Top 10 Security challenges Presented at the Experts Business Continuity Conference in Manama Bahrain, presented by Jorge Sebastiao for eSgulf

1. Top 10 Security Challenges/Issues 2006 Jorge Sebastião Founder and CEO [email_address] www.esgulf.com

2. Can if face the Challenge?

6. Phishing Stats

7. Phishing 101

8. Security & people is a complex processes Is doesn’t matter how strong you build a fortress there’s always a way around

15. Control Areas

17. Summary of Changes

18. Basel 2 - Time Table

20. Vulnerability/Exploit Life Cycle

22. Continuous Vulnerability Testing

25. Overview Audit

27. Change Management

28. Release Management

31. Patch Management Requires Processes People Technology Products, tools, and automation Consistent and Repeatable Skills, roles, and responsibilities

32. Patch Management Process 1. Assess Environment Tasks A. Baseline of systems B. Assess architecture C. Review configuration D. Discovery and Inventory 1. Assess 2. Identify 4. Deploy 3. Plan 2. Identify Patches Tasks A. Identify new patches B. Patch relevance C. Verify authenticity & integrity 3. Plan Patch Deployment Tasks A. Approval to deploy patch B. Risk assessment C. Plan release process D. Acceptance testing 4. Deploy Tasks A. Distribute & install patch B. Report on progress C. Handle exceptions D. Review deployment

34. Lack of effective Monitoring “… Close to 30% of companies indicated they would not be aware that their core business information had been altered until 12 to 24 hours later and roughly 30% would not be aware of a compromise for more than 2 days .” Source: CIO Magazine

35. Effective Monitoring requires Integrated Process Organization IT SOC SOC Logging 1. Integrated Log File 5. Respond 2. Encrypted Log Data 3. Analysis 6. (Ongoing) Vulnerability Test Pen Test Patching Incidence Response Knowledge 4. Alerting

36. Security Event Must be Correlated

38. Incidence Response Incident Response Analyse Contain Eliminate Restore Lessons Policy Refine Policy Continuous Monitoring T-1 T 0 T 1 T 1 T 3 T 4 T N Communicate

40. Incidence Response Workflow Event Correlation Event Database Security Analyst Incident Alert Form HelpDesk DATABASE Automatic Incident Alert Generation Security Analyst

41. Incident Response Lifecycle New Incident Reported by Analyst Reported by Customer Detected by Event Correlation Helpdesk DATABASE Tracking Number IR0012885 Tracking Number Assigned Progression Through Different Stages/States Security Analyst  Automatic Notification/Escalation

45. Do you have an integrated risk mgmt plan?

47. Business Continuity Management EMERGENCY MANAGEMENT IT DISASTER RECOVERY FACILITIES MANAGEMENT HUMAN RESOURCES PHYSICAL SECURITY COMMUNICATIONS & PR KNOWLEDGE MANAGEMENT SUPPLY CHAIN MANAGEMENT BCM Scope – provides a Unifying Process QUALITY MANAGEMENT CRISIS MANAGEMENT RISK MANAGEMENT ENVIRONMENTAL MANAGEMENT Source: BSI PAS56

48. Assessment Executive Review Source :Dr David J Smith 2002

49. Mobile Response to Disaster

51. The « defence in depth »

52. Questions?