Financial institution security top it security risk
•
0 gostou•584 visualizações
Redspin founder and security evangelist, John Abraham gives a keynote speaker at a Financial Institution's Security Conference.
Recomendados
Recomendados
Mais conteúdo relacionado
Destaque
Semelhante a Financial institution security top it security risk
Semelhante a Financial institution security top it security risk (20)
Mais de Redspin, Inc.
Mais de Redspin, Inc. (20)
Último
Último (20)
Financial institution security top it security risk
- 1. Financial Institution Security Top IT Security Risk April 13, 2011 - John Abraham
- 2. Issue 1: Systematic Risk Management Focus, focus, focus
- 3. Source: ISO 27001, NIST SP 800-39, PCI DSS, FFIEC, COBIT, 3 HIPAA - Administrative Safeguards (§164.308), ...
- 4. 4
- 5. Issue 2: Mobile Devices in the Enterprise
- 8. Issue 4: Social Media Information Disclosure
- 10. Issue 6: rd 3 -Party Mobile Applications Patch Management + Mobile Applications = Danger!
- 11. Issue 7: Vendor Management The days of “Oops, it was the vendor” being a valid excuse for a data breach are long over.
- 12. Issue 8: SQL Injection Never trust the user!
- 13. Issue 9: Inadequate Testing Programs Existence does not equal Effective
- 14. 14
- 15. PIX Version 6.3(5) interface ethernet0 auto interface ethernet1 auto interface ethernet2 auto nameif ethernet0 outside security0 nameif ethernet1 inside security100 nameif ethernet2 dmz security50 ... access-list out permit tcp any host 10.0.0.15 eq smtp access-list out permit tcp any host 10.0.0.15 eq www access-list dmz permit ip host 192.168.0.13 172.16.0.0 255.255.255.0 access-list dmz deny ip 192.168.0.0 255.255.255.0 172.16.0.0 255.255.255.0 access-list dmz permit tcp host 192.168.0.13 172.16.0.0 255.255.255.0 eq smtp access-list in deny tcp host 172.16.0.2 host 192.168.0.13 eq ftp access-list in permit tcp 172.16.0.0 255.255.255.0 any eq www access-list in permit tcp 172.16.0.0 255.255.255.0 any eq https access-list in permit tcp 172.16.0.0 255.255.255.0 any eq 37 access-list in permit udp 172.16.0.0 255.255.255.0 any eq time access-list in permit udp 172.16.0.0 255.255.255.0 any eq domain access-list in permit udp 172.16.0.0 255.255.255.0 any eq telnet access-list in permit tcp 172.16.0.0 255.255.255.0 any eq ssh access-list in permit tcp 172.16.0.0 255.255.255.0 any eq daytime access-list in permit tcp 172.16.0.0 255.255.255.0 host 192.168.0.13 eq www access-list in permit tcp 172.16.0.0 255.255.255.0 host 192.168.0.13 eq https ... ip address outside 10.0.0.2 255.255.255.0 ip address inside 172.16.0.2 255.255.255.0 ip address dmz 192.168.0.1 255.255.255.0 ip audit info action alarm ip audit attack action alarm pdm history enable arp timeout 14400 global (outside) 1 10.0.0.3 nat (inside) 1 172.16.0.0 255.255.255.0 0 0 static (dmz,outside) 10.0.0.15 192.168.0.13 netmask 255.255.255.255 0 0 access-group out in interface outside access-group in in interface inside access-group dmz in interface dmz ... 15
- 16. PIX Version 6.3(5) interface ethernet0 auto interface ethernet1 auto interface ethernet2 auto nameif ethernet0 outside security0 nameif ethernet1 inside security100 nameif ethernet2 dmz security50 ... access-list out permit tcp any host 10.0.0.15 eq smtp access-list out permit tcp any host 10.0.0.15 eq www access-list dmz permit ip host 192.168.0.13 172.16.0.0 255.255.255.0 access-list dmz deny ip 192.168.0.0 255.255.255.0 172.16.0.0 255.255.255.0 access-list dmz permit tcp host 192.168.0.13 172.16.0.0 255.255.255.0 eq smtp access-list in deny tcp host 172.16.0.2 host 192.168.0.13 eq ftp access-list in permit tcp 172.16.0.0 255.255.255.0 any eq www access-list in permit tcp 172.16.0.0 255.255.255.0 any eq https access-list in permit tcp 172.16.0.0 255.255.255.0 any eq 37 access-list in permit udp 172.16.0.0 255.255.255.0 any eq time access-list in permit udp 172.16.0.0 255.255.255.0 any eq domain access-list in permit udp 172.16.0.0 255.255.255.0 any eq telnet access-list in permit tcp 172.16.0.0 255.255.255.0 any eq ssh access-list in permit tcp 172.16.0.0 255.255.255.0 any eq daytime access-list in permit tcp 172.16.0.0 255.255.255.0 host 192.168.0.13 eq www access-list in permit tcp 172.16.0.0 255.255.255.0 host 192.168.0.13 eq https ... ip address outside 10.0.0.2 255.255.255.0 ip address inside 172.16.0.2 255.255.255.0 ip address dmz 192.168.0.1 255.255.255.0 ip audit info action alarm ip audit attack action alarm pdm history enable arp timeout 14400 global (outside) 1 10.0.0.3 nat (inside) 1 172.16.0.0 255.255.255.0 0 0 static (dmz,outside) 10.0.0.15 192.168.0.13 netmask 255.255.255.255 0 0 access-group out in interface outside access-group in in interface inside access-group dmz in interface dmz ... 16
- 17. + + Free USB Drives
- 19. Issue 10: Social Engineering... phishing Our testing shows: 30% failure rate Recent news: Epsilon breach RSA Security breach
- 20. Issue 10.5: Lack of Mobile Device Security Policy Policy components: Access control Authentication Encryption Incident response Training & awareness Vulnerability management
- 21. { Thanks! } John Abraham jabraham@redspin.com 805-705-8040 (mobile)
- 22. Summary: Top Security Risks for 2011 Risk Management Mobile Devices in the Enterprise Wireless Social Media Information Disclosure Virtualization Sprawl 3rd-Party Mobile Applications Vendor Management SQL Injection Inadequate Testing Programs Social Engineering Mobile Device Security Policy
- 23. And from last year: Don't forget about.... Faulty DMZs Virus protection Encryption