1 / 113

Why Security Fixes Won’t Fix Your Security

Required Slide. SESSION CODE: SIA230. Why Security Fixes Won’t Fix Your Security. Pete Calvert sage-work Grad.Dip.Comp.Sc , B.Bus (Marketing / Finance ), MCT , MCITP, MCSE … facebook.com/ pete.calvert | twitter.com/ erucsbo | pete@sage-work.com. g’day. Australia. not Austria. beaches.

brice
Download Presentation

Why Security Fixes Won’t Fix Your Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Required Slide SESSION CODE: SIA230 Why Security Fixes Won’t Fix Your Security Pete Calvert sage-work Grad.Dip.Comp.Sc, B.Bus(Marketing / Finance), MCT, MCITP, MCSE … facebook.com/pete.calvert | twitter.com/erucsbo | pete@sage-work.com

  2. g’day

  3. Australia

  4. not Austria

  5. beaches

  6. opera house

  7. kangaroos

  8. emus

  9. vegemite

  10. vegemite

  11. vegemite

  12. g’day

  13. Definitions of g’day <strine> Hi Hello Hope you have a good day I’m busy but I’ll acknowledge your existence You don’t look like you’re from England so I’ll say hello I’m not sure what is going on here.Will someone buy me a drink? You look cute. If I buy you a drink will you give me your name and phone number?

  14. Why Security Fixes Won’t Fix Your SecurityAgenda Definitions Models Gaps Options Solution Summary

  15. Security

  16. Definitions of Security Applications? Platforms and Operating Systems? Policies Information Classification? Physical infrastructure? Clearances?

  17. Definitions of Security wedding picture

  18. Definitions of Security house

  19. Definitions of Security job security

  20. Definitions of Security Security guards

  21. Definitions of Security Security guards

  22. Definitions of Security passwords

  23. Definitions of Security

  24. Definitions of Security

  25. Definitions of Security

  26. Definitions of Security

  27. Definitions of Security

  28. Definitions of Security

  29. Definitions of Security

  30. Definitions of Security

  31. Definitions of Security

  32. Definitions of Security Define what we are securing Define what secure means

  33. Definitions of SecurityPrivacy

  34. Models of Security Complex environment that needs to be managed Use models to simplify understanding and hopefully identify gaps Patch / AntiVirus / Firewall Defense in Depth Impossible Triangle

  35. Models of SecuritySecurity Mantra

  36. Models of SecuritySecurity Mantra

  37. Models of SecuritySecurity Mantra

  38. Current malware signature count 7,452,232 http://www.triumfant.com/Signature_Counter.asp

  39. Models of SecuritySecurity Mantra

  40. Models of SecuritySecurity Mantra Firewalls Won’t stop legitimate traffic Defined by protocol Content inspection requires the traffic not be encrypted(or is able to be decrypted and re-encrypted between the endpoints) Useful for shutting the gates / traffic isolation

  41. Statistics http://datalossdb.org/statistics

  42. Statistics http://juststolen.net/blog/ Stolen laptops in the US for 2008 & 2009

  43. Statistics • A laptop is stolen every 53 seconds. • More than 12,000 laptops disappear each week from U.S. airports alone. • Only 3% of laptops are ever returned. http://www.propeller.com/story/2008/11/24/interesting-laptop-theft-statistics/

  44. Statistics 0.3% http://www.joe-ks.com/archives_feb2004/Useless_Stats.htm

  45. Statistics http://www.joe-ks.com/archives_feb2004/Useless_Stats.htm

  46. Statistics 90% http://www.joe-ks.com/archives_feb2004/Useless_Stats.htm

  47. Statistics http://www.joe-ks.com/archives_feb2004/Useless_Stats.htm

  48. Statistics http://www.joe-ks.com/archives_feb2004/Useless_Stats.htm

  49. Models of SecuritySecurity Mantra • Secures the platform only and only from known external malicious attacks • Security can still be compromised by • Theft • Inappropriate access controls

  50. Models of SecurityAccess Controls Passwords Something you know Security Tokens Something you have Biometric Something you are

More Related