360 likes | 528 Views
Creative Commons License: You are free to share and remix but you must provide attribution and you must share alike. Information Security A Practical Introduction. What does “Security” mean?. ?. What is Information Security About?. InfoSec is about… Viruses. InfoSec is about… Hackers.
E N D
Creative Commons License: You are free to share and remix but you must provide attribution and you must share alike. Information SecurityA Practical Introduction
Information Security as an Outcome "Our systems aresecure from hackers“ "We haveblocked 17,342 viruses to date“ “Our systems are all online“ “Insiders cannotsteal our information” “We have backups” “We are Secure”
Information Security as a Process “We want to improvesecurity“ "We need to protect against morethreats" "We want to reduce risk" "We want to increasecustomer confidence" "We want to decrease the number of compromises" “We want to be more Secure”
InfoSec is… Risk Management Identify Measure Analyze Plan Implement
What is at Risk? Confidentiality Integrity Availability
Defence in Depth lowers Risk Firewalls do not make you secure Anti-virus does not make you secure Policiesdo not make you secure VPNs do not make you secure Guards do not make you secure Passwords do not make you secure Together they all make you MOREsecure
Threat: Unintentional DoS ? An unpatched server was compromised and used to distributed 20 GB of videos with French language titles. The problem was discovered when the server was blocked for excessive bandwidth usage.
French Puppet Videos! The server was distributing 20 GB of French Puppet Videos. The cleanup time was 7 hours. If they had just asked we would have probably found someone to host the videos for them!
Threat: The Man-in-the-Middle The Pineapple Pretends to be YOURhome wifi network. Recordswhat you do on the Internet.
Counter: 2 Factor Authentication YUBIKEY SecurID Google 2FA
Counter: DLP and DPI • Deep Packet Inspection (DPI): • Firewalls inspect every packet on the network and rebuild the entire message. • Data Loss Prevention (DLP): • Uses DPI and pattern matching to look for suspicious content being sent FROM your network.
Why D.I.D? It never rains… it pours The OS Vendor stopped providing patches The server was hacked A hard disk failed A cooling fan died & it crashes every 2hr The software vendor wanted more money Hardware support had not been paid for
Final Threat: The A.P.T. Advanced Persistent Threat
InfoSec is… Everyone’s Responsibility Confidentiality Integrity Availability
Questions? • Email: • michael@winterstorm.ca • Slides: • http://winterstorm.ca/download/