Cyber Security, Cyber Intelligence & Cyber Investigation
Hong-Eng KohVice President, POLCYB
Society for the Policing of Cyberspace
Global LeadJustice & Public Safety
Oracle Corporation
Copyright © 2015 Oracle and/or its affiliates. All rights reserved. |
Safe Harbor StatementThe following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle’s products remains at the sole discretion of Oracle.
2
Copyright © 2015 Oracle and/or its affiliates. All rights reserved. | 3
CyberSecurity
CyberIntelligence
Platform
Countering Cyber Threats
Integrated Policing Platform
Protect Detect Investigate Resolve
Copyright © 2015 Oracle and/or its affiliates. All rights reserved. | 4
CyberSecurity
CyberIntelligence
Platform
Countering Cyber Threats
Integrated Policing Platform
Protect Detect Investigate Resolve
Copyright © 2015 Oracle and/or its affiliates. All rights reserved. | 5
Adapted from Kuppinger Cole Presentation, March 2013
MALICIOUSCOORDINATED ATTACKS
HACKING
DATA THEFT
DENIAL OF SERVICE
BLACKMAIL
MISUSE• PRIVILEGE
ABUSE
• DELIBERATE LEAKAGE
• CURIOSITY
MISTAKES• ACCIDENTAL
ERASURE
• ACCIDENTAL DISCLOSURE
• Hackers
• Rival nations\spies
• Employees
• Contractors
• DBA’s
• Developers
Cloud Mobile Social
Copyright © 2015 Oracle and/or its affiliates. All rights reserved. | 6
S E C U R I T Y
S E C U R I T Y
S E C U R I T Y
S E C U R I T Y
S E C U R I T Y
S E C U R I T Y
S E C U R I T Y
SECURITY INSIDE OUTBUILT-IN AT EVERY LAYER
Copyright © 2015 Oracle and/or its affiliates. All rights reserved. | 7
Governance, Risk and Compliance
Identity Management
Mobile Security
Cloud Security
Infrastructure Security
SECURITY INSIDE OUT
Copyright © 2015 Oracle and/or its affiliates. All rights reserved. | 8
CONTAINER EXPERIENCECONTROL
Isolate corporate data, support remote wipe, restrict
data transfer
Secure applications & communication, corporate
application store
Role based access, self service request, sign-on, fraud
detection
MOBILE SECURITY SUITE
Mobile SecurityOracle’s Strategy
Copyright © 2015 Oracle and/or its affiliates. All rights reserved. | 9
CyberSecurity
CyberIntelligence
Platform
Countering Cyber Threats
Integrated Policing Platform
Protect Detect Investigate Resolve
Copyright © 2015 Oracle and/or its affiliates. All rights reserved. | 10
Cyber Intelligence Platform
Protected Network
Data Packets
Network Switches
Log Files
Security Analyst
Predictive Attack Recognition, Session and File Analytics
SIEM System Events
Open Source Information Unstructured
Cyber “Data” Pool
Copyright © 2015 Oracle and/or its affiliates. All rights reserved. | 11
Oracle Big Data Appliance
NoSQL DB Driver
Application
HDFS, Hadoop, CDH
Map ReduceORCH - Stats
Map ReduceHive - Activities
Map ReducePig - Sessionize
Cyber Information Discovery
Complex Event
ProcessingExpert System
Decision Engine
Cyber Real-time Analysis
API/NBI SIEM/SOC
Mass Analysis\Algorithm
s Layer
Probe/Switch
LAN
Probe/switch
Real-time Access
Batch Processing
System M
onitoring & M
anagement
Cyber Intelligence Platform High Level Architecture
• Big Data Appliance• Oracle Event Processing• Business Intelligence• Real-Time Decisions• Endeca Information
Discovery
Deep Packet Inspection
(DPI) Router
Copyright © 2015 Oracle and/or its affiliates. All rights reserved. | 12
Cyber Intelligence Platform
Copyright © 2015 Oracle and/or its affiliates. All rights reserved. | 13
Cyber Intelligence Platform
Copyright © 2015 Oracle and/or its affiliates. All rights reserved. | 14
Cyber Intelligence Platform
Copyright © 2015 Oracle and/or its affiliates. All rights reserved. | 15
Cyber Intelligence Platform
Copyright © 2015 Oracle and/or its affiliates. All rights reserved. | 16
Cyber Intelligence Platform
Copyright © 2015 Oracle and/or its affiliates. All rights reserved. | 17
CyberSecurity
CyberIntelligence
Platform
Countering Cyber Threats
Integrated Policing Platform
Protect Detect Investigate Resolve
Copyright © 2015 Oracle and/or its affiliates. All rights reserved. | 18
Integrated Policing Platform
Business Rules Legislation Policy Procedures Service Rules Behavior Models Scheduling
Internet
Policing Operational Capabilities
Phone eMail Mobile Face to Face PaperChannels
Operations& Response Investigation Intelligence
PropertyManagement
Suspect &Offender
Records Management
Coordination& Liaison
Citizens Trusted 3rd parties Police Staff Legal RepresentativeInvolved parties
Content Management Knowledge Base
Business Intelligence Performance Management Intelligence Analysis Management Reporting
Information Management Database Master Data Spatial Data Resilience & Availability Security
Social
Communication Layer Data Exchange Service Bus Extract, Transform, Load (ETL)
Siebel Public Sector
WebCenter Portal & ADF Mobile
Master Data Management / Engineered Systems / Security Options
Oracle Business Intelligence / Endeca Information DIscovery
WebCenter Content / Oracle Knowledge
Oracle Policy Automation
Oracle Service Bus / Oracle Data Integrator / Oracle GoldenGate
Incident Mgt
Alerts
Case Mgt
Prosecution
Relationship
Analysis
Lost & Found
Evidence
Offender
Custody
Criminal
Firearms
Legal Instr.
Warrants
Services requiring configuration
Copyright © 2015 Oracle and/or its affiliates. All rights reserved. | 19
@he_koh
linkedin.com/in/hekoh