SlideShare ist ein Scribd-Unternehmen logo

hackers vs suits

Als PPTX, PDF herunterladen
Chris Hammond-Thrasher
Chris Hammond-Thrasher

My half of a tag team presentation for the Edmonton, Alberta, Canada ISACA chapter with renderman (http://www.renderlab.net), dealing with what is wrong with information security today. I, of course, was the suit. It looks like SlideShare bungled some of my slides. Click the download link to get the PowerPoint version.

TechnologieBildung
1 von 18
hackers vs suits what's wrong with security today?
agenda the suit the hacker questions?
the suit http://www.flickr.com/photos/23912576@N05/
experimen t “playing card data loss”
T1: Sleight of hand T4: The pair is together C1: Don't let the attacker handle C4: Deal into two piles the cards T5: If the location of one card is T2: Marked cards known in one pack, the other card C2: Keep the attacker at a will be in a similar location in the distance where he cannot see other pack small marks C5: Mix both packs T3: The approximate location of the pair is known C3: Cut deck while attacker is not looking countermeasure
T1: Sleight of hand C1: Don't let the attacker handle the cards T2: Marked cards C2: Keep the attacker at a distance where he cannot see small marks T3: The approximate location of the pair is known C3: Cut deck while attacker is not looking T4: The pair is together C4: Deal into two piles T5: If the location of one card is known in one pack, the other card will be in a similar location in the other pack C5: Mix both packs Model Source: taosecurity.blogspot.com
an experimen (unfortunately) t
3 March 2011: A brief phishing attack began which targeted RSA staff with no unusual privileges 6 April 2011, US defense contractors Lockheed Martin and L- 3 had been attacked via cloned RSA SecurIDs 6 June 2011, RSA partially admitted that something bad had happened in March and offered to replace current customers' SecurIDs at no cost Sources • http://www.wired.com/threatlevel/2011/08/how-rsa-got-hacked/ • http://blogs.rsa.com/rivner/anatomy-of-an-attack/ • http://www.wired.com/threatlevel/2011/06/rsa-replaces-securid-tokens/ • http://www.wired.com/threatlevel/2011/05/l-3/ • http://www.rsa.com/node.aspx?id=3891
T1: Direct attacks from Internet T4: Malicious activity may go C1: State of the art perimeter unnoticed defenses C4: State of the art monitoring T2: User authentication attacks T5: Sensitive data could exit the against Internet exposed services network C2: State of the art authentication C5: State of the art data loss controls prevention (DLP) technology T3: Malware T6: Social engineering C3: State of the art end-point C6: State of the art security controls awareness program countermeasure
T1: Direct attacks from Internet C1: State of the art perimeter defenses T2: User authentication attacks against Internet exposed services C2: State of the art authentication controls T3: Malware C3: State of the art end-point controls T4: Malicious activity may go unnoticed C4: State of the art monitoring T5: Sensitive data could exit the network C5: State of the art data loss prevention (DLP) technology T6: Social engineering C6: State of the art security awareness program Model Source: taosecurity.blogspot.com
http://blogs.rsa.com/rivner/anatomy-of-an- “Recently the UK payment council announced that in 2010 online banking fraud declined 22%, despite phishing levels increasing 21%. This is turning the tide. It took the financial sector 7 years to build a new defense doctrine against social engineering attacks like Phishing and Trojans. I was part of this gargantuan effort, and I think we’ve learned a thing or two that can help us build a new defense doctrine against APTs much faster. Already we’re learning fast, and every organization hit by an APT is much more prepared against the next one; I’m confident it will take us far less than 7 years to say we’ve turned the tide on APTs.”
good idea but...
new threats our current approach Identifying and cataloging new threats Standardizing countermeasures Adding these to vendor product lines When will we see the first APT-no-more product from a major vendor? Entrenching into the standards canon
All too often we only change our defensive doctrine when: • We get hit badly • Compliance standards change • When new products become available • When the new fiscal cycle starts The attackers we face change their offensive doctrine much more frequently we are too slow to adapt
John Boyd (1927-1997) a.k.a Forty Second Boyd .: Genghis John The Mad Major The Ghetto Colonel Photo credit: Wikipedia
The adversaries that we are defending against are continually producing Boyd novelty (there will be something else after APT) “Now, in order to thrive and novelt on grow in such a world we must match our thinking and doing, hence our orientation, with that y emerging novelty” Winning in inherently dynamic environments involves running through flexible decision making cycles faster than your
All major advances in science and engineering were born of the you are realization that current models - here or orientations, in Boyd's terms - were mismatched with reality our challenge How can we gain the ability to traverse the observe, orient, decide, act cycle as rapidly or more rapidly than our opponents? a possible answer? We need to change our information security doctrine from compliance and product-centred to innovation and human-centred
Chris Hammond-Thrasher CISSP Associate Director, Consulting Security, Privacy and Compliance Founder, Fujitsu Edmonton Security Lab FUJITSU CANADA chris.hammond-thrasher@ca.fujitsu.com 7809178426

Empfohlen

Spiritualists, magicians and security vendors
Spiritualists, magicians and security vendorsSpiritualists, magicians and security vendors
Spiritualists, magicians and security vendorsChris Hammond-Thrasher
 
Public Private Partnership - Combating CyberCrime
Public Private Partnership - Combating CyberCrime Public Private Partnership - Combating CyberCrime
Public Private Partnership - Combating CyberCrime c0c0n - International Cyber Security and Policing Conference
 
Network Insights of Dyre and Dridex Trojan Bankers
Network Insights of Dyre and Dridex Trojan BankersNetwork Insights of Dyre and Dridex Trojan Bankers
Network Insights of Dyre and Dridex Trojan BankersBlueliv
 
Hunting for cyber threats targeting weapon systems
Hunting for cyber threats targeting weapon systemsHunting for cyber threats targeting weapon systems
Hunting for cyber threats targeting weapon systemsFidelis Cybersecurity
 
Manifesto_final
Manifesto_finalManifesto_final
Manifesto_finalSarah Jarvis
 
HES2011 - Raould Chiesa - Hackers Cybercriminals from Wargames to the Undergr...
HES2011 - Raould Chiesa - Hackers Cybercriminals from Wargames to the Undergr...HES2011 - Raould Chiesa - Hackers Cybercriminals from Wargames to the Undergr...
HES2011 - Raould Chiesa - Hackers Cybercriminals from Wargames to the Undergr...Hackito Ergo Sum
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber CrimeSumit Dutta
 
Understing the mirai botnet and the impact on iot security
Understing the mirai botnet and the impact on iot securityUndersting the mirai botnet and the impact on iot security
Understing the mirai botnet and the impact on iot securitySaeidGhasemshirazi
 

Empfohlen

Spiritualists, magicians and security vendors
Spiritualists, magicians and security vendorsSpiritualists, magicians and security vendors
Spiritualists, magicians and security vendorsChris Hammond-Thrasher
 
Public Private Partnership - Combating CyberCrime
Public Private Partnership - Combating CyberCrime Public Private Partnership - Combating CyberCrime
Public Private Partnership - Combating CyberCrime c0c0n - International Cyber Security and Policing Conference
 
Network Insights of Dyre and Dridex Trojan Bankers
Network Insights of Dyre and Dridex Trojan BankersNetwork Insights of Dyre and Dridex Trojan Bankers
Network Insights of Dyre and Dridex Trojan BankersBlueliv
 
Hunting for cyber threats targeting weapon systems
Hunting for cyber threats targeting weapon systemsHunting for cyber threats targeting weapon systems
Hunting for cyber threats targeting weapon systemsFidelis Cybersecurity
 
Manifesto_final
Manifesto_finalManifesto_final
Manifesto_finalSarah Jarvis
 
HES2011 - Raould Chiesa - Hackers Cybercriminals from Wargames to the Undergr...
HES2011 - Raould Chiesa - Hackers Cybercriminals from Wargames to the Undergr...HES2011 - Raould Chiesa - Hackers Cybercriminals from Wargames to the Undergr...
HES2011 - Raould Chiesa - Hackers Cybercriminals from Wargames to the Undergr...Hackito Ergo Sum
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber CrimeSumit Dutta
 
Understing the mirai botnet and the impact on iot security
Understing the mirai botnet and the impact on iot securityUndersting the mirai botnet and the impact on iot security
Understing the mirai botnet and the impact on iot securitySaeidGhasemshirazi
 
Cyberterrorism
CyberterrorismCyberterrorism
CyberterrorismMichael Wynn
 
CompTIA Security+ SY0-601 Domain 1
CompTIA Security+ SY0-601 Domain 1CompTIA Security+ SY0-601 Domain 1
CompTIA Security+ SY0-601 Domain 1ShivamSharma909
 
Deep Dive to Understanding the Mirai Botnet
Deep Dive to Understanding the Mirai BotnetDeep Dive to Understanding the Mirai Botnet
Deep Dive to Understanding the Mirai BotnetSaeidGhasemshirazi
 
Raoul chiesa - Auditing the hacker mind - da wargames a underground economy
Raoul chiesa - Auditing the hacker mind - da wargames a underground economyRaoul chiesa - Auditing the hacker mind - da wargames a underground economy
Raoul chiesa - Auditing the hacker mind - da wargames a underground economyCRS4 Research Center in Sardinia
 
Start here! Deconstructing the Blockchain Ecosystem
Start here! Deconstructing the Blockchain EcosystemStart here! Deconstructing the Blockchain Ecosystem
Start here! Deconstructing the Blockchain EcosystemErik Trautman
 
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docxalinainglis
 
CYBER AWARENESS
CYBER AWARENESSCYBER AWARENESS
CYBER AWARENESSEDUJIE DOMINIC IGHODALO
 
Cyber War ( World War 3 )
Cyber War ( World War 3 )Cyber War ( World War 3 )
Cyber War ( World War 3 )Sameer Paradia
 
The Internet is on fire – don't just stand there, grab a bucket!
The Internet is on fire – don't just stand there, grab a bucket!The Internet is on fire – don't just stand there, grab a bucket!
The Internet is on fire – don't just stand there, grab a bucket!Frode Hommedal
 
Pay attention to that man behind the curtain: Current state of Hacking Back
Pay attention to that man behind the curtain: Current state of Hacking BackPay attention to that man behind the curtain: Current state of Hacking Back
Pay attention to that man behind the curtain: Current state of Hacking Backx0rz x0rz
 
IoT, Security & the Path to a Solution
IoT, Security & the Path to a SolutionIoT, Security & the Path to a Solution
IoT, Security & the Path to a SolutionDr Laurent Guiraud
 
A Manifesto for Cyber Resilience
A Manifesto for Cyber ResilienceA Manifesto for Cyber Resilience
A Manifesto for Cyber ResilienceSymantec
 
Eset trends report_2018
Eset trends report_2018Eset trends report_2018
Eset trends report_2018malvvv
 
Cybersecurity Trends 2018: The costs of connection
Cybersecurity Trends 2018: The costs of connectionCybersecurity Trends 2018: The costs of connection
Cybersecurity Trends 2018: The costs of connectionESET Middle East
 
Why_TG
Why_TGWhy_TG
Why_TGTOP GUN
 
Darktrace enterprise immune system whitepaper_digital
Darktrace enterprise immune system whitepaper_digitalDarktrace enterprise immune system whitepaper_digital
Darktrace enterprise immune system whitepaper_digitalCMR WORLD TECH
 
Countering the Advanced Persistent Threat Challenge with Deep Discovery
Countering the Advanced Persistent Threat Challenge with Deep DiscoveryCountering the Advanced Persistent Threat Challenge with Deep Discovery
Countering the Advanced Persistent Threat Challenge with Deep DiscoveryTrend Micro
 
Module 1- Introduction to Cybercrime.pptx
Module 1- Introduction to Cybercrime.pptxModule 1- Introduction to Cybercrime.pptx
Module 1- Introduction to Cybercrime.pptxnikshaikh786
 
1. What are computer viruses Worms Describe the main effects of on.docx
1. What are computer viruses Worms Describe the main effects of on.docx1. What are computer viruses Worms Describe the main effects of on.docx
1. What are computer viruses Worms Describe the main effects of on.docxcarlstromcurtis
 
Darktrace_WhitePaper_EnterpriseImmuneSystem
Darktrace_WhitePaper_EnterpriseImmuneSystemDarktrace_WhitePaper_EnterpriseImmuneSystem
Darktrace_WhitePaper_EnterpriseImmuneSystemAustin Eppstein
 
Alice and bob: Love & the most important crypto on the net
Alice and bob: Love & the most important crypto on the netAlice and bob: Love & the most important crypto on the net
Alice and bob: Love & the most important crypto on the netChris Hammond-Thrasher
 
Six health privacy experiments that should *NEVER* be caried out
Six health privacy experiments that should *NEVER* be caried outSix health privacy experiments that should *NEVER* be caried out
Six health privacy experiments that should *NEVER* be caried outChris Hammond-Thrasher
 

Weitere ähnliche Inhalte

Ähnlich wie hackers vs suits

CompTIA Security+ SY0-601 Domain 1
CompTIA Security+ SY0-601 Domain 1CompTIA Security+ SY0-601 Domain 1
CompTIA Security+ SY0-601 Domain 1ShivamSharma909
 
Deep Dive to Understanding the Mirai Botnet
Deep Dive to Understanding the Mirai BotnetDeep Dive to Understanding the Mirai Botnet
Deep Dive to Understanding the Mirai BotnetSaeidGhasemshirazi
 
Raoul chiesa - Auditing the hacker mind - da wargames a underground economy
Raoul chiesa - Auditing the hacker mind - da wargames a underground economyRaoul chiesa - Auditing the hacker mind - da wargames a underground economy
Raoul chiesa - Auditing the hacker mind - da wargames a underground economyCRS4 Research Center in Sardinia
 
Start here! Deconstructing the Blockchain Ecosystem
Start here! Deconstructing the Blockchain EcosystemStart here! Deconstructing the Blockchain Ecosystem
Start here! Deconstructing the Blockchain EcosystemErik Trautman
 
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docxalinainglis
 
Cyber War ( World War 3 )
Cyber War ( World War 3 )Cyber War ( World War 3 )
Cyber War ( World War 3 )Sameer Paradia
 
The Internet is on fire – don't just stand there, grab a bucket!
The Internet is on fire – don't just stand there, grab a bucket!The Internet is on fire – don't just stand there, grab a bucket!
The Internet is on fire – don't just stand there, grab a bucket!Frode Hommedal
 
Pay attention to that man behind the curtain: Current state of Hacking Back
Pay attention to that man behind the curtain: Current state of Hacking BackPay attention to that man behind the curtain: Current state of Hacking Back
Pay attention to that man behind the curtain: Current state of Hacking Backx0rz x0rz
 
IoT, Security & the Path to a Solution
IoT, Security & the Path to a SolutionIoT, Security & the Path to a Solution
IoT, Security & the Path to a SolutionDr Laurent Guiraud
 
A Manifesto for Cyber Resilience
A Manifesto for Cyber ResilienceA Manifesto for Cyber Resilience
A Manifesto for Cyber ResilienceSymantec
 
Eset trends report_2018
Eset trends report_2018Eset trends report_2018
Eset trends report_2018malvvv
 
Cybersecurity Trends 2018: The costs of connection
Cybersecurity Trends 2018: The costs of connectionCybersecurity Trends 2018: The costs of connection
Cybersecurity Trends 2018: The costs of connectionESET Middle East
 
Darktrace enterprise immune system whitepaper_digital
Darktrace enterprise immune system whitepaper_digitalDarktrace enterprise immune system whitepaper_digital
Darktrace enterprise immune system whitepaper_digitalCMR WORLD TECH
 
Countering the Advanced Persistent Threat Challenge with Deep Discovery
Countering the Advanced Persistent Threat Challenge with Deep DiscoveryCountering the Advanced Persistent Threat Challenge with Deep Discovery
Countering the Advanced Persistent Threat Challenge with Deep DiscoveryTrend Micro
 
Module 1- Introduction to Cybercrime.pptx
Module 1- Introduction to Cybercrime.pptxModule 1- Introduction to Cybercrime.pptx
Module 1- Introduction to Cybercrime.pptxnikshaikh786
 
1. What are computer viruses Worms Describe the main effects of on.docx
1. What are computer viruses Worms Describe the main effects of on.docx1. What are computer viruses Worms Describe the main effects of on.docx
1. What are computer viruses Worms Describe the main effects of on.docxcarlstromcurtis
 
Darktrace_WhitePaper_EnterpriseImmuneSystem
Darktrace_WhitePaper_EnterpriseImmuneSystemDarktrace_WhitePaper_EnterpriseImmuneSystem
Darktrace_WhitePaper_EnterpriseImmuneSystemAustin Eppstein
 

Ähnlich wie hackers vs suits (20)

Cyberterrorism
CyberterrorismCyberterrorism
Cyberterrorism
 
CompTIA Security+ SY0-601 Domain 1
CompTIA Security+ SY0-601 Domain 1CompTIA Security+ SY0-601 Domain 1
CompTIA Security+ SY0-601 Domain 1
 
Deep Dive to Understanding the Mirai Botnet
Deep Dive to Understanding the Mirai BotnetDeep Dive to Understanding the Mirai Botnet
Deep Dive to Understanding the Mirai Botnet
 
Raoul chiesa - Auditing the hacker mind - da wargames a underground economy
Raoul chiesa - Auditing the hacker mind - da wargames a underground economyRaoul chiesa - Auditing the hacker mind - da wargames a underground economy
Raoul chiesa - Auditing the hacker mind - da wargames a underground economy
 
Start here! Deconstructing the Blockchain Ecosystem
Start here! Deconstructing the Blockchain EcosystemStart here! Deconstructing the Blockchain Ecosystem
Start here! Deconstructing the Blockchain Ecosystem
 
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx
 
CYBER AWARENESS
CYBER AWARENESSCYBER AWARENESS
CYBER AWARENESS
 
Cyber War ( World War 3 )
Cyber War ( World War 3 )Cyber War ( World War 3 )
Cyber War ( World War 3 )
 
The Internet is on fire – don't just stand there, grab a bucket!
The Internet is on fire – don't just stand there, grab a bucket!The Internet is on fire – don't just stand there, grab a bucket!
The Internet is on fire – don't just stand there, grab a bucket!
 
Pay attention to that man behind the curtain: Current state of Hacking Back
Pay attention to that man behind the curtain: Current state of Hacking BackPay attention to that man behind the curtain: Current state of Hacking Back
Pay attention to that man behind the curtain: Current state of Hacking Back
 
IoT, Security & the Path to a Solution
IoT, Security & the Path to a SolutionIoT, Security & the Path to a Solution
IoT, Security & the Path to a Solution
 
A Manifesto for Cyber Resilience
A Manifesto for Cyber ResilienceA Manifesto for Cyber Resilience
A Manifesto for Cyber Resilience
 
Eset trends report_2018
Eset trends report_2018Eset trends report_2018
Eset trends report_2018
 
Cybersecurity Trends 2018: The costs of connection
Cybersecurity Trends 2018: The costs of connectionCybersecurity Trends 2018: The costs of connection
Cybersecurity Trends 2018: The costs of connection
 
Why_TG
Why_TGWhy_TG
Why_TG
 
Darktrace enterprise immune system whitepaper_digital
Darktrace enterprise immune system whitepaper_digitalDarktrace enterprise immune system whitepaper_digital
Darktrace enterprise immune system whitepaper_digital
 
Countering the Advanced Persistent Threat Challenge with Deep Discovery
Countering the Advanced Persistent Threat Challenge with Deep DiscoveryCountering the Advanced Persistent Threat Challenge with Deep Discovery
Countering the Advanced Persistent Threat Challenge with Deep Discovery
 
Module 1- Introduction to Cybercrime.pptx
Module 1- Introduction to Cybercrime.pptxModule 1- Introduction to Cybercrime.pptx
Module 1- Introduction to Cybercrime.pptx
 
1. What are computer viruses Worms Describe the main effects of on.docx
1. What are computer viruses Worms Describe the main effects of on.docx1. What are computer viruses Worms Describe the main effects of on.docx
1. What are computer viruses Worms Describe the main effects of on.docx
 
Darktrace_WhitePaper_EnterpriseImmuneSystem
Darktrace_WhitePaper_EnterpriseImmuneSystemDarktrace_WhitePaper_EnterpriseImmuneSystem
Darktrace_WhitePaper_EnterpriseImmuneSystem
 

Mehr von Chris Hammond-Thrasher

Alice and bob: Love & the most important crypto on the net
Alice and bob: Love & the most important crypto on the netAlice and bob: Love & the most important crypto on the net
Alice and bob: Love & the most important crypto on the netChris Hammond-Thrasher
 
Six health privacy experiments that should *NEVER* be caried out
Six health privacy experiments that should *NEVER* be caried outSix health privacy experiments that should *NEVER* be caried out
Six health privacy experiments that should *NEVER* be caried outChris Hammond-Thrasher
 
Hacker tooltalk: Social Engineering Toolkit (SET)
Hacker tooltalk: Social Engineering Toolkit (SET)Hacker tooltalk: Social Engineering Toolkit (SET)
Hacker tooltalk: Social Engineering Toolkit (SET)Chris Hammond-Thrasher
 

Mehr von Chris Hammond-Thrasher (12)

Alice and bob: Love & the most important crypto on the net
Alice and bob: Love & the most important crypto on the netAlice and bob: Love & the most important crypto on the net
Alice and bob: Love & the most important crypto on the net
 
Six health privacy experiments that should *NEVER* be caried out
Six health privacy experiments that should *NEVER* be caried outSix health privacy experiments that should *NEVER* be caried out
Six health privacy experiments that should *NEVER* be caried out
 
Introduction to Green IT
Introduction to Green ITIntroduction to Green IT
Introduction to Green IT
 
Hacker tooltalk: Social Engineering Toolkit (SET)
Hacker tooltalk: Social Engineering Toolkit (SET)Hacker tooltalk: Social Engineering Toolkit (SET)
Hacker tooltalk: Social Engineering Toolkit (SET)
 
Hacker tool talk: kismet
Hacker tool talk: kismetHacker tool talk: kismet
Hacker tool talk: kismet
 
Hacker tool talk: maltego
Hacker tool talk: maltegoHacker tool talk: maltego
Hacker tool talk: maltego
 
Hacker tool talk: kismet
Hacker tool talk: kismetHacker tool talk: kismet
Hacker tool talk: kismet
 
Open Source Library Software
Open Source Library SoftwareOpen Source Library Software
Open Source Library Software
 
Infosec Workshop - PacINET 2007
Infosec Workshop - PacINET 2007Infosec Workshop - PacINET 2007
Infosec Workshop - PacINET 2007
 
Popular GIS: a webliography
Popular GIS: a webliographyPopular GIS: a webliography
Popular GIS: a webliography
 
Popular GIS
Popular GISPopular GIS
Popular GIS
 
How hackers do it
How hackers do itHow hackers do it
How hackers do it
 

Kürzlich hochgeladen

Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 

Kürzlich hochgeladen (20)

Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 

hackers vs suits

  • 1. hackers vs suits what's wrong with security today?
  • 2. agenda the suit the hacker questions?
  • 3. the suit http://www.flickr.com/photos/23912576@N05/
  • 4. experimen t “playing card data loss”
  • 5. T1: Sleight of hand T4: The pair is together C1: Don't let the attacker handle C4: Deal into two piles the cards T5: If the location of one card is T2: Marked cards known in one pack, the other card C2: Keep the attacker at a will be in a similar location in the distance where he cannot see other pack small marks C5: Mix both packs T3: The approximate location of the pair is known C3: Cut deck while attacker is not looking countermeasure
  • 6. T1: Sleight of hand C1: Don't let the attacker handle the cards T2: Marked cards C2: Keep the attacker at a distance where he cannot see small marks T3: The approximate location of the pair is known C3: Cut deck while attacker is not looking T4: The pair is together C4: Deal into two piles T5: If the location of one card is known in one pack, the other card will be in a similar location in the other pack C5: Mix both packs Model Source: taosecurity.blogspot.com
  • 8. 3 March 2011: A brief phishing attack began which targeted RSA staff with no unusual privileges 6 April 2011, US defense contractors Lockheed Martin and L- 3 had been attacked via cloned RSA SecurIDs 6 June 2011, RSA partially admitted that something bad had happened in March and offered to replace current customers' SecurIDs at no cost Sources • http://www.wired.com/threatlevel/2011/08/how-rsa-got-hacked/ • http://blogs.rsa.com/rivner/anatomy-of-an-attack/ • http://www.wired.com/threatlevel/2011/06/rsa-replaces-securid-tokens/ • http://www.wired.com/threatlevel/2011/05/l-3/ • http://www.rsa.com/node.aspx?id=3891
  • 9. T1: Direct attacks from Internet T4: Malicious activity may go C1: State of the art perimeter unnoticed defenses C4: State of the art monitoring T2: User authentication attacks T5: Sensitive data could exit the against Internet exposed services network C2: State of the art authentication C5: State of the art data loss controls prevention (DLP) technology T3: Malware T6: Social engineering C3: State of the art end-point C6: State of the art security controls awareness program countermeasure
  • 10. T1: Direct attacks from Internet C1: State of the art perimeter defenses T2: User authentication attacks against Internet exposed services C2: State of the art authentication controls T3: Malware C3: State of the art end-point controls T4: Malicious activity may go unnoticed C4: State of the art monitoring T5: Sensitive data could exit the network C5: State of the art data loss prevention (DLP) technology T6: Social engineering C6: State of the art security awareness program Model Source: taosecurity.blogspot.com
  • 11. http://blogs.rsa.com/rivner/anatomy-of-an- “Recently the UK payment council announced that in 2010 online banking fraud declined 22%, despite phishing levels increasing 21%. This is turning the tide. It took the financial sector 7 years to build a new defense doctrine against social engineering attacks like Phishing and Trojans. I was part of this gargantuan effort, and I think we’ve learned a thing or two that can help us build a new defense doctrine against APTs much faster. Already we’re learning fast, and every organization hit by an APT is much more prepared against the next one; I’m confident it will take us far less than 7 years to say we’ve turned the tide on APTs.”
  • 13. new threats our current approach Identifying and cataloging new threats Standardizing countermeasures Adding these to vendor product lines When will we see the first APT-no-more product from a major vendor? Entrenching into the standards canon
  • 14. All too often we only change our defensive doctrine when: • We get hit badly • Compliance standards change • When new products become available • When the new fiscal cycle starts The attackers we face change their offensive doctrine much more frequently we are too slow to adapt
  • 15. John Boyd (1927-1997) a.k.a Forty Second Boyd .: Genghis John The Mad Major The Ghetto Colonel Photo credit: Wikipedia
  • 16. The adversaries that we are defending against are continually producing Boyd novelty (there will be something else after APT) “Now, in order to thrive and novelt on grow in such a world we must match our thinking and doing, hence our orientation, with that y emerging novelty” Winning in inherently dynamic environments involves running through flexible decision making cycles faster than your
  • 17. All major advances in science and engineering were born of the you are realization that current models - here or orientations, in Boyd's terms - were mismatched with reality our challenge How can we gain the ability to traverse the observe, orient, decide, act cycle as rapidly or more rapidly than our opponents? a possible answer? We need to change our information security doctrine from compliance and product-centred to innovation and human-centred
  • 18. Chris Hammond-Thrasher CISSP Associate Director, Consulting Security, Privacy and Compliance Founder, Fujitsu Edmonton Security Lab FUJITSU CANADA chris.hammond-thrasher@ca.fujitsu.com 7809178426

Hinweis der Redaktion

  1. Rivner is correct, we do need a new doctrine. However, an anti-APT doctrine is not the answer.
  2. It is good news that we can see that we have a mismatch