DSS @RIGA COMM2013 - The Value of an IT Security for Business People
-
Upload
andris-soroka -
Category
Technology
-
view
240 -
download
0
description
Transcript of DSS @RIGA COMM2013 - The Value of an IT Security for Business People
![Page 1: DSS @RIGA COMM2013 - The Value of an IT Security for Business People](https://reader036.fdocuments.us/reader036/viewer/2022070304/54bce9854a79592c608b45ac/html5/thumbnails/1.jpg)
Innovations in data security
IT Security.The Value for
Business.
Andris Soroka
22.10.2013
![Page 2: DSS @RIGA COMM2013 - The Value of an IT Security for Business People](https://reader036.fdocuments.us/reader036/viewer/2022070304/54bce9854a79592c608b45ac/html5/thumbnails/2.jpg)
“Data Security Solutions” business card
Specialization – IT Security
IT Security services (consulting, audit, pen-testing, market analysis, system testing and integration, training and technical support)
Solutions and experience portfolio with more than 20 different technologies - global market leaders
Trusted services provider for banks, insurance companies, government and private companies (critical infrastructure etc.)
![Page 3: DSS @RIGA COMM2013 - The Value of an IT Security for Business People](https://reader036.fdocuments.us/reader036/viewer/2022070304/54bce9854a79592c608b45ac/html5/thumbnails/3.jpg)
AgendaWhere are we now – technology perspective
Cyber security reality check
The challenge and the solution
Questions & Answers
![Page 4: DSS @RIGA COMM2013 - The Value of an IT Security for Business People](https://reader036.fdocuments.us/reader036/viewer/2022070304/54bce9854a79592c608b45ac/html5/thumbnails/4.jpg)
Business cares only about..
![Page 5: DSS @RIGA COMM2013 - The Value of an IT Security for Business People](https://reader036.fdocuments.us/reader036/viewer/2022070304/54bce9854a79592c608b45ac/html5/thumbnails/5.jpg)
Every business knows their risks…
![Page 6: DSS @RIGA COMM2013 - The Value of an IT Security for Business People](https://reader036.fdocuments.us/reader036/viewer/2022070304/54bce9854a79592c608b45ac/html5/thumbnails/6.jpg)
However technology drives fast…
![Page 7: DSS @RIGA COMM2013 - The Value of an IT Security for Business People](https://reader036.fdocuments.us/reader036/viewer/2022070304/54bce9854a79592c608b45ac/html5/thumbnails/7.jpg)
New game, new rules..
Productivity
Security
![Page 8: DSS @RIGA COMM2013 - The Value of an IT Security for Business People](https://reader036.fdocuments.us/reader036/viewer/2022070304/54bce9854a79592c608b45ac/html5/thumbnails/8.jpg)
Challenge for business ahead..
DROŠĪBAS PASĀKUMI
Costs Security costs
Optimum? Remaining part of risk
Security actions
RisksNew optimum?
Source: Māris Gabaliņš, The Art Of The Systems
![Page 9: DSS @RIGA COMM2013 - The Value of an IT Security for Business People](https://reader036.fdocuments.us/reader036/viewer/2022070304/54bce9854a79592c608b45ac/html5/thumbnails/9.jpg)
IT Security is a board level question
Increasingly, companies are appointing CROs and CISOswith a direct line to the Audit Committee
Loss of market share and reputation
Legal exposure
Audit failure
Fines and criminal charges
Financial loss
Loss of data confidentiality, integrity and/or availability
Violation of employee privacy
Loss of customer trust
Loss of brand reputation
CEO CFO/COO CIO CHRO CMO
Source: Discussions with more than 13,000 C-suite executives as part of the IBM C-suite Study Series
![Page 10: DSS @RIGA COMM2013 - The Value of an IT Security for Business People](https://reader036.fdocuments.us/reader036/viewer/2022070304/54bce9854a79592c608b45ac/html5/thumbnails/10.jpg)
Agenda slide
Where are we now – technology perspective
Cyber security reality check
The challenge and the solution
Questions & Answers
Agenda cont.
![Page 11: DSS @RIGA COMM2013 - The Value of an IT Security for Business People](https://reader036.fdocuments.us/reader036/viewer/2022070304/54bce9854a79592c608b45ac/html5/thumbnails/11.jpg)
Fastest technology development in time..
![Page 12: DSS @RIGA COMM2013 - The Value of an IT Security for Business People](https://reader036.fdocuments.us/reader036/viewer/2022070304/54bce9854a79592c608b45ac/html5/thumbnails/12.jpg)
21st Century – Mobility century
PC era Mobile era
![Page 13: DSS @RIGA COMM2013 - The Value of an IT Security for Business People](https://reader036.fdocuments.us/reader036/viewer/2022070304/54bce9854a79592c608b45ac/html5/thumbnails/13.jpg)
Tablets now and future of tablets
![Page 14: DSS @RIGA COMM2013 - The Value of an IT Security for Business People](https://reader036.fdocuments.us/reader036/viewer/2022070304/54bce9854a79592c608b45ac/html5/thumbnails/14.jpg)
Business cares only about..
![Page 15: DSS @RIGA COMM2013 - The Value of an IT Security for Business People](https://reader036.fdocuments.us/reader036/viewer/2022070304/54bce9854a79592c608b45ac/html5/thumbnails/15.jpg)
Of course – watching TV..
Video consumption on mobile devices in Europe has climbed by 112% in the last 12 months. This is yet another indication of the video-powered mobile web era on our doorstep. (Source: comScore)
![Page 16: DSS @RIGA COMM2013 - The Value of an IT Security for Business People](https://reader036.fdocuments.us/reader036/viewer/2022070304/54bce9854a79592c608b45ac/html5/thumbnails/16.jpg)
It is all about ...applications
![Page 18: DSS @RIGA COMM2013 - The Value of an IT Security for Business People](https://reader036.fdocuments.us/reader036/viewer/2022070304/54bce9854a79592c608b45ac/html5/thumbnails/18.jpg)
What they do with those gadgets?
![Page 19: DSS @RIGA COMM2013 - The Value of an IT Security for Business People](https://reader036.fdocuments.us/reader036/viewer/2022070304/54bce9854a79592c608b45ac/html5/thumbnails/19.jpg)
Social media on average every day.. (USA)
![Page 20: DSS @RIGA COMM2013 - The Value of an IT Security for Business People](https://reader036.fdocuments.us/reader036/viewer/2022070304/54bce9854a79592c608b45ac/html5/thumbnails/20.jpg)
Social media on average every day.. (USA)
Businesses now spend 24% of marketing budgets on paid search. And, 41% of people are unaware they a clicking on PPC links, believing they are organic results.(Source: Econsultancy)
![Page 21: DSS @RIGA COMM2013 - The Value of an IT Security for Business People](https://reader036.fdocuments.us/reader036/viewer/2022070304/54bce9854a79592c608b45ac/html5/thumbnails/21.jpg)
Before we get to security..
(image via australiance.com)
LinkedIn is nearly three times as effective for lead generation as Twitter and Facebook. And two new users join LinkedIn every second.(Source: Topdogsocialmedia.com)
![Page 22: DSS @RIGA COMM2013 - The Value of an IT Security for Business People](https://reader036.fdocuments.us/reader036/viewer/2022070304/54bce9854a79592c608b45ac/html5/thumbnails/22.jpg)
Before we get to security..
Google.com processes 12.9 billion searches per month. Of that, 1.17 billion searches are by unique users.(Source: ExpandedRamblings.com)
![Page 23: DSS @RIGA COMM2013 - The Value of an IT Security for Business People](https://reader036.fdocuments.us/reader036/viewer/2022070304/54bce9854a79592c608b45ac/html5/thumbnails/23.jpg)
Business (personal?) tools matter more..
IT in business is becomming more and more important (ERP, CRM, document management systems, digital prototypes, BI, MIS etc.)
E-World for business is developing (e-Health, e-Services, e-Government, video conferencing, web-conferencing utt.)
Mobility makes borderless enterprises reality
Cyber culture develops faster than cyber security for many years already!
![Page 24: DSS @RIGA COMM2013 - The Value of an IT Security for Business People](https://reader036.fdocuments.us/reader036/viewer/2022070304/54bce9854a79592c608b45ac/html5/thumbnails/24.jpg)
Agenda (Cont.)
Where are we now – technology perspective
Cyber security reality check
The challenge and the solution
Questions & Answers
Agenda cont.
![Page 25: DSS @RIGA COMM2013 - The Value of an IT Security for Business People](https://reader036.fdocuments.us/reader036/viewer/2022070304/54bce9854a79592c608b45ac/html5/thumbnails/25.jpg)
Best «success story» describing hackers..
![Page 26: DSS @RIGA COMM2013 - The Value of an IT Security for Business People](https://reader036.fdocuments.us/reader036/viewer/2022070304/54bce9854a79592c608b45ac/html5/thumbnails/26.jpg)
Mobility & Security...
![Page 27: DSS @RIGA COMM2013 - The Value of an IT Security for Business People](https://reader036.fdocuments.us/reader036/viewer/2022070304/54bce9854a79592c608b45ac/html5/thumbnails/27.jpg)
Mobility & Security...
![Page 28: DSS @RIGA COMM2013 - The Value of an IT Security for Business People](https://reader036.fdocuments.us/reader036/viewer/2022070304/54bce9854a79592c608b45ac/html5/thumbnails/28.jpg)
Mobility and Security (cont.)
McAfee 2013 Q1 Threats Report
Federal Reserve Survey March 2013
Mobile Malware Explodes
Mobile banking adoption rising
End users fall victimto mobile attacks
![Page 29: DSS @RIGA COMM2013 - The Value of an IT Security for Business People](https://reader036.fdocuments.us/reader036/viewer/2022070304/54bce9854a79592c608b45ac/html5/thumbnails/29.jpg)
Mobile Malware increases all the time..
![Page 30: DSS @RIGA COMM2013 - The Value of an IT Security for Business People](https://reader036.fdocuments.us/reader036/viewer/2022070304/54bce9854a79592c608b45ac/html5/thumbnails/30.jpg)
Hacking business services..
![Page 31: DSS @RIGA COMM2013 - The Value of an IT Security for Business People](https://reader036.fdocuments.us/reader036/viewer/2022070304/54bce9854a79592c608b45ac/html5/thumbnails/31.jpg)
Hacking business services...
Current prices on the Russian underground market:Hacking corporate mailbox: $500Winlocker ransomware: $10-$20Unintelligent exploit bundle: $25Intelligent exploit bundle: $10-$3,000Basic crypter (for inserting rogue code into benign file): $10-$30SOCKS bot (to get around firewalls): $100Hiring a DDoS attack: $30-$70 / day, $1,200 / monthBotnet: $200 for 2,000 botsDDoS Botnet: $700ZeuS source code: $200-$250Windows rootkit (for installing malicious drivers): $292Hacking Facebook or Twitter account: $130Hacking Gmail account: $162Email spam: $10 per one million emailsEmail scam (using customer database): $50-$500 per one million emails
![Page 32: DSS @RIGA COMM2013 - The Value of an IT Security for Business People](https://reader036.fdocuments.us/reader036/viewer/2022070304/54bce9854a79592c608b45ac/html5/thumbnails/32.jpg)
In fact every piece of software is vulnerable..
![Page 33: DSS @RIGA COMM2013 - The Value of an IT Security for Business People](https://reader036.fdocuments.us/reader036/viewer/2022070304/54bce9854a79592c608b45ac/html5/thumbnails/33.jpg)
Some information from IBM X-Force reports..
![Page 34: DSS @RIGA COMM2013 - The Value of an IT Security for Business People](https://reader036.fdocuments.us/reader036/viewer/2022070304/54bce9854a79592c608b45ac/html5/thumbnails/34.jpg)
Next decade of the internet..
1995 – 20051st Decade of the
Commercial Internet
2005 – 20152nd Decade of the
Commercial InternetMotive
Script-kiddies or hackers
Insiders
Organized crime
Competitors, hacktivists
National Security Infrastructure Attack
EspionagePolitical Activism
Monetary Gain
Revenge
Curiosity
![Page 35: DSS @RIGA COMM2013 - The Value of an IT Security for Business People](https://reader036.fdocuments.us/reader036/viewer/2022070304/54bce9854a79592c608b45ac/html5/thumbnails/35.jpg)
Where are we now – technology perspective
Cyber security reality check
The challenge and the solution
Questions & Answers
Agenda cont.
![Page 36: DSS @RIGA COMM2013 - The Value of an IT Security for Business People](https://reader036.fdocuments.us/reader036/viewer/2022070304/54bce9854a79592c608b45ac/html5/thumbnails/36.jpg)
Common mistake
For many companies security is like salt, people just sprinkle it on top.
![Page 37: DSS @RIGA COMM2013 - The Value of an IT Security for Business People](https://reader036.fdocuments.us/reader036/viewer/2022070304/54bce9854a79592c608b45ac/html5/thumbnails/37.jpg)
Risk matrix for business related to IT
![Page 38: DSS @RIGA COMM2013 - The Value of an IT Security for Business People](https://reader036.fdocuments.us/reader036/viewer/2022070304/54bce9854a79592c608b45ac/html5/thumbnails/38.jpg)
Before and after
![Page 39: DSS @RIGA COMM2013 - The Value of an IT Security for Business People](https://reader036.fdocuments.us/reader036/viewer/2022070304/54bce9854a79592c608b45ac/html5/thumbnails/39.jpg)
Mobility remains biggest challenge
Secure own mobile application developmentStatic code testingDynamic code testing
BYOD (Bring Your Own Device) policy:Mobile Device ManagementMobile Application ManagementMobile Content Management (DLP)
Data control and data separationPrivate dataCorporate data
Secure Access & Strong IT Security policySecure Connection (encrypted)Identity control, Authentification & Authorization management
![Page 40: DSS @RIGA COMM2013 - The Value of an IT Security for Business People](https://reader036.fdocuments.us/reader036/viewer/2022070304/54bce9854a79592c608b45ac/html5/thumbnails/40.jpg)
Some just basic ideas
Policy and real time controlOf devices and applicationsOf people and IT stuffOf data leak protectionOf internet usageOf remote accessOf employees trainingOf….
Encryption of..Mobile phonesVoice calls and text messageseMailsComputers and devicesData bases…
![Page 41: DSS @RIGA COMM2013 - The Value of an IT Security for Business People](https://reader036.fdocuments.us/reader036/viewer/2022070304/54bce9854a79592c608b45ac/html5/thumbnails/41.jpg)
Continuous process…
![Page 42: DSS @RIGA COMM2013 - The Value of an IT Security for Business People](https://reader036.fdocuments.us/reader036/viewer/2022070304/54bce9854a79592c608b45ac/html5/thumbnails/42.jpg)
Combination of best tools & technologies
Continuous vulnerability and risk assessment with board’s involvment
Training and continuous awareness raising for IT specialists and non-IT specialists / employees
Best price / performance defense technologies to implement and maintain
Trusted IT specialists to help to protect your business plans
Be ready to invest because there is no other choice!
![Page 43: DSS @RIGA COMM2013 - The Value of an IT Security for Business People](https://reader036.fdocuments.us/reader036/viewer/2022070304/54bce9854a79592c608b45ac/html5/thumbnails/43.jpg)
Return of Investment
![Page 44: DSS @RIGA COMM2013 - The Value of an IT Security for Business People](https://reader036.fdocuments.us/reader036/viewer/2022070304/54bce9854a79592c608b45ac/html5/thumbnails/44.jpg)
Costs for business from cybercrime
![Page 46: DSS @RIGA COMM2013 - The Value of an IT Security for Business People](https://reader036.fdocuments.us/reader036/viewer/2022070304/54bce9854a79592c608b45ac/html5/thumbnails/46.jpg)
Think security first