The enemies ashore
Alexandros Charvalias, Manager
CISSP, CISA, ACDA
Assurance & Enterprise Risk Services
Vulnerabilities & hackers: A relationship
that works
©2012 Deloitte Touche Tohmatsu Limited
IT Cyber Attack Simulations
Business-Wide Cyber Attack Exercises
Sector-Wide & Supply Chain Cyber Attack Exercises Enterprise-Wide Infrastructure
& Application Protection
Global Cross-Sector Threat Intelligence Sharing
Identity-Aware Information Protection IT BC & DR
Exercises Ad Hoc Infrastructure &
Application Protection
Adaptive & Automated Security Control Updates IT Service Desk
& Whistleblowing
Security Log Collection & Ad Hoc Reporting
External & Internal Threat Intelligence Correlation
Cross-Channel Malicious Activity Detection 24x7 Technology Centric
Security Event Reporting Automated IT Asset Vulnerability Monitoring
Targeted Cross-Platform User Activity Monitoring
Tailored & Integrated Business Process Monitoring Traditional Signature-Based
Security Controls
Periodic IT Asset Vulnerability Assessments
Proactive Threat Management
Level 1
Level 2
Level 3
Level 4
Level 5
Automated Electronic Discovery & Forensics Situational Awareness of
Cyber Threats Basic Online
Brand Monitoring Automated Malware Forensics & Manual Electronic Discovery Government / Sector Threat
Intelligence Collaboration Ad-hoc Threat
Intelligence Sharing with Peers
Baiting & Counter-Threat Intelligence Criminal / Hacker
Surveillance Commercial & Open Source
Threat Intelligence Feeds
Real-time Business Risk Analytics & Decision Support Workforce / Customer
Behaviour Profiling Network & System Centric
Activity Profiling
Business Partner Cyber Security Awareness Targeted Intelligence-Based
Cyber Security Awareness General Information Security
Training & Awareness
Internal Threat Intelligence Security Event Monitoring Asset Protection Cyber Attack Preparation Training & Awareness Behavioural Analytics External Threat Intelligence Intelligence Collaboration E-Discovery & Forensics Brand Monitoring
Cyber Security Maturity Levels
Basic Network Protection
Acceptable Usage Policy
Transformation
Operational Excellence
Blissful Ignorance
Online Brand & Social Media Policing Ad Hoc System /
Malware Forensics
Cyber security maturity model
1
Media & SMEs
Consumer Business &
Life Sciences
Retail Banks & Energy
Providers
Investment Banks
Military & Defence
How effectively does your organisation prepare for, become aware of, and respond to cyber threats?
©2012 Deloitte Touche Tohmatsu Limited
Module 1: Introduction to Security and Privacy in the Cloud
Technology for Business – Threats
©2012 Deloitte Touche Tohmatsu Limited
Source: Forrester Research “Understand The State Of Data Security And Privacy: 2012 To 2013”
©2012 Deloitte Touche Tohmatsu Limited
Attacker Determination
A
t t
a
c
k
e
r
S
o
p
h
i s
t i
c
a
t i
o
n
Accidental
Discovery
Malware
Insider
Lone Hacker
/
Hobbyist
Business
Partner
‘Script kiddy’
Disgruntled
ex
-
Employee
Disgruntled
Customer
Competitor
Disgruntled
ex
-
IT
Administrator
‘Hacktivism’
Cyber
Terrorism
Hacker
Collectives
Organised Crime
State
-
sponsored
Cyber Warfare
©2012 Deloitte Touche Tohmatsu Limited
Guiding principles
Five principles should underpin Cyber Security, and promote a cohesive approach to protection from cyber threats.
5
Only when you have fully
understood your assets, the risks
that threaten them, and how these
fit into the overall threat landscape
can you determine what level of
threat maturity you need to defend
against, and where you draw the
line to focus on limiting the impact
of a successful attack.
2. Ensure close
alignment with
business goals
3. Prepare for the
worst
4. Share
intelligence
5. Instil a broad
awareness of
cyber security
1. Understand
your risk
appetite
It is not practical to prevent all
forms of cyber attack, especially
those that are particularly
sophisticated and targeted. You
should ensure you have the
organisational and technical
capability to rapidly detect and
respond to a successful attack in
order to limit its impact.
Ensure that your strategic
direction for cyber security is in
close alignment with business
goals, and the organisation’s
strategy for achieving these.
Focus effort on defending the
most strategically important parts
of the business, or those that are
being delivered in the riskiest way.
Collaborate and share
intelligence with industry,
national and international cyber
threat intelligence organisations.
By sharing intelligence with other
organisations you will be in a
position to receive the benefit of
shared wisdom.
Your security is only as strong as
the weakest link; ensure that the
risks associated with cyber
security, and the steps that your
organisation is taking to combat
these risks are understood across
the organisation, from the board
and senior management, to all
staff, partners and third parties.
©2012 Deloitte Touche Tohmatsu Limited
Vulnerabilities Exposure over Time
6
0
25
50
75
100
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
Ad hoc Assessments
Periodic Assessments
Continuous Assessments
E
x
pos
ur
e
t
o
V
ul
ne
ra
bi
li
ti
e
s
Time
Server upgrade
Patching
Audit Findings
Remediation
Assessment
Assessment
Assessment
Etc.
Assessment
Etc.
©2012 Deloitte Touche Tohmatsu Limited
Appetizers Menu
©2012 Deloitte Touche Tohmatsu Limited
Why Deloitte?
8
Our security, privacy, and risk management services are independently recognised as world leading.
•
Independent analyst recognition
•
Global footprint
•
Depth and breadth of skills
•
Expertise and experience across a range of sectors
•
Investment in innovation
BSI ISC2 Specialty ISACA IAPPOver 150 trained lead system auditors Over 1,100 CISSPs
Wide range of domain specific certifications Over 2,000 certified as CISA, CISM, & CGEIT
Privacy certified practitioners Deloitte Member Firm Accreditations
“In Forrester’s 75-criteria evaluation of information security and
risk consulting service providers, we found that Deloitte led the
pack because of its maniacal customer focus and deep technical
expertise.”
Forrester Wave™: Information Security And Risk Consulting, Q3 ’10
Questions?
9
©2012 Deloitte Touche Tohmatsu Limited
Alexandros Charvalias
CISSP, CISA, ACDA
Manager
Assurance & Enterprise Risk Services
Hadjipavlou Sofianos & Cambanis S.A.
3a Fragoklissias & Granikou str. GR – 151 25 Maroussi Athens, Greece Tel: +30 210 6781 100 Mob: +30 695 1921 042 acharvalias@deloitte.gr www.deloitte.gr Member of