La seguridad informática en la toma de decisiones v2
•Descargar como PPTX, PDF•
3 recomendaciones•1,235 vistas
No fracasa el que sufre un ataque de seguridad, es parte del juego, fracasas si no tienes capacidad de respuesta 0% De las fugas de información fueron detectados por programas de anti-virus o sistemas de prevención de intrusos Solo 6% De las empresas utilizan análisis de datos para minimizar el impacto económico del cibercrimen
Recomendados
Más contenido relacionado
Destacado
Destacado (9)
Similar a La seguridad informática en la toma de decisiones v2
Similar a La seguridad informática en la toma de decisiones v2 (20)
Más de Juan Carlos Carrillo
Más de Juan Carlos Carrillo (20)
Último
Último (20)
La seguridad informática en la toma de decisiones v2
- 1. La Seguridad Informática en la Toma de Decisiones Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Juan Carlos Carrillo October 22, 2014 Oracle Confidential – Internal/Restricted/Highly Restricted
- 2. 2 “You are going to get hacked. The bad guy will get you. Whether you are viewed as a success by your board of directors is going to depend on your response.” Charles Blauner, Citigroup
- 3. Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | 3
- 4. 0% De las fugas de información fueron detectados por programas de anti-virus Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | 4 o sistemas de prevención de intrusos Source: Verizon 2013 Data Breach Investigations Report
- 5. Solo 6% De las empresas utilizan http://www.pwc.com/gx/en/economic-crime-survey/downloads.jhtml análisis de datos para minimizar el impacto económico del cibercrimen Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Oracle Confidential – Internal/Restricted/Highly Restricted 5
- 6. 66% Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | 94% de los ataques son contra los de los datos más sensibles estan en
- 7. Fuentes de fuga de información Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | PwC Global State of Information Security
- 8. Anatomía de una fuga de información Millones de consumidores afectados Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Los atacantes hackean via phishing a los provedores El Malware busca información de tarjetas en texto claro (no cifrado) El Malware envía los datos de tarjeta de credito a los propios servidores de archivos Buscan, encuentran e infectan los servidores de archivos Los atacantes usando credenciales robadas acceden al portal de provedores Los datos son extraidos vía servidores de FTP Encuentran e infectan los puntos de venta (POS) con malware PERIMETRO 8
- 9. Ploutus: ATM Malware (de México para el mundo) Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Oracle Confidential – Internal/Restricted/Highly Restricted 9
- 10. Ploutus: ATM Malware (de México para el mundo) Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Oracle Confidential – Internal/Restricted/Highly Restricted 10
- 11. Ploutus: ATM Malware (de México para el mundo) Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Oracle Confidential – Internal/Restricted/Highly Restricted 11
- 12. Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Oracle Confidential – Internal/Restricted/Highly Restricted 12
- 13. 92 % de las fugas de información están atribuidos a 9 tipos de ataques Ataque a punto de venta (POS) Ataque a aplicación web Mal uso interno Robo o perdida física Errores varios Software de criminales Skimmers de tarjetas Ataques de denegación de servicio Ciber espionaje Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Oracle Confidential – Internal/Restricted/Highly Restricted 13
- 16. https://www.privacyassociation.org/privacy_perspectives/post/dont_fall_for_the_encrytion_fallacy Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Oracle Confidential – Internal/Restricted/Highly Restricted 16
- 17. Un enfoque de seguridad integral Seguridad en cada capa Seguridad entre capas Seguridad entre sistemas Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
- 18. Un enfoque de seguridad integral Governance Procesos y Roles Controles de usuarios Controles de red Controles de host Controles de aplicaciones Controles a nivel datos Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
- 19. La estrategia del negocio es REACTIVA “La mayoría de las organizaciones continúan enfocando de forma inapropiada su atención en vulnerabilidades de red y herramientas reactivas, en lugar de buenas prácticas de seguridad en aplicaciones, PROACTIVAS.” Forrester: The Evolution of IT Security 2010 to 2011 Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
- 20. Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
- 21. Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | 21
- 22. Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
- 23. Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
- 24. Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
- 25. Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
- 26. Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
- 27. Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
- 28. Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
- 29. Usamos estrategias de ataque y contra ataque, espionaje y contra espionaje
- 30. La unica forma de atender las vulnerabilidades y amenzas sin afectar al negocio es tener una visión Integral de riesgos
- 31. Speed Response Severity Exposure Motivation Capability Vulnerability Threat Probability (Economic)2 (Strategic)2 (Colateral)2 Impact RISK Mitigators x x x ÷ x x
- 33. Suma de Esfuerzos 1 1 momento 1 canal 1 1 p 1 dispositivo Autenticada c/x factores Riesgo Intencional Riesgo Accidental ∞ Relación / conexión 0 Redundancia Disponibilidad Filtrado Confidencialidad Amenaza Integridad Externa Impacto Interno Peor Esfuerzo Mejor Esfuerzo Riesgo Oportunista
- 41. 41
- 47. Necesitamos usar la analogía médica
- 56. 56
- 59. Suma de Esfuerzos 1 1 momento 1 canal 1 1 p 1 dispositivo Autenticada c/x factores Riesgo Intencional Riesgo Accidental ∞ Relación / conexión 0 Redundancia Disponibilidad Filtrado Confidencialidad Amenaza Integridad Externa Impacto Interno Peor Esfuerzo Mejor Esfuerzo Riesgo Oportunista
- 61. Transformado la seguridad de TI Administrar los riesgos DESBLOQUEAR LAS OPORTUNIDADES Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Prevenir las amenazas SECURITY INSIDE-OUT
Notas del editor
- This is a Title Slide with Picture slide ideal for including a picture with a brief title, subtitle and presenter information. To customize this slide with your own picture: Right-click the slide area and choose Format Background from the pop-up menu. From the Fill menu, click Picture and texture fill. Under Insert from: click File. Locate your new picture and click Insert.
- Data centers are built to resist physical attacks but the risks are inside. 94% of the breaches are against servers.. And 66% of all sensitive data is stored in databases within the data center. Focusing on the data center can greatly reduce your risk.
- So Oracle’s approach is to start inside… and Engineer for security at every layer of the stack While we can’t control how many hackers try to attack our business we can control the configuration of our system internally and the security of our infrastructure from the applications to storage. First – we think about security inside each layer At the apps level this means access to data and business transactions – proactively looking for fraud At the middleware level it means integrating identity and access management horizontally across all components in middleware At the VM level we incorporate security into Java so that in in memory databases and apps can be built on a foundation of security At the OS layer it means VM isolation directly on Solaris and Trusted extensions for Solaris – trusted by the us military At the Infrastructure later it means security without performance overhead so we include hardware acceleration for encryption At the file system encryption on disk and ZFS And in the ILM process we include symmetric encryption across multiple ILM tiers. Second we secure between each later – because data flows up and down the stack… access control and data security is pervasive We provide monitoring and patch management with Oracle Enterprise manager that allows the entire stack to be monitored patched for total controls. Hardware and software optimized together. Third we secure between systems The way data is passed to other systems portals etc. So that data is portable for example data masking that allows data to leave the data center masking private data and preserving relational integrity In collaboration with Federated authentication and adaptive access to detect fraud and prevent intrusion With SOA security at the middleware level to stop payloads from being breached At the portal laver with document level security that addresses compliance and data privacy rules
- The velocity of change and the pressure to comply has made businesses reactive. As an example after the RSA breach a survey of security professionals found that approximately 30% planned to increase security spending as a result of the breach. The media attention on cyber security and hacking has shifted attention away from the real vulnerabilities. At UBS the trader that caused the billion dollar fraud was not a hacker from a rogue nation. This was an insider who was trusted and who gained excessive access because of the trust the bank placed on him When criminals break in they go for the low hanging fruit or they come in with stolen credentials. Users with simple passwords and databases that are un-encrypted create more risk than a team of external hackers. The cost of remediating a breach exceeds the cost of preventing a breach 10X .. And we need to start taking a proactive approach to it. We need to put the right technologies in place so we don’t have to make excuses later to our customers and our upper management.
- So we have to start inside … our opportunity is to transform IT security and secure the business inside out. The most successful businesses will take a proactive approach to safeguarding their intellectual property and the information of their customers [First Build ] We have to start by being proactive and focusing on the risks. Look at your audits and see where your vulnerabilities are. If your organizations have data that is un-encrypted target that first before you lock down every cell phone. If you have accounts on systems for people who have resigned disable or de-provision these. Make sure you can address the bar on compliance and governance standards. [Second Build] Focus on preventing the threats. Look at fraud detection as a PROACTIVE way to prevent breaches before they happen. Protect your data in the applications where they are accessed and created, on the infrastructure & database where it is managed and on the disks where they are archived and stored. [Third Build] Unlock the opportunities. The companies that can make security a competitive advantage can unlock the potential of the cloud and harness mobile and social applications to find new paths to market. Instead of building a wall and hoping it’s strong enough, you need to take control of access in the enterprise – don’t ignore perimeter or endpoint security, but build a security strategy that can prevent, detect and respond to internal as well as external threats. The endpoints will continue to change and new devices will continuously be introduced. By securing the information when it is created, accessed and stored we can better reduce the risk long term. This kind of inside-out approach to security will help you manage the risk, prevent threats and unlock the opportunities that a secure business can bring.