1 / 38

Dan Woolley President and Chief Operating Officer

zasha
Download Presentation

Dan Woolley President and Chief Operating Officer

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

    5. Effort Needed to Disrupt Systems is Decreasing

    6. Vulnerabilities of Computerized Assets

    7. Vulnerabilities of Computerized Assets

    8. Vulnerabilities of Computerized Assets

    14. Web Page Defacements

    16. 2000 YTD Defacements

    20. Top Ten Known Defacers

    21. Current IDS Statistics Average number of IDS events per day (per engine) Denial of Service 5 Unauthorized Access Attempts 3 Pre-Attack Probes 28 Suspicious Activity 9 Benign Triggers 163

    22. Current IDS Statistics

    23. Personal IDS

    24. Personal IDS Probe Events

    25. Personal IDS Identification and Enforcement

    26. Are Companies Ready For An Attack?

    27. Information Overload ---> PDD 63

    28. ISAC Participants share information about security incidents, vulnerabilities, threats, solutions Each participating firm is alerted immediately, 24 hours/day, anywhere in the world Results of analysis are reported in three categories: Normal, Urgent, or Crisis

    29. FS/ISAC Data Sources Strategic Partners 64 Distinct search engines 270 list servers AOL, ICQ and IRC Chartrooms WAP specific sites 20 “Hacker sites” Various message boards, Usenet, etc Advisories from 46 + sources Plus worldwide government support (input), but no reporting (no look up membership/seats) DoD JTF, NCC, Scotland Yard, Interpol, etc

    31. Incident Targets Breakdown August 2000

    32. Vulnerabilities Breakdown

    33. Incident Severity Breakdown

    38. What Do We Think Will Happen? Cyber Forensics - Proactive monitoring, scanning, detection, litigation support Increasing interest in Integrated Architecture Solutions (Network Modernization) Increased focus on embedding security technology in the Application Layers (e-Biz) Increased focus on international interoperability and enforcement Growth in web site trust programs (ASP and ISP) Increased Legislation (CyberLaw /Privacy and Confidentiality) Increased emphasis on IT security certification of technology (BiTS) Greater reliance on the business imperative to drive IT solutions (e-biz) Major Emphasis on Information Sharing on Incident Management (ISAC) Changes in the US Tax Code related to Tax Credits for Security Initiatives Unprecedented growth in IS managed services Unprecedented Growth of Wireless Applications --- and RISK Increased awareness on the issues of Personal Privacy and Confidentiality

More Related