Click here to load reader

Cybercrime Security Risks and Challenges Facing East... · PDF file2015-05-02 · Cybercrime – Security Risks and Challenges Facing Business Sven Hansen Technical Manager – South

  • View
    213

  • Download
    0

Embed Size (px)

Text of Cybercrime Security Risks and Challenges Facing East... · PDF...

  • East Africa Security Conference August 2013 1

    Cybercrime Security Risks and Challenges Facing Business

    Sven Hansen Technical Manager South Africa

  • Agenda

    East Africa Security Conference August 2013 2

    What is Cyber Crime? 1

    Cyber Crime Trends 2

    Impact to Business 3

    Managing the Risk 4

    Path to Cyber Resilience 5

  • Before jumping in what is Cybercrime exactly?

    The simple answer is

    Its complicated!

    Council of Europe - Cybercrime Treaty defines it as: data used for criminal purposes, all the way to copyright infringement

    While United Nations include Fraud, Forgery and unauthorized access as Cybercrimes.

    Symantec Any crime using a computer, hardware device or network where the computer is an agent, facilitator or target of the crime.

    East Africa Security Conference August 2013 3

  • 1 in 532 websites were infected

    1.6 million new malware variants discovered daily

    250,000 web attacks blocked daily by Symantec in 2012

    Cyber Threat Landscape some statistics

    4 East Africa Security Conference August 2013

  • Symantec Global Intelligence Network Identifies more threats, takes action faster & prevents impact

    Information Protection Preemptive Security Alerts Threat Triggered Actions

    Global Scope and Scale Worldwide Coverage 24x7 Event Logging

    Rapid Detection

    Attack Activity 240,000 sensors

    200+ countries

    Malware Intelligence 133M client, server,

    gateways monitored

    Global coverage

    Vulnerabilities 40,000+ vulnerabilities

    14,000 vendors

    105,000 technologies

    Spam/Phishing 5M decoy accounts

    8B+ email messages/day

    1B+ web requests/day

    Austin, TX Mountain View, CA

    Culver City, CA

    San Francisco, CA

    Taipei, Taiwan

    Tokyo, Japan

    Dublin, Ireland Calgary, Alberta

    Chengdu, China

    Chennai, India

    Pune, India

    5 East Africa Security Conference August 2013

  • Agenda

    East Africa Security Conference August 2013 6

    What is Cyber Crime? 1

    Cyber Crime Trends 2

    Impact to Business 3

    Managing the Risk 4

    Path to Cyber Resilience 5

  • Targeted Attacks

    up 42%

    in 2012

    7

    Social Media Tailored & Specific

    Mobile Malware 58% increase

    East Africa Security Conference August 2013

    Symantec Internet Security Threat Report Findings 2012

    State Sponsored Attacks

    Increased Dramatically

  • Manufacturing moved to top position in 2012

    But all industries are targeted

    8

    1%

    2%

    2%

    2%

    8%

    10%

    12%

    17%

    19%

    24%

    0% 10% 20% 30%

    Transportation, Communications, Electric, Gas

    Aerospace

    Retail

    Wholesale

    Services Professional

    Energy/Utilities

    Government

    Services Non-Traditional

    Finance, Insurance & Real Estate

    ManufacturingManufacturing

    Finance, Insurance & Real Estate

    Services Non-Traditional

    Government

    Energy/Utilities

    Services Professional

    Wholesale

    Retail

    Aerospace

    Transportation, Communications, Electric, Gas

    Targeted Attacks by Industry, 2012

    East Africa Security Conference August 2013

  • Targeted Attacks by Company Size

    Greatest growth in 2012 is at companies with

  • Africa specific data

    East Africa Security Conference August 2013 10

    Taken from Symantec Internet Security Threat Report 18

  • Africa specific data

    East Africa Security Conference August 2013 11

    Taken from Symantec Internet Security Threat Report 18

  • Hacktivism

    What Drives the Modern Day Attacks?

    12

    Money

    Targeted Attacks

    Sabotage Espionage

    DDoS

    Defacement

    Banking Trojan

    Extortion

    Scam

    East Africa Security Conference August 2013

  • Agenda

    East Africa Security Conference August 2013 13

    What is Cyber Crime? 1

    Cyber Crime Trends 2

    Impact to Business 3

    Managing the Risk 4

    Path to Cyber Resilience 5

  • What this means to business

    Technology and business

    are indelibly linked.

    But it is a double edged sword

    New customers are online, mobile and connected.

    There is no silver bullet eliminating risk is impossible and it impedes agility.

    Organizations need to define their risk appetite

    Goal is to become Cyber Resilient

    East Africa Security Conference August 2013 14

  • So what is Cyber Resilience?

    Some existing definitions :

    1. Resilience is defined as the ability of an ecosystem to return to its original state after being disturbed. (Wikipedia)

    2. Cyber-resilience is the organization's capability to withstand negative impacts due to known, predictable, unknown, unpredictable, uncertain and unexpected threats from activities in cyberspace. (Information Security Forum)

    3. Cyber-resilience is defined as the ability of systems and organizations to withstand cyber events, measured by the combination of mean time to failure and mean time to recovery. (Word Economic Forum)

    East Africa Security Conference August 2013 15

    Cyber Security Cyber Resilience

    Multiple stakeholders CIA

    Defined Process

    Governance Framework

  • Cyber-Resilience Framework

    HUMAN TECHNOLOGY PROCESS

    KNOW Research Study Publish

    Find/Capture Categorize/store Aggregate/Correlate

    Collect Analyse Map

    PREVENT Recruit Educate Train

    Define Build Maintain

    Evaluate vital assests Analyse risks Define policies

    DETECT Search Identify Notify

    Monitor Analyse Alert

    Guide Inform Decide

    RESPOND Apply Render Justify

    Block Remediate Restore

    Communicate Follow-up Evaluate impacts

    CONTROL Evaluations

    Audits

    Compliance

    East Africa Security Conference August 2013 16

  • Agenda

    East Africa Security Conference August 2013 17

    What is Cyber Crime? 1

    Cyber Crime Trends 2

    Impact to Business 3

    Managing the Risk 4

    Path to Cyber Resilience 5

  • Financial Risk

    A Taxonomy of Risk

    18

    Enterprise Risk

    IT Risk Other

    Operational Risks

    Reputational Risk

    Strategic Risk

    Market Risk Credit Risk Operational Risk

    Performance Risk Availability Risk Compliance Risk Security Risk

    East Africa Security Conference August 2013

  • Define Risk Appetite

    19

    Likelihood of event Very Low Very High Low Medium High

    Low

    Medium

    Very High

    Like

    ly Im

    pac

    t

    Un-acceptable Risk

    Acceptable Risk

    High

    East Africa Security Conference August 2013

  • Quantifying Risk Appetite

    20

    Likelihood of event Very Low Very High Low Medium High

    Low

    High

    Medium

    Very High

    Like

    ly Im

    pac

    t

    X - Risk 1

    (Flood)

    X - Risk 2

    (Server Failure) X - Risk 3

    (Malware Outbreak)

    X - Risk 4

    (DoS Attack)

    X - Risk 5

    (Data Breach)

    East Africa Security Conference August 2013

  • Business and IT need to identify risks together

    Working in isolation creates disconnect

    Do all parties agree on what is critical?

    Clearly define who is responsible for specific risk

    Network Team

    Security Engineers

    IT Operations

    Consistently measure and feedback on changing risk posture

    East Africa Security Conference August 2013 21

    Additional Considerations

  • Agenda

    East Africa Security Conference August 2013 22

    What is Cyber Crime? 1

    Cyber Crime Trends 2

    Impact to Business 3

    Managing the Risk 4

    Path to Cyber Resilience 5

  • Path to Cyber Resilience

    Not many organizations can afford dedicated

    security team

    Bad guys are organized and smart

    Security Basics revisited do

    we need MORE tools?

    Collaboration Across EAC

    Organizations and security teams need to work together Share knowledge / Pool resources

    East Africa Security Conference August 2013 23

    1) Dont think too small

  • Path to Cyber Resilience

    East Africa Security Conference August 2013 24

    2) Fighting yesterdays battle

    Multiple attack vectors subtle, distributed and personalized

    Single Wall of Steel will fail Defense in Depth approach is required.

    Crucial to have relevant and timely

    data about your ICT infrastructure. So what do the new

    attacks look like?

  • Social Media & Phishing Examples

    East Africa Security Conference August 2013 25

  • East Africa Security Conference August 2013 26

    Organized & Professional

    The Hackers View

  • East Africa Security Conference August 2013 27

    Organized & Professional

    The Hackers View

  • Path to Cyber Resilience

    East Africa Security Conference August 2013 28

    3) Include all employees

    Employees are companies greatest asset and also biggest security risk

    Security is everyones responsibility

    not only IT. Is your supply