Professional Documents
Culture Documents
Security
Security 2013 Social engineering Identity management Cloud storage services
Security
Pini Cohen and Sigal Russin's work Copyright@2013 Do not remove source or attribution from any slide, graph or portion of graph 4
Security
Source: Verison , 2012 DATA BREACH INVESTIGATIONS REPORT
Pini Cohen and Sigal Russins work/ Copyright@2013
Do not remove source or attribution from any slide, graph or portion of graph
Security
Source: Verison , 2012 DATA BREACH INVESTIGATIONS REPORT
Pini Cohen and Sigal Russins work/ Copyright@2013
Do not remove source or attribution from any slide, graph or portion of graph
Security
Source: Ponemon Institute
Pini Cohen and Sigal Russins work/ Copyright@2013
Do not remove source or attribution from any slide, graph or portion of graph
3
1
Pini Cohen and Sigal Russin's work Copyright@2013 Do not remove source or attribution from any slide, graph or portion of graph
Security
Pini Cohen and Sigal Russin's work Copyright@2013 Do not remove source or attribution from any slide, graph or portion of graph 10
Security
11
Source: veracode
12
14
Security
Source: information week 2012, Verison
Pini Cohen and Sigal Russins work/ Copyright@2013
Do not remove source or attribution from any slide, graph or portion of graph
15
Source: http://blog.neustar.biz/dont/social-engineering-5-tips-and-best-practices-for-defending-against-it/
16
Security
17
Security
18
19
20
Security
Source: https://www.sit.fraunhofer.de/fileadmin/dokumente/studien_und_technical_reports/Cloud-Storage-Security_a4.pdf
Pini Cohen and Sigal Russins work/ Copyright@2013
Do not remove source or attribution from any slide, graph or portion of graph
21
Security
Dropbox uses Amazon Web Services (AWS) for storage and transfer. Dropbox does not verify the email address at registration, hence it is open for incrimination attacks. Client-side encryption is not supported. It is unclear which flavor of sharing is used if non-subscribers are included (closed user group vs. publication). In 2011 accounts could be accessed without a password, and in 2012 spam emails were sent to Dropbox users.
SouIe: https://www.sit.fraunhofer.de/fileadmin/dokumente/studien_und_technical_reports/Cloud-Storage-Security_a4.pdf
Pini Cohen and Sigal Russins work/ Copyright@2013
Do not remove source or attribution from any slide, graph or portion of graph
22
Security
23
Security Concerns
SkyDrive uses SSL to encrypt files during transport, but files are
unencrypted once at rest on Microsofts servers.
Data Leak
24
25
WatchDox ACCESS documents on any device SHARE documents across organizations CONTROL documents at all times
Security
26
WatchDox Exchange
Group Collaboration
WatchDox Workspaces
Cross-Device Sync
WatchDox Sync Security is added seamlessly, automatically Documents encrypted at all times: rest, transit, use
Pini Cohen and Sigal Russin's work Copyright@2013 Do not remove source or attribution from any slide, graph or portion of graph
Recommendations
Review your security policy related to social engineering DO NOT allow using free cloud storage OR
Pini Cohen and Sigal Russin's work Copyright@2013 Do not remove source or attribution from any slide, graph or portion of graph 30
Local Support
Fidelis
Verdasys
Symantec
GTB CA
McAfee
Safend Checkpoint EMC Market Presence/Perception
Pini Cohen and Sigal Russin's work Copyright@2013 Do not remove source or attribution from any slide, graph or portion of graph 31
Source: STKI
*DataSec, **Oasis-Tech
Pini Cohen and Sigal Russin's work Copyright@2013 Do not remove source or attribution from any slide, graph or portion of graph 32
Source: STKI
Pini Cohen and Sigal Russin's work Copyright@2013 Do not remove source or attribution from any slide, graph or portion of graph 33
Wireless local area network (WLAN) for guests and BYOD (VoWLAN)
Pini Cohen and Sigal Russin's work Copyright@2013 Do not remove source or attribution from any slide, graph or portion of graph 34
Utilize security issues and application performance management. Good view of your network traffic down to the packet level. You dont need to go through an emergency change control at the
start of the incident just to get these taps!
Networking
Pini Cohen and Sigal Russin's work Copyright@2013 Do not remove source or attribution from any slide, graph or portion of graph 35
Port Mirroring
Requires an engineer to configure the switch or switches. Eliminate corrupt packets or packets which below a minimum size. Switches may drop layer 1 and select layer 2 errors depending on high
priority. Need to troubleshoot common physical layer problems such as faulty NIC. A network devices can support a restricted number of port mirrors. It is very important for security and analysis the same data with many devices.
Pini Cohen and Sigal Russin's work Copyright@2013 Do not remove source or attribution from any slide, graph or portion of graph 36
Traffic Growth
Number of links, Size of links, amount of traffic
Traffic
New Applications
New Protocols, Encrypted Traffic
Data Center
BYOD
Mixture of devices, Policies & Compliance
Device
Cloud / Virtualization
Applications go virtual, Inter-VM traffic
Cloud / Virtualization
Data Center
Device
Cloud / Virtualization
Local Support
Fidelis
Verdasys
Symantec
GTB CA
McAfee
Safend Checkpoint EMC Market Presence/Perception
Pini Cohen and Sigal Russin's work Copyright@2013 Do not remove source or attribution from any slide, graph or portion of graph 40
Local Support
Player
Cisco Aspect
Avaya
Worldwide Leader
Cosmocom
Alcatel-Lucent
Access Layers
Player
Local Support
Juniper
Checkpoint HP Microsoft Enterasys Symantec Cisco Wise-Mon
Fore Scout
Worldwide Leader
Market Presence/Perception
Pini Cohen and Sigal Russins work/ Copyright@2013
Do not remove source or attribution from any slide, graph or portion of graph
42
Consist
Local Support
Aman
ISIS-Papyrus
Market Presence/Perception
Pini Cohen and Sigal Russin's work Copyright@2013 Do not remove source or attribution from any slide, graph or portion of graph 43
HP Exstream
Pini Cohen and Sigal Russin's work Copyright@2013 Do not remove source or attribution from any slide, graph or portion of graph 44
Pini Cohen and Sigal Russin's work Copyright@2013 Do not remove source or attribution from any slide, graph or portion of graph
45