SlideShare uma empresa Scribd logo

Verizon 2014 data breach investigation report and the target breach

Ulf Mattsson
Ulf Mattsson

The landscape of threats to sensitive data is changing. New technologies bring with them new vulnerabilities, and organizations like Target are failing to adapt to the shifts around them. What’s needed is an approach equal to the persistent, advanced attacks companies face every day. The sooner we start adopting the same proactive thinking hackers are using to get at our data, the better we will be able to protect it. In this webinar, Protegrity CTO and data security thought leader Ulf Mattsson integrates new information from the Verizon 2014 Data Breach Investigation Report (DBIR) into his analysis on what is driving data breaches today, and how we can prevent them in the future. KEY TOPICS INCLUDE: • The changing threat landscape • The effects of new technologies on breaches • Analysis of recent breaches, including Target • Compliance vs. security • The importance of shifting from reactive to proactive thinking • Preparing for future attacks with new technology & techniques

TecnologiaNegócios
1 de 48
Baixar para ler offline
Verizon 2014 Data Breach Investigation ReportVerizon 2014 Data Breach Investigation Report and The Target Breach Proactive Approaches to Data Security Ulf Mattsson CTO, Protegrity Ulf.Mattsson@protegrity.com
Member of PCI Security Standards Council: • Tokenization Task Force • Encryption Task Force • Point to Point Encryption Task Force • Risk Assessment SIG Ulf Mattsson, Protegrity CTO • eCommerce SIG • Cloud SIG • Virtualization SIG • Pre-Authorization SIG • Scoping SIG 2
The Target Data Breach Data Security & Threat Landscape Topics Think Like A Hacker - Proactive Data Security New Data Security Technologies & Approaches 3
THE TARGET DATA BREACHDATA BREACH 4 What can we learn?
First Attack: Fazio Mechanical Services • A 3rd party refrigeration design & maintenance contractor for Target • Email malware-injecting phishing attack • Credentials were stolen Second Attack: Target POS Machines • Used stolen credentials from Fazio Mechanical Services to access POS machines How The Breach at Target Went Down • Installation of malware to collect customer payment data Aftermath: Malware Data Export • >40 million customer financial records & CCN • >70 million customer personal information records • The subsequent file dump containing customer data is reportedly flooding the black market • Starting point for the manufacture of fake bank cards, or provide data required for identity theft. Source: Brian Krebs and www.zdnet.com/how-hackers-stole-millions-of-credit-card-records-from-target-7000026299/ 5
Memory Scraping Malware – Target Breach Payment Card Terminal Point Of Sale Application Memory Scraping Malware Authorization, Settlement … Web Server Memory Scraping Malware Russia 6
Security software picked up on suspicious activity after a cyberattack was launched, but it decided not to take immediate action Received security alerts on Nov. 30 that Target Says It Ignored Early Signs of Data Breach Received security alerts on Nov. 30 that indicated malicious software had appeared in its network Source: SEC (Securities and Exchange Commission )7
Target Corp. annual report: Massive security breach has hurt its image and business, while spawning dozens of legal actions, and it can't estimate how big the financial tab will end up being. The FTC is probing the massive hack of credit card information. Target could face federal charges for Target Data Breach Fallout failing to protect its customers' data. “When you see a data breach of this size with clear harm to consumers, it's clearly something that the FTC would be interested in looking at.” - Jon Leibowitz, former FTC chairman Source: Bloomberg Businessweek8
Target Data Breach Fallout Target CIO Beth Jacob resigned 9
WHO IS THE NEXT TARGET?TARGET? 10
Who is the Next Target? Services Retailers 11 Healthcare Government
It’s not like other businesses are using some special network security practices that Target doesn’t know about. They just haven’t been hit yet.They just haven’t been hit yet. No number of walls, traps, bars, or alarms will keep out the determined thief. 12 Source: www.govtech.com/security
New Environments Big Data and Cloud platforms are presenting new use cases that are incompatible with old security approaches. This makes them vulnerable and ideal targets. Cloud & Big Data Vulnerabilities Include: Hackers & APT Rogue Privileged Users Unvetted Applications Or Ad Hoc Processes
DATA SECURITY & THREAT LANDSCAPETHREAT LANDSCAPE 14 How have the methods of attack shifted?
“It’s clear the bad guys are winning at a faster rate than the good guys are winning, and we’ve The Bad Guys are Winning 15 Source: searchsecurity.techtarget.com/news/2240215422/In-2014-DBIR-preview-Verizon-says-data-breach-response-gap-widening are winning, and we’ve got to solve that.” - 2014 Verizon Data Breach Investigations Report
External Threats are Exploding 16 Source: The 2014 Verizon Data Breach Investigations Report
More, Better Attack Tools 17 Source: The 2014 Verizon Data Breach Investigations Report
Changing Motives 18 Source: The 2014 Verizon Data Breach Investigations Report
We Are Losing Ground “…Even though security is improving, things are getting worse faster, so we're losing ground 19 we're losing ground even as we improve.” - Security expert Bruce Schneier Source: http://www.businessinsider.com/bruce-schneier-apple-google-smartphone-security-2012-11
Organizations Are Not Protecting Against Cyberattacks “Cyber attack fallout could cost the global economy $3 trillion by 2020.” 20 Source: McKinsey report on enterprise IT security implications released in January 2014. 2020.” - McKinsey & Company report Risk & Responsibility in a Hyperconnected World: Implications for Enterprises
Organizations Are Also Bad At Detecting Breaches 21 Verizon 2013 Data-breach-investigations-report & 451 Research
BEWARE MALWAREBEWARE MALWARE 22
New Malware Detections Source: mcafee.com/us/resources/reports/rp-quarterly-threat-q3-2013.pdf 23
#17 in 2012 among all types of incidents, rose to a very concerning #4 spot in 2013. Incidents surged from just 27 in 2012 to 223 in 2013. The Dramatic Rise of RAM Scraping Malware to 223 in 2013. 24 Source: Verizon’s 2014 Data Breach Investigations Report A 10x increase in only ONE YEAR.
In past year, there were at least 20 malware cyber attacks on retail targets similar to Target incident. “POS malware crime will continue to grow over the near term.” FBI Memory-Scraping Malware Warning grow over the near term.” Report: “Recent Cyber Intrusion Events Directed Toward Retail Firms” Source: searchsecurity.techtarget.com/news/2240213143/FBI-warns-of-memory-scraping- malware-in-wake-of-Target-breach 25
Export data became the #1 malware threat in 2013, doubling in occurrence from 2012. Malware represented 60% (12/20) of the top threat actors in the 2014 Verizon DBIR. The Dramatic Rise of RAM Scraping Malware threat actors in the 2014 Verizon DBIR. 26 Source: Verizon’s 2014 Data Breach Investigations Report My conclusion: Malware will continue to proliferate until we secure the sensitive data flow.
THINK LIKE A HACKERHACKER How can we shift from reactive to proactive thinking? 27
How do hackers think? Like a business. Go where the money is Thinking Like A Hacker Multiple touches to get in Easier targets = Higher ROI
The Modern Day Bank Robber 29
Target was certified as meeting the standard for the Payment Card Industry in September 2013 Compliance is minimal protection that everyone has to have in place. • It can protect from liability. Target Breach Lesson: Compliance Isn't Enough • But obviously, it does not actually protect from data loss. If you're driving a car, you have to wear your seatbelt. That doesn't make you a safe driver. Source: TechNewsWorld 30
TURNING THE TIDE 31 What new technologies and techniques can be used to prevent future attacks?
Coarse Grained Security • Access Controls • Volume Encryption • File Encryption Fine Grained Security Evolution of Data Security Methods EvolutionFine Grained Security • Access Controls • Field Encryption • Masking • Tokenization • Vaultless Tokenization 32 Evolution
Fine Grained (Field-Level) Sensitive Data Security allows for a Wider andallows for a Wider and Deeper Range of Authority Options 33
Risk High – Old: Minimal access levels – Least New : Much greater The New Fine Grained Data Security Access Privilege Level I High I Low Low – levels – Least Privilege to avoid high risks Much greater flexibility and lower risk in data accessibility 34
What if a Credit Card Number in the Hands of a Criminal was Useless? 35
De-identification through Tokenization Field Real Data Tokenized / Pseudonymized Name Joe Smith csu wusoj Address 100 Main Street, Pleasantville, CA 476 srta coetse, cysieondusbak, CA Date of Birth 12/25/1966 01/02/1966 Telephone 760-278-3389 760-389-2289 E-Mail Address joe.smith@surferdude.org eoe.nwuer@beusorpdqo.org SSN 076-39-2778 076-28-3390 CC Number 3678 2289 3907 3378 3846 2290 3371 3378 Business URL www.surferdude.com www.sheyinctao.com Fingerprint Encrypted Photo Encrypted X-Ray Encrypted Healthcare / Financial Services Dr. visits, prescriptions, hospital stays and discharges, clinical, billing, etc. Financial Services Consumer Products and activities Protection methods can be equally applied to the actual data, but not needed with de-identification 36
Fine Grained Data Security Methods Tokenization and Encryption are Different Used Approach Cipher System Code System Cryptographic algorithms Cryptographic keys TokenizationEncryption 37 Cryptographic keys Code books Index tokens
Different Tokenization Approaches Property Dynamic Pre-generated Vaultless Vault-based 38
Security of Fine Grained Protection Methods High Security Level I Format Preserving Encryption I Vaultless Data Tokenization I AES CBC Encryption Standard I Basic Data Tokenization 39 Low
10 000 000 - 1 000 000 - 100 000 - 10 000 - Transactions per second* Speed of Fine Grained Protection Methods 10 000 - 1 000 - 100 - I Format Preserving Encryption I Vaultless Data Tokenization I AES CBC Encryption Standard I Vault-based Data Tokenization *: Speed will depend on the configuration 40
Tokenization Research Tokenization Gets Traction Aberdeen has seen a steady increase in enterprise use of tokenization for protecting sensitive data over encryption Nearly half of the respondents (47%) are currently using tokenization for something other than cardholder data Tokenization users had 50% fewer security-related incidents than tokenization non-users 41 Source: http://www.protegrity.com/2012/08/tokenization-gets-traction-from-aberdeen/
Use Case How Should I Secure Different Data? Simple – PCI PII Encryption of Files Card Holder Data Tokenization of Fields Personally Identifiable Information Type of Data I Structured I Un-structured Complex – PHI Protected Health Information 42 Personally Identifiable Information
Protecting Enterprise Data Flow 123456 123456 1234 CCN/SSN Social Media Blogs Smart Phones Meters Sensors Web Logs Trading Systems GPS Signals Stream 043 123456 999999 1234 Protecting Data Flows – Reducing Attack Surface Big Data (Hadoop) Acquisition Analytics & Visualization Enterprise Data Warehouse
You must assume your perimeter systems will be breached. How do you know when your systems have been compromised? You have to baseline and understand what ‘normal' looks like and look for deviations from normal. McAfee and Symantec can't tell you what normal looks like in your own systems. Only monitoring anomalies can do that. CISOs say SIEM Not Good for Security Analytics Only monitoring anomalies can do that. Monitoring could be focused on a variety of network and end-user activities, including network flow data, file activity and even going all the way down to the packets Source: 2014 RSA Conference, moderator Neil MacDonald, vice president at Gartner 44
Use Big Data to Analyze Abnormal Usage Pattern Payment Card Terminal Point Of Sale Application Memory Scraping Malware Authorization, Settlement … Web Server Memory Scraping Malware Moscow, Russia FireEye Malware?
Trend - Open Security Analytics Frameworks 46 Source: Emc.com/collateral/white-paper/h12878-rsa-pivotal-security-big-data-reference-architecture Enterprise Big Data Lake
Conclusions Threats are increasing and attackers are getting more advanced • Sticking your head in the sand will not make it go away • Malware is everywhere – secure and monitor the data flow Compliance does not equal security 47 Compliance does not equal security • Everyone must be compliant, but it’s just a starting point • Assume you’re under attack – proactive security must be a priority Take advantage of the tools available today • Tokenization provides flexibility to capture, store and use data securely • Big Data event analysis & context can catch threats early on
Thank you! Questions? Please contact us for more information www.protegrity.com Ulf.Mattsson@protegrity.com To Request A Copy of the Presentation Email: info@protegrity.com

Recomendados

The good, the bad and the ugly of the target data breach
The good, the bad and the ugly of the target data breachThe good, the bad and the ugly of the target data breach
The good, the bad and the ugly of the target data breach
Ulf Mattsson
 
Target Breach Analysis
Target Breach AnalysisTarget Breach Analysis
Target Breach Analysis
Tal Be'ery
 
Data breach at Target, demystified.
Data breach at Target, demystified.Data breach at Target, demystified.
Data breach at Target, demystified.
Cyphort
 
Target Data Breach Case Study 10242014
Target Data Breach Case Study 10242014Target Data Breach Case Study 10242014
Target Data Breach Case Study 10242014
Joseph White MPA CPM
 
Battlefield network
Battlefield networkBattlefield network
Battlefield network
Tal Be'ery
 
Who is the next target and how is big data related ulf mattsson
Who is the next target and how is big data related ulf mattssonWho is the next target and how is big data related ulf mattsson
Who is the next target and how is big data related ulf mattsson
Ulf Mattsson
 
Target data breach presentation
Target data breach presentationTarget data breach presentation
Target data breach presentation
Sreejith Nair
 
Emerging application and data protection for cloud
Emerging application and data protection for cloudEmerging application and data protection for cloud
Emerging application and data protection for cloud
Ulf Mattsson
 

Recomendados

The good, the bad and the ugly of the target data breach
The good, the bad and the ugly of the target data breachThe good, the bad and the ugly of the target data breach
The good, the bad and the ugly of the target data breach
Ulf Mattsson
 
Target Breach Analysis
Target Breach AnalysisTarget Breach Analysis
Target Breach Analysis
Tal Be'ery
 
Data breach at Target, demystified.
Data breach at Target, demystified.Data breach at Target, demystified.
Data breach at Target, demystified.
Cyphort
 
Target Data Breach Case Study 10242014
Target Data Breach Case Study 10242014Target Data Breach Case Study 10242014
Target Data Breach Case Study 10242014
Joseph White MPA CPM
 
Battlefield network
Battlefield networkBattlefield network
Battlefield network
Tal Be'ery
 
Who is the next target and how is big data related ulf mattsson
Who is the next target and how is big data related ulf mattssonWho is the next target and how is big data related ulf mattsson
Who is the next target and how is big data related ulf mattsson
Ulf Mattsson
 
Target data breach presentation
Target data breach presentationTarget data breach presentation
Target data breach presentation
Sreejith Nair
 
Emerging application and data protection for cloud
Emerging application and data protection for cloudEmerging application and data protection for cloud
Emerging application and data protection for cloud
Ulf Mattsson
 
Data Security Breach: The Sony & Staples Story
Data Security Breach: The Sony & Staples StoryData Security Breach: The Sony & Staples Story
Data Security Breach: The Sony & Staples Story
International Institute for Learning
 
[CB20] Illicit QQ Communities: What's Being Shared? by Aaron Shraberg
[CB20] Illicit QQ Communities: What's Being Shared? by Aaron Shraberg[CB20] Illicit QQ Communities: What's Being Shared? by Aaron Shraberg
[CB20] Illicit QQ Communities: What's Being Shared? by Aaron Shraberg
CODE BLUE
 
Mark Arena - Cyber Threat Intelligence #uisgcon9
Mark Arena - Cyber Threat Intelligence #uisgcon9Mark Arena - Cyber Threat Intelligence #uisgcon9
Mark Arena - Cyber Threat Intelligence #uisgcon9
UISGCON
 
Axxera End Point Security Protection
Axxera End Point Security ProtectionAxxera End Point Security Protection
Axxera End Point Security Protection
Shawn Crimson
 
Target data breach case study
Target data breach case studyTarget data breach case study
Target data breach case study
Abhilash vijayan
 
The Anatomy of a Data Breach
The Anatomy of a Data BreachThe Anatomy of a Data Breach
The Anatomy of a Data Breach
David Hunt
 
Insider Threat
Insider ThreatInsider Threat
Insider Threat
Andy Thompson
 
Threat Intelligence Data Collection & Acquisition
Threat Intelligence Data Collection & AcquisitionThreat Intelligence Data Collection & Acquisition
Threat Intelligence Data Collection & Acquisition
EC-Council
 
Why cyber-criminals target Healthcare - Panda Security
Why cyber-criminals target Healthcare - Panda Security Why cyber-criminals target Healthcare - Panda Security
Why cyber-criminals target Healthcare - Panda Security
Panda Security
 
Data protection on premises, and in public and private clouds
Data protection on premises, and in public and private cloudsData protection on premises, and in public and private clouds
Data protection on premises, and in public and private clouds
Ulf Mattsson
 
Year of pawnage - Ian trump
Year of pawnage - Ian trumpYear of pawnage - Ian trump
Year of pawnage - Ian trump
MAXfocus
 
Insider threat v3
Insider threat v3Insider threat v3
Insider threat v3
Lancope, Inc.
 
Dave Mahon - CenturyLink & Cyber Security - How Modern Cyber Attacks Are Disr...
Dave Mahon - CenturyLink & Cyber Security - How Modern Cyber Attacks Are Disr...Dave Mahon - CenturyLink & Cyber Security - How Modern Cyber Attacks Are Disr...
Dave Mahon - CenturyLink & Cyber Security - How Modern Cyber Attacks Are Disr...
Alisha Deboer
 
CYBER SECURITY FOR LAW FIRMS
CYBER SECURITY FOR LAW FIRMSCYBER SECURITY FOR LAW FIRMS
CYBER SECURITY FOR LAW FIRMS
Scott Suhy
 
Cybersecurity in Banking Sector
Cybersecurity in Banking SectorCybersecurity in Banking Sector
Cybersecurity in Banking Sector
Quick Heal Technologies Ltd.
 
Security weekly september 28 october 4, 2021
Security weekly september 28 october 4, 2021 Security weekly september 28 october 4, 2021
Security weekly september 28 october 4, 2021
Roen Branham
 
Cyber Threat Intelligence - It's not just about the feeds
Cyber Threat Intelligence - It's not just about the feedsCyber Threat Intelligence - It's not just about the feeds
Cyber Threat Intelligence - It's not just about the feeds
Iain Dickson
 
Adrian Aldea - IBM X-Force 2013 Mid-Year Trend and Risk Report #uisgcon9
Adrian Aldea - IBM X-Force 2013 Mid-Year Trend and Risk Report #uisgcon9Adrian Aldea - IBM X-Force 2013 Mid-Year Trend and Risk Report #uisgcon9
Adrian Aldea - IBM X-Force 2013 Mid-Year Trend and Risk Report #uisgcon9
UISGCON
 
Data Breach Response is a Team Sport
Data Breach Response is a Team SportData Breach Response is a Team Sport
Data Breach Response is a Team Sport
Quarles & Brady
 
Preventing Advanced Targeted Attacks with IAM Best Practices
Preventing Advanced Targeted Attacks with IAM Best PracticesPreventing Advanced Targeted Attacks with IAM Best Practices
Preventing Advanced Targeted Attacks with IAM Best Practices
Andy Thompson
 
20160628 Tania Martin Data Protection
20160628 Tania Martin Data Protection20160628 Tania Martin Data Protection
20160628 Tania Martin Data Protection
Smals
 
Five steps to secure big data
Five steps to secure big dataFive steps to secure big data
Five steps to secure big data
Ulf Mattsson
 

Mais conteúdo relacionado

Mais procurados

[CB20] Illicit QQ Communities: What's Being Shared? by Aaron Shraberg
[CB20] Illicit QQ Communities: What's Being Shared? by Aaron Shraberg[CB20] Illicit QQ Communities: What's Being Shared? by Aaron Shraberg
[CB20] Illicit QQ Communities: What's Being Shared? by Aaron Shraberg
CODE BLUE
 
Mark Arena - Cyber Threat Intelligence #uisgcon9
Mark Arena - Cyber Threat Intelligence #uisgcon9Mark Arena - Cyber Threat Intelligence #uisgcon9
Mark Arena - Cyber Threat Intelligence #uisgcon9
UISGCON
 
Data protection on premises, and in public and private clouds
Data protection on premises, and in public and private cloudsData protection on premises, and in public and private clouds
Data protection on premises, and in public and private clouds
Ulf Mattsson
 
Year of pawnage - Ian trump
Year of pawnage - Ian trumpYear of pawnage - Ian trump
Year of pawnage - Ian trump
MAXfocus
 
Cyber Threat Intelligence - It's not just about the feeds
Cyber Threat Intelligence - It's not just about the feedsCyber Threat Intelligence - It's not just about the feeds
Cyber Threat Intelligence - It's not just about the feeds
Iain Dickson
 
Adrian Aldea - IBM X-Force 2013 Mid-Year Trend and Risk Report #uisgcon9
Adrian Aldea - IBM X-Force 2013 Mid-Year Trend and Risk Report #uisgcon9Adrian Aldea - IBM X-Force 2013 Mid-Year Trend and Risk Report #uisgcon9
Adrian Aldea - IBM X-Force 2013 Mid-Year Trend and Risk Report #uisgcon9
UISGCON
 

Mais procurados (20)

Data Security Breach: The Sony & Staples Story
Data Security Breach: The Sony & Staples StoryData Security Breach: The Sony & Staples Story
Data Security Breach: The Sony & Staples Story
 
[CB20] Illicit QQ Communities: What's Being Shared? by Aaron Shraberg
[CB20] Illicit QQ Communities: What's Being Shared? by Aaron Shraberg[CB20] Illicit QQ Communities: What's Being Shared? by Aaron Shraberg
[CB20] Illicit QQ Communities: What's Being Shared? by Aaron Shraberg
 
Mark Arena - Cyber Threat Intelligence #uisgcon9
Mark Arena - Cyber Threat Intelligence #uisgcon9Mark Arena - Cyber Threat Intelligence #uisgcon9
Mark Arena - Cyber Threat Intelligence #uisgcon9
 
Axxera End Point Security Protection
Axxera End Point Security ProtectionAxxera End Point Security Protection
Axxera End Point Security Protection
 
Target data breach case study
Target data breach case studyTarget data breach case study
Target data breach case study
 
The Anatomy of a Data Breach
The Anatomy of a Data BreachThe Anatomy of a Data Breach
The Anatomy of a Data Breach
 
Insider Threat
Insider ThreatInsider Threat
Insider Threat
 
Threat Intelligence Data Collection & Acquisition
Threat Intelligence Data Collection & AcquisitionThreat Intelligence Data Collection & Acquisition
Threat Intelligence Data Collection & Acquisition
 
Why cyber-criminals target Healthcare - Panda Security
Why cyber-criminals target Healthcare - Panda Security Why cyber-criminals target Healthcare - Panda Security
Why cyber-criminals target Healthcare - Panda Security
 
Data protection on premises, and in public and private clouds
Data protection on premises, and in public and private cloudsData protection on premises, and in public and private clouds
Data protection on premises, and in public and private clouds
 
Year of pawnage - Ian trump
Year of pawnage - Ian trumpYear of pawnage - Ian trump
Year of pawnage - Ian trump
 
Insider threat v3
Insider threat v3Insider threat v3
Insider threat v3
 
Dave Mahon - CenturyLink & Cyber Security - How Modern Cyber Attacks Are Disr...
Dave Mahon - CenturyLink & Cyber Security - How Modern Cyber Attacks Are Disr...Dave Mahon - CenturyLink & Cyber Security - How Modern Cyber Attacks Are Disr...
Dave Mahon - CenturyLink & Cyber Security - How Modern Cyber Attacks Are Disr...
 
CYBER SECURITY FOR LAW FIRMS
CYBER SECURITY FOR LAW FIRMSCYBER SECURITY FOR LAW FIRMS
CYBER SECURITY FOR LAW FIRMS
 
Cybersecurity in Banking Sector
Cybersecurity in Banking SectorCybersecurity in Banking Sector
Cybersecurity in Banking Sector
 
Security weekly september 28 october 4, 2021
Security weekly september 28 october 4, 2021 Security weekly september 28 october 4, 2021
Security weekly september 28 october 4, 2021
 
Cyber Threat Intelligence - It's not just about the feeds
Cyber Threat Intelligence - It's not just about the feedsCyber Threat Intelligence - It's not just about the feeds
Cyber Threat Intelligence - It's not just about the feeds
 
Adrian Aldea - IBM X-Force 2013 Mid-Year Trend and Risk Report #uisgcon9
Adrian Aldea - IBM X-Force 2013 Mid-Year Trend and Risk Report #uisgcon9Adrian Aldea - IBM X-Force 2013 Mid-Year Trend and Risk Report #uisgcon9
Adrian Aldea - IBM X-Force 2013 Mid-Year Trend and Risk Report #uisgcon9
 
Data Breach Response is a Team Sport
Data Breach Response is a Team SportData Breach Response is a Team Sport
Data Breach Response is a Team Sport
 
Preventing Advanced Targeted Attacks with IAM Best Practices
Preventing Advanced Targeted Attacks with IAM Best PracticesPreventing Advanced Targeted Attacks with IAM Best Practices
Preventing Advanced Targeted Attacks with IAM Best Practices
 

Destaque

Hortonworks Protegrity Webinar: Leverage Security in Hadoop Without Sacrifici...
Hortonworks Protegrity Webinar: Leverage Security in Hadoop Without Sacrifici...Hortonworks Protegrity Webinar: Leverage Security in Hadoop Without Sacrifici...
Hortonworks Protegrity Webinar: Leverage Security in Hadoop Without Sacrifici...
Hortonworks
 
Practical advice for cloud data protection ulf mattsson - jun 2014
Practical advice for cloud data protection ulf mattsson - jun 2014Practical advice for cloud data protection ulf mattsson - jun 2014
Practical advice for cloud data protection ulf mattsson - jun 2014
Ulf Mattsson
 
Choosing the Right Data Security Solution
Choosing the Right Data Security SolutionChoosing the Right Data Security Solution
Choosing the Right Data Security Solution
Protegrity
 

Destaque (7)

20160628 Tania Martin Data Protection
20160628 Tania Martin Data Protection20160628 Tania Martin Data Protection
20160628 Tania Martin Data Protection
 
Five steps to secure big data
Five steps to secure big dataFive steps to secure big data
Five steps to secure big data
 
Why Hacking into Your Company is so Easy
Why Hacking into Your Company is so EasyWhy Hacking into Your Company is so Easy
Why Hacking into Your Company is so Easy
 
Hortonworks Protegrity Webinar: Leverage Security in Hadoop Without Sacrifici...
Hortonworks Protegrity Webinar: Leverage Security in Hadoop Without Sacrifici...Hortonworks Protegrity Webinar: Leverage Security in Hadoop Without Sacrifici...
Hortonworks Protegrity Webinar: Leverage Security in Hadoop Without Sacrifici...
 
How to evaluate data protection technologies - Mastercard conference
How to evaluate data protection technologies - Mastercard conferenceHow to evaluate data protection technologies - Mastercard conference
How to evaluate data protection technologies - Mastercard conference
 
Practical advice for cloud data protection ulf mattsson - jun 2014
Practical advice for cloud data protection ulf mattsson - jun 2014Practical advice for cloud data protection ulf mattsson - jun 2014
Practical advice for cloud data protection ulf mattsson - jun 2014
 
Choosing the Right Data Security Solution
Choosing the Right Data Security SolutionChoosing the Right Data Security Solution
Choosing the Right Data Security Solution
 

Semelhante a Verizon 2014 data breach investigation report and the target breach

Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...
Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...
Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...
IBM Security
 
1. security 20 20 - ebook-vol2
1. security 20 20 - ebook-vol21. security 20 20 - ebook-vol2
1. security 20 20 - ebook-vol2
Adela Cocic
 
Cybersecurity - you are being targeted -Keyven Lewis, CMIT SOLUTIONS
Cybersecurity - you are being targeted -Keyven Lewis, CMIT SOLUTIONSCybersecurity - you are being targeted -Keyven Lewis, CMIT SOLUTIONS
Cybersecurity - you are being targeted -Keyven Lewis, CMIT SOLUTIONS
Randall Chase
 
ESR_cyberSecurity_issue-1-1 (1)
ESR_cyberSecurity_issue-1-1 (1)ESR_cyberSecurity_issue-1-1 (1)
ESR_cyberSecurity_issue-1-1 (1)
Julie Bridgen
 
Cyber Liability & Cyber Insurance - Cybersecurity Seminar Series
Cyber Liability & Cyber Insurance - Cybersecurity Seminar SeriesCyber Liability & Cyber Insurance - Cybersecurity Seminar Series
Cyber Liability & Cyber Insurance - Cybersecurity Seminar Series
Paige Rasid
 
Sept 2012 data security & cyber liability
Sept 2012 data security & cyber liabilitySept 2012 data security & cyber liability
Sept 2012 data security & cyber liability
DFickett
 

Semelhante a Verizon 2014 data breach investigation report and the target breach (20)

Key note in nyc the next breach target and how oracle can help - nyoug
Key note in nyc the next breach target and how oracle can help - nyougKey note in nyc the next breach target and how oracle can help - nyoug
Key note in nyc the next breach target and how oracle can help - nyoug
 
Who is the next target proactive approaches to data security
Who is the next target proactive approaches to data securityWho is the next target proactive approaches to data security
Who is the next target proactive approaches to data security
 
BIZGrowth Strategies - Cybersecurity Special Edition
BIZGrowth Strategies - Cybersecurity Special EditionBIZGrowth Strategies - Cybersecurity Special Edition
BIZGrowth Strategies - Cybersecurity Special Edition
 
Cyber Risk for Construction Industry
Cyber Risk for Construction Industry Cyber Risk for Construction Industry
Cyber Risk for Construction Industry
 
November 2017: Part 6
November 2017: Part 6November 2017: Part 6
November 2017: Part 6
 
Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...
Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...
Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...
 
The Protected Harbor 2022 Legal Services Data Breach Trend Report (2).pdf
The Protected Harbor 2022 Legal Services Data Breach Trend Report (2).pdfThe Protected Harbor 2022 Legal Services Data Breach Trend Report (2).pdf
The Protected Harbor 2022 Legal Services Data Breach Trend Report (2).pdf
 
1. security 20 20 - ebook-vol2
1. security 20 20 - ebook-vol21. security 20 20 - ebook-vol2
1. security 20 20 - ebook-vol2
 
Cybersecurity - you are being targeted -Keyven Lewis, CMIT SOLUTIONS
Cybersecurity - you are being targeted -Keyven Lewis, CMIT SOLUTIONSCybersecurity - you are being targeted -Keyven Lewis, CMIT SOLUTIONS
Cybersecurity - you are being targeted -Keyven Lewis, CMIT SOLUTIONS
 
IBM Security Services
IBM Security ServicesIBM Security Services
IBM Security Services
 
220715_Cybersecurity: What's at stake?
220715_Cybersecurity: What's at stake?220715_Cybersecurity: What's at stake?
220715_Cybersecurity: What's at stake?
 
ESR_cyberSecurity_issue-1-1 (1)
ESR_cyberSecurity_issue-1-1 (1)ESR_cyberSecurity_issue-1-1 (1)
ESR_cyberSecurity_issue-1-1 (1)
 
Cyber Liability & Cyber Insurance - Cybersecurity Seminar Series
Cyber Liability & Cyber Insurance - Cybersecurity Seminar SeriesCyber Liability & Cyber Insurance - Cybersecurity Seminar Series
Cyber Liability & Cyber Insurance - Cybersecurity Seminar Series
 
Forrester no more chewy centers- the zero trust model
Forrester no more chewy centers- the zero trust modelForrester no more chewy centers- the zero trust model
Forrester no more chewy centers- the zero trust model
 
Proven Practices to Protect Critical Data - DarkReading VTS Deck
Proven Practices to Protect Critical Data - DarkReading VTS DeckProven Practices to Protect Critical Data - DarkReading VTS Deck
Proven Practices to Protect Critical Data - DarkReading VTS Deck
 
In the news
In the newsIn the news
In the news
 
30 years living a happy life - Breaking Systems, Chasing Bad Guys and Teachin...
30 years living a happy life - Breaking Systems, Chasing Bad Guys and Teachin...30 years living a happy life - Breaking Systems, Chasing Bad Guys and Teachin...
30 years living a happy life - Breaking Systems, Chasing Bad Guys and Teachin...
 
Cyber security master class 2018
Cyber security master class 2018Cyber security master class 2018
Cyber security master class 2018
 
Sept 2012 data security & cyber liability
Sept 2012 data security & cyber liabilitySept 2012 data security & cyber liability
Sept 2012 data security & cyber liability
 
The Five Biggest Cyber Security Trends In 2022
The Five Biggest Cyber Security Trends In 2022The Five Biggest Cyber Security Trends In 2022
The Five Biggest Cyber Security Trends In 2022
 

Mais de Ulf Mattsson

Jun 29 new privacy technologies for unicode and international data standards ...
Jun 29 new privacy technologies for unicode and international data standards ...Jun 29 new privacy technologies for unicode and international data standards ...
Jun 29 new privacy technologies for unicode and international data standards ...
Ulf Mattsson
 
Book
BookBook
Book
Ulf Mattsson
 
Qubit conference-new-york-2021
Qubit conference-new-york-2021Qubit conference-new-york-2021
Qubit conference-new-york-2021
Ulf Mattsson
 
Secure analytics and machine learning in cloud use cases
Secure analytics and machine learning in cloud use casesSecure analytics and machine learning in cloud use cases
Secure analytics and machine learning in cloud use cases
Ulf Mattsson
 
Data encryption and tokenization for international unicode
Data encryption and tokenization for international unicodeData encryption and tokenization for international unicode
Data encryption and tokenization for international unicode
Ulf Mattsson
 
Privacy preserving computing and secure multi-party computation ISACA Atlanta
Privacy preserving computing and secure multi-party computation ISACA AtlantaPrivacy preserving computing and secure multi-party computation ISACA Atlanta
Privacy preserving computing and secure multi-party computation ISACA Atlanta
Ulf Mattsson
 
Safeguarding customer and financial data in analytics and machine learning
Safeguarding customer and financial data in analytics and machine learningSafeguarding customer and financial data in analytics and machine learning
Safeguarding customer and financial data in analytics and machine learning
Ulf Mattsson
 
Protecting data privacy in analytics and machine learning ISACA London UK
Protecting data privacy in analytics and machine learning ISACA London UKProtecting data privacy in analytics and machine learning ISACA London UK
Protecting data privacy in analytics and machine learning ISACA London UK
Ulf Mattsson
 
New opportunities and business risks with evolving privacy regulations
New opportunities and business risks with evolving privacy regulationsNew opportunities and business risks with evolving privacy regulations
New opportunities and business risks with evolving privacy regulations
Ulf Mattsson
 
Protecting data privacy in analytics and machine learning - ISACA
Protecting data privacy in analytics and machine learning - ISACAProtecting data privacy in analytics and machine learning - ISACA
Protecting data privacy in analytics and machine learning - ISACA
Ulf Mattsson
 

Mais de Ulf Mattsson (20)

Jun 29 new privacy technologies for unicode and international data standards ...
Jun 29 new privacy technologies for unicode and international data standards ...Jun 29 new privacy technologies for unicode and international data standards ...
Jun 29 new privacy technologies for unicode and international data standards ...
 
Jun 15 privacy in the cloud at financial institutions at the object managemen...
Jun 15 privacy in the cloud at financial institutions at the object managemen...Jun 15 privacy in the cloud at financial institutions at the object managemen...
Jun 15 privacy in the cloud at financial institutions at the object managemen...
 
Book
BookBook
Book
 
May 6 evolving international privacy regulations and cross border data tran...
May 6 evolving international privacy regulations and cross border data tran...May 6 evolving international privacy regulations and cross border data tran...
May 6 evolving international privacy regulations and cross border data tran...
 
Qubit conference-new-york-2021
Qubit conference-new-york-2021Qubit conference-new-york-2021
Qubit conference-new-york-2021
 
Secure analytics and machine learning in cloud use cases
Secure analytics and machine learning in cloud use casesSecure analytics and machine learning in cloud use cases
Secure analytics and machine learning in cloud use cases
 
Evolving international privacy regulations and cross border data transfer - g...
Evolving international privacy regulations and cross border data transfer - g...Evolving international privacy regulations and cross border data transfer - g...
Evolving international privacy regulations and cross border data transfer - g...
 
Data encryption and tokenization for international unicode
Data encryption and tokenization for international unicodeData encryption and tokenization for international unicode
Data encryption and tokenization for international unicode
 
The future of data security and blockchain
The future of data security and blockchainThe future of data security and blockchain
The future of data security and blockchain
 
New technologies for data protection
New technologies for data protectionNew technologies for data protection
New technologies for data protection
 
GDPR and evolving international privacy regulations
GDPR and evolving international privacy regulationsGDPR and evolving international privacy regulations
GDPR and evolving international privacy regulations
 
Privacy preserving computing and secure multi-party computation ISACA Atlanta
Privacy preserving computing and secure multi-party computation ISACA AtlantaPrivacy preserving computing and secure multi-party computation ISACA Atlanta
Privacy preserving computing and secure multi-party computation ISACA Atlanta
 
Safeguarding customer and financial data in analytics and machine learning
Safeguarding customer and financial data in analytics and machine learningSafeguarding customer and financial data in analytics and machine learning
Safeguarding customer and financial data in analytics and machine learning
 
Protecting data privacy in analytics and machine learning ISACA London UK
Protecting data privacy in analytics and machine learning ISACA London UKProtecting data privacy in analytics and machine learning ISACA London UK
Protecting data privacy in analytics and machine learning ISACA London UK
 
New opportunities and business risks with evolving privacy regulations
New opportunities and business risks with evolving privacy regulationsNew opportunities and business risks with evolving privacy regulations
New opportunities and business risks with evolving privacy regulations
 
What is tokenization in blockchain - BCS London
What is tokenization in blockchain - BCS LondonWhat is tokenization in blockchain - BCS London
What is tokenization in blockchain - BCS London
 
Protecting data privacy in analytics and machine learning - ISACA
Protecting data privacy in analytics and machine learning - ISACAProtecting data privacy in analytics and machine learning - ISACA
Protecting data privacy in analytics and machine learning - ISACA
 
What is tokenization in blockchain?
What is tokenization in blockchain?What is tokenization in blockchain?
What is tokenization in blockchain?
 
Nov 2 security for blockchain and analytics ulf mattsson 2020 nov 2b
Nov 2 security for blockchain and analytics ulf mattsson 2020 nov 2bNov 2 security for blockchain and analytics ulf mattsson 2020 nov 2b
Nov 2 security for blockchain and analytics ulf mattsson 2020 nov 2b
 
Unlock the potential of data security 2020
Unlock the potential of data security 2020Unlock the potential of data security 2020
Unlock the potential of data security 2020
 

Último

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
giselly40
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
Delhi Call girls
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
Delhi Call girls
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
Delhi Call girls
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
Earley Information Science
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Igalia
 

Último (20)

04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 

Verizon 2014 data breach investigation report and the target breach

  • 1. Verizon 2014 Data Breach Investigation ReportVerizon 2014 Data Breach Investigation Report and The Target Breach Proactive Approaches to Data Security Ulf Mattsson CTO, Protegrity Ulf.Mattsson@protegrity.com
  • 2. Member of PCI Security Standards Council: • Tokenization Task Force • Encryption Task Force • Point to Point Encryption Task Force • Risk Assessment SIG Ulf Mattsson, Protegrity CTO • eCommerce SIG • Cloud SIG • Virtualization SIG • Pre-Authorization SIG • Scoping SIG 2
  • 3. The Target Data Breach Data Security & Threat Landscape Topics Think Like A Hacker - Proactive Data Security New Data Security Technologies & Approaches 3
  • 5. First Attack: Fazio Mechanical Services • A 3rd party refrigeration design & maintenance contractor for Target • Email malware-injecting phishing attack • Credentials were stolen Second Attack: Target POS Machines • Used stolen credentials from Fazio Mechanical Services to access POS machines How The Breach at Target Went Down • Installation of malware to collect customer payment data Aftermath: Malware Data Export • >40 million customer financial records & CCN • >70 million customer personal information records • The subsequent file dump containing customer data is reportedly flooding the black market • Starting point for the manufacture of fake bank cards, or provide data required for identity theft. Source: Brian Krebs and www.zdnet.com/how-hackers-stole-millions-of-credit-card-records-from-target-7000026299/ 5
  • 6. Memory Scraping Malware – Target Breach Payment Card Terminal Point Of Sale Application Memory Scraping Malware Authorization, Settlement … Web Server Memory Scraping Malware Russia 6
  • 7. Security software picked up on suspicious activity after a cyberattack was launched, but it decided not to take immediate action Received security alerts on Nov. 30 that Target Says It Ignored Early Signs of Data Breach Received security alerts on Nov. 30 that indicated malicious software had appeared in its network Source: SEC (Securities and Exchange Commission )7
  • 8. Target Corp. annual report: Massive security breach has hurt its image and business, while spawning dozens of legal actions, and it can't estimate how big the financial tab will end up being. The FTC is probing the massive hack of credit card information. Target could face federal charges for Target Data Breach Fallout failing to protect its customers' data. “When you see a data breach of this size with clear harm to consumers, it's clearly something that the FTC would be interested in looking at.” - Jon Leibowitz, former FTC chairman Source: Bloomberg Businessweek8
  • 9. Target Data Breach Fallout Target CIO Beth Jacob resigned 9
  • 10. WHO IS THE NEXT TARGET?TARGET? 10
  • 11. Who is the Next Target? Services Retailers 11 Healthcare Government
  • 12. It’s not like other businesses are using some special network security practices that Target doesn’t know about. They just haven’t been hit yet.They just haven’t been hit yet. No number of walls, traps, bars, or alarms will keep out the determined thief. 12 Source: www.govtech.com/security
  • 13. New Environments Big Data and Cloud platforms are presenting new use cases that are incompatible with old security approaches. This makes them vulnerable and ideal targets. Cloud & Big Data Vulnerabilities Include: Hackers & APT Rogue Privileged Users Unvetted Applications Or Ad Hoc Processes
  • 14. DATA SECURITY & THREAT LANDSCAPETHREAT LANDSCAPE 14 How have the methods of attack shifted?
  • 15. “It’s clear the bad guys are winning at a faster rate than the good guys are winning, and we’ve The Bad Guys are Winning 15 Source: searchsecurity.techtarget.com/news/2240215422/In-2014-DBIR-preview-Verizon-says-data-breach-response-gap-widening are winning, and we’ve got to solve that.” - 2014 Verizon Data Breach Investigations Report
  • 16. External Threats are Exploding 16 Source: The 2014 Verizon Data Breach Investigations Report
  • 17. More, Better Attack Tools 17 Source: The 2014 Verizon Data Breach Investigations Report
  • 18. Changing Motives 18 Source: The 2014 Verizon Data Breach Investigations Report
  • 19. We Are Losing Ground “…Even though security is improving, things are getting worse faster, so we're losing ground 19 we're losing ground even as we improve.” - Security expert Bruce Schneier Source: http://www.businessinsider.com/bruce-schneier-apple-google-smartphone-security-2012-11
  • 20. Organizations Are Not Protecting Against Cyberattacks “Cyber attack fallout could cost the global economy $3 trillion by 2020.” 20 Source: McKinsey report on enterprise IT security implications released in January 2014. 2020.” - McKinsey & Company report Risk & Responsibility in a Hyperconnected World: Implications for Enterprises
  • 21. Organizations Are Also Bad At Detecting Breaches 21 Verizon 2013 Data-breach-investigations-report & 451 Research
  • 23. New Malware Detections Source: mcafee.com/us/resources/reports/rp-quarterly-threat-q3-2013.pdf 23
  • 24. #17 in 2012 among all types of incidents, rose to a very concerning #4 spot in 2013. Incidents surged from just 27 in 2012 to 223 in 2013. The Dramatic Rise of RAM Scraping Malware to 223 in 2013. 24 Source: Verizon’s 2014 Data Breach Investigations Report A 10x increase in only ONE YEAR.
  • 25. In past year, there were at least 20 malware cyber attacks on retail targets similar to Target incident. “POS malware crime will continue to grow over the near term.” FBI Memory-Scraping Malware Warning grow over the near term.” Report: “Recent Cyber Intrusion Events Directed Toward Retail Firms” Source: searchsecurity.techtarget.com/news/2240213143/FBI-warns-of-memory-scraping- malware-in-wake-of-Target-breach 25
  • 26. Export data became the #1 malware threat in 2013, doubling in occurrence from 2012. Malware represented 60% (12/20) of the top threat actors in the 2014 Verizon DBIR. The Dramatic Rise of RAM Scraping Malware threat actors in the 2014 Verizon DBIR. 26 Source: Verizon’s 2014 Data Breach Investigations Report My conclusion: Malware will continue to proliferate until we secure the sensitive data flow.
  • 27. THINK LIKE A HACKERHACKER How can we shift from reactive to proactive thinking? 27
  • 28. How do hackers think? Like a business. Go where the money is Thinking Like A Hacker Multiple touches to get in Easier targets = Higher ROI
  • 29. The Modern Day Bank Robber 29
  • 30. Target was certified as meeting the standard for the Payment Card Industry in September 2013 Compliance is minimal protection that everyone has to have in place. • It can protect from liability. Target Breach Lesson: Compliance Isn't Enough • But obviously, it does not actually protect from data loss. If you're driving a car, you have to wear your seatbelt. That doesn't make you a safe driver. Source: TechNewsWorld 30
  • 31. TURNING THE TIDE 31 What new technologies and techniques can be used to prevent future attacks?
  • 32. Coarse Grained Security • Access Controls • Volume Encryption • File Encryption Fine Grained Security Evolution of Data Security Methods EvolutionFine Grained Security • Access Controls • Field Encryption • Masking • Tokenization • Vaultless Tokenization 32 Evolution
  • 33. Fine Grained (Field-Level) Sensitive Data Security allows for a Wider andallows for a Wider and Deeper Range of Authority Options 33
  • 34. Risk High – Old: Minimal access levels – Least New : Much greater The New Fine Grained Data Security Access Privilege Level I High I Low Low – levels – Least Privilege to avoid high risks Much greater flexibility and lower risk in data accessibility 34
  • 35. What if a Credit Card Number in the Hands of a Criminal was Useless? 35
  • 36. De-identification through Tokenization Field Real Data Tokenized / Pseudonymized Name Joe Smith csu wusoj Address 100 Main Street, Pleasantville, CA 476 srta coetse, cysieondusbak, CA Date of Birth 12/25/1966 01/02/1966 Telephone 760-278-3389 760-389-2289 E-Mail Address joe.smith@surferdude.org eoe.nwuer@beusorpdqo.org SSN 076-39-2778 076-28-3390 CC Number 3678 2289 3907 3378 3846 2290 3371 3378 Business URL www.surferdude.com www.sheyinctao.com Fingerprint Encrypted Photo Encrypted X-Ray Encrypted Healthcare / Financial Services Dr. visits, prescriptions, hospital stays and discharges, clinical, billing, etc. Financial Services Consumer Products and activities Protection methods can be equally applied to the actual data, but not needed with de-identification 36
  • 37. Fine Grained Data Security Methods Tokenization and Encryption are Different Used Approach Cipher System Code System Cryptographic algorithms Cryptographic keys TokenizationEncryption 37 Cryptographic keys Code books Index tokens
  • 38. Different Tokenization Approaches Property Dynamic Pre-generated Vaultless Vault-based 38
  • 39. Security of Fine Grained Protection Methods High Security Level I Format Preserving Encryption I Vaultless Data Tokenization I AES CBC Encryption Standard I Basic Data Tokenization 39 Low
  • 40. 10 000 000 - 1 000 000 - 100 000 - 10 000 - Transactions per second* Speed of Fine Grained Protection Methods 10 000 - 1 000 - 100 - I Format Preserving Encryption I Vaultless Data Tokenization I AES CBC Encryption Standard I Vault-based Data Tokenization *: Speed will depend on the configuration 40
  • 41. Tokenization Research Tokenization Gets Traction Aberdeen has seen a steady increase in enterprise use of tokenization for protecting sensitive data over encryption Nearly half of the respondents (47%) are currently using tokenization for something other than cardholder data Tokenization users had 50% fewer security-related incidents than tokenization non-users 41 Source: http://www.protegrity.com/2012/08/tokenization-gets-traction-from-aberdeen/
  • 42. Use Case How Should I Secure Different Data? Simple – PCI PII Encryption of Files Card Holder Data Tokenization of Fields Personally Identifiable Information Type of Data I Structured I Un-structured Complex – PHI Protected Health Information 42 Personally Identifiable Information
  • 43. Protecting Enterprise Data Flow 123456 123456 1234 CCN/SSN Social Media Blogs Smart Phones Meters Sensors Web Logs Trading Systems GPS Signals Stream 043 123456 999999 1234 Protecting Data Flows – Reducing Attack Surface Big Data (Hadoop) Acquisition Analytics & Visualization Enterprise Data Warehouse
  • 44. You must assume your perimeter systems will be breached. How do you know when your systems have been compromised? You have to baseline and understand what ‘normal' looks like and look for deviations from normal. McAfee and Symantec can't tell you what normal looks like in your own systems. Only monitoring anomalies can do that. CISOs say SIEM Not Good for Security Analytics Only monitoring anomalies can do that. Monitoring could be focused on a variety of network and end-user activities, including network flow data, file activity and even going all the way down to the packets Source: 2014 RSA Conference, moderator Neil MacDonald, vice president at Gartner 44
  • 45. Use Big Data to Analyze Abnormal Usage Pattern Payment Card Terminal Point Of Sale Application Memory Scraping Malware Authorization, Settlement … Web Server Memory Scraping Malware Moscow, Russia FireEye Malware?
  • 46. Trend - Open Security Analytics Frameworks 46 Source: Emc.com/collateral/white-paper/h12878-rsa-pivotal-security-big-data-reference-architecture Enterprise Big Data Lake
  • 47. Conclusions Threats are increasing and attackers are getting more advanced • Sticking your head in the sand will not make it go away • Malware is everywhere – secure and monitor the data flow Compliance does not equal security 47 Compliance does not equal security • Everyone must be compliant, but it’s just a starting point • Assume you’re under attack – proactive security must be a priority Take advantage of the tools available today • Tokenization provides flexibility to capture, store and use data securely • Big Data event analysis & context can catch threats early on
  • 48. Thank you! Questions? Please contact us for more information www.protegrity.com Ulf.Mattsson@protegrity.com To Request A Copy of the Presentation Email: info@protegrity.com