2015 Cyber security solutions vs cyber criminals @WOHIT2015 (EU eHealth week)
-
Upload
andris-soroka -
Category
Technology
-
view
186 -
download
3
Transcript of 2015 Cyber security solutions vs cyber criminals @WOHIT2015 (EU eHealth week)
“Data Security Solutions” business cardWhat We Do?
DSS
ICT Security Provider
Advisory, Consulting, Installation,
Support
Most Innovative Portfolio in
BalticsMember–
ships, Awareness
Rising
Technology &
Knowledge Transfer
ICT Security
Evangelists
Endpoints
Applications
Networks
Data
Identity
Mobility
Management
Cloud
DSS Delivering Excellent ICT Security Operatitions to its Customers
Customer ICT Security
Operations Excellence
Cooperation with Industry Top Technology
Leaders Recognised by Gartner, IDC,
Forester
Top level ICT Security
Professionals
Selected Cutting Edge ICT Security Innovative
TechnologyIntegration
Pan-Baltic
Projects
Particular Focus on Security
Our international cyber security conference
In 2015 included in World Summit of Information Society Prize candidates.
Online voting is ON.
C5 – building theConfidence in Security in the use of ICT.
FIRST PART
Digital world of today and health industry
Cybercrime and health organizations
Why industries loose against cybercrime
SECOND PART
10 most important controls to stay safe
Conclusion and Q&A
Agenda (Two acts drama)
mHealth, including drone drugs delivery
Artificial Intelligence (IBM Watson)
GIS systems (112 or 911)
eHealth in general
Cloud, Mobility, Applications, Self
Service, Telemedicine, BIG data etc. –
whole scosystem of connected
organizations, health pro’s and patients
Digital technolgy advantages
The health industry ecosystem
Patients /Consumers
Healthcare ProvidersIntegrated Delivery Networks, Large
University Medical Centers, Independent Community Hospitals, Physician Private
Practices
Public HealthPandemic readinessVaccine inventory &
distributionSanitation & public safety
Government AgenciesRegulatory & Research Agencies,
FDA, WHO, DHHSS, CDC, NIH, Health Ministries
Patient EducationHealthy Lifestyles
Health ClubsHealth & Wellness Programs
Transaction ServicesClaims Processing
Banks / Health Savings
Health Plans / PayersPrivate – BCBS plans, large national plans,
mid-sized regional plans
Government / National Plans, Medicare Medicaid
PharmaciesPharmacy Benefit
ManagementRetail ClinicsSolution Providers
IT Infrastructure and Service Providers, Application Providers
Medical DevicesImaging
Archiving & Retention
Drug Developers Large Pharma, Integrated Biotech,
Research Biotech
Economics of cybercrime @health
EHR worths in black market 20x more than credit card data
record, however by adding full profile of victim one profile could
cost on average more than 500USD per record..
Health incidents are at least twice harder to detect so valid
much longer time than financial fraud
One database record could be sold up to 8 or more different
criminal groups (blackmail, insurance fraud, identity and
financial fraud, medicine sales, competition and so on)
Just use imagination what could happen to Your medical data...
Countermeasures against cybercrimeHIPAA (Anno 1996)
Identifies security process
Identifies inventory
Identifies roles and responsibilities
Sets requirements for training and cyber
security awareness raising
Gives advises for incident management
Sets physical access, identity controls
etc.
ISO 31XXX, ISO 27XXX, many country local,
international (like ENISA’s within EU), regional,
industry regulations, compliances, policies
etc.
Sophisticated attacks of today’s cybercrimeTargeted professional attacks
Massive Denials of Services
Watering hole attacks
Advanced persistent threats
Mobile incidents
Cyber wars
Hacktivists
Global virus outbreaks
Complex and very expensive
Insane data leakages
Identity thefts
Cyber espionage
And so on...
Summary before 2nd partCybercrime is real deal, everyone is affected and
it is next door if haven’t been knocking at Yours
already yet
All traditional securities invented in 80’s and 90’s
aren’t any more efficient, as well all compliances,
regulas and security standards without innovative
technologies and investment in cyber security
always remain one step behind bad guys
World is short on enough smart good guys that
know both – business and IT security – and can
translate IT into business language and manage the
risks with elegance
How we can help
Analyze and detect risks
Fulfill audit
Build security action plan
Train the employees
Pass compliance regulations
Save from data leakage
Protect critical assets
Get rid of passwords
Consult Your IT professionals
Protect from attacks
Help creating RFP docs
Be Your IT Security Advisor!
Business value of «Data Security Solutions»
Thank You
Merci
Grazie
Gracias
Obrigado
Danke
Japanese
English
French
Russian
GermanItalian
Spanish
Brazilian PortugueseArabic
Traditional Chinese
Simplified Chinese
Thai
Korean
FIRST PART
Digital world of today and health industry
Cybercrime and health organizations
Why industries loose against cybercrime
SECOND PART
10 most important controls to stay safe
Conclusion and Q&A
Agenda (drama in two acts)
Some definitions before we go on
All legitimate entities should experience correct access to services and facilities.
Availability:
Accountability for all service invocations and for all network management activities; any entity should be responsible for any actions initiated.
Accountability:
Protection of stored and transferred information.Integrity:
Confidentiality of stored and transferred information.Confidentiality:
10th place – Traditional security
You cannot forget about traditional minimum
requirements of security in your infrastructure
because bad guys always choose easiest ways
and fastest ROI
Some global level data leakage incidents
happened because of.. turned of firewall by
accident
You will still be able to handle most of threats
except of course targeted and sophisticated ones
9th place – Inventory and audit everything
You need as much as possible visibility
(hardware based, sofware based, any) of your
employees, visitors, devices, applications, data
bases and network perimeter to be able to
protect it or control it accordingly
You need to save and keep all audit data for
basic analysis and possible investigations later,
as well for data integrity reasons (something like
basic log management, could be done without
big investments as there are plenty of tools all
around available, open source etc.)
8th place – Continuity and incident response
Business continuity and incident response
plan helps to restore back systems with
least possible losses and also helps find out
who was guilty...
In many cases this part could bring
business and IT together as both can use
their imagination to find different theme
scenarios aka «what could go wrong», and if
both parties find it funny and interesting
enough that could lead to some higher in
our top activities..
7th place – Infrastructure security
Centralization, real time visibility and
management of any and every endpoint,
network, mobile and any other elements
regarding patch & configuration
management, application & device
management, vulnerability management and
so on.
Every unpatched or wrongly configured
system can be at risk of targeted or
accidental cyber security attack or incident.
And not even talking about such important
thing as critical infrastructure..
6th place – Identity and Access Mgmt.
Least priviledge principle and priviledged
user management, authentication,
authorization, audit of sessions, any higher
security level implementation and control
such as one-time-passwords, smartcards,
biometrics, physical security linking to
logical security, identity control, fraud or
anomaly prevention/detection and many
much more.
Like seen in movies – identity and access
means a lot in data theft, sabottage etc., as
unauthorized access anyhow ends bad...
5th place – Defenses against attacksThere are advanced persistent threat attacks, there are web
based vulnerability attacks, network based volume and mixed,
complex attacks. There are attacks on endpoint, on servers, on
security encryption certificates, on different protocols and
applications, on mobile devices, on DNS servers, online services
or wi-fi access points and so on.
Practically every attack should be detected and stoped on time.
But that could be done in different levels (f.i. ISP) and with
different tools.
4th place – Mobile security
Expansion of mobile devices changes
security and IT in general.
Mobile phones with their millions of apps
are at biggest risk today.
BYOD is biggest challenge for IT and
Security when You need to be productive but
need also comply with security
requirements.
You need to have not just MDM or MAM or
MCM, but EMM or so called Enterprise
Mobility Management to do safe business.
3rd place – Data Security
EU personal data protection legislation
changes might have some big changes.
Classification of most critical information
assets is very important. And this could be
done on endpoint, on servers, within data
transfers and by number of different
methods.
Here we speak about Database Firewalls,
Data Governance and Data Risk
management tools, Data Forensics tools,
Data Loss and Data Leak Prevention
technologies and so on.
2nd place – Security Operations CenterIntegrated, modular, innovative. Just
like IBM Qradar platform with all those
integrated connections to different Data,
Identity, Network or Endpoint Security
solutions, strengthened by integrated
Risk Management, Network Incident
Forensics, Intelligent Vulnerability
Management, Log, flow collectors and
central Security Intelligence console and
platform.
Without SOC there is no bright future
for organizations even starting SMB’s.
Suspected
Incidents
Prioritized Incidents
Servers and mainframes
Data activity
Network and virtual activity
Application activity
Configuration information
Security devices
Users and identities
Vulnerabilities and threats
Global threat intelligence
Extensive Data Sources
AutomatedOffenseIdentification
•Massive data reduction
•Automated data collection,
asset discovery and profiling
•Automated, real-time,
and integrated analytics
•Activity baselining
and anomaly detection
•Out-of-the box rules
and templatesEmbedded
Intelligence
Security intelligence for automated offense detection
Business part
Business processes analysis from tech perspective
Assessment and management of cyber security risks
Related technological part
Inventory of devices and software
Secure configuration of everything (end-users, devices)
Vulnerability assessment and management
Malware defenses, application security, pen tests
Wifi security
Mobile security
Data security
Continuos skills training and learning
Access control and visibility
Audit, monitoring, analysis, incident response and more
Business & technology must come together
How we can help
Analyze and detect risks
Fulfill audit
Build security action plan
Train the employees
Pass compliance regulations
Save from data leakage
Protect critical assets
Get rid of passwords
Consult Your professionals
Protect from attacks
Help creating RFP docs
Be Your IT Security Advisor!
Business value of «Data Security Solutions»
Contact UsAndris [email protected]
Mob. +371 29162784
Riga, Latviawww.dss.lvLinkedIn: http://lv.linkedin.com/in/andsor
Twitter: @andris_soroka / @dss_it_security
Facebook: http://www.facebook.com/lvdss
Youtube: http://ow.ly/FAfEN
SlideShare: http://www.slideshare.net/andsor
Thank You
Merci
Grazie
Gracias
Obrigado
Danke
Japanese
English
French
Russian
GermanItalian
Spanish
Brazilian PortugueseArabic
Traditional Chinese
Simplified Chinese
Thai
Korean