10 March 2016
Is Big Data analytics the next step for SOC's and large companies? Peter van den Heuvel SecureLink Security BootCamp
10 March 2016
Cyber Risk “Cybersecurity specialists claim that almost every company is already hacked, hack demo's show how easy hackers find their way from a home device to the office environment. IoT devices spread rapidly but security is running behind. Shadow IT and/or badly controlled cloud solutions create Shadow risk. will identity theft shortly enter the business domain? Step by step "traditional "security defence solutions and awareness programs will reach their limits. How can we fight cybercrime in the future? Is big data promoted in other industries also the solution against cybercrime? What are the opportunities and risks?”
2
10 March 2016
Toenemende dreiging Dreiging neemt toe Creeper 1971 Defacing Eerste humoristisch virussen Eerste verstorende virussen (dataverlies) Inbreuk met schade DoS en DDoS Zero day defects Eerste firewall scan software Data diefstal Phishing Ransomware ~90% van de netwerken is geïnfiltreerd 2016? 3
10 March 2016
Is awareness afdoende? Toenemende perfectie phishing mails
4
10 March 2016
Hackers worden steeds slimmer
• Email ontvangen of USB gift • USB inserted of mail geopend • Het virus wordt actief en installeert een Keyboard logger • User logt in op privé mail • Hacker ziet username en password • Hacker Logt in op mail en stuurt mail naar collega
• Collega opent mail en opent de bijlage. • het virus installeert een keyboard logger of remote access • Hacker neemt controle pc over en stuurt weer een mail door totdat hij op een pc met voldoende rechten zit. • De setup voor ransomware of data diefstal is gereed. • Hacker start afpersen.
Medewerker 1
Thuis
5
Medewerker 2
Kantoor
Detectie verhogen met Big Data Analyse
Firewall data
End point data
Actie
Verzamelen
Structureren
Analyse Alert
SOC
Netwerk data
AD data
. 1 Bron . . .
Patroon
Detectie (Afwijkingen)
Advies
Report
Stats Bron n
6
10 March 2016
Cloud
Cloud policy? Mogen uw medewerkers cloudoplossingen gebruiken?
Is blokkeren een optie? iPhone Apps Wetgeving Datalekken Dropbox
7
In Control
10 March 2016
Hoe veilig zijn cloudoplossingen
Belangrijke factoren
• Resources, kennis en middelen voor de beveiliging • Risico profiel organisatie • Juridisch kader • Locatie • Toegang tot de Cloud dienst • Modus Operandi, Hackers search for the weakest link
8
10 March 2016
Centrale User Controle
Internet And/ Or
Secure connection
Access verification
Token
Username password SAML 9
Username password
Username password
10 March 2016
Cloud principes Cloud Principles 1. Information is secure 2. Continuity of services is guaranteed 3. Information is as close to home as possible 4. Legal privilege is maintained in the cloud 5. Information is portable 6. Compliance with applicable law is guaranteed, including data protection law 7. Data retention and access management is facilitated 8. "Data ownership" is with Customer 9. Legal risk is sufficiently addressed in a contract
10
10 March 2016
Voorbeeld toepassen Cloud principes
e l p am
11
Principle (1)
Required for solution (2)
Information is Secure
Ex
Specs Cloud solution A
Specs Cloud solution B
ISAE3402, Europe based HQ
ISO27001
ISEA3402
Continuity of service
99,95% uptime
99,95%
99,98%
Data close to home
Europe, min 2 countries
Poland, India
Dld, NL, UK
Legal privilege
No cooperation to authorities
US law
Statement, European law
Data portability
Extract <5 days, delete
3 days, guaranteed deletion
5 days certified deletion
Compliance applicable law
No privacy data
Agree to sign data processing agreement
Agree to sign data processing agreement
Data retention
Delete after 5 years
Delete flexible
Delete 5 years
Data Ownership
Customer
Meta data shared
Customer
Authentication
Multi factor password + location
Password + soft key
Password, soft key, location.
Technology Test Flights Locatie Netwerkplein 13:25 – 14:10 uur
