By Santosh Satam, CEO, SecurBay Services
Santosh has multi-disciplinary skills in software product engineering, technology management and enterprise risk assessment.
His areas of expertise are web application security, mobile & cloud security and threat intelligence.
His client list includes MNCs, BFSI, hospitality and government agencies.
He is an advisor to the Institute for Development and Research in Banking Technology (IDRBT) on matters related to mobile security for banks.
Latest Threats in Digital Security - SecurBay (Hotel_Digital_Security_Seminar_Sept19'14)
1. In association with Presented by Supported by
LATEST THREATS IN
DIGITAL SECURITY
Santosh Satam, CEO, SecurBay Services
SEPT 19, 2014 Hotel Digital Security Seminar
2. Presented by
In association with
Supported by
Santosh Satam
Santosh has multi-disciplinary skills in
software product engineering,
technology management and
enterprise risk assessment.
His areas of expertise are web
application security, mobile & cloud
security and threat intelligence.
His client list includes MNCs, BFSI,
hospitality and government agencies.
He is an advisor to the Institute for
Development and Research in Banking
Technology (IDRBT) on matters
related to mobile security for banks.
By X Events Hospitality (www.x-events.in)
2
Hotel Digital Security Seminar & Webinar, Sept 19, 2014
3. Presented by
In association with
Supported by
Agenda
By X Events Hospitality Hotel Digital Security Seminar & Webinar, Sept 19, 2014 (www.x-events.in)
3
¨ Current Landscape
¨ Hospitality Industry - Attack Vectors
¨ How to Secure Yourself
¨ Way Forward
¨ Q&A
4. Presented by
In association with
Supported by
Current Landscape
By X Events Hospitality (www.x-events.in)
4
Hotel Digital Security Seminar & Webinar, Sept 19, 2014
5. Presented by
In association with
Supported by
Digital universe is growing
2014
By X Events Hospitality (www.x-events.in)
5
Digital Universe is huge and growing exponentially
Hotel Digital Security Seminar & Webinar, Sept 19, 2014
2006
180 EB
2008
2011
200 EB 1800 EB 44 ZB
1 Exa Byte=1 Billion GB
1 ZB = 1 Trillion GB
Source IDC 2014
6. Presented by
In association with
Supported by
Growth drivers
By X Events Hospitality (www.x-events.in)
6
Source:
http://thenextweb.com/apple/2012/01/25/there-are-now-more-iphones-
sold-than-babies-born-in-the-world-every-day/
Hotel Digital Security Seminar & Webinar, Sept 19, 2014
371 K
Babies born per day
378 K
iPhones sold per day
7. Presented by
In association with
Supported by
Next big thing - IoT
By X Events Hospitality (www.x-events.in)
7
Hotel Digital Source IDC 2014 Security Seminar & Webinar, Sept 19, 2014
8. Presented by
In association with
Supported by
Is our information safe?
50%
of the
Information is not protected
By X Events Hospitality (www.x-events.in)
8
Hotel Digital Source IDC 2014 Security Seminar & Webinar, Sept 19, 2014
9. Presented by
In association with
Supported by
The numbers don’t lie
76% of the US Companies had
a cyber security incident
reported in the last year
By X Events Hospitality (www.x-events.in)
9
Source: http://online.wsj.com/news/articles/SB10001424052702303933404577504790964060610
Hotel Digital Security Seminar & Webinar, Sept 19, 2014
10. Presented by
In association with
Supported by
Attack Vectors
Attack Vectors for Hospitality Industry
By X Events Hospitality (www.x-events.in)
10
Hotel Digital Security Seminar & Webinar, Sept 19, 2014
11. Presented by
In association with
Supported by
Data breach hits 14 hotels
By X Events Hospitality (www.x-events.in)
11
Hotel Digital Security Seminar & Webinar, Sept 19, 2014
Source: http://www.cnbc.com/id/101396464#.
In 13 of the 14 cases, the malware
was in the credit and debit card
readers at the hotels' restaurants
and gift shops.
12. Presented by
In association with
Supported by
Keylogger malware
The U.S. Secret Service is
adv i s ing the hospi t a l i t y
industry to inspect computers
made available to guests in
hotel business centers, warning
t h a t c rook s h ave b e e n
compromising hotel business
center PCs with keystroke-logging
malware in a bid to
steal personal and financial
data from guest.
By X Events Hospitality (www.x-events.in)
12
http://krebsonsecurity.com/2014/07/beware-keyloggers-at-hotel-business-centers/
Hotel Digital Security Seminar & Webinar, Sept 19, 2014
13. Presented by
In association with
Supported by
Repeated computer hacks
Wyndham Hotels' lax security
policies allowed Russian
hackers to access more than
500,000 customer accounts on
three separate occasions
between 2008 and 2010.
Hackers used the data to rack
up more than $10.6 million in
f r a u d u l e n t c re d i t c a rd
transactions, according to the
suit filed in the U.S. District
Court of Arizona.
By X Events Hospitality (www.x-events.in)
13
http://edition.cnn.com/2012/06/26/travel/wyndham-hacking/index.html
Hotel Digital Security Seminar & Webinar, Sept 19, 2014
14. Presented by
In association with
Supported by
Attacks on website
S Can you spot
Security Risk on
this compromised
Website ?
By X Events Hospitality (www.x-events.in)
14
Hotel Digital Security Seminar & Webinar, Sept 19, 2014
15. Presented by
In association with
Supported by
Social engineering attacks
Operator to Guest:
Excuse me sir, I am
calling from Front
Desk, Can I have your
credit card number
please ?
What you will do ?
By X Events Hospitality (www.x-events.in)
15
Hotel Digital Security Seminar & Webinar, Sept 19, 2014
16. Presented by
No business is
immune from threats.
In association with
Supported by
How safe am I?
Threats can come in
any shape and size
Need Threat
Intelligence
By X Events Hospitality (www.x-events.in)
16
Hotel Digital Security Seminar & Webinar, Sept 19, 2014
17. Presented by
In association with
Supported by
Most common attacks
By X Events Hospitality (www.x-events.in)
17
Hotel Digital Security Seminar & Webinar, Sept 19, 2014
DBIR 2014 Data Breach Report
"The universe of threats
may seem limitless, but
92% of the 100,000
incidents we've analyzed
from the last 10 years
can be described by just
nine basic patterns."
18. Presented by
In association with
Supported by
Is it applicable to me?
By X Events Hospitality (www.x-events.in)
18
Hotel Digital Security Seminar & Webinar, Sept 19, 2014
DBIR 2014 Data Breach Report
19. Presented by
In association with
Supported by
Cyber risks in India
Source: https://gigaom.com/2013/06/25/new-google-report-shows-malware-by-country-highest-rates-in-india-central-
By X Events Hospitality (www.x-events.in)
19
Hotel Digital Security Seminar & Webinar, Sept 19, 2014
europe/
The hi ghes t r a te of
malware, however, doesn’t
belong to obvious suspects
like Russia or Ukraine (8%
each), but instead India
(15%) and many Latin
American countries like
Mexico (12%) and Chile
(11%).
20. Presented by
In association with
Supported by
Cyber risks in India
9,174 Indian websites were hacked
by various hacker groups from
different parts of the world till May
2014.
62,189 security incidents were
reported during the same period
to the Indian CERT-In
By X Events Hospitality (www.x-events.in)
20
http://zeenews.india.com/news/nation/9174-indian-websites-hacked-till-may-it-minister_947431.html
Hotel Digital Security Seminar & Webinar, Sept 19, 2014
21. Presented by
In association with
Supported by
How to Secure Yourself?
By X Events Hospitality (www.x-events.in)
21
Hotel Digital Security Seminar & Webinar, Sept 19, 2014
22. Presented by
In association with
Supported by
Need Systemic Approach
By X Events Hospitality (www.x-events.in)
22
Ad-hoc Approach Ad-hoc Approach
http://zeenews.india.com/news/nation/9174-indian-websites-hacked-till-may-it-minister_947431.html
Hotel Digital Security Seminar & Webinar, Sept 19, 2014
23. Presented by
In association with
Supported by
What can I do about it?
ASSESS EXECUTE MONITOR
By X Events Hospitality (www.x-events.in)
23
Hotel Digital Security Seminar & Webinar, Sept 19, 2014
Find out your current
Security Posture by
doing Gap
Assessment
Vulnerability
Assessment
and Penetration
Testing
Implement the
Roadmap
Monitor and Improve
DEFINE
Define Short, Medium
and Long tem Action
Plan
24. Presented by
In association with
Supported by
People, Process & Technology
- UTM. Firewalls
- IDS/IPS
- Data Center
- Physical Security
- DLP
- IRM
- SIM/SIEM
- Managed Services
- Encryption
By X Events Hospitality (www.x-events.in)
24
Hotel Digital Security Seminar & Webinar, Sept 19, 2014
- Training
- Awareness
- HR Policies
- Background
Checks
- Roles /
responsibilities
- Social Engineering
- Social Networking
- Acceptable Use
- Risk Management
- Asset Management
- Data Classification
- Info Rights Mgt
- Data Leak Prevention
- Access Management
- Change Management
- Patch Management
- Configuration Mgmt
- Incident Response
- Incident Management
Technology
People Process
25. Presented by
In association with
Supported by
About us
HATT is India's young and premium
community for CXOs from the
Hospitality, Healthcare, Aviation, Travel
and Tourism industries.
o With over 1,000 members across
India, we are now poised to expand
globally with a presence in South East
Asia and the Middle East by 2016.
www.hattforum.com
Hotel Digital Security Seminar & Webinar, Sept 19, 2014
25
X Events manages & supports events
exclusively for the hospitality & travel
industries.
o Our USP is that we are hoteliers
by training. We focus on the two
most important aspects of an
event; content quality and impact.
o We do it because we believe in it.
www.x-events.in
By X Events Hospitality (www.x-events.in)
FB/hattforum
26. Presented by
In association with
Supported by
Our host – Brian Pereira
Brian is a veteran technology
journalist with two decades of
experience. He has served as
editor for two magazines: CHIP
and InformationWeek India.
He is a respected speaker & host
at conferences worldwide.
In his current role at Hannover
Milano Fairs India, Brian serves
as project head for CeBIT
Global Conferences,
the world's largest ICT fair that
will debut in India this November,
in Bangalore.
By X Events Hospitality (www.x-events.in)
26
Hotel Digital Security Seminar & Webinar, Sept 19, 2014
27. Presented by
In association with
Supported by
Hotel Digital Security Seminar & Webinar, Sept 19, 2014
27
Five expert speakers
1. Latest threats in digital security (Worms, attacks, viruses, flaws) - Santosh Satam,
CEO, SecurBay Services.
2. The immediate action needed to tighten up (Priority list, cost, internal policies)
- Ambarish Deshpande, MD - India & SAARC, Blue Coat
3. Information loss prevention (Principles & practices) - Geet Lulla, VP - India & ME,
Seclore
4. How to build a business case & get the management's attention - Dhananjay
Rokde, CISO, Cox & Kings Group.
5. Global cyber security outlook - A. K. Viswanathan, Senior Director - Enterprise Risk
Services, Deloitte India.
By X Events Hospitality (www.x-events.in)
The seminar schedule
28. Presented by
In association with
Supported by
Our sponsors & supporters
By X Events Hospitality Hotel Digital Security Seminar & Webinar, Sept 19, 2014 (www.x-events.in)
28
Thank You
29. In association with Presented by Supported by
HOTEL DIGITAL SECURITY SEMINAR
SEPT 19, 2014 www.x-events.in