Step Guide to Optimizing Your SaaS Business Model
Cloud Monetization: A Step-by-Step Guide to Optimizing Your SaaS Business ModelCloud Monetization: A Step-by-Step Guide to Optimizing Your SaaS Business Model
Cloud Monetization: A Step-by-Step Guide to Optimizing Your SaaS Business Model
 
SafeWord 2008 Migration Bundle Building a Fully Trusted Authentication Enviro...
SafeWord 2008 Migration Bundle Building a Fully Trusted Authentication Enviro...SafeWord 2008 Migration Bundle Building a Fully Trusted Authentication Enviro...
SafeWord 2008 Migration Bundle Building a Fully Trusted Authentication Enviro...
 
A Single Strong Authentication Platform for Cloud and On-Premise Applications
A Single Strong Authentication Platform for Cloud and On-Premise ApplicationsA Single Strong Authentication Platform for Cloud and On-Premise Applications
A Single Strong Authentication Platform for Cloud and On-Premise Applications
 
Securing Digital Identities and Transactions in the Cloud Security Guide
Securing Digital Identities and Transactions in the Cloud Security GuideSecuring Digital Identities and Transactions in the Cloud Security Guide
Securing Digital Identities and Transactions in the Cloud Security Guide
 
Securing Network-Attached HSMs: The SafeNet Luna SA Three-Layer Authenticatio...
Securing Network-Attached HSMs: The SafeNet Luna SA Three-Layer Authenticatio...Securing Network-Attached HSMs: The SafeNet Luna SA Three-Layer Authenticatio...
Securing Network-Attached HSMs: The SafeNet Luna SA Three-Layer Authenticatio...
 
Introduction to PKI & SafeNet Luna Hardware Security Modules with Microsoft W...
Introduction to PKI & SafeNet Luna Hardware Security Modules with Microsoft W...Introduction to PKI & SafeNet Luna Hardware Security Modules with Microsoft W...
Introduction to PKI & SafeNet Luna Hardware Security Modules with Microsoft W...
 
Cloud Computing and the Federal Government: Maximizing Trust Supporting the M...
Cloud Computing and the Federal Government: Maximizing Trust Supporting the M...Cloud Computing and the Federal Government: Maximizing Trust Supporting the M...
Cloud Computing and the Federal Government: Maximizing Trust Supporting the M...
 
Hardware Security Modules: Critical to Information Risk Management
Hardware Security Modules: Critical to Information Risk ManagementHardware Security Modules: Critical to Information Risk Management
Hardware Security Modules: Critical to Information Risk Management
 
Strong Authentication: Securing Identities and Enabling Business
Strong Authentication: Securing Identities and Enabling BusinessStrong Authentication: Securing Identities and Enabling Business
Strong Authentication: Securing Identities and Enabling Business
 
Building Trust into eInvoicing: Key Requirements and Strategies
Building Trust into eInvoicing: Key Requirements and StrategiesBuilding Trust into eInvoicing: Key Requirements and Strategies
Building Trust into eInvoicing: Key Requirements and Strategies
 
A Question of Trust: How Service Providers Can Attract More Customers by Deli...
A Question of Trust: How Service Providers Can Attract More Customers by Deli...A Question of Trust: How Service Providers Can Attract More Customers by Deli...
A Question of Trust: How Service Providers Can Attract More Customers by Deli...
 
Payment Card Security: 12-Steps to Meeting PCI-DSS Compliance with SafeNet
Payment Card Security: 12-Steps to Meeting PCI-DSS Compliance with SafeNetPayment Card Security: 12-Steps to Meeting PCI-DSS Compliance with SafeNet
Payment Card Security: 12-Steps to Meeting PCI-DSS Compliance with SafeNet
 
E-Passport: Deploying Hardware Security Modules to Ensure Data Authenticity a...
E-Passport: Deploying Hardware Security Modules to Ensure Data Authenticity a...E-Passport: Deploying Hardware Security Modules to Ensure Data Authenticity a...
E-Passport: Deploying Hardware Security Modules to Ensure Data Authenticity a...
 
SafeNet DataSecure vs. Native SQL Server Encryption
SafeNet DataSecure vs. Native SQL Server EncryptionSafeNet DataSecure vs. Native SQL Server Encryption
SafeNet DataSecure vs. Native SQL Server Encryption
 
Building Trust into DNS: Key Strategies
Building Trust into DNS: Key StrategiesBuilding Trust into DNS: Key Strategies
Building Trust into DNS: Key Strategies
 
Charting Your Path to Enterprise Key Management
Charting Your Path to Enterprise Key ManagementCharting Your Path to Enterprise Key Management
Charting Your Path to Enterprise Key Management
 
Secure PIN Management How to Issue and Change PINs Securely over the Web
Secure PIN Management How to Issue and Change PINs Securely over the WebSecure PIN Management How to Issue and Change PINs Securely over the Web
Secure PIN Management How to Issue and Change PINs Securely over the Web
 
An Enterprise Guide to Understanding Key Management
An Enterprise Guide to Understanding Key ManagementAn Enterprise Guide to Understanding Key Management
An Enterprise Guide to Understanding Key Management
 
4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...
4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...
4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...
 

Dernier

Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
Delhi Call girls
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
Earley Information Science
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
Puma Security, LLC
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
Delhi Call girls
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
Delhi Call girls
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
Enterprise Knowledge
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
Enterprise Knowledge
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
giselly40
 

Dernier (20)

Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 

Cyber Security Management in a Highly Innovative World

  • 1. Insert Your Name Insert Your Title Insert Date Cyber Security Management In a Highly Innovative World David Etue, VP Corporate Development Strategy, SafeNet June 2013 © SafeNet - All Rights Reserved
  • 2. Agenda About Me and SafeNet Context Evolving Adversaries, Evolving Threats Evolving Technology, Evolving Dependence Solutions and Ideas
  • 3. About David Etue @djetue • VP, Corporate Development Strategy at SafeNet • Former Cyber Security Practice Lead [PRTM Management Consultants] (now PwC) • Former VP Products and Markets [Fidelis Security Systems] • Former Manager, Information Security [General Electric Company] • Industry • Faculty: The Institute for Applied Network Security (IANS) • Certified Information Privacy Professional (CIPP/G) • Certified CISO (C|CISO) • Cyber things that interest me • Adversary innovation • Applying intelligence cycle / OODA loop in cyber • Supply chain security • Cloud and virtualization security
  • 4. Who We Are Trusted to protect the world’s most sensitive data for the world’s most trusted brands. We protect the most money that moves in the world, $1 trillion daily. We protect the most digital identities in the world. We protect the most sensitive information in the world. FOUNDED 1983 REVENUE ~330m EMPLOYEES +1,400 In 25 countries OWENERSHIP Private GLOBAL FOOTPRINT +25,000 Customers in 100 countries ACCREDITED Products certified to the highest security standard
  • 5. Insert Your Name Insert Your Title Insert Date Context
  • 6. We Have Finite Resources… We Can Not Protect Everything! http://commons.wikimedia.org/wiki/File:Fdr_sidefront.jpgLufthansa Airbus A380 D-AIMC with the name "Peking" at Stuttgart Lasse Fuss http://commons.wikimedia.org/wiki/File:Lufthansa_A380_D-AIMC.jpg “Black Box”
  • 7. Consequences: Value & Replaceability http://blog.cognitivedissidents.com/2011/10/24/a-replaceability-continuum/
  • 8. Misplaced Focus “With the breach-a-week over the last two years, the key determinate was nothing YOU did… but rather was WHO was after you.”
  • 10. Insert Your Name Insert Your Title Insert Date Evolving Adversaries… …Evolving Threats 10
  • 11. What is a “Threat”? A Threat is an Actor with a Capability and a Motive Threats Are A “Who”, Not a “What”
  • 12. A Modern Pantheon of Adversary Classes Methods “MetaSploit” DoS Phishing Rootkit SQLi Auth Exfiltration Malware Physical Impacts Reputational Personal Confidentiality Integrity Availability Target Assets Credit Card #s Web Properties Intellectual Property PII / Identity Cyber Infrastructure Core Business Processes Motivations Financial Industrial Military Ideological Political Prestige Actor Classes States Competitors Organized Crime Script Kiddies Terrorists “Hactivists” Insiders Auditors
  • 13. Methods “MetaSploit” DoS Phishing Rootkit SQLi Auth Exfiltratio n Malware Physical Impacts Reputational Personal Confidentiality Integrity Availability Target Assets Credit Card #s Web Properties Intellectual Property PII / Identity Cyber Infrastructure Core Business Processes Motivations Financial Industrial Military Ideological Political Prestige Actor Classes States Competitors Organized Crime Script Kiddies Terrorists “Hactivists” Insiders Auditors Profiling a Particular Actor
  • 14. Script Kiddies (aka Casual Adversary) 14 “MetaSploit”, SQLi, Phishing Confidentially, Reputation CCN/Fungible Profit, Prestige Skiddie
  • 16. Custom Malware, SpearPhishing, Physi cal, ++ Intellectual Property Trade Secrets Infrastructure Confidentially, Reputation Industrial/Military State/Espionage Adaptive Persistent Adversaries
  • 17. Hactivists Chaotic Actors DoS, SQLi, Phishing Availability, Confidentiality, Reputation, Personal Web Properties, Individuals, Po licy Ideological and/or LULZ Chaotic Actor
  • 18. Insert Your Name Insert Your Title Insert Date Evolving Technology… …Evolving Dependence 18
  • 19. The Value An Organization Delivers Is Driven By Its Differentiation Suppliers & Partners Your Organization Customers Differentiation Intellectual Property Strategy Core Processes
  • 20. Competitive Differentiation is Dependent on Information and the IT Infrastructure Intellectual Property Strategy Core Processes Information Security’s Mission Is To Protect These Key Digital Assets
  • 21. Optimizing Security Management Is a Multi-Faceted Challenge Customer Needs Business Needs Regulators (Compliance) Threats
  • 22. Branch Office Cloud, Virtualization, Mobile, and Consumerization! Oh My! 22 Web 2.0 Application Remote Replication • Sensitive Data on the Rise • More IT Dependency • Compliance • Variety of Threat Actors Growing Risk • Traditional Perimeter GONE! • SaaS, Cloud & Web 2.0 Apps • Collaboration Partners • Growing Mobile Devices No Physical Controls Internet SaaS Cloud Extranet WAN Docs Offline Folders Shared Folders DatabaseGroupware E-Mail Media Flash- drive Data Center Laptop Mobile
  • 23. Virtualization and Cloud Computing Are Economically Compelling and Here to Stay 23
  • 24. What Has Changed? Perimeter Layers Collaboration Integrated Amount of Information and Infrastructure Attack Surface Cost of Failure Time As Organizations Have Embraced Technology, the Amount of Information, Attack Surface, and Cost of Failure Have All Skyrocketed!
  • 25. Another Change: The New Definition of Privilege 25
  • 26. Privileged Users Even More Powerful In Cloud/VIrt 26 Virtual Machine Virtual Machine Virtual Machine Compute Storage Network Virtual Compute CPU Virtual Storage NAS / SAN Management Database As- A-Service Application Guest OS Application Application Guest OSGuest OS Virtual Network Physical Network Hypervisor Server Application OS CPU Disk Network BEFORE AFTER
  • 27. Insert Your Name Insert Your Title Insert Date Solutions and Ideas 27
  • 28. Insert Your Name Insert Your Title Insert Date Adversary ROI
  • 29. Why Adversary ROI  Adversaries want assets - vulnerabilities are a means  Our attack surface is approaching infinity  Adversaries have scarce resources too Adversaries care if *they* can get a return on investment from an attack, not you…
  • 30. Adversary ROI Came About By Looking at Risk A risk requires a threat and a vulnerability that results in a negative consequence We have finite resources, and must optimize the entire risk equation for our success! Current State Threat Vulnerability Consequence Proposed State?
  • 31. Understanding the Risk Equation Risk = Threat + Vulnerability Most Cyber Security programs focused solely on vulnerability management, which necessary but insufficient: • Technology changes at high rate of speed making vulnerability a moving target • Adversary community changes faster than defenders • Attacks quickly move to the most porous layer • End users likely to remain a significant vulnerability Focus of most cyber security programs The Cyber Security “arms race” today focuses Vulnerabilities—Its time to address other variables!
  • 32. Value Favors the Attacker Public Sensitive Highly Replicable Sensitive Irreplaceable Information Classification AttackerGains Typical IT Security Budget (1-12% of IT Budget) Are you prepared to address a funded nation state targeting your highest value intellectual property?
  • 33. The Adversary ROI Equation Adversary ROI = Attack Value Cost of the Attack Probability of Success Deterrence Measures (% Chance of Getting Caught x Cost of Getting Caught) Value of Assets Compromised + Adversary Value of Operational Impact X - [ ] Cost of the Attack - ( )
  • 34. Ability to respond and recover key Impacting Adversary ROI It is typically not desirable to make your assets less valuable Impact of getting caught is typically a government issue Increase adversary “Work Effort” Ability to respond and recover key Increase adversary “Work Effort” Adversary ROI = Attack Value Cost of the Attack Probability of Success Deterrence Measures (% Chance of Getting Caught x Cost of Getting Caught) Value of Assets Compromised + Adversary Value of Operational Impact X - ( ) Cost of the Attack - ( )
  • 35. Every Organization Should Know The Key Components to This Model Methods Impacts Target Assets Motivations Actor Classes
  • 36. Insert Your Name Insert Your Title Insert Date The Control Quotient 36
  • 37. The Control Quotient Definition  Quotient: (from http://www.merriam-webster.com/dictionary/quotient ) • the number resulting from the division of one number by another • the numerical ratio usually multiplied by 100 between a test score and a standard value • quota, share • the magnitude of a specified characteristic or quality  Control Quotient: optimization of a security control based on the maximum efficacy within sphere of control (or influence or trust) of the underlying infrastructure*  *unless there is an independent variable…
  • 38. Amazon EC2 - IaaS The lower down the stack the Cloud provider stops, the more security you are tactically responsible for implementing & managing yourself. Salesforce - SaaS Google AppEngine - PaaS The Control Quotient and the SPI Stack Stack by Chris Hoff -> CSA
  • 39. Security Management & GRC Identity/Entity Security Data Security Host Network Infrastructure Security Application Security CSA Cloud Model The Control Quotient and the SPI Stack
  • 40. CSA Cloud Model Security Management & GRC Identity/Entity Security Data Security Host Network Infrastructure Security Application Security Virtualization, Software Defined Networks, and Public/Hybrid/Community Cloud Forces a Change in How Security Controls Are Evaluated and Deployed The Control Quotient and the SPI Stack
  • 41. To Be Successful, We Must Focus on the Control Kept (or Gained!), NOT the Control Lost… Half Full or Half Empty?
  • 43. Insert Your Name Insert Your Title Insert Date The Secure Breach 43
  • 44. Crunchy on the Outside… 44 http://www.flickr.com/photos/theilr/2240742119/
  • 45. Time to Secure the Breach 45 Breach Prevention Era Secure Breach Era
  • 46. Key Enablers to the Secure Breach Encryption (and Key Management) Identity and Access Management with Strong Authentication Segmentation Privilege User Management Detection and Response Capabilities Asset, Configuration, and Change Management 46
  • 47. 4 Step Program For Ushering In the “Secure Breach” Era • Its time to try something new… Introspection • You can’t prevent a perimeter breach… Acceptance • Know your enemies and what they are after… Understanding • Decrease adversary ROI… Action 47
  • 48. Insert Your Name Insert Your Title Insert Date Thank You! Any questions David Etue @djetue Watch the full webcast on demand: https://www.brighttalk.com/webcast/6319/75109 48
  • 49. Follow SafeNet on Social Media [Blog] http://data-protection.safenet-inc.com @safenetinc http://www.linkedin.com/company/safenet http://youtube.com/safenetinc http://facebook.com/safenetinc https://plus.google.com/+safenet http://pinterest.com/safenetinc/ http://www.safenet-inc.com/rss.aspx http://www.slideshare.net/SafeNet http://www.govloop.com/group/safenetgov http://www.brighttalk.com/channel/2037 http://community.spiceworks.com/pages/safenetinc 49

Notes de l'éditeur

  1. Economics is the study of how society allocates scarce resources and goods. A well managed Info/Cyber/Security/Assurance program requires intelligent allocation of scarce resources–we can not protect everythingWe can’t build the entire airplane out of the “black box”
  2. Classes of actors can be identified (and even particular actors in some cases)Capabilities can be estimated (and potentially managed by working Governments and Law Enforcement)Motive can be analyzed via “Adversary ROI”
  3. Rorschach Test: http://en.wikipedia.org/wiki/Rorschach_testWe see in Anonymous what we WANT to see.. We project. Our perceptions say more about us than they do about the multitude of subgroups/causes in Anonymous.
  4. http://www.vmware.com/files/pdf/solutions/Business-Value-Virtualization.pdfhttp://aws.amazon.com/free/
  5. When our attack surfaces approach infinity, its easier to manage threatsCONTROL QUOTIENTMost security programs focused solely on vulnerability management, which necessary but insufficientTechnology changes at high rate of speed making vulnerability a moving targetAdversary community changes faster than defendersAttacks quickly move to the most porous layerEnd users likely to remain a significant vulnerability
  6. Serenity prayer