Mr. Khalid Shaikh - emerging trends in managing it security
-
Upload
nooralmousa -
Category
Technology
-
view
516 -
download
2
description
Transcript of Mr. Khalid Shaikh - emerging trends in managing it security
May 2012
Presentation by: Khalid Shaikh – Practice Head for IT Security and Privacy Services
Emerging Trends in Managing
IT Security
© 2012 Protiviti Member Firm Kuwait W.L.LPUBLIC: 4th Kuwait Info Security Conference
2
Changing Business Needs
LightpathCustomers
DigitalSet Top
Customers
Telephone, Internet
& Third Parties
Cable ModemCustomers
Internet
Internet
VoiceNetwork
FrameRelay
Lightpath
CorporateBackbone
PublicTelephone
ThirdParties
Satellite dish
Router
Router
PBX
Satellite dish
OptimumOnline
Oracle
`
1980
Cable ModemCustomers
LightpathCustomers
Employees &Third Parties
InternetCustomers
DigitalSet Top
Customers
Internet
PublicTelephone
FrameRelay
Untrusted Backbone
Satellite dish
Satellite dish
Lightpath
Other Businessesand/or
New Businesses
OptimumOnline
ThirdParties
Internet
LightpathCustomers
DigitalSet Top
Customers
Telephone, Internet& Third Parties
Cable ModemCustomers
Internet
Internet
VoiceNetwork
Lightpath
CorporateBackbone
PublicTelephone
ThirdParties
Rainbow Media
Satellite dish
Router
Router
PBX
Satellite dish
OptimumOnline
Terminal Server
Cable
`
2000 2010 and beyond
Evolution Transformation
© 2012 Protiviti Member Firm Kuwait W.L.LPUBLIC: 4th Kuwait Info Security Conference
3
Emerging Technologies
© 2012 Protiviti Member Firm Kuwait W.L.LPUBLIC: 4th Kuwait Info Security Conference
4
Trends in IT Security Attack
TREND 1 :TREND 1 : Industrial Threats
TREND 2TREND 2 : Threats Within: Embedded Hardware
TREND 3TREND 3 : Hacktivism
TREND 4TREND 4 : Web Threats….
TREND 5TREND 5 : Mobile Threats
© 2012 Protiviti Member Firm Kuwait W.L.LPUBLIC: 4th Kuwait Info Security Conference
5
Recent Events
© 2012 Protiviti Member Firm Kuwait W.L.LPUBLIC: 4th Kuwait Info Security Conference
6
Motives of Attack
• Industrial Espionage
• Financial
• Military
• Ideological
• Politics
• Prestige
© 2012 Protiviti Member Firm Kuwait W.L.LPUBLIC: 4th Kuwait Info Security Conference
7
Attack Tools are Freely Available
Zeus Botnet
Spy Eye
© 2012 Protiviti Member Firm Kuwait W.L.LPUBLIC: 4th Kuwait Info Security Conference
8
Security Never Sleeps
• Increasing sophistications of attacks
• Protect data and information
• Keeping up-to-date with security incidents and solutions
• Keeping the IT infrastructure in compliance with the IT Security Policy of the organization
• Keeping up-to-date with the changes to legal and regulatory requirements
• Reacting effectively and timely to security violations
• Effectively managing threats to data security
• Complexity of managing a broad portfolio of security tools/solutions
• Mobile clients and unmanaged devices
• Periodically conducting security awareness trainings to users within the organization
© 2012 Protiviti Member Firm Kuwait W.L.LPUBLIC: 4th Kuwait Info Security Conference
9
Holistic Approach in Managing IT Security
Information Security Vision and Strategy
Information Security Management
Sen
ior
Man
agem
ent C
omm
itmen
t
Tra
inin
g an
d A
war
enes
s
Business InitiativesThreats
Enterprise Architecture Strategy Vulnerability & Risk
Assessment
Security Policy
Security Architecture and Technical Standards
Administrative and End-User Guidelines, Practices and Procedures
Enforcement
Process
Monitoring
Process
Recovery
Process
Legislation
Best/Acceptable Practice
© 2012 Protiviti Member Firm Kuwait W.L.LPUBLIC: 4th Kuwait Info Security Conference
10
Holistic Approach in Managing IT Security
© 2012 Protiviti Member Firm Kuwait W.L.LPUBLIC: 4th Kuwait Info Security Conference
11
Prediction – Persistence – Patience - Preparedness
© 2012 Protiviti Member Firm Kuwait W.L.LPUBLIC: 4th Kuwait Info Security Conference
12
If You Have Further Questions: Please visit us at Booth Number 8 and 9.
Powerful Insights. Proven Delivery.™
Phone: (965) – 66225122
m.kw
Khalid ShaikhSenior Manager – Technology Risk Services
© 2012 Protiviti Member Firm Kuwait W.L.LPUBLIC: 4th Kuwait Info Security Conference
13