Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
IT risk management wikipedia , lookup
Airport security wikipedia , lookup
Computer and network surveillance wikipedia , lookup
Cracking of wireless networks wikipedia , lookup
Information security wikipedia , lookup
Wireless security wikipedia , lookup
Cyber-security regulation wikipedia , lookup
Mobile security wikipedia , lookup
Distributed firewall wikipedia , lookup
Computer security wikipedia , lookup
The Information Security Jigsaw The Technical perspective John Carr Senior Manager Information Security Cap Gemini Ernst & Young What kind of jigsaw? Procedural Security Technical Security Security Operations Risk Management Physical & Personnel Security Content • • • • • • • Introduction Why its so important The risks Is it for real? What happens if it goes wrong The Solutions on offer Conclusions Introduction • Security is now in the forefront of corporate planning and management • No sectors can exclude themselves now • Need to communicate means proliferation of external connectivity on a global scale • Greater need to establish the risks • Need for a mix of solutions - this is the technical component! Why Security is so important • Security is a key business enabler, particularly in e-space • All enterprises are at risk to and this is increasing • Business change can be a dangerous venture without considering security risks • Public facing organisations require evidence of due diligence • If there are problems people will find out • Management accountability is high, so is peace of mind • Preventing problems is cheaper than fixing them or recovering from them The Risks (1) • Risks to the network – Threats - Hacking, Leakage, DOS, Malicious Code, Misuse of Resources, Abuse – Vulnerabilities (weaknesses in O/S protocols, degree of resistance to attack) – Impacts (frauds, modification) – Privacy issues (browsing, cookies, logs) • Use of Wireless LANs The Risks (2) • Risks of connecting with other peoples networks – You have no Control; Back doors to hostile environments; Different architectures; Difficulties in securing the links. • Other Risks – – – – Human errors Other theft Sabotage Environmental failure Is it for Real? In the News • • • • • The White House Marks & Spencer Barclays On-line Amazon (Privacy) Consumers Association (Which) • Yahoo • Norwich Union Case Studies • City Financial Institution – The virus attack from hell ! • Global Media Corporation – All comms traffic through a single multiplexor without access control ! • Global Automotive Co. – What do you mean this technical architecture won’t work - its costing us ££ ! Is it for Real? An infection occurred despite tight anti-virus controls, multiple products & platforms, strong management and a strict culture Yet a virus still got in and infected 30 odd PCs internally before clean up Thankfully, one of their exiting gateways picked it up and stripped it out of approximately 100 mails bound for clients, business associates etc etc. Phew!!!!!! But it put a note to that effect in the message! ARRGGH!! • The cause of the problem? Real Events do Happen! • Use of Web based mail hosts • Use of Web based mail hosts which don’t scan for viruses either coming in or going out • Use of Web based mail hosts that use SSL to encrypt the session! • So the incoming checker couldn’t identify the virus! What Happens if it goes wrong? • If your information is corrupted, you can’t do billing or other financial work • If bill presentment was compromised then key customers could be lost • If your information is out of date or inaccurate you may injure individuals or mislead clients • If your information is disclosed without authority you could face legal or regulatory penalties • If you contract a network virus, you may have to close your entire network and be almost unable to operate • If your systems fail then you can’t do business transactions • IF YOU DON’T PROTECT YOURSELF YOU MAY NOT HAVE ANYTHING LEFT TO PROTECT Solutions! • • • • • • • • Anti Virus Regimes Intrusion Detection Systems Artificial intelligence Use of trusted products & services Audit collection, analysis and interpretation Firewalls & routers PKI??? Wireless LANs…………... Anti-Virus regimes • • • • • • Scanners are not enough on their own Function specific and different Culture need Update capabilities Holistic software AI?? Intrusion Detection Systems • • • • • • Perimeter monitoring System tools Interception Intrusion alert Configuration critical Overheads Artificial intelligence! • Is here now! • Systems to detect irregular patterns in system activity • Machine created profile/footprint • Alert capability • Not able yet to detect right and wrong Trusted Products • Old Orange book from US • UK ITSEC for government • Common Criteria now for EU, US Canada, Australia etc. • Kite Mark equivalent for anti-virus s/w • Commercial schemes? Audit • • • • Collection capabilities long standing Real time monitoring and alert possible Analysis tools available Tight regimes are labour or machine intensive • Need for interpretation (AI??) Firewalls & Routers • • • • • • Network protection Filtering capabilities Intelligent routers Positioning Configuration Degree of trust PKI • The great saviour? • Digital Certificates - authentication OK but alternatives exist • Digital Signatures - trust, assurance OK • Encryption - confidentiality - not really! • Too costly to implement and manage • Uncertain future Wireless LAN’s • The great issue at the moment. • How to secure something that does not lend itself to security? • Short range repeaters • Screening - Ugh!!! • Back door bolted • MAC Address filtering Conclusions • There are many technical risks and they are increasing and evolving. • There are solutions but not panaceas • You can only defend against that which you know • Technical security is not enough on its own • The future is uncertain - we can only do our best but it must be the best!