Diese Präsentation wurde erfolgreich gemeldet.
Wir verwenden Ihre LinkedIn Profilangaben und Informationen zu Ihren Aktivitäten, um Anzeigen zu personalisieren und Ihnen relevantere Inhalte anzuzeigen. Sie können Ihre Anzeigeneinstellungen jederzeit ändern.
CYBER SECURITY
Sanjay Sahay
The biggest emerging threat!
How big is this
bubble?
Chronology of Computerization
1994: CCIS
2005: G-CARE
2008: e-Beat
2009: KSP
WAN
2010: 'Police IT'
2011: KSP DC
2012: CCTN...
Network
Data
Center
Training
for 75
System
Administ-
rators
Creation
of Skilled
Internal
Resource
pool
Training
for End-
U...
Police IT ERP Application
MIS417
Reports
64
Roles
Core Function
-alities
• Crime
• Law & Order
• Traffic
Admin
-istration
...
Architecture Diagram of KSPWAN
DIGITAL INDIA IS
The transformational enablement of
1. Governance
2. Citizen Services and
3. Ease of business using…
…ICT ...
DEDICATED CLOUD
INFRASTRUCTURE
DIGITAL INDIA
PARAMETERS AND MEASUREMENTS
VISION TO WORKABLE DOCUMENTS
THE WHEREWITHAL
SECTOR WISE
PHASE WISE
BLUEPRINT
GAP
ANALYSIS
BRI...
IN THE LAST FEW MONTHS..,
• Sony & Anthem attacks
• Chinese breach data of 4 million federal workers
• Obama seeks $14 bil...
 Zero-Day Flaw Found in 'Linux Kernel' leaves Millions
Vulnerable
 US Intelligence Chief Hacked by the Teen Who Hacked C...
After Paris Attacks, Encrypted
Communication Is Back In Spotlight
"the ISIS geek squad is teaching terrorists how
to use e...
A HACKER who claims to have broken into the AOL
account of CIA Director John Brennan says he
obtained access by posing as ...
The country which built a Digital Iron Dome, Israel had undergone one of the largest serious cyber
attack this year.
This ...
Someone Just Leaked Hard-Coded Password Backdoor
for Fortinet Firewalls
Anyone with "Fortimanager_Access" username and a ...
Juniper Firewalls with ScreenOS Backdoored Since 2012
 Juniper Networks has announced that it has discovered "unauthorize...
Ridiculous Bug in Trend Micro Antivirus Allows
Hackers to Steal all Your Passwords
 Product that allow hackers to execute...
FORTUNE 500 COMPANIES
97% HAS BEEN HACKED!
“If builders built buildings the way programmers
wrote programs, then the first woodpecker that came
along would destroy c...
Linear
Vs
Exponential
from pace maker to nuclear
power plants
from text documents to the
hybrid cloud
Internet of things!
Global Information Grid
A very vulnerable one!
DATAis at the center of our universe
Resilience
What the System Ought to Provide
Curiosity
Monetary Gain
National Security
Espionage,
Political Activism
The sophistication of cyber threats, attackers and...
WORLD AT CROSSROADS…
Internal Security
External
Security
Counter
Terrorism
Rogue States
Cyber War
Money
Laundering
Underwo...
WORLD AT CROSSROADS…
And the IT companies
themselves!!!
Privacy has no meaning
More data, more money!
Everything for a pri...
Access Control Policy
Access Control Policy
Ubiquitous Surveillance
Military - Internet Complex
“The corrupt
fear us. The
honest support
us. The heroic
join us.”
I
S
I
S
V
S
The Malware Story
 Criminals & Virus writers outinnovating and
outmaneuvering the anti-virus industry
 First information...
Precision is the key
Outstanding Coding and Testing
Absolute Game Changer
One of its kind
Who will take a call?
Zero Day
at the heart of it all
Asymmetric Warfare – A new form
2009 Iraq-$45 billion drone and satellite
surveillance system
Skygrabber-$25.95
The cost...
Cloud
The most happening place
How secure are we?
Sanjay Sahay
CLOUD COMPUTING
Results of IDC survey ranks Security 74.6%
as the biggest challenge
WEAKEST LINK
the human factor
Where should you start?
These three controls can help you address the top vulnerabilities
and begin to reduce risk.
Build ...
The Dark Net, The Secret Web, The Digital
Underground, The Invisible Internet
The Internet provides a delivery system for the
pathological states of mind
Blatant
Is there a desire to control?
Is there a mechanism in place?
Crime Inc.
Crime as a service!
Payment mechanism in place!
Information Sharing!
Data Brokers
UNDERGROUND ONLINE MARKETS
What we buy?
What we use?
What we know?
The Issues
 The hardware
 The software
 Networking
 Data Center
 Human Resources
 Standards
 Uniformity
 Audit
Cyber Security
Public Private Partnership
 NSA
 CIA
 FBI
 Homeland Security
 Booz Allen Hamilton
 Lockheed Martin
 ...
Asymmetric Warfare – A new form
This is a battle of knowledge,
effort, focus and precision
Govt’s glacial age response a...
Foster information security without trying to
fight the internet architecture
the way forward
There’s no
reason
that the good
guys can’t be
the same !!!.
The bad guys
are smart, well
equipped, and
determined.
the way forward
A seamlessly connected, data driven and digitally serviced
India is also more vulnerable Digital India. If...
Thank you all for the
rapt attention!
Cyber Security - Sanjay Sahay, Additional Director General, Karnataka Police
Cyber Security - Sanjay Sahay, Additional Director General, Karnataka Police
Cyber Security - Sanjay Sahay, Additional Director General, Karnataka Police
Nächste SlideShare
Wird geladen in …5
×

Cyber Security - Sanjay Sahay, Additional Director General, Karnataka Police

531 Aufrufe

Veröffentlicht am

Cyber Security - Sanjay Sahay, Additional Director General, Karnataka Police

Veröffentlicht in: Technologie
  • DOWNLOAD FULL BOOKS, INTO AVAILABLE FORMAT ......................................................................................................................... ......................................................................................................................... ,DOWNLOAD FULL. PDF EBOOK here { https://tinyurl.com/yyxo9sk7 } ......................................................................................................................... ,DOWNLOAD FULL. EPUB Ebook here { https://tinyurl.com/yyxo9sk7 } ......................................................................................................................... ,DOWNLOAD FULL. doc Ebook here { https://tinyurl.com/yyxo9sk7 } ......................................................................................................................... ,DOWNLOAD FULL. PDF EBOOK here { https://tinyurl.com/yyxo9sk7 } ......................................................................................................................... ,DOWNLOAD FULL. EPUB Ebook here { https://tinyurl.com/yyxo9sk7 } ......................................................................................................................... ,DOWNLOAD FULL. doc Ebook here { https://tinyurl.com/yyxo9sk7 } ......................................................................................................................... ......................................................................................................................... ......................................................................................................................... .............. Browse by Genre Available eBooks ......................................................................................................................... Art, Biography, Business, Chick Lit, Children's, Christian, Classics, Comics, Contemporary, Cookbooks, Crime, Ebooks, Fantasy, Fiction, Graphic Novels, Historical Fiction, History, Horror, Humor And Comedy, Manga, Memoir, Music, Mystery, Non Fiction, Paranormal, Philosophy, Poetry, Psychology, Religion, Romance, Science, Science Fiction, Self Help, Suspense, Spirituality, Sports, Thriller, Travel, Young Adult,
       Antworten 
    Sind Sie sicher, dass Sie …  Ja  Nein
    Ihre Nachricht erscheint hier
  • Gehören Sie zu den Ersten, denen das gefällt!

Cyber Security - Sanjay Sahay, Additional Director General, Karnataka Police

  1. 1. CYBER SECURITY Sanjay Sahay The biggest emerging threat!
  2. 2. How big is this bubble?
  3. 3. Chronology of Computerization 1994: CCIS 2005: G-CARE 2008: e-Beat 2009: KSP WAN 2010: 'Police IT' 2011: KSP DC 2012: CCTNS 2014: DRC 2015: Private Cloud
  4. 4. Network Data Center Training for 75 System Administ- rators Creation of Skilled Internal Resource pool Training for End- Users Police IT ERP Gover- nance Structure Enforce- ment Stabiliza- tion Police-IT Ecosystem Development
  5. 5. Police IT ERP Application MIS417 Reports 64 Roles Core Function -alities • Crime • Law & Order • Traffic Admin -istration • Administration • Finance • Stores Ancillary support • Armed Reserve • Motor Transport • Training Technical Modules • Wireless • Forensic Science • Laboratory 522 Screens 11 Modules
  6. 6. Architecture Diagram of KSPWAN
  7. 7. DIGITAL INDIA IS The transformational enablement of 1. Governance 2. Citizen Services and 3. Ease of business using… …ICT in the creation of • digital infrastructure (technological and human), competent enough to enable • dynamic and • real time decision making • and service delivery • with seamless backend processes and • creation of databases and its integration at differential levels catering to all requirements of the nation
  8. 8. DEDICATED CLOUD INFRASTRUCTURE DIGITAL INDIA
  9. 9. PARAMETERS AND MEASUREMENTS VISION TO WORKABLE DOCUMENTS THE WHEREWITHAL SECTOR WISE PHASE WISE BLUEPRINT GAP ANALYSIS BRIDGING LONG LASTING PUBLIC PRIVATE PARTNERSHIPS VISIONARY DOCUMENTATION TRUST SECURITY DIGITAL INDIA
  10. 10. IN THE LAST FEW MONTHS.., • Sony & Anthem attacks • Chinese breach data of 4 million federal workers • Obama seeks $14 billion to boost U.S. cybersecurity defenses • Obama Calls on US Firms to Help Fight Cyberattacks • Obama signed an executive order laying out a framework for companies to share data about cyber threats with each other and the government • New agency to sniff out threats in cyberspace - Cyber Threat Intelligence Integration Center
  11. 11.  Zero-Day Flaw Found in 'Linux Kernel' leaves Millions Vulnerable  US Intelligence Chief Hacked by the Teen Who Hacked CIA Director  602 Gbps! This May Have Been the Largest DDoS Attack in History Hacking News
  12. 12. After Paris Attacks, Encrypted Communication Is Back In Spotlight "the ISIS geek squad is teaching terrorists how to use encryption and communication platforms like Silent Circle, Telegram and WhatsApp."
  13. 13. A HACKER who claims to have broken into the AOL account of CIA Director John Brennan says he obtained access by posing as a Verizon worker to trick another employee into revealing the spy chief’s personal information.
  14. 14. The country which built a Digital Iron Dome, Israel had undergone one of the largest serious cyber attack this year. This time, the name of Israel is being popped up in the current headlines is for the massive cyber attack which triggered against the Nation's Electrical Power Grid.
  15. 15. Someone Just Leaked Hard-Coded Password Backdoor for Fortinet Firewalls Anyone with "Fortimanager_Access" username and a hashed version of the "FGTAbc11*xy+Qqz27" password string, which is hard coded into the firewall, can login into Fortinet's FortiGate firewall networking equipment
  16. 16. Juniper Firewalls with ScreenOS Backdoored Since 2012  Juniper Networks has announced that it has discovered "unauthorized code" in ScreenOS, the operating system for its NetScreen firewalls  Date back to at least 2012  Allows anyone to decrypt VPN traffic
  17. 17. Ridiculous Bug in Trend Micro Antivirus Allows Hackers to Steal all Your Passwords  Product that allow hackers to execute arbitrary commands remotely as well as steal your saved password from Password Manager built into its AntiVirus program
  18. 18. FORTUNE 500 COMPANIES 97% HAS BEEN HACKED!
  19. 19. “If builders built buildings the way programmers wrote programs, then the first woodpecker that came along would destroy civilization.” -Weinberg's Second Law
  20. 20. Linear Vs Exponential
  21. 21. from pace maker to nuclear power plants from text documents to the hybrid cloud
  22. 22. Internet of things! Global Information Grid A very vulnerable one!
  23. 23. DATAis at the center of our universe
  24. 24. Resilience What the System Ought to Provide
  25. 25. Curiosity Monetary Gain National Security Espionage, Political Activism The sophistication of cyber threats, attackers and motives is rapidly escalating. Motive 1995 – 2005 1st Decade of the Commercial Internet Revenge Script-kiddies or hackers using tools, web-based “how-to’s” Insiders, using inside information Organized Crime, Hackers and Crackers using sophisticated tools Competitors, Hacktivists Nation-state Actors; Targeted Attacks / Advanced Persistent Threat 2005 – 2015 2nd Decade of the Commercial Internet Adversary *X-Force Research - 2013 March 10, 2016 26
  26. 26. WORLD AT CROSSROADS… Internal Security External Security Counter Terrorism Rogue States Cyber War Money Laundering Underworld Underground Economy Naxalism Data Brokers Hacktivists
  27. 27. WORLD AT CROSSROADS… And the IT companies themselves!!! Privacy has no meaning More data, more money! Everything for a price
  28. 28. Access Control Policy
  29. 29. Access Control Policy
  30. 30. Ubiquitous Surveillance Military - Internet Complex
  31. 31. “The corrupt fear us. The honest support us. The heroic join us.”
  32. 32. I S I S V S
  33. 33. The Malware Story  Criminals & Virus writers outinnovating and outmaneuvering the anti-virus industry  First information  Detection rate  “time – to – detection rate”  “out of their leagues in their own game”
  34. 34. Precision is the key Outstanding Coding and Testing Absolute Game Changer
  35. 35. One of its kind Who will take a call?
  36. 36. Zero Day at the heart of it all
  37. 37. Asymmetric Warfare – A new form 2009 Iraq-$45 billion drone and satellite surveillance system Skygrabber-$25.95 The costing
  38. 38. Cloud The most happening place How secure are we? Sanjay Sahay
  39. 39. CLOUD COMPUTING Results of IDC survey ranks Security 74.6% as the biggest challenge
  40. 40. WEAKEST LINK the human factor
  41. 41. Where should you start? These three controls can help you address the top vulnerabilities and begin to reduce risk. Build a risk-aware culture Protect the network & end-points Automate security hygiene & manage incidents with intelligence
  42. 42. The Dark Net, The Secret Web, The Digital Underground, The Invisible Internet
  43. 43. The Internet provides a delivery system for the pathological states of mind
  44. 44. Blatant Is there a desire to control? Is there a mechanism in place?
  45. 45. Crime Inc.
  46. 46. Crime as a service! Payment mechanism in place!
  47. 47. Information Sharing!
  48. 48. Data Brokers
  49. 49. UNDERGROUND ONLINE MARKETS
  50. 50. What we buy? What we use? What we know?
  51. 51. The Issues  The hardware  The software  Networking  Data Center  Human Resources  Standards  Uniformity  Audit
  52. 52. Cyber Security Public Private Partnership  NSA  CIA  FBI  Homeland Security  Booz Allen Hamilton  Lockheed Martin  Fire Eye, Crowd Source, Mandiant  Raytheon  And large number of IT companies globally
  53. 53. Asymmetric Warfare – A new form This is a battle of knowledge, effort, focus and precision Govt’s glacial age response and MNCs blindfolded commercial focus is not the answer
  54. 54. Foster information security without trying to fight the internet architecture the way forward
  55. 55. There’s no reason that the good guys can’t be the same !!!. The bad guys are smart, well equipped, and determined.
  56. 56. the way forward A seamlessly connected, data driven and digitally serviced India is also more vulnerable Digital India. If recent history is to go by the cyber security landscape is worsening by the day. Security ought to be a design element and creating a risk aware culture will facilitate in achieving Digital India with confidence. Adoption of technology is directly proportional of the comfort levels it provides with least risks. This is the way forward.
  57. 57. Thank you all for the rapt attention!

×