SUSTAINABLE · Security Service (MCSS) Penetration Testing SOC Incident Response APT Solution Our...
Transcript of SUSTAINABLE · Security Service (MCSS) Penetration Testing SOC Incident Response APT Solution Our...
SUSTAINABLE CYBER SECURITY COUNTERACTS
Ko Sasaki General Manager Global Business Development LAC Co., Ltd.
Copyright ©LAC Co., Ltd. 2015 All Rights Reserved.
Interpol Governments
1995
360 20
1986
Copyright ©LAC Co., Ltd. 2015 All Rights Reserved. 3
Consulting
Training /Drill
Cyber R&D
Managed Cyber Security Service
(MCSS)
Penetration Testing
SOC
Incident Response
APT Solution
Our Cyber Security Business
Total Cyber Security Managed Service Provider By Top Cyber Security Experts
2015 Frost & Sullivan Japan's Managed
Security Service Provider of the Year
Award
Copyright ©LAC Co., Ltd. 2015 All Rights Reserved.
Japan Security Operation Center
JSOC
100 cyber engineers
15 yrs
800 million logs
15 mins Alert
Copyright ©LAC Co., Ltd. 2015 All Rights Reserved.
Trend in Cyber Attacks in Japan
5
Copyright ©LAC Co., Ltd. 2015 All Rights Reserved.
External Attacks
Internal Attacks
40%
60%
Copyright ©LAC Co., Ltd. 2015 All Rights Reserved.
Incident Trend in Japan detected at our SOC
Copyright ©LAC Co., Ltd. 2015 All Rights Reserved. Copyright ©LAC Co., Ltd. All Rights Reserved.
June 2015
Japan Pension Service
The Tokyo Chamber of
Commerce and industry
Petroleum Association
of Japan
WASEDA University
About 1.25 million personal information
stolen
12,000 personal information stolen
Petroleum Policy documents stolen
3300 staff information stolen
Copyright ©LAC Co., Ltd. 2015 All Rights Reserved.
External Attacks
Internal Attacks Internal but EXTERNAL Attacks
Copyright ©LAC Co., Ltd. 2015 All Rights Reserved.
External Attacks
Internal Attacks Internal but EXTERNAL Attacks
Browsing
Software Updates
Copyright ©LAC Co., Ltd. 2015 All Rights Reserved.
the Mission-critical systems
Information on
infected host
the Mission-critical systems
the Information systems Shared server
② collect information
spread by E-mail ①
③
How APT (Advanced Persistent Threat) works
Copyright ©LAC Co., Ltd. 2015 All Rights Reserved. 12
Malware Protection
System
Sandbox
How to prevent in theory
Pattern/Signature Matching
Legacy attacks
APT
Port Scan/DoS
Known Attacks/ Known Malware
Their Variants
Unknown Attacks/ Malware
APT ( Email / Browsing)
Firewall IPS Anti-Virus
NGFW/UTM
Reputation Detective Devices
Multi-layered Prevention
Copyright ©LAC Co., Ltd. 2015 All Rights Reserved. 13
The fact
Copyright ©LAC Co., Ltd. 2015 All Rights Reserved.
No perfect solution
Takes great efforts and time to detect new attacks
NEED EYES
Copyright ©LAC Co., Ltd. 2015 All Rights Reserved.
Cyber Security Capacity Building
15
Detection
Analysis
Response Counteract
Basic Knowledge/Understanding about cyber security management
ISO/IEC 27001 Risk Vulnerability Techniques
Management Layer
Technical Experts
Copyright ©LAC Co., Ltd. 2015 All Rights Reserved.
LAC-Co (ラッコ/Sea Otter / 海獺)
THANK YOU terima kasih
Ko Sasaki [email protected]
Ko Sasaki [email protected]