Upload
branden-long
View
28
Download
1
Embed Size (px)
DESCRIPTION
Managing Threats in Changing World. John DeGroot Lead Architect – Security, RBC Federation of Security Professionals – October 26, 2012. Trends Canada’s auditor general report on cyber-security Failure to pass US 2012 Cybersecurity Act Cyber attack on Canadian government in 2011 - PowerPoint PPT Presentation
Citation preview
Managing Threats in Changing Managing Threats in Changing WorldWorld
John DeGrootLead Architect – Security, RBC
Federation of Security Professionals – October 26, 2012
Trends
• Canada’s auditor general report on cyber-security• Failure to pass US 2012 Cybersecurity Act• Cyber attack on Canadian government in 2011• DDOS attacks on US banks• Many others
Evolution of Threats Evolution of Threats
Organized Crime,
Nation States
Fraudsters
“Script Kiddies”, Individuals
Increasing sophistication
and impact
Number of attackers
What is changing?
• APT – Advanced Persistent Threats Targeted Highly motivated Well-financed Coordinated across attack points Will try multiple times using multiple methods
• Cloud computing and mobility increase complexity and attack surface
Evolutionary, not revolutionary change
What is the same?
• Same bad guys• Same motivation
Using new tools, operating in IT world, leveraging the cloud
Where are the gaps?
• Defenses are strongly attack-oriented Signature-based defenses geared to single general attacks
• Controls are strongly people-oriented Awareness programs, discretionary security, application development
• Defenses often deployed in silos • Security “bolted on”• Defense in Depth
Layers rather than breadth
7
Integrated Defense
Toward Integrated Defense
• Acknowledge reality The bad guys are already in Denial of service attacks will cause outages You will be attacked
• Understand your business• Integrate with operational risk management• Proactive approach to threat management
Threat modeling and predictive analysis What does a coordinated attack look like?
Prepare for attack and test your response Behavior analysis – good and bad
Toward Integrated Defense
• Security by design Embed security into processes, applications, data, and infrastructureMove from discretionary to policy-driven securitySimplify and automate
• Virtual security operations centreProvide complete visibility into operational environment Provide useful and relevant informationProvide effective intelligence – inside and out Share information and services
• Invest in people with threat management skills
10
Thank You