Embed Size (px)
DESCRIPTION
Presentation from annual IT and Telcom conference "Riga Comm2013", where DSS took part.
Citation preview
Innovations in data security
IT Security.The Value for
Business.
Andris Soroka
22.10.2013
“Data Security Solutions” business card
Specialization – IT Security
IT Security services (consulting, audit, pen-testing, market analysis, system testing and integration, training and technical support)
Solutions and experience portfolio with more than 20 different technologies - global market leaders
Trusted services provider for banks, insurance companies, government and private companies (critical infrastructure etc.)
AgendaWhere are we now – technology perspective
Cyber security reality check
The challenge and the solution
Questions & Answers
Business cares only about..
Every business knows their risks…
However technology drives fast…
New game, new rules..
Productivity
Security
Challenge for business ahead..
DROŠĪBAS PASĀKUMI
Costs Security costs
Optimum? Remaining part of risk
Security actions
RisksNew optimum?
Source: Māris Gabaliņš, The Art Of The Systems
IT Security is a board level question
Increasingly, companies are appointing CROs and CISOswith a direct line to the Audit Committee
Loss of market share and reputation
Legal exposure
Audit failure
Fines and criminal charges
Financial loss
Loss of data confidentiality, integrity and/or availability
Violation of employee privacy
Loss of customer trust
Loss of brand reputation
CEO CFO/COO CIO CHRO CMO
Source: Discussions with more than 13,000 C-suite executives as part of the IBM C-suite Study Series
Agenda slide
Where are we now – technology perspective
Cyber security reality check
The challenge and the solution
Questions & Answers
Agenda cont.
Fastest technology development in time..
21st Century – Mobility century
PC era Mobile era
Tablets now and future of tablets
Business cares only about..
Of course – watching TV..
Video consumption on mobile devices in Europe has climbed by 112% in the last 12 months. This is yet another indication of the video-powered mobile web era on our doorstep. (Source: comScore)
It is all about ...applications
What they do with those gadgets?
Social media on average every day.. (USA)
Social media on average every day.. (USA)
Businesses now spend 24% of marketing budgets on paid search. And, 41% of people are unaware they a clicking on PPC links, believing they are organic results.(Source: Econsultancy)
Before we get to security..
(image via australiance.com)
LinkedIn is nearly three times as effective for lead generation as Twitter and Facebook. And two new users join LinkedIn every second.(Source: Topdogsocialmedia.com)
Before we get to security..
Google.com processes 12.9 billion searches per month. Of that, 1.17 billion searches are by unique users.(Source: ExpandedRamblings.com)
Business (personal?) tools matter more..
IT in business is becomming more and more important (ERP, CRM, document management systems, digital prototypes, BI, MIS etc.)
E-World for business is developing (e-Health, e-Services, e-Government, video conferencing, web-conferencing utt.)
Mobility makes borderless enterprises reality
Cyber culture develops faster than cyber security for many years already!
Agenda (Cont.)
Where are we now – technology perspective
Cyber security reality check
The challenge and the solution
Questions & Answers
Agenda cont.
Best «success story» describing hackers..
Mobility & Security...
Mobility & Security...
Mobility and Security (cont.)
McAfee 2013 Q1 Threats Report
Federal Reserve Survey March 2013
Mobile Malware Explodes
Mobile banking adoption rising
End users fall victimto mobile attacks
Mobile Malware increases all the time..
Hacking business services..
Hacking business services...
Current prices on the Russian underground market:Hacking corporate mailbox: $500Winlocker ransomware: $10-$20Unintelligent exploit bundle: $25Intelligent exploit bundle: $10-$3,000Basic crypter (for inserting rogue code into benign file): $10-$30SOCKS bot (to get around firewalls): $100Hiring a DDoS attack: $30-$70 / day, $1,200 / monthBotnet: $200 for 2,000 botsDDoS Botnet: $700ZeuS source code: $200-$250Windows rootkit (for installing malicious drivers): $292Hacking Facebook or Twitter account: $130Hacking Gmail account: $162Email spam: $10 per one million emailsEmail scam (using customer database): $50-$500 per one million emails
In fact every piece of software is vulnerable..
Some information from IBM X-Force reports..
Next decade of the internet..
1995 – 20051st Decade of the
Commercial Internet
2005 – 20152nd Decade of the
Commercial InternetMotive
Script-kiddies or hackers
Insiders
Organized crime
Competitors, hacktivists
National Security Infrastructure Attack
EspionagePolitical Activism
Monetary Gain
Revenge
Curiosity
Where are we now – technology perspective
Cyber security reality check
The challenge and the solution
Questions & Answers
Agenda cont.
Common mistake
For many companies security is like salt, people just sprinkle it on top.
Risk matrix for business related to IT
Before and after
Mobility remains biggest challenge
Secure own mobile application developmentStatic code testingDynamic code testing
BYOD (Bring Your Own Device) policy:Mobile Device ManagementMobile Application ManagementMobile Content Management (DLP)
Data control and data separationPrivate dataCorporate data
Secure Access & Strong IT Security policySecure Connection (encrypted)Identity control, Authentification & Authorization management
Some just basic ideas
Policy and real time controlOf devices and applicationsOf people and IT stuffOf data leak protectionOf internet usageOf remote accessOf employees trainingOf….
Encryption of..Mobile phonesVoice calls and text messageseMailsComputers and devicesData bases…
Continuous process…
Combination of best tools & technologies
Continuous vulnerability and risk assessment with board’s involvment
Training and continuous awareness raising for IT specialists and non-IT specialists / employees
Best price / performance defense technologies to implement and maintain
Trusted IT specialists to help to protect your business plans
Be ready to invest because there is no other choice!
Return of Investment
Costs for business from cybercrime
Think security first
