SlideShare a Scribd company logo

Infrastructure Security by Sivamurthy Hiremath

Download as PPT, PDF
ClubHack
ClubHack

With the development of technology, the interdependence of various infrastructures has increased, which also enhanced their vulnerabilities. The National Information Infrastructure security concerns the nation’s stability and economic security. So far, the research in Internet security primarily focused on securing the information rather than securing the infrastructure itself. The pervasive and ubiquitous nature of the Internet coupled with growing concerns about cyber attacks we need immediate solutions for securing the Internet infrastructure. Given the prevailing threat situation, there is a compelling need to develop Hardware redesign architectures, Algorithms, and Protocols to realize a dependable Internet infrastructure. In order to achieve this goal, the first and foremost step is to develop a comprehensive understanding of the security threats and existing solutions. These attempts to fulfil this important step by providing classification of Security attacks are classified into four main categories: DNS hacking, Routing table poisoning, Packet mistreatment, and Denial-of-Service attacks. We are generally discussing on the existing Infrastructure solutions for each of these categories, and also outline a methodology for developing secured Nation.

Technology
1 of 49
CYBER SECURITY 2012 1 Need for New Approaches to Infrastructure Security By S K HIREMATH ME MAeSI MIETE Assistant Professor skhnda@rediffmail.com
International Cyber Crime Top 10 Perpetrators) 2
Top Ten Countries (Cyber Crime Perpetrators) 3  1. UNITED STATES 66.1%  2. UNITED KINGDOM 10.5%  3. NIGERIA 7.5%  4. CANADA 3.1%  5. CHINA 1.6%  6. SOUTH AFRICA 0.7%  7. GHANA 0.6%  8. SPAIN 0.6%  9. ITALY 0.5%  10. ROMANIA 0.5%
STAKEHOLDER AGENCIES  1 National Information Board (NIB) 4  2 National Crisis Management Committee (NCMC)  3 National Security Council Secretariat (NSCS)  4 Ministry of Home affairs  5 Ministry of Defence  6 Department of Information Technology (DIT)  7 Department of Telecommunications (DoT)  8 National Cyber Response Centre - Indian Computer Emergency Response Team (CERT-In)  9 National Information Infrastructure Protection Centre (NIIPC) 10 National Disaster Management of Authority (NDMA)  11 Standardisation, Testing and Quality Certification (STQC) Directorate  12 Sectoral CERTs
NEED FOR NEW APPROACHES TO INFRASTRUCTURE SECURITY 5 Global infrastructures Security have become more complex and interconnected, their operation and control has become more complicated.  Area works with several government agencies in the area of cyber security to ensure the integrity and availability of the nation’s cyber infrastructure. The performance of the nation’s infrastructure is an essential component of the nation’s economic prosperity. The Infrastructure Security Area seeks to endow the infrastructure with five characteristics: security, reliability, safety, sustainability, and cost effectiveness.
ARCHITECTRUAL DESIGN OF INFRASTRUCTURAL SECURITY 6  Critical Infrastructure Security Systems Video Content Analysis System Thermal Monitoring Systems Access Security Systems Face Recognition System Urban Security Systems Military And Border Security Systems Traffic Control Systems Central Integration Management Systems Building Management Systems
CYBER INFRASTRUCTURE 7
INFRASTRUCTURE SECURITY IDENTIFYING AND SECURING VULNERABILITIES 8  Enterprise Application Security  Identity and Access Management  Infrastructure Security  Security Strategy and Risk Management  Business Continuity and Disaster Recovery Planning  Data Protection & Privacy Planning
9 Security Architecture Security Planning Secure Compliance Roadmaps Network Vulnerability Assessment
10
The Four Phases of Infrastructure Security Engagement 11 Assessment •Business requirements •On-site health assessment of Infrastructure & Processes •Estimate •Conduct Business Interviews •Reporting Requirements •Establish service dependencies Transition Steady State •Establish connectivity •Ongoing Infrastructure Guardian Services •Roles & responsibilities, processes & •Monthly Reporting (Alerts, distributions, procedures assets, health) •Phased onboarding approach •SME Advisory Service •Monitoring/Reporting commences
CORPORATES BOARD 12 • Compliance to international security best practices and demonstration • Pro-active actions to deal with and contain malicious activities, and protecting average end users by say of net traffic monitoring, routing and gateway controls • Keeping pace with changes in security technology and processes to remain current (configuration, patch and vulnerability management)
13 Adequate security of information, resources, and systems that process within a company or organization is a fundamental management responsibility. Management of an organization/agency must understand the current level of security within their infrastructure, and the risks that the organization may be exposed to in today's fully internet-worked environment. The best way to mitigate this risk is to perform a security assessment & associated risk assessment at least once every year.  This will allow company management to address new trends in security vulnerability and penetration, and make informed judgments and investments that will appropriately mitigate these risks to an acceptable level.
14  Conform to legal obligations and cooperate with law enforcement activities including prompt actions on alert/advisories issued by CERT-In • Use of secure product and services and skilled manpower • Crisis management and emergency response. • Periodic training and up gradation of skills for personnel engaged in security related activities • Promote acceptable users’ behaviour in the interest of safe computing both within and outside
National Cyber Security Policy 15 “For secure computing environment and adequate trust & confidence in electronic transactions ”
INFRASRUCTURE CYBER SECURITY 16 Cyber Security consists of sets of techniques, policies, and activities intended to enhance trust and mitigate vulnerabilities inherent in the complex networked devices and services that permeate our lives today
17 “A general rule for cyber security is that it should be implemented ‘top- down’ through direction as well as ‘bottom up’ through technology “
MODEL FOR DESCRIBING INFRSTRUCTURE CYBER SECURITY 18
SECURITY AND SAFETY ARCHITECTURE 19 Sensors and Detectors ( Microwave Systems , Infrared Sensors, Car X-rays, Under Car Inspection Systems, Fence Mounted Sensors ) Physical Equipments (Mushroom Barriers, Road Blockers, Arm Barriers, Turnstile) Access Controls (Face Recognition Systems, Card Readers , Finger Print Readers, other Biometric Access Controls) Video Detection Systems (CCTV, VCA applications, Thermal Camera, Plate Recognition) Data Communication Systems Management Systems (Fire Detection, Call Management, Alarm Management)
  INFRASTRUCTURE SECURITY 20 Network Infrastructure includes networks, network devices, servers, workstations, and other devices. The software running on these devices are also the part of Network Infrastructure. To make sure your network is secure, you should make sure every time a configuration is changed or new device is added, you are not creating a hole in your security. A normal network comprise of routers, firewalls, switches, servers and workstations. A typical layout of network infrastructure devices is shown
Master the tools & techniques for effective information & network security. 21 Discover how to create a complete & sustainable IT security architecture. Gain knowledge on how to develop sound security policy together with your security architecture.  IT governance assessment using CoBIT 4.0( Control Objectives for Information and Related Technology ) Smart security risk assessment within your organization. Gain valuable insights on implementing a proactive & robust security management system. Detect & prevent information security breaches due to inadequate IT security awareness within the organization.
INFRASTRUCTURE SECURITY Network Level Host Level Application Level 22
23 Application Security: Managing business and information risk through solutions for packaged SAP and Oracle ERP, and custom application security.  Infrastructure Security: Providing visibility of information risks and defending enterprise assets through platform security technologies.  Information Risk, Privacy & Strategy: Managing information risk through security strategy, governance, risk and compliance management.  Security Outsourcing & Operations: Enabling application, infrastructure and business risk management through flexible managed services options.
ARCHITECTURE DESIGN OF 24 INFRASTRUCTURE SECURITY
Evolution of Architectures 25 Virtualizatio Virtualization Individual Data n (1 app / Cloud Servers Centers (N apps / server) server) 10 to Utilization 10 to 20 % 15 to 25% 40 to 45 % 60 + % 20 % Security Highest High Lowest
Infrastructure Security covering Data, Identity, Cloud, Threat, Network, Mobile, End User Computing, Virtualization and Cyber Security 26
PORTAL SECURITY ARCHITECTURE 27
CAMPUS DESIGN 28
29
30
31
32
33
CASE STUDY: AMAZON'S EC2 INFRASTRUCTURE  Exploring Information Leakage in Third-Party Compute Clouds”  Multiple VMs of different organizations with virtual boundaries separating each VM can run within one physical server  "virtual machines" still have internet protocol, or IP, addresses, visible to anyone within the cloud.  VMs located on the same physical server tend to have IP addresses that are close to each other and are assigned at the same time  An attacker can set up lots of his own virtual machines, look at their IP addresses, and figure out which one shares the same physical resources as an intended target  Once the malicious virtual machine is placed on the same server as its target, it is possible to carefully monitor how access to resources fluctuates and thereby potentially glean sensitive information about the victim 34
Towards cyber operations - The new role of academic cyber security research and education 35  The cohesive cyber defense requires universities to optimize their campus wide resources to fuse knowledge, intellectual capacity, and practical skills in an unprecedented way in cyber security.  The future will require cyber defense research teams to address not only computer science, electrical engineering, software and hardware security, but also political theory, institutional theory, behavioral science, deterrence theory, ethics, international law, international relations, and additional social sciences.  Academic research centers, evaluating the collective group of research centers' ability to adapt to the shift towards cyber operations, and the challenges therein.
Towards cyber operations - The new role of academic cyber security research and education 36  The shift towards cyber operations represents a shift not only for the defense establishments worldwide but also cyber security research and education.  Traditionally cyber security research and education has been founded on information assurance, expressed in underlying subfields such as forensics, network security, and penetration testing.  Cyber security research and education is connected to the security agencies and defense through funding, mutual interest in the outcome of the research, and the potential job market for graduates.  The future of cyber security is both defensive information assurance measures and active defense driven information operations that jointly and coordinately are launched, in the pursuit of a cohesive and decisive execution of the national cyber defense strategy.
ONLINE ASSESSMENT FOR HANDS-ON CYBER SECURITY TRAINING IN A VIRTUAL LAB 37  Online (self) assessment is an important functionality e-learning courseware, especially if the system is intended for use in distant learning courses.  Precisely for hands-on exercises, the implementation of effective and cheating-proof assessment tests poses a great challenge.  That is because of the static characteristics of exercise scenarios in the laboratories: adopting the environment for the provision of a “unique” hands-on experience for every student in a manual manner is connected with enormous maintenance efforts and thus not scalable to a large number of students.  This work presents a software solution for the assessment of practical exercises in an online lab based on virtual machine technology.  The basic idea is to formally parameterize the exercise scenarios and implement a toolkit for the dynamic reconfiguration of virtual machines in order to adopt the defined parameters for the training environment.  The actual values of these parameters come to use again in the dynamic generation of multiple-choice or free-text answer tests for a web-based e-assessment environment.
COMPUTATIONAL INTELLIGENCE IN CYBER SECURITY 38  Fuzzy Logic  Evolutionary Computation,  Intelligent Agent Systems  Neural Networks  Artificial Immune Systems and other similar computational models.  A Survey of Security Challenges in Cognitive Radio Networks: Solutions and Future Research Directions
39  Security evaluation of data exchange path in infrastructure networks ( This method is based on Floyd-Warshall shortest path algorithm in MATLAB) Improving Network Infrastructure Security using Geospatial Technology.  A survey of information-centric networking  Aviation communication infrastructure security
Aircraft systems cyber security 40 Aircraft manufacturers, avionics / electronics vendors, and owners / operators are implementing technologies (e.g. packet switching devices, wireless interfaces) that are easier to implement, reduce cost /size /weight /power, and increase connectivity but could potentially introduce cyber security vulnerabilities that affect aircraft safety.
LIFECYCLE INFRASTRUCTURE SECURITY SERVICES 41
Conclusions/Recommendations 42  Efforts to promote cyber security in Academics as a Capacity Building  Support International Cooperation cyber security community  Cyber Security forums announced in December 2011 that that "there’s no such thing as ‘secure’ any more...”  Cyber security community has settled on Continuous Monitoring (CM)
 NEED FOR AN INTERNATIONAL CONVENTION ON CYBERSPACE 43  THE FUTURE OF CYBER SECURITY IS IN THE HANDS OF CORPORATE BOARDS  WHY CURRENT SECURITY PARADIGMS ARE LIKELY TO FAIL - THE FUTURE OF CYBER SECURITY  * SECURITY DATA VISUALIZATION  * ONLINE PRIVACY  * SECURE AND USABLE INTERFACE DESIGN  * CYBER WARFARE
44 Promoting a comprehensive national program  Fostering adequate training and education programs to support the Nation’s information security needs (Ex School, college and post graduate programs on IT security)  Increase in the efficiency of existing information security training programs and devise domain specific training programs (ex: Law Enforcement, Judiciary, E-Governance etc)  Promoting private-sector support for well-coordinated, widely recognized professional information security certifications
SURVEY ON DEMAND AND SUPPLY CHAIN 45 • Chief information security officer (CISO) • System operations and maintenance personnel • Network security specialists • Digital forensics and incident response analysis • Implementation of information security and auditing • Vulnerability analyst • Information security systems and software development • Acquisition of technology • Techno-legal • Law enforcement
The Thrust areas of R&D include: • Cryptography and cryptanalysis research and related 46 aspects • Network Security – including wireless & Radio (WiFi. WiMax, 3G, GPRS) • System Security including Biometrics • Security architecture • Monitoring and Surveillance • Vulnerability Remediation & Assurance • Cyber Forensics • Malware Analysis Tools • Scalable trust worth systems and networks • Identity Management  Situational understanding and Attack attribution • Survivability of critical systems and networks.
E-GOV 47
“Management Invests in the IT Infrastructure system; But IT Leadership work on development of Secure Technology of IT Infrastructure system .” 48 ANY QUESTIONS PLEASE ?
The Infrastructure Security develops and applies technologies and analytical approaches to secure the nation’s infrastructure against natural or malicious disruption and we seek our vision towards independent and secure future of our Country. 49 THANK YOU!!! CONTACT US skhnda@rediffmail.com Mobile No: 9765069841

Recommended

IT infrastructure security 101
IT infrastructure security 101IT infrastructure security 101
IT infrastructure security 101April Mardock CISSP
 
PGP S/MIME
PGP S/MIMEPGP S/MIME
PGP S/MIMESou Jana
 
Subnetting
SubnettingSubnetting
SubnettingGichelle Amon
 
Message passing ( in computer science)
Message passing ( in computer science)Message passing ( in computer science)
Message passing ( in computer science)Computer_ at_home
 
Email security presentation
Email security presentationEmail security presentation
Email security presentationSubhradeepMaji
 
OSI Model - Open Systems Interconnection
OSI Model - Open Systems InterconnectionOSI Model - Open Systems Interconnection
OSI Model - Open Systems InterconnectionAdeel Rasheed
 
Intrusion Detection System
Intrusion Detection SystemIntrusion Detection System
Intrusion Detection SystemMohit Belwal
 
Intrusion detection system ppt
Intrusion detection system pptIntrusion detection system ppt
Intrusion detection system pptSheetal Verma
 

Recommended

IT infrastructure security 101
IT infrastructure security 101IT infrastructure security 101
IT infrastructure security 101April Mardock CISSP
 
PGP S/MIME
PGP S/MIMEPGP S/MIME
PGP S/MIMESou Jana
 
Subnetting
SubnettingSubnetting
SubnettingGichelle Amon
 
Message passing ( in computer science)
Message passing ( in computer science)Message passing ( in computer science)
Message passing ( in computer science)Computer_ at_home
 
Email security presentation
Email security presentationEmail security presentation
Email security presentationSubhradeepMaji
 
OSI Model - Open Systems Interconnection
OSI Model - Open Systems InterconnectionOSI Model - Open Systems Interconnection
OSI Model - Open Systems InterconnectionAdeel Rasheed
 
Intrusion Detection System
Intrusion Detection SystemIntrusion Detection System
Intrusion Detection SystemMohit Belwal
 
Intrusion detection system ppt
Intrusion detection system pptIntrusion detection system ppt
Intrusion detection system pptSheetal Verma
 
Token bus
Token busToken bus
Token busDenver Rockfreak
 
Definition of cloud computing
Definition of cloud computingDefinition of cloud computing
Definition of cloud computingGOVERNMENT COLLEGE OF ENGINEERING,TIRUNELVELI
 
KHNOG 3: DDoS Attack Prevention
KHNOG 3: DDoS Attack PreventionKHNOG 3: DDoS Attack Prevention
KHNOG 3: DDoS Attack PreventionAPNIC
 
What is SSL ? The Secure Sockets Layer (SSL) Protocol
What is SSL ? The Secure Sockets Layer (SSL) ProtocolWhat is SSL ? The Secure Sockets Layer (SSL) Protocol
What is SSL ? The Secure Sockets Layer (SSL) ProtocolMohammed Adam
 
Intrusion detection system
Intrusion detection systemIntrusion detection system
Intrusion detection systemAkhil Kumar
 
TCP over wireless slides
TCP over wireless slidesTCP over wireless slides
TCP over wireless slidesMahesh Rajawat
 
Visual CryptoGraphy
Visual CryptoGraphyVisual CryptoGraphy
Visual CryptoGraphypallavikhandekar212
 
How Hashing Algorithms Work
How Hashing Algorithms WorkHow Hashing Algorithms Work
How Hashing Algorithms WorkCheapSSLsecurity
 
Wireless network security
Wireless network securityWireless network security
Wireless network securityShahid Beheshti University
 
Protocol for Secure Communication
Protocol for Secure CommunicationProtocol for Secure Communication
Protocol for Secure Communicationchauhankapil
 
Adhoc wireless
Adhoc wirelessAdhoc wireless
Adhoc wirelessIpsita Sharma
 
VPN & FIREWALL
VPN & FIREWALLVPN & FIREWALL
VPN & FIREWALLMoin Islam
 
The Osi Model And Layers
The Osi Model And LayersThe Osi Model And Layers
The Osi Model And LayersKathleenSSmith
 
ATM Networking Concept
ATM Networking ConceptATM Networking Concept
ATM Networking ConceptTushar Ranjan
 
Power Saving in Wireless Sensor Networks
Power Saving in Wireless Sensor NetworksPower Saving in Wireless Sensor Networks
Power Saving in Wireless Sensor NetworksMshari Alabdulkarim
 
Network Security Applications
Network Security ApplicationsNetwork Security Applications
Network Security ApplicationsHatem Mahmoud
 
Cybersecurity
CybersecurityCybersecurity
CybersecurityA. Shamel
 
Cryptography on cloud
Cryptography on cloudCryptography on cloud
Cryptography on cloudkrprashant94
 
Web security
Web securityWeb security
Web securitySubhash Basistha
 
[9] Firewall.pdf
[9] Firewall.pdf[9] Firewall.pdf
[9] Firewall.pdflamtran367679
 
Infrastructure security
Infrastructure security Infrastructure security
Infrastructure security Adhar kashyap
 
Cloud security From Infrastructure to People-ware
Cloud security From Infrastructure to People-wareCloud security From Infrastructure to People-ware
Cloud security From Infrastructure to People-wareTzar Umang
 

More Related Content

What's hot

KHNOG 3: DDoS Attack Prevention
KHNOG 3: DDoS Attack PreventionKHNOG 3: DDoS Attack Prevention
KHNOG 3: DDoS Attack PreventionAPNIC
 
What is SSL ? The Secure Sockets Layer (SSL) Protocol
What is SSL ? The Secure Sockets Layer (SSL) ProtocolWhat is SSL ? The Secure Sockets Layer (SSL) Protocol
What is SSL ? The Secure Sockets Layer (SSL) ProtocolMohammed Adam
 
Intrusion detection system
Intrusion detection systemIntrusion detection system
Intrusion detection systemAkhil Kumar
 
TCP over wireless slides
TCP over wireless slidesTCP over wireless slides
TCP over wireless slidesMahesh Rajawat
 
How Hashing Algorithms Work
How Hashing Algorithms WorkHow Hashing Algorithms Work
How Hashing Algorithms WorkCheapSSLsecurity
 
Protocol for Secure Communication
Protocol for Secure CommunicationProtocol for Secure Communication
Protocol for Secure Communicationchauhankapil
 
VPN & FIREWALL
VPN & FIREWALLVPN & FIREWALL
VPN & FIREWALLMoin Islam
 
The Osi Model And Layers
The Osi Model And LayersThe Osi Model And Layers
The Osi Model And LayersKathleenSSmith
 
ATM Networking Concept
ATM Networking ConceptATM Networking Concept
ATM Networking ConceptTushar Ranjan
 
Power Saving in Wireless Sensor Networks
Power Saving in Wireless Sensor NetworksPower Saving in Wireless Sensor Networks
Power Saving in Wireless Sensor NetworksMshari Alabdulkarim
 
Network Security Applications
Network Security ApplicationsNetwork Security Applications
Network Security ApplicationsHatem Mahmoud
 
Cybersecurity
CybersecurityCybersecurity
CybersecurityA. Shamel
 
Cryptography on cloud
Cryptography on cloudCryptography on cloud
Cryptography on cloudkrprashant94
 

What's hot (20)

Token bus
Token busToken bus
Token bus
 
Definition of cloud computing
Definition of cloud computingDefinition of cloud computing
Definition of cloud computing
 
KHNOG 3: DDoS Attack Prevention
KHNOG 3: DDoS Attack PreventionKHNOG 3: DDoS Attack Prevention
KHNOG 3: DDoS Attack Prevention
 
What is SSL ? The Secure Sockets Layer (SSL) Protocol
What is SSL ? The Secure Sockets Layer (SSL) ProtocolWhat is SSL ? The Secure Sockets Layer (SSL) Protocol
What is SSL ? The Secure Sockets Layer (SSL) Protocol
 
Intrusion detection system
Intrusion detection systemIntrusion detection system
Intrusion detection system
 
TCP over wireless slides
TCP over wireless slidesTCP over wireless slides
TCP over wireless slides
 
Visual CryptoGraphy
Visual CryptoGraphyVisual CryptoGraphy
Visual CryptoGraphy
 
How Hashing Algorithms Work
How Hashing Algorithms WorkHow Hashing Algorithms Work
How Hashing Algorithms Work
 
Wireless network security
Wireless network securityWireless network security
Wireless network security
 
Protocol for Secure Communication
Protocol for Secure CommunicationProtocol for Secure Communication
Protocol for Secure Communication
 
Adhoc wireless
Adhoc wirelessAdhoc wireless
Adhoc wireless
 
VPN & FIREWALL
VPN & FIREWALLVPN & FIREWALL
VPN & FIREWALL
 
The Osi Model And Layers
The Osi Model And LayersThe Osi Model And Layers
The Osi Model And Layers
 
ATM Networking Concept
ATM Networking ConceptATM Networking Concept
ATM Networking Concept
 
Power Saving in Wireless Sensor Networks
Power Saving in Wireless Sensor NetworksPower Saving in Wireless Sensor Networks
Power Saving in Wireless Sensor Networks
 
Network Security Applications
Network Security ApplicationsNetwork Security Applications
Network Security Applications
 
Cybersecurity
CybersecurityCybersecurity
Cybersecurity
 
Cryptography on cloud
Cryptography on cloudCryptography on cloud
Cryptography on cloud
 
Web security
Web securityWeb security
Web security
 
[9] Firewall.pdf
[9] Firewall.pdf[9] Firewall.pdf
[9] Firewall.pdf
 

Viewers also liked

Infrastructure security
Infrastructure security Infrastructure security
Infrastructure security Adhar kashyap
 
Cloud security From Infrastructure to People-ware
Cloud security From Infrastructure to People-wareCloud security From Infrastructure to People-ware
Cloud security From Infrastructure to People-wareTzar Umang
 
VMware vCloud Air: Security Infrastructure and Process Overview
VMware vCloud Air: Security Infrastructure and Process OverviewVMware vCloud Air: Security Infrastructure and Process Overview
VMware vCloud Air: Security Infrastructure and Process OverviewVMware
 
The Importance of Consolidating Your Infrastructure Security – by United Secu...
The Importance of Consolidating Your Infrastructure Security – by United Secu...The Importance of Consolidating Your Infrastructure Security – by United Secu...
The Importance of Consolidating Your Infrastructure Security – by United Secu...United Security Providers AG
 
Key Findings from Arbor's Tenth World-Wide Infrastructure Security Report
Key Findings from Arbor's Tenth World-Wide Infrastructure Security ReportKey Findings from Arbor's Tenth World-Wide Infrastructure Security Report
Key Findings from Arbor's Tenth World-Wide Infrastructure Security ReportAPNIC
 
Cloud computing security infrastructure
Cloud computing security infrastructureCloud computing security infrastructure
Cloud computing security infrastructureIntel IT Center
 
IPv4 Transfers, Taiwan Internet Forum
IPv4 Transfers, Taiwan Internet ForumIPv4 Transfers, Taiwan Internet Forum
IPv4 Transfers, Taiwan Internet ForumAPNIC
 
AWS & Infrastructure Hardening - Cloud Infrastructure Security
AWS & Infrastructure Hardening - Cloud Infrastructure SecurityAWS & Infrastructure Hardening - Cloud Infrastructure Security
AWS & Infrastructure Hardening - Cloud Infrastructure SecurityNutanix Beam
 
Intelligent Storage Enables Next Generation Surveillance & Security Infrastru...
Intelligent Storage Enables Next Generation Surveillance & Security Infrastru...Intelligent Storage Enables Next Generation Surveillance & Security Infrastru...
Intelligent Storage Enables Next Generation Surveillance & Security Infrastru...Personal Interactor
 
Cloud Security Secure Your Infrastructure
Cloud Security Secure Your InfrastructureCloud Security Secure Your Infrastructure
Cloud Security Secure Your Infrastructurexband
 
Defeating The Network Security Infrastructure V1.0
Defeating The Network Security Infrastructure V1.0Defeating The Network Security Infrastructure V1.0
Defeating The Network Security Infrastructure V1.0Philippe Bogaerts
 
Panduit Enteprise Network Infrastructure Security Solution
Panduit Enteprise Network Infrastructure Security SolutionPanduit Enteprise Network Infrastructure Security Solution
Panduit Enteprise Network Infrastructure Security SolutionPanduit
 
Critical Infrastructure and Security
Critical Infrastructure and SecurityCritical Infrastructure and Security
Critical Infrastructure and SecurityCan Demirel
 
Automated Infrastructure Security: Monitoring using FOSS
Automated Infrastructure Security: Monitoring using FOSSAutomated Infrastructure Security: Monitoring using FOSS
Automated Infrastructure Security: Monitoring using FOSSSonatype
 
Tech in asia culture code v3
Tech in asia culture code v3Tech in asia culture code v3
Tech in asia culture code v3Tech in Asia
 
Smart Security Infrastructure
Smart Security InfrastructureSmart Security Infrastructure
Smart Security InfrastructureGAURAV. H .TANDON
 
Network Security Threats and Solutions
Network Security Threats and SolutionsNetwork Security Threats and Solutions
Network Security Threats and SolutionsColin058
 

Viewers also liked (18)

Infrastructure security
Infrastructure security Infrastructure security
Infrastructure security
 
Cloud security From Infrastructure to People-ware
Cloud security From Infrastructure to People-wareCloud security From Infrastructure to People-ware
Cloud security From Infrastructure to People-ware
 
VMware vCloud Air: Security Infrastructure and Process Overview
VMware vCloud Air: Security Infrastructure and Process OverviewVMware vCloud Air: Security Infrastructure and Process Overview
VMware vCloud Air: Security Infrastructure and Process Overview
 
The Importance of Consolidating Your Infrastructure Security – by United Secu...
The Importance of Consolidating Your Infrastructure Security – by United Secu...The Importance of Consolidating Your Infrastructure Security – by United Secu...
The Importance of Consolidating Your Infrastructure Security – by United Secu...
 
Diadelemprendedor10
Diadelemprendedor10Diadelemprendedor10
Diadelemprendedor10
 
Key Findings from Arbor's Tenth World-Wide Infrastructure Security Report
Key Findings from Arbor's Tenth World-Wide Infrastructure Security ReportKey Findings from Arbor's Tenth World-Wide Infrastructure Security Report
Key Findings from Arbor's Tenth World-Wide Infrastructure Security Report
 
Cloud computing security infrastructure
Cloud computing security infrastructureCloud computing security infrastructure
Cloud computing security infrastructure
 
IPv4 Transfers, Taiwan Internet Forum
IPv4 Transfers, Taiwan Internet ForumIPv4 Transfers, Taiwan Internet Forum
IPv4 Transfers, Taiwan Internet Forum
 
AWS & Infrastructure Hardening - Cloud Infrastructure Security
AWS & Infrastructure Hardening - Cloud Infrastructure SecurityAWS & Infrastructure Hardening - Cloud Infrastructure Security
AWS & Infrastructure Hardening - Cloud Infrastructure Security
 
Intelligent Storage Enables Next Generation Surveillance & Security Infrastru...
Intelligent Storage Enables Next Generation Surveillance & Security Infrastru...Intelligent Storage Enables Next Generation Surveillance & Security Infrastru...
Intelligent Storage Enables Next Generation Surveillance & Security Infrastru...
 
Cloud Security Secure Your Infrastructure
Cloud Security Secure Your InfrastructureCloud Security Secure Your Infrastructure
Cloud Security Secure Your Infrastructure
 
Defeating The Network Security Infrastructure V1.0
Defeating The Network Security Infrastructure V1.0Defeating The Network Security Infrastructure V1.0
Defeating The Network Security Infrastructure V1.0
 
Panduit Enteprise Network Infrastructure Security Solution
Panduit Enteprise Network Infrastructure Security SolutionPanduit Enteprise Network Infrastructure Security Solution
Panduit Enteprise Network Infrastructure Security Solution
 
Critical Infrastructure and Security
Critical Infrastructure and SecurityCritical Infrastructure and Security
Critical Infrastructure and Security
 
Automated Infrastructure Security: Monitoring using FOSS
Automated Infrastructure Security: Monitoring using FOSSAutomated Infrastructure Security: Monitoring using FOSS
Automated Infrastructure Security: Monitoring using FOSS
 
Tech in asia culture code v3
Tech in asia culture code v3Tech in asia culture code v3
Tech in asia culture code v3
 
Smart Security Infrastructure
Smart Security InfrastructureSmart Security Infrastructure
Smart Security Infrastructure
 
Network Security Threats and Solutions
Network Security Threats and SolutionsNetwork Security Threats and Solutions
Network Security Threats and Solutions
 

Similar to Infrastructure Security by Sivamurthy Hiremath

Tenable Solutions for Enterprise Cloud Security
Tenable Solutions for Enterprise Cloud SecurityTenable Solutions for Enterprise Cloud Security
Tenable Solutions for Enterprise Cloud SecurityMarketingArrowECS_CZ
 
8 Top Cybersecurity Tools.pdf
8 Top Cybersecurity Tools.pdf8 Top Cybersecurity Tools.pdf
8 Top Cybersecurity Tools.pdfMetaorange
 
Marlabs cyber threat management
Marlabs cyber threat managementMarlabs cyber threat management
Marlabs cyber threat managementRajendra Menon
 
Cognitive security
Cognitive securityCognitive security
Cognitive securityIqra khalil
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observabilityitnewsafrica
 
8 Top Cybersecurity Tools.pptx
8 Top Cybersecurity Tools.pptx8 Top Cybersecurity Tools.pptx
8 Top Cybersecurity Tools.pptxMetaorange
 
Advanced IT and Cyber Security for Your Business
Advanced IT and Cyber Security for Your BusinessAdvanced IT and Cyber Security for Your Business
Advanced IT and Cyber Security for Your BusinessInfopulse
 
chapitre1-cloud security basics-23 (1).pptx
chapitre1-cloud security basics-23 (1).pptxchapitre1-cloud security basics-23 (1).pptx
chapitre1-cloud security basics-23 (1).pptxGhofraneFerchichi2
 
SAM05_Barber PW (7-9-15)
SAM05_Barber PW (7-9-15)SAM05_Barber PW (7-9-15)
SAM05_Barber PW (7-9-15)Norm Barber
 
Managed security services
Managed security servicesManaged security services
Managed security servicesmanoharparakh
 
Cy Cops Company Presentation
Cy Cops Company PresentationCy Cops Company Presentation
Cy Cops Company PresentationChaitanyaS
 
Zero Trust: Redefining Security in the Digital Age
Zero Trust: Redefining Security in the Digital AgeZero Trust: Redefining Security in the Digital Age
Zero Trust: Redefining Security in the Digital AgeArnold Antoo
 
Seceon-Case-Study-Smart-Government-Cybersecurity (1).pptx
Seceon-Case-Study-Smart-Government-Cybersecurity (1).pptxSeceon-Case-Study-Smart-Government-Cybersecurity (1).pptx
Seceon-Case-Study-Smart-Government-Cybersecurity (1).pptxCompanySeceon
 
Securing the Digital Frontier - An Analysis of Cybersecurity Landscape and Tr...
Securing the Digital Frontier - An Analysis of Cybersecurity Landscape and Tr...Securing the Digital Frontier - An Analysis of Cybersecurity Landscape and Tr...
Securing the Digital Frontier - An Analysis of Cybersecurity Landscape and Tr...Draup3
 

Similar to Infrastructure Security by Sivamurthy Hiremath (20)

CSO CXO Series Breakfast
CSO CXO Series BreakfastCSO CXO Series Breakfast
CSO CXO Series Breakfast
 
Tenable Solutions for Enterprise Cloud Security
Tenable Solutions for Enterprise Cloud SecurityTenable Solutions for Enterprise Cloud Security
Tenable Solutions for Enterprise Cloud Security
 
8 Top Cybersecurity Tools.pdf
8 Top Cybersecurity Tools.pdf8 Top Cybersecurity Tools.pdf
8 Top Cybersecurity Tools.pdf
 
Marlabs cyber threat management
Marlabs cyber threat managementMarlabs cyber threat management
Marlabs cyber threat management
 
Cognitive security
Cognitive securityCognitive security
Cognitive security
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
 
8 Top Cybersecurity Tools.pptx
8 Top Cybersecurity Tools.pptx8 Top Cybersecurity Tools.pptx
8 Top Cybersecurity Tools.pptx
 
Advanced IT and Cyber Security for Your Business
Advanced IT and Cyber Security for Your BusinessAdvanced IT and Cyber Security for Your Business
Advanced IT and Cyber Security for Your Business
 
Cyber risks in supply chains
Cyber risks in supply chains Cyber risks in supply chains
Cyber risks in supply chains
 
chapitre1-cloud security basics-23 (1).pptx
chapitre1-cloud security basics-23 (1).pptxchapitre1-cloud security basics-23 (1).pptx
chapitre1-cloud security basics-23 (1).pptx
 
SAM05_Barber PW (7-9-15)
SAM05_Barber PW (7-9-15)SAM05_Barber PW (7-9-15)
SAM05_Barber PW (7-9-15)
 
Managed security services
Managed security servicesManaged security services
Managed security services
 
Cy Cops Company Presentation
Cy Cops Company PresentationCy Cops Company Presentation
Cy Cops Company Presentation
 
Understanding Cloud Security - An In-Depth Exploration For Business Growth | ...
Understanding Cloud Security - An In-Depth Exploration For Business Growth | ...Understanding Cloud Security - An In-Depth Exploration For Business Growth | ...
Understanding Cloud Security - An In-Depth Exploration For Business Growth | ...
 
UNDERSTANDING CLOUD SECURITY- AN IN-DEPTH EXPLORATION FOR BUSINESS GROWTH.pdf
UNDERSTANDING CLOUD SECURITY- AN IN-DEPTH EXPLORATION FOR BUSINESS GROWTH.pdfUNDERSTANDING CLOUD SECURITY- AN IN-DEPTH EXPLORATION FOR BUSINESS GROWTH.pdf
UNDERSTANDING CLOUD SECURITY- AN IN-DEPTH EXPLORATION FOR BUSINESS GROWTH.pdf
 
Zero Trust: Redefining Security in the Digital Age
Zero Trust: Redefining Security in the Digital AgeZero Trust: Redefining Security in the Digital Age
Zero Trust: Redefining Security in the Digital Age
 
Seceon-Case-Study-Smart-Government-Cybersecurity (1).pptx
Seceon-Case-Study-Smart-Government-Cybersecurity (1).pptxSeceon-Case-Study-Smart-Government-Cybersecurity (1).pptx
Seceon-Case-Study-Smart-Government-Cybersecurity (1).pptx
 
Tyler Technology Expo
Tyler Technology ExpoTyler Technology Expo
Tyler Technology Expo
 
Deep Dive into Operational Technology Security - USCSI®.pdf
Deep Dive into Operational Technology Security - USCSI®.pdfDeep Dive into Operational Technology Security - USCSI®.pdf
Deep Dive into Operational Technology Security - USCSI®.pdf
 
Securing the Digital Frontier - An Analysis of Cybersecurity Landscape and Tr...
Securing the Digital Frontier - An Analysis of Cybersecurity Landscape and Tr...Securing the Digital Frontier - An Analysis of Cybersecurity Landscape and Tr...
Securing the Digital Frontier - An Analysis of Cybersecurity Landscape and Tr...
 

More from ClubHack

India legal 31 october 2014
India legal 31 october 2014India legal 31 october 2014
India legal 31 october 2014ClubHack
 
Cyberlaw by Mr. Pavan Duggal at ClubHack Infosec KeyNote @ Bangalore
Cyberlaw by Mr. Pavan Duggal at ClubHack Infosec KeyNote @ BangaloreCyberlaw by Mr. Pavan Duggal at ClubHack Infosec KeyNote @ Bangalore
Cyberlaw by Mr. Pavan Duggal at ClubHack Infosec KeyNote @ BangaloreClubHack
 
Cyber Insurance
Cyber InsuranceCyber Insurance
Cyber InsuranceClubHack
 
Summarising Snowden and Snowden as internal threat
Summarising Snowden and Snowden as internal threatSummarising Snowden and Snowden as internal threat
Summarising Snowden and Snowden as internal threatClubHack
 
Fatcat Automatic Web SQL Injector by Sandeep Kamble
Fatcat Automatic Web SQL Injector by Sandeep KambleFatcat Automatic Web SQL Injector by Sandeep Kamble
Fatcat Automatic Web SQL Injector by Sandeep KambleClubHack
 
The Difference Between the Reality and Feeling of Security by Thomas Kurian
The Difference Between the Reality and Feeling of Security by Thomas KurianThe Difference Between the Reality and Feeling of Security by Thomas Kurian
The Difference Between the Reality and Feeling of Security by Thomas KurianClubHack
 
Stand Close to Me & You're pwned! Owning Smart Phones using NFC by Aditya Gup...
Stand Close to Me & You're pwned! Owning Smart Phones using NFC by Aditya Gup...Stand Close to Me & You're pwned! Owning Smart Phones using NFC by Aditya Gup...
Stand Close to Me & You're pwned! Owning Smart Phones using NFC by Aditya Gup...ClubHack
 
Smart Grid Security by Falgun Rathod
Smart Grid Security by Falgun RathodSmart Grid Security by Falgun Rathod
Smart Grid Security by Falgun RathodClubHack
 
Legal Nuances to the Cloud by Ritambhara Agrawal
Legal Nuances to the Cloud by Ritambhara AgrawalLegal Nuances to the Cloud by Ritambhara Agrawal
Legal Nuances to the Cloud by Ritambhara AgrawalClubHack
 
Hybrid Analyzer for Web Application Security (HAWAS) by Lavakumar Kuppan
Hybrid Analyzer for Web Application Security (HAWAS) by Lavakumar KuppanHybrid Analyzer for Web Application Security (HAWAS) by Lavakumar Kuppan
Hybrid Analyzer for Web Application Security (HAWAS) by Lavakumar KuppanClubHack
 
Hacking and Securing iOS Applications by Satish Bomisstty
Hacking and Securing iOS Applications by Satish BomissttyHacking and Securing iOS Applications by Satish Bomisstty
Hacking and Securing iOS Applications by Satish BomissttyClubHack
 
Critical Infrastructure Security by Subodh Belgi
Critical Infrastructure Security by Subodh BelgiCritical Infrastructure Security by Subodh Belgi
Critical Infrastructure Security by Subodh BelgiClubHack
 
Content Type Attack Dark Hole in the Secure Environment by Raman Gupta
Content Type Attack Dark Hole in the Secure Environment by Raman GuptaContent Type Attack Dark Hole in the Secure Environment by Raman Gupta
Content Type Attack Dark Hole in the Secure Environment by Raman GuptaClubHack
 
XSS Shell by Vandan Joshi
XSS Shell by Vandan JoshiXSS Shell by Vandan Joshi
XSS Shell by Vandan JoshiClubHack
 
Clubhack Magazine Issue February 2012
Clubhack Magazine Issue February 2012Clubhack Magazine Issue February 2012
Clubhack Magazine Issue February 2012ClubHack
 
ClubHack Magazine issue 26 March 2012
ClubHack Magazine issue 26 March 2012ClubHack Magazine issue 26 March 2012
ClubHack Magazine issue 26 March 2012ClubHack
 
ClubHack Magazine issue April 2012
ClubHack Magazine issue April 2012ClubHack Magazine issue April 2012
ClubHack Magazine issue April 2012ClubHack
 
ClubHack Magazine Issue May 2012
ClubHack Magazine Issue May 2012ClubHack Magazine Issue May 2012
ClubHack Magazine Issue May 2012ClubHack
 
ClubHack Magazine – December 2011
ClubHack Magazine – December 2011ClubHack Magazine – December 2011
ClubHack Magazine – December 2011ClubHack
 
One link Facebook (Anand Pandey)
One link Facebook (Anand Pandey)One link Facebook (Anand Pandey)
One link Facebook (Anand Pandey)ClubHack
 

More from ClubHack (20)

India legal 31 october 2014
India legal 31 october 2014India legal 31 october 2014
India legal 31 october 2014
 
Cyberlaw by Mr. Pavan Duggal at ClubHack Infosec KeyNote @ Bangalore
Cyberlaw by Mr. Pavan Duggal at ClubHack Infosec KeyNote @ BangaloreCyberlaw by Mr. Pavan Duggal at ClubHack Infosec KeyNote @ Bangalore
Cyberlaw by Mr. Pavan Duggal at ClubHack Infosec KeyNote @ Bangalore
 
Cyber Insurance
Cyber InsuranceCyber Insurance
Cyber Insurance
 
Summarising Snowden and Snowden as internal threat
Summarising Snowden and Snowden as internal threatSummarising Snowden and Snowden as internal threat
Summarising Snowden and Snowden as internal threat
 
Fatcat Automatic Web SQL Injector by Sandeep Kamble
Fatcat Automatic Web SQL Injector by Sandeep KambleFatcat Automatic Web SQL Injector by Sandeep Kamble
Fatcat Automatic Web SQL Injector by Sandeep Kamble
 
The Difference Between the Reality and Feeling of Security by Thomas Kurian
The Difference Between the Reality and Feeling of Security by Thomas KurianThe Difference Between the Reality and Feeling of Security by Thomas Kurian
The Difference Between the Reality and Feeling of Security by Thomas Kurian
 
Stand Close to Me & You're pwned! Owning Smart Phones using NFC by Aditya Gup...
Stand Close to Me & You're pwned! Owning Smart Phones using NFC by Aditya Gup...Stand Close to Me & You're pwned! Owning Smart Phones using NFC by Aditya Gup...
Stand Close to Me & You're pwned! Owning Smart Phones using NFC by Aditya Gup...
 
Smart Grid Security by Falgun Rathod
Smart Grid Security by Falgun RathodSmart Grid Security by Falgun Rathod
Smart Grid Security by Falgun Rathod
 
Legal Nuances to the Cloud by Ritambhara Agrawal
Legal Nuances to the Cloud by Ritambhara AgrawalLegal Nuances to the Cloud by Ritambhara Agrawal
Legal Nuances to the Cloud by Ritambhara Agrawal
 
Hybrid Analyzer for Web Application Security (HAWAS) by Lavakumar Kuppan
Hybrid Analyzer for Web Application Security (HAWAS) by Lavakumar KuppanHybrid Analyzer for Web Application Security (HAWAS) by Lavakumar Kuppan
Hybrid Analyzer for Web Application Security (HAWAS) by Lavakumar Kuppan
 
Hacking and Securing iOS Applications by Satish Bomisstty
Hacking and Securing iOS Applications by Satish BomissttyHacking and Securing iOS Applications by Satish Bomisstty
Hacking and Securing iOS Applications by Satish Bomisstty
 
Critical Infrastructure Security by Subodh Belgi
Critical Infrastructure Security by Subodh BelgiCritical Infrastructure Security by Subodh Belgi
Critical Infrastructure Security by Subodh Belgi
 
Content Type Attack Dark Hole in the Secure Environment by Raman Gupta
Content Type Attack Dark Hole in the Secure Environment by Raman GuptaContent Type Attack Dark Hole in the Secure Environment by Raman Gupta
Content Type Attack Dark Hole in the Secure Environment by Raman Gupta
 
XSS Shell by Vandan Joshi
XSS Shell by Vandan JoshiXSS Shell by Vandan Joshi
XSS Shell by Vandan Joshi
 
Clubhack Magazine Issue February 2012
Clubhack Magazine Issue February 2012Clubhack Magazine Issue February 2012
Clubhack Magazine Issue February 2012
 
ClubHack Magazine issue 26 March 2012
ClubHack Magazine issue 26 March 2012ClubHack Magazine issue 26 March 2012
ClubHack Magazine issue 26 March 2012
 
ClubHack Magazine issue April 2012
ClubHack Magazine issue April 2012ClubHack Magazine issue April 2012
ClubHack Magazine issue April 2012
 
ClubHack Magazine Issue May 2012
ClubHack Magazine Issue May 2012ClubHack Magazine Issue May 2012
ClubHack Magazine Issue May 2012
 
ClubHack Magazine – December 2011
ClubHack Magazine – December 2011ClubHack Magazine – December 2011
ClubHack Magazine – December 2011
 
One link Facebook (Anand Pandey)
One link Facebook (Anand Pandey)One link Facebook (Anand Pandey)
One link Facebook (Anand Pandey)
 

Recently uploaded

Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWERMadyBayot
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Zilliz
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...apidays
 
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot ModelNavi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot ModelDeepika Singh
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesrafiqahmad00786416
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024The Digital Insurer
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native ApplicationsWSO2
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxRustici Software
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...apidays
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024The Digital Insurer
 

Recently uploaded (20)

Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
 
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot ModelNavi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 

Infrastructure Security by Sivamurthy Hiremath

  • 1. CYBER SECURITY 2012 1 Need for New Approaches to Infrastructure Security By S K HIREMATH ME MAeSI MIETE Assistant Professor skhnda@rediffmail.com
  • 2. International Cyber Crime Top 10 Perpetrators) 2
  • 3. Top Ten Countries (Cyber Crime Perpetrators) 3  1. UNITED STATES 66.1%  2. UNITED KINGDOM 10.5%  3. NIGERIA 7.5%  4. CANADA 3.1%  5. CHINA 1.6%  6. SOUTH AFRICA 0.7%  7. GHANA 0.6%  8. SPAIN 0.6%  9. ITALY 0.5%  10. ROMANIA 0.5%
  • 4. STAKEHOLDER AGENCIES  1 National Information Board (NIB) 4  2 National Crisis Management Committee (NCMC)  3 National Security Council Secretariat (NSCS)  4 Ministry of Home affairs  5 Ministry of Defence  6 Department of Information Technology (DIT)  7 Department of Telecommunications (DoT)  8 National Cyber Response Centre - Indian Computer Emergency Response Team (CERT-In)  9 National Information Infrastructure Protection Centre (NIIPC) 10 National Disaster Management of Authority (NDMA)  11 Standardisation, Testing and Quality Certification (STQC) Directorate  12 Sectoral CERTs
  • 5. NEED FOR NEW APPROACHES TO INFRASTRUCTURE SECURITY 5 Global infrastructures Security have become more complex and interconnected, their operation and control has become more complicated.  Area works with several government agencies in the area of cyber security to ensure the integrity and availability of the nation’s cyber infrastructure. The performance of the nation’s infrastructure is an essential component of the nation’s economic prosperity. The Infrastructure Security Area seeks to endow the infrastructure with five characteristics: security, reliability, safety, sustainability, and cost effectiveness.
  • 6. ARCHITECTRUAL DESIGN OF INFRASTRUCTURAL SECURITY 6  Critical Infrastructure Security Systems Video Content Analysis System Thermal Monitoring Systems Access Security Systems Face Recognition System Urban Security Systems Military And Border Security Systems Traffic Control Systems Central Integration Management Systems Building Management Systems
  • 8. INFRASTRUCTURE SECURITY IDENTIFYING AND SECURING VULNERABILITIES 8  Enterprise Application Security  Identity and Access Management  Infrastructure Security  Security Strategy and Risk Management  Business Continuity and Disaster Recovery Planning  Data Protection & Privacy Planning
  • 9. 9 Security Architecture Security Planning Secure Compliance Roadmaps Network Vulnerability Assessment
  • 10. 10
  • 11. The Four Phases of Infrastructure Security Engagement 11 Assessment •Business requirements •On-site health assessment of Infrastructure & Processes •Estimate •Conduct Business Interviews •Reporting Requirements •Establish service dependencies Transition Steady State •Establish connectivity •Ongoing Infrastructure Guardian Services •Roles & responsibilities, processes & •Monthly Reporting (Alerts, distributions, procedures assets, health) •Phased onboarding approach •SME Advisory Service •Monitoring/Reporting commences
  • 12. CORPORATES BOARD 12 • Compliance to international security best practices and demonstration • Pro-active actions to deal with and contain malicious activities, and protecting average end users by say of net traffic monitoring, routing and gateway controls • Keeping pace with changes in security technology and processes to remain current (configuration, patch and vulnerability management)
  • 13. 13 Adequate security of information, resources, and systems that process within a company or organization is a fundamental management responsibility. Management of an organization/agency must understand the current level of security within their infrastructure, and the risks that the organization may be exposed to in today's fully internet-worked environment. The best way to mitigate this risk is to perform a security assessment & associated risk assessment at least once every year.  This will allow company management to address new trends in security vulnerability and penetration, and make informed judgments and investments that will appropriately mitigate these risks to an acceptable level.
  • 14. 14  Conform to legal obligations and cooperate with law enforcement activities including prompt actions on alert/advisories issued by CERT-In • Use of secure product and services and skilled manpower • Crisis management and emergency response. • Periodic training and up gradation of skills for personnel engaged in security related activities • Promote acceptable users’ behaviour in the interest of safe computing both within and outside
  • 15. National Cyber Security Policy 15 “For secure computing environment and adequate trust & confidence in electronic transactions ”
  • 16. INFRASRUCTURE CYBER SECURITY 16 Cyber Security consists of sets of techniques, policies, and activities intended to enhance trust and mitigate vulnerabilities inherent in the complex networked devices and services that permeate our lives today
  • 17. 17 “A general rule for cyber security is that it should be implemented ‘top- down’ through direction as well as ‘bottom up’ through technology “
  • 18. MODEL FOR DESCRIBING INFRSTRUCTURE CYBER SECURITY 18
  • 19. SECURITY AND SAFETY ARCHITECTURE 19 Sensors and Detectors ( Microwave Systems , Infrared Sensors, Car X-rays, Under Car Inspection Systems, Fence Mounted Sensors ) Physical Equipments (Mushroom Barriers, Road Blockers, Arm Barriers, Turnstile) Access Controls (Face Recognition Systems, Card Readers , Finger Print Readers, other Biometric Access Controls) Video Detection Systems (CCTV, VCA applications, Thermal Camera, Plate Recognition) Data Communication Systems Management Systems (Fire Detection, Call Management, Alarm Management)
  • 20.  INFRASTRUCTURE SECURITY 20 Network Infrastructure includes networks, network devices, servers, workstations, and other devices. The software running on these devices are also the part of Network Infrastructure. To make sure your network is secure, you should make sure every time a configuration is changed or new device is added, you are not creating a hole in your security. A normal network comprise of routers, firewalls, switches, servers and workstations. A typical layout of network infrastructure devices is shown
  • 21. Master the tools & techniques for effective information & network security. 21 Discover how to create a complete & sustainable IT security architecture. Gain knowledge on how to develop sound security policy together with your security architecture.  IT governance assessment using CoBIT 4.0( Control Objectives for Information and Related Technology ) Smart security risk assessment within your organization. Gain valuable insights on implementing a proactive & robust security management system. Detect & prevent information security breaches due to inadequate IT security awareness within the organization.
  • 22. INFRASTRUCTURE SECURITY Network Level Host Level Application Level 22
  • 23. 23 Application Security: Managing business and information risk through solutions for packaged SAP and Oracle ERP, and custom application security.  Infrastructure Security: Providing visibility of information risks and defending enterprise assets through platform security technologies.  Information Risk, Privacy & Strategy: Managing information risk through security strategy, governance, risk and compliance management.  Security Outsourcing & Operations: Enabling application, infrastructure and business risk management through flexible managed services options.
  • 24. ARCHITECTURE DESIGN OF 24 INFRASTRUCTURE SECURITY
  • 25. Evolution of Architectures 25 Virtualizatio Virtualization Individual Data n (1 app / Cloud Servers Centers (N apps / server) server) 10 to Utilization 10 to 20 % 15 to 25% 40 to 45 % 60 + % 20 % Security Highest High Lowest
  • 26. Infrastructure Security covering Data, Identity, Cloud, Threat, Network, Mobile, End User Computing, Virtualization and Cyber Security 26
  • 29. 29
  • 30. 30
  • 31. 31
  • 32. 32
  • 33. 33
  • 34. CASE STUDY: AMAZON'S EC2 INFRASTRUCTURE  Exploring Information Leakage in Third-Party Compute Clouds”  Multiple VMs of different organizations with virtual boundaries separating each VM can run within one physical server  "virtual machines" still have internet protocol, or IP, addresses, visible to anyone within the cloud.  VMs located on the same physical server tend to have IP addresses that are close to each other and are assigned at the same time  An attacker can set up lots of his own virtual machines, look at their IP addresses, and figure out which one shares the same physical resources as an intended target  Once the malicious virtual machine is placed on the same server as its target, it is possible to carefully monitor how access to resources fluctuates and thereby potentially glean sensitive information about the victim 34
  • 35. Towards cyber operations - The new role of academic cyber security research and education 35  The cohesive cyber defense requires universities to optimize their campus wide resources to fuse knowledge, intellectual capacity, and practical skills in an unprecedented way in cyber security.  The future will require cyber defense research teams to address not only computer science, electrical engineering, software and hardware security, but also political theory, institutional theory, behavioral science, deterrence theory, ethics, international law, international relations, and additional social sciences.  Academic research centers, evaluating the collective group of research centers' ability to adapt to the shift towards cyber operations, and the challenges therein.
  • 36. Towards cyber operations - The new role of academic cyber security research and education 36  The shift towards cyber operations represents a shift not only for the defense establishments worldwide but also cyber security research and education.  Traditionally cyber security research and education has been founded on information assurance, expressed in underlying subfields such as forensics, network security, and penetration testing.  Cyber security research and education is connected to the security agencies and defense through funding, mutual interest in the outcome of the research, and the potential job market for graduates.  The future of cyber security is both defensive information assurance measures and active defense driven information operations that jointly and coordinately are launched, in the pursuit of a cohesive and decisive execution of the national cyber defense strategy.
  • 37. ONLINE ASSESSMENT FOR HANDS-ON CYBER SECURITY TRAINING IN A VIRTUAL LAB 37  Online (self) assessment is an important functionality e-learning courseware, especially if the system is intended for use in distant learning courses.  Precisely for hands-on exercises, the implementation of effective and cheating-proof assessment tests poses a great challenge.  That is because of the static characteristics of exercise scenarios in the laboratories: adopting the environment for the provision of a “unique” hands-on experience for every student in a manual manner is connected with enormous maintenance efforts and thus not scalable to a large number of students.  This work presents a software solution for the assessment of practical exercises in an online lab based on virtual machine technology.  The basic idea is to formally parameterize the exercise scenarios and implement a toolkit for the dynamic reconfiguration of virtual machines in order to adopt the defined parameters for the training environment.  The actual values of these parameters come to use again in the dynamic generation of multiple-choice or free-text answer tests for a web-based e-assessment environment.
  • 38. COMPUTATIONAL INTELLIGENCE IN CYBER SECURITY 38  Fuzzy Logic  Evolutionary Computation,  Intelligent Agent Systems  Neural Networks  Artificial Immune Systems and other similar computational models.  A Survey of Security Challenges in Cognitive Radio Networks: Solutions and Future Research Directions
  • 39. 39  Security evaluation of data exchange path in infrastructure networks ( This method is based on Floyd-Warshall shortest path algorithm in MATLAB) Improving Network Infrastructure Security using Geospatial Technology.  A survey of information-centric networking  Aviation communication infrastructure security
  • 40. Aircraft systems cyber security 40 Aircraft manufacturers, avionics / electronics vendors, and owners / operators are implementing technologies (e.g. packet switching devices, wireless interfaces) that are easier to implement, reduce cost /size /weight /power, and increase connectivity but could potentially introduce cyber security vulnerabilities that affect aircraft safety.
  • 41. LIFECYCLE INFRASTRUCTURE SECURITY SERVICES 41
  • 42. Conclusions/Recommendations 42  Efforts to promote cyber security in Academics as a Capacity Building  Support International Cooperation cyber security community  Cyber Security forums announced in December 2011 that that "there’s no such thing as ‘secure’ any more...”  Cyber security community has settled on Continuous Monitoring (CM)
  • 43.  NEED FOR AN INTERNATIONAL CONVENTION ON CYBERSPACE 43  THE FUTURE OF CYBER SECURITY IS IN THE HANDS OF CORPORATE BOARDS  WHY CURRENT SECURITY PARADIGMS ARE LIKELY TO FAIL - THE FUTURE OF CYBER SECURITY  * SECURITY DATA VISUALIZATION  * ONLINE PRIVACY  * SECURE AND USABLE INTERFACE DESIGN  * CYBER WARFARE
  • 44. 44 Promoting a comprehensive national program  Fostering adequate training and education programs to support the Nation’s information security needs (Ex School, college and post graduate programs on IT security)  Increase in the efficiency of existing information security training programs and devise domain specific training programs (ex: Law Enforcement, Judiciary, E-Governance etc)  Promoting private-sector support for well-coordinated, widely recognized professional information security certifications
  • 45. SURVEY ON DEMAND AND SUPPLY CHAIN 45 • Chief information security officer (CISO) • System operations and maintenance personnel • Network security specialists • Digital forensics and incident response analysis • Implementation of information security and auditing • Vulnerability analyst • Information security systems and software development • Acquisition of technology • Techno-legal • Law enforcement
  • 46. The Thrust areas of R&D include: • Cryptography and cryptanalysis research and related 46 aspects • Network Security – including wireless & Radio (WiFi. WiMax, 3G, GPRS) • System Security including Biometrics • Security architecture • Monitoring and Surveillance • Vulnerability Remediation & Assurance • Cyber Forensics • Malware Analysis Tools • Scalable trust worth systems and networks • Identity Management  Situational understanding and Attack attribution • Survivability of critical systems and networks.
  • 48. “Management Invests in the IT Infrastructure system; But IT Leadership work on development of Secure Technology of IT Infrastructure system .” 48 ANY QUESTIONS PLEASE ?
  • 49. The Infrastructure Security develops and applies technologies and analytical approaches to secure the nation’s infrastructure against natural or malicious disruption and we seek our vision towards independent and secure future of our Country. 49 THANK YOU!!! CONTACT US skhnda@rediffmail.com Mobile No: 9765069841