Grc r35 b

Apr 20, 20150 likes153 views

SelectedPresentations

13,450
1,854
Mail
Mail Pre
Mail Post
?
Total Mail Good Mail
Post Install
Good Mail
Pre Install

37 35
56
85
20
30
40
50
60
70
80
90
1-Dec 1-Jan 1-Feb 1-Mar
2011 2012
ApplicationsProcessed/day
Productivity
Productivity
Installation Point

Borderline
To technical
►
►
Gloom &
doom

Quantify risks
mitigated in $
Tie to
Business
objectives
► Quantify $
saved

This document discusses the challenges facing the IT security industry in an era of increasing cyberwarfare and sophisticated cyberattacks. It outlines the major sources of attacks, including criminals, hacktivists, and government agencies. It also describes the motivations behind attacks, such as financial gain or political sabotage. Additionally, it examines some of the key attributes of cyberweapons like attribution difficulty and the ease of developing attacks. The document analyzes high-profile past attacks and the anatomy of how such targeted strikes are carried out. It also discusses approaches for protecting against sophisticated targeted attacks through technologies, policies, and international cooperation. Finally, it notes how the threats and attackers have evolved over time, posing new challenges for the IT security industry.

Stu r35 aSelectedPresentations

��

Mobile security is important as mobile device usage surpasses desktop usage. Who will be held accountable for security issues depends on who is involved in the mobile ecosystem, including app owners, device builders, network providers, and developers. When choosing a platform strategy, organizations must consider options like native apps, web apps, and hybrid approaches, as well as operating systems, developer support, and application delivery. Mobile apps can be developed in-house, through traditional outsourcers, or boutique mobile development firms. Building secure mobile apps requires following practices like the Software Security Assurance maturity model, which moves organizations from reactive to proactive approaches.

Hta t17SelectedPresentations

��

This document discusses fault injection attacks on secure boot implementations in embedded systems. It begins by explaining how secure boot works, using a hardware root of trust to verify that only authorized code is executed. It then introduces different methods of fault injection, such as voltage manipulation and electromagnetic interference, that can corrupt code verification and execution. Examples are given of how faults could bypass signature checks or modify execution. Countermeasures at both the software and hardware level are outlined to make systems more robust against fault injection. The document concludes that while hardware roots of trust increase security, physical attacks still remain a threat, and both hardware and software countermeasures are needed to protect against fault injection in secure embedded systems.

Spo2 t19 spo2-t19SelectedPresentations

��

This document summarizes an expert talk on advanced malware detection techniques. It discusses how malware exploits constraints on analysis time and memory space to evade detection. Current detection methods are outlined along with ways malware bypass them, such as packing, obfuscation, and anti-analysis techniques. The talk then presents novel detection techniques such as detecting internal data structure modifications, subverting malware attempts to enumerate security processes, tapping browsers to detect obfuscated drive-by downloads, and preemptively subverting analysis machines to detect anti-VM techniques. Future directions discussed include using machine learning to detect internal threats based on behavioral profiles.

Iam f42 aSelectedPresentations

��

OAuth 2.0 is an open standard for authorization that enables apps to securely access APIs on behalf of users. It has become widely adopted for consumer apps but presents challenges for enterprise use cases. The presentation discusses adapting OAuth 2.0 for enterprises by supporting administrative authorization, mobile SSO federation, and server-to-server flows that exchange credentials or assertions for API tokens to enable API federation and password-less access across clouds. Future directions include further standardizing assertion flows and mobile app federation.

Stu r37 bSelectedPresentations

��

1) The document discusses the evolution of software security practices from a focus on network security to more emphasis on developer practices and security integration into the software development lifecycle. 2) It introduces the Building Security In Maturity Model (BSIMM) which measures software security activities and practices at over 50 companies to serve as a benchmark. 3) The BSIMM finds that the top software security activities have shifted over time and the model can be used to compare practices within and across companies to identify areas to improve.

Stu w22 aSelectedPresentations

��

This document discusses virtualization and private cloud risk modeling. It begins by introducing how business and security see virtualization and cloud differently. It then covers virtualization architecture and components, assets in virtual and cloud environments, potential threat agents, undesirable events, and categories of vulnerabilities. The document provides examples of risk scenarios involving administrative, technical, and physical vulnerabilities. It also demonstrates how to create risk statements using a binary risk analysis model and evaluates examples involving virtualization administrators' privileges, identity and access management in cloud services, and missing hypervisor patches. The summary emphasizes the need to assess user interfaces, roles, storage, management interfaces, and network segmentation when analyzing risks in virtualization and cloud environments.

Grc w25 aSelectedPresentations

��

This document discusses why companies fail with compliance initiatives and provides recommendations. It notes that companies sometimes weaken controls to pass audits more easily instead of improving security. It recommends that security teams identify root causes and weaknesses to improve, use testing to find issues audits may miss, manage third-party risks through due diligence and auditing, and involve security in all auditing to map risks and controls. The role of security should be strategic in using audit results to strengthen security overall.

Stu t18 bSelectedPresentations

��

The document discusses lessons that can be learned from the Stuxnet cyber attack for defenders. It outlines various goals of attacks like espionage, damage, and loss of confidence. It then describes different types of soft and hard damage that can be done as well as false flag operations. The document provides suggestions for mapping people, networks, devices, and software that could be targeted. It also discusses concerns from an attacker's perspective and recommendations for defenses like deep network monitoring and maintaining separate network topographies.

Iam r31 a (2)SelectedPresentations

��

This document summarizes key points from a presentation on password security best practices and weaknesses. It discusses how passwords are cracked using tools like hashcat that can generate billions of hashes per second on GPUs. It also explains how practices like complex rules, frequent changes and plaintext storage undermine security. The presentation argues for using long, easy to remember passwords and storing hashed passwords with salts instead of complex rules and frequent changes.

Stu w23 bSelectedPresentations

��

Gunter Ollmann, CTO of IOActive Inc., gave a presentation on building better advanced persistent threat (APT) packages. He discussed how APT groups outsource complex development, use commercial evasion tools, and conduct constant information gathering to map networks and bypass defenses. Breaking the supply chain by substituting physical components can also help evade detection. Most commercial malware techniques are already sufficient for APT groups' needs, without needing riskier zero-day exploits.

Ht r33SelectedPresentations

��

This document discusses cyberattacks against stock exchanges and provides two case studies. The first case study describes a three-day attack against a stock exchange news site, beginning with a UDP flood that caused a four hour outage. On subsequent days, additional mitigation measures were implemented and the attacks were less effective. The second case study examines a 2012 attack against Israeli stock exchanges and banks. It identifies weaknesses in a two-phase security approach and argues for a three-phase approach with an active response team to sustain defense during attacks.

Stu r31 aSelectedPresentations

��

Hum w25 hum-w25SelectedPresentations

��

This document provides guidance on mitigating top human risks through an effective security awareness program. It outlines common misconceptions around awareness and introduces a security awareness maturity model. It then provides details on project planning, including establishing a steering committee, defining the program scope in terms of topics (e.g. phishing, passwords), targets (e.g. employees, IT staff), and approach (e.g. continuous training). It stresses the importance of engagement and offers lessons learned, concluding that basic steps can help secure people by changing behaviors. Free resources are also referenced.

Iam r35 aSelectedPresentations

��

Hta f42SelectedPresentations

��

This document provides an overview of Registry Forensics and the Registry Decoder tool. It discusses how the Windows registry can be used to find evidence of data exfiltration, malware infections, and anti-forensics activities. It demonstrates how Registry Decoder allows automated acquisition, analysis and reporting of registry contents. Examples are given of specific registry keys and values that may indicate these types of activities.

Особенности использования современных СЗИ НСД для обеспечения информационной ...SelectedPresentations

��

VII Уральский форум Информационная безопасность банков ТЕМАТИЧЕСКОЕ ЗАСЕДАНИЕ № 2 Электронное взаимодействие на финансовых рынках Кузнецов Сергей Павлович, коммерческий директор ЦЗИ ООО «Конфидент» Источник: http://ural.ib-bank.ru/materials_2015

Длительное архивное хранение ЭД: правовые аспекты и технологические решенияSelectedPresentations

��

Трансграничное пространство доверия. Доверенная третья сторона.SelectedPresentations

��

Варианты реализации атак через мобильные устройстваSelectedPresentations

��

Новые технологические возможности и безопасность мобильных решенийSelectedPresentations

��

Управление безопасностью мобильных устройствSelectedPresentations

��

Современные технологии контроля и защиты мобильных устройств, тенденции рынка...SelectedPresentations

��

Кадровое агентство отрасли информационной безопасностиSelectedPresentations

��

Основное содержание профессионального стандарта «Специалист по безопасности и...SelectedPresentations

��

Основное содержание профессионального стандарта «Специалист по безопасности а...SelectedPresentations

��

Основное содержание профессионального стандарта «Специалист по технической за...SelectedPresentations

��

Основное содержание профессионального стандарта «Специалист по безопасности т...SelectedPresentations

��

О профессиональных стандартах по группе занятий (профессий) «Специалисты в об...SelectedPresentations

��

Запись активности пользователей с интеллектуальным анализом данныхSelectedPresentations

��

More Related Content

Viewers also liked (9)

Stu t18 bSelectedPresentations

��

Iam r31 a (2)SelectedPresentations

��

Stu w23 bSelectedPresentations

��

Ht r33SelectedPresentations

��

Stu r31 aSelectedPresentations

��

Hum w25 hum-w25SelectedPresentations

��

Iam r35 aSelectedPresentations

��

Hta f42SelectedPresentations

��

Особенности использования современных СЗИ НСД для обеспечения информационной ...SelectedPresentations

��

Stu t18 bSelectedPresentations

��

Iam r31 a (2)SelectedPresentations

��

Stu w23 bSelectedPresentations

��

Ht r33SelectedPresentations

��

Stu r31 aSelectedPresentations

��

Hum w25 hum-w25SelectedPresentations

��

Iam r35 aSelectedPresentations

��

Hta f42SelectedPresentations

��

Особенности использования современных СЗИ НСД для обеспечения информационной ...SelectedPresentations

��

More from SelectedPresentations (20)

Длительное архивное хранение ЭД: правовые аспекты и технологические решенияSelectedPresentations

��

Трансграничное пространство доверия. Доверенная третья сторона.SelectedPresentations

��

Варианты реализации атак через мобильные устройстваSelectedPresentations

��

Новые технологические возможности и безопасность мобильных решенийSelectedPresentations

��

Управление безопасностью мобильных устройствSelectedPresentations

��

Современные технологии контроля и защиты мобильных устройств, тенденции рынка...SelectedPresentations

��

Кадровое агентство отрасли информационной безопасностиSelectedPresentations

��

Основное содержание профессионального стандарта «Специалист по безопасности и...SelectedPresentations

��

Основное содержание профессионального стандарта «Специалист по безопасности а...SelectedPresentations

��

Основное содержание профессионального стандарта «Специалист по технической за...SelectedPresentations

��

Основное содержание профессионального стандарта «Специалист по безопасности т...SelectedPresentations

��

О профессиональных стандартах по группе занятий (профессий) «Специалисты в об...SelectedPresentations

��

Запись активности пользователей с интеллектуальным анализом данныхSelectedPresentations

��

Импортозамещение в системах ИБ банков. Практические аспекты перехода на росси...SelectedPresentations

��

Обеспечение защиты информации на стадиях жизненного цикла ИСSelectedPresentations

��

Документ, как средство защиты: ОРД как основа обеспечения ИБSelectedPresentations

��

Чего не хватает в современных ids для защиты банковских приложенийSelectedPresentations

��

Об участии МОО «АЗИ» в разработке профессиональных стандартов в области инфор...SelectedPresentations

��

Оценка состояния, меры формирования индустрии информационной безопасности Рос...SelectedPresentations

��

Об угрозах информационной безопасности, актуальных для разработчика СЗИSelectedPresentations

��

Длительное архивное хранение ЭД: правовые аспекты и технологические решенияSelectedPresentations

��

Трансграничное пространство доверия. Доверенная третья сторона.SelectedPresentations

��

Варианты реализации атак через мобильные устройстваSelectedPresentations

��

Новые технологические возможности и безопасность мобильных решенийSelectedPresentations

��

Управление безопасностью мобильных устройствSelectedPresentations

��

Современные технологии контроля и защиты мобильных устройств, тенденции рынка...SelectedPresentations

��

Кадровое агентство отрасли информационной безопасностиSelectedPresentations

��

Основное содержание профессионального стандарта «Специалист по безопасности и...SelectedPresentations

��

Основное содержание профессионального стандарта «Специалист по безопасности а...SelectedPresentations

��

Основное содержание профессионального стандарта «Специалист по технической за...SelectedPresentations

��

Основное содержание профессионального стандарта «Специалист по безопасности т...SelectedPresentations

��

О профессиональных стандартах по группе занятий (профессий) «Специалисты в об...SelectedPresentations

��

Запись активности пользователей с интеллектуальным анализом данныхSelectedPresentations

��

Импортозамещение в системах ИБ банков. Практические аспекты перехода на росси...SelectedPresentations

��

Обеспечение защиты информации на стадиях жизненного цикла ИСSelectedPresentations

��

Документ, как средство защиты: ОРД как основа обеспечения ИБSelectedPresentations

��

Чего не хватает в современных ids для защиты банковских приложенийSelectedPresentations

��

Об участии МОО «АЗИ» в разработке профессиональных стандартов в области инфор...SelectedPresentations

��

Оценка состояния, меры формирования индустрии информационной безопасности Рос...SelectedPresentations

��

Об угрозах информационной безопасности, актуальных для разработчика СЗИSelectedPresentations

��

Grc r35 b

1. Session ID: Session Classification:

9. 13,450 1,854 Mail Mail Pre Mail Post ? Total Mail Good Mail Post Install Good Mail Pre Install

10. 37 35 56 85 20 30 40 50 60 70 80 90 1-Dec 1-Jan 1-Feb 1-Mar 2011 2012 ApplicationsProcessed/day Productivity Productivity Installation Point

11. ► ► ► ► ► ► ► ► ► ► ►

12. ► ► ► ► ► ► ► ►

15. ► ►

16. ► ► ► ►

17. Borderline To technical ► ► Gloom & doom

18. Quantify risks mitigated in $ Tie to Business objectives ► Quantify $ saved

�ݺ�ߣ

Grc r35 b

Recommended

More Related Content

Viewers also liked (9)

More from SelectedPresentations (20)

Grc r35 b