1 / 37

ISYS 2394 Business Globalisation and Business IT Security in a Global Environment

ISYS 2394 Business Globalisation and Business IT Security in a Global Environment. Barry Cook. Index. Introduction. Introduction My Background Disclaimer Security in a Globalised Environment Impact of Data Breaches Largest Data Breaches of All Time. Security Threat Basics.

trey
Download Presentation

ISYS 2394 Business Globalisation and Business IT Security in a Global Environment

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. ISYS 2394 Business Globalisation and Business ITSecurity in a Global Environment Barry Cook

  2. Index Introduction • Introduction • My Background • Disclaimer • Security in a Globalised Environment • Impact of Data Breaches • Largest Data Breaches of All Time Security Threat Basics Emerging IT Trends Security Considerations Defences and Best Practices Summary Security in a Global Environment

  3. Introduction • The objective of today is to: • Provide you an overview of the current major security threats, risks and impacts to individuals and businesses, in our globalised world • Provide you some high level best practices and defences to address security threats and risks • Get you to starting to think about security as an integral part of your development plans • Today • Part 1: Lecture and Questions • Part 2: Practical Activity with 3 Minute Presentation Per Group Security in a Global Environment

  4. My Background • Current Role: • J6, Defence Command Support Training Centre (DCSTC) • J = Joint (Army, Navy, Air Force), • 6 = Communication Information Systems (CIS) • Experience • National Security Focus • Department of Defence & Federal Attorney-General’s Department • Management / IT Consultancy • Current Research Interests • Cyber-Security & Cyber-Warfare Security in a Global Environment

  5. Disclaimer Everything you hear today is based on material available in the public domain. Nothing Specific, Unique or Classified to the Department of Defence, Australian Government or our Allies will be discussed or referenced. Security in a Global Environment

  6. Security in a Globalised Environment • Technology has opened up Global Opportunities and Markets • It has also lead to a significant increase in the Security Threats to Individuals and Businesses • Mobile Devices estimated to reach 10 Billion by 20161 • Accumulated Digital Data to grow to 8 Zettabytes by 20152 • Distributed nature of the threats, makes it difficult for Law Enforcement to address root causes. • Threat often occur from multiple sovereignties each with differing laws and jurisdictional processes • You can’t just block all the traffic, as it is often mixed in with legitimate traffic Source: 1. Cisco 2. IDC Worldwide Big Data Technology and Service 2012-2015 Forecast Security in a Global Environment

  7. Average Total Organisation Cost of Data Breach for Large Business1 Impact of Data Breaches • Loss of Customer Confidence and Loss of Customers • Loss of Competitive Advantage • Fraud • Fines • Cost of Data Breaches on Business1 • $188 per record stolen in 2013 • Cost of Identify Theft on Individuals2 • Average Cost of $4,841 per person • Average Time to Repair Damage caused by Identify Theft is 330 Hours Source: 1. 2013 Cost of Data Breach Study, Ponemon Institute 2. Identify Theft Resource Centre Security in a Global Environment

  8. Largest Data Breaches of All Time Source: 1. Nathan Yau, http://flowingdata.com Security in a Global Environment

  9. Threat Motives • Threat Actors • Threat Vectors • Technical Threats • Non-Technical Threats Index Introduction Security Threat Basics Emerging IT Trends Security Considerations Defences and Best Practices Summary Security in a Global Environment

  10. Threats Motives • Financial Gain • Competitive Advantage • Disruption • Political Advantage / Hacktivism • Disobedience / Protest • Showing Off / “THE CHALLENGE” Security in a Global Environment

  11. Threats Actors • Organised Crime • Financial Gain • State Sponsored / Foreign Government • Espionage, Disruption • Terrorist Groups • Financial Gain, Disruption • Individuals • Internal – Disgruntled Employee, Curious Insider, Ignorance • Outsider – Hackers, “Script Kiddies”, Competitors Security in a Global Environment

  12. Threats Vectors • Web – Fake Sites • Email – Attachments, Links • Unsecure Devices – Wireless Hotspots, Physical Devices • Removable Media (USB Thumb Drives) • Social Media • Social Engineering 1 Source: 1. Symantec Intelligence Report for Feb 2014 Security in a Global Environment

  13. Technical Threats - Phishing • Phishing • Fake Website designed to look like real one to obtain privilege information • Generic in Nature • Email / Social Networking Attack Vector • Spear Phishing • Targets Individuals based on already known information about the target • May appear to come from a trusted source In Dec 2013, it was estimated 1 in every 1,053 emails was a Phishing attempt.1 Source: 1. Symantec Intelligence Report for Feb 2014 Security in a Global Environment

  14. Technical Threats - Malware • Trojans • Viruses • Spyware • Adware • Worms • Scareware • Botnets • Software Keyloggers 1 In Dec 13, it was estimated 1 in every 164 emails contained Malware2 Source: 1. PandaLabs Annual Report 2013 Summary 2. Symantec Intelligence Report for Feb 2014 Security in a Global Environment

  15. Technical Threats - Hardware Keyloggers Security in a Global Environment

  16. Technical Threats – Zero-Day Attacks 1 • Zero-Day Attacks • Attacks that exploits a security vulnerability on the day or even before it becomes generally known • Type of Advanced Persistent Threat (APT) • Famous Examples • Attack on Google in 2009 as a result of a Internet Explorer Zero-Day Flaw. • HEART BLEED OpenSSL Vulnerability Source: 1. Symantec Elderwood Project Security in a Global Environment

  17. Technical Threats - Heartbleed Bug 1 Source: 1. LWG Consulting Security in a Global Environment

  18. Non Technical Threats – Passwords • Poor Passwords • Lack Length and Complexity • Hard to Remember so written down • Password Lengths • Any Password < 5 Characters can be cracked in 5 seconds • Any Password < 7 Characters can be cracked within 1 day • Even 8 Character Passwords with some complexity can be cracked in a few months Security in a Global Environment

  19. Non Technical Threats – Other • Physical Security • Lack of Protection of Sensitive and Critical ICT Assets • Includes End User Device Protection when Mobile • Improper Destruction • Paper and Electronic Assets • Insufficient Backup and Recovery • Risk to Data Survivability and Integrity • Inadequate Staff Identification Processes • Susceptibility to Social Engineering Attack Vector Security in a Global Environment

  20. Index Introduction Security Threat Basics Emerging IT Trends Security Considerations • Cloud Computing • BYOD • Mobile Devices • Big Data Defences and Best Practices Summary Security in a Global Environment

  21. Cloud Computing • What about my Data • Where is My Data stored? • Who has access to My Data? • Data Segregation • How well is my Data Segregated from others Cloud Clients? • Recovery • What are my Recovery Options? • Compliance Requirements • Can I guarantee they are achieved if I don’t control the infrastructure? Security in a Global Environment

  22. Bring Your Own Device (BYOD) • All Devices or Only Some? • What about Patching and Updates? • How will you deploy applications to all the devices? • Data Ownership • What happens when the employee leaves? • Device Loss or Theft • How do you maintain control? • What about User Rights? Security in a Global Environment

  23. Mobile Devices • Mobile Devices are just as susceptible to threats • Malware • Bluesnarfing • Phone Hacking • Browser Security Issues Mobile Device Malware Detected Q1 20141 Source: 1. F-secure Mobile Threat Report Q1 2014 Security in a Global Environment

  24. Defence in Depth Cycle • Layered Defence • Security Measures • Top 4 Mitigation Strategies • Mobile / BYOD Security Control Framework • Cloud Computer Security Index Introduction Security Basics Emerging IT Trends Security Considerations Defences and Best Practices Summary Security in a Global Environment

  25. Defence in Depth Cycle • Context • Business Strategy in Play • Risk Analysis • Identify Generic and Specific Risks to Business and its consequences • Implement Defence in Depth • Employ a Multi-Layer Defence Strategy • Review and Monitor • Ensure Defence Strategy is continuous reviewed and updated AS43560 Risk Rating Levels Source: 1. Trusted Information Sharing Network www.tisn.gov.au Security in a Global Environment

  26. Layered Defence Source: 1. Trusted Information Sharing Network www.tisn.gov.au Security in a Global Environment

  27. Security Measures – Physical Security • Secure Server Rooms • Restrict Access to only those that require and log/monitor access at all times • Keep Server Rooms neat and documented, so anomalies can be quickly detected • Restrict Entry to Work Areas to only authorised personnel • Secure Mobile Assets • In and Out of the Office • Control Physical Assets that contain data and information at all times • From Creation to Destruction Security in a Global Environment

  28. Security Measures – Device Security • Patch Operating System and Applications consistently and quickly. • Setup an Automatic Mechanism to update • Install Suitable Security Software • Should include Anti-virus, Firewall, Anti-Spam, Anti-Malware, Web Site Threat Checker • Needs to check for updates multiple times per day • Encrypt Data on Portable Devices • Restrict Application Installation/Usage to Only Authorised Applications • Disable Auto Run / Auto Load of Removal Media Security in a Global Environment

  29. Security Measures – Network/System Security • Apply Multiple Levels of Network Defence • Firewalls / Routers / Gateways • Intrusion Detection Systems • Monitor Network Continuously and Quickly Act to Protect • Know what devices are on your network at all times and what they are doing • Apply comprehensive Access Controls to Data • Consider Multi-Factor Authentication such as Tokens, Smart Cards or Biometrics • Remove Access immediately upon personnel change (Staff Departure, Role Change) • Implement Robust Change Management and Application Development SDLC Processes Security in a Global Environment

  30. Security Measures – User Security • Security Awareness Training • Threat and Consequence Awareness Training • Anti-Phishing and Anti-Social Engineering Training • What to do if a “Breach” occurs • Suitable Password • At least 10 Characters with mixture of Upper & Lower Case, Numbers and Special Characters. • However, the longer the password length the less complex it has to be. • Use different passwords for different types of systems. E.g. Social Media, Banking • Change Passwords Regularly • Don’t Share Passwords Security in a Global Environment

  31. Top 4 Mitigation Strategies 1 Source: 1. DSD Top 35 Strategies to Mitigate Targeted Cyber Intrusions Security in a Global Environment

  32. Mobile / BYOD Security Control Framework 1 Source: 1. Trusted Information Sharing Network www.tisn.gov.au Security in a Global Environment

  33. Cloud Computing Security • Fully Understand the Cloud Providers Environment • Service Levels • Where you Data will be stored. • Access rights to Government under local laws where that data will be stored • Data Transfer Options should you want to move to another provider • Data Retention Periods • Encrypt your Data • Particularly for Sensitive Data • Should be Independent of Current Cloud Provider Security in a Global Environment

  34. Index Introduction Security Basics Emerging IT Trends Security Considerations Defences and Best Practices • Key Points • Additional Resources Summary Security in a Global Environment

  35. Key Points • Understand the Threats and Consequences • General threats and those specific to your business • Factor Security into your Development Plans • Engage with your Security Experts • Patch your Operating Systems and Applications regularly • Deploy and Maintain Security Software on your Devices • Secure your Physical and Information Assets • Regularly conduct Security Awareness Training Security in a Global Environment

  36. Security in a Global Environment

  37. Additional Reading / Support • Australian Signals Directorate http://www.asd.gov.au/publications/index.htm • Trusted Information Sharing Network http://www.tisn.gov.au/Pages/default.aspx • US-CERT http://www.us-cert.gov • Symantec Intelligence Report http://www.symantec.com/theme.jsp?themeid=state_of_spam • SANS Security http://www.sans.org/reading_room/whitepapers/bestprachttp://www.sans.org/tip_of_the_day.php • Anti-Phishing Working Group http://www.antiphishing.org/ Security in a Global Environment

More Related