Upload
ajay-porus
View
543
Download
2
Embed Size (px)
Citation preview
innovateinfosec.com
Why Information Security is becoming the most important for
Mid-size Business to Large size BusinessAjay Porus
Director & Principal Consultant Innovate InfoSecCISA, ITIL, ISO27001, CPISI, RSA certified Analyst, CCNA Security,
Qualysguard certified specialistDigital forensics & Cyber crime expert- US DOD Cyber crime center
innovateinfosec.com Disclaimer• Information used to create the training has been
taken from various sources and books. Credit for the information remains with the original authors and registered brands and trademarks belongs to their legitimate owners and does not violate any of Licenses and intellectual property rights
• This training material either in hard or soft forms contains my personal opinion and has nothing to do with my any current or past employers.
innovateinfosec.com My Profile
• I am an Information Security and technology Enthusiast.
• I do Consulting and training – A startup – Innovate InfoSec Pvt. Ltd.
• More Than 15 certification in Information security, cyber Security, Risk & Compliance
• Publications: Cloud Computing and its Security Benefits – Enterprise IT Security Magazine
Senior Cyber Leadership - Why a Technically Competent Cyber Workforce is Not Enough – Cyber Security Forum Initiative (CSFI) • Volunteer work: Honeynet Project India• Cloud Security Alliance – Founder
Hyderabad Chapter
innovateinfosec.com Agenda• Security industry history• Arrival of Information age & associated risks• Today’s world of information• Major attacks on corporates and aftermaths• Current Threat landscape Risk assessment• Major Issues• What we do?
innovateinfosec.com
innovateinfosec.com
innovateinfosec.com
innovateinfosec.com
innovateinfosec.com
innovateinfosec.com
innovateinfosec.com
innovateinfosec.com
innovateinfosec.com
Perfect Storm Approaching Welcome 2015
• Major victims countries in 2015
innovateinfosec.com Incident Vs Breaches
innovateinfosec.com Threat Actions
innovateinfosec.com Br
each
Disc
over
y
innovateinfosec.com
Threat Actors
innovateinfosec.com
Reasons of Successful Attacks
• Technical Vulnerabilities: Web App vulnerabilities Network Vulnerabilities OS Vulnerabilities Configuration Vulnerabilities Architectural Vulnerabilities Missed patches Miscellaneous Vulnerabilities
• Process Vulnerabilities No or Lack of Information Security Awareness Non Skilled Workforce Non-Standardization & Lack of well written Documentation Human Psychology Unorganized & unethical Organization culture Improper or no implementation of Security Controls Lack of Employee Satisfaction
innovateinfosec.com
What you Loose in a Breach
innovateinfosec.com InfoSec Industry Land Scape
Partners
innovateinfosec.com Solutions
innovateinfosec.com IIS Service Portfolio
• Information Security Architecture Assessment and Assurance Service
• Application Security Services• Data Security Services• Identity & Access Management Services• Network Security• Cloud Security• Security Reviews Services• Sustenance Services for Security Compliance• Physical Security
innovateinfosec.com IIS Service Portfolio
• Cyber Hygiene Services• Due Diligence Services• Digital Forensics & Investigation Services• Offensive Services: For Law Enforcement Only• Training Services• Web App & Mobile App development• Managed Security Services
innovateinfosec.com