• No results found

Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) 2014: 245 incidents reported

N/A
N/A
Protected

Academic year: 2021

Share "Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) 2014: 245 incidents reported"

Copied!
27
0
0

Loading.... (view fulltext now)

Full text

(1)

Protecting What Matters Most

Christian Fahlke, Regional Sales Manager ALPS

March 2015

(2)

Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) 2014: 245 incidents reported

(Source: https://ics-cert.us-cert.gov/sites/default/files/Monitors/ICS-CERT_Monitor_Sep2014-Feb2015.pdf)

(3)
(4)

• Founded in 2002

• Global operations; HQ in Redwood Shores, CA

• 750+ employees

• Customers in 90+ countries OUR GLOBAL BUSINESS

(5)

OUR CUSTOMERS

3,700+ direct; thousands Cloud-Based

275+

government agencies and departments

400+

Global 2000 companies

7 of the top 10

global telecommunications providers

5 of the top 10

US commercial banks

3 of the top 5

- global financial services firms

- global computer hardware companies - global biotech companies

- global diversified insurance services

(6)

Imperva’s view - Business driver 2015 in ALPS

Audit / Monitoring / Prevent access to DATA – not applications

Identifying critical data in DB’s and File structure's

Who did what when OR proof that no one accessed these data

Identifying and preventing unauthorized access to important data in the datacenter (DCAP)

Preventing excessive data access Identifying unused access rights

Identifying “shadow IT” and if legitimate monitor / protect dataflow

Data across border compliance monitoring / prevention

Actual Compliance needs for Alps 2015 - ~2018:

PCI-DSS 3.0 compliance requirements (WAF)

EU Data Protection Directive (DAM/FAM) – see following slides

(7)

© 2015 Imperva, Inc. All rights reserved. Confidential 7

Everyone has the

right to the protection

of personal data

(8)

Background (1)

• The Data Protection Directive 95/46/EC defines the basics elements of data protection that member states must transpose into national law. Each state manages the regulation of data protection and its enforcement within its

jurisdiction, and data protection commissioners from the EU states participate in a working group at the community level, pursuant to Article 29 of the

Directive.

• In 2009, the European Commission launched a review of the current legal framework on data protection

• By March 12th, 2014, the European Parliament voted in favor to the European Commission's data protection reform (MEMO/13/923 and MEMO/14/60),

extending some of it’s suggestion

(9)

© 2015 Imperva, Inc. All rights reserved.

Background (2)

Next steps:

• To become law the proposed Regulation has to be adopted by the Council of Ministers using the "ordinary legislative procedure" (co-decision).

• European heads of state and government committed to a "timely" adoption of the new data protection legislation at a summit on 24 and 25 October 2013, which focused on the digital economy

Confidential 9

(10)

Major changes for EU & Switzerland

One continent, one law: The Regulation will establish a single, pan-European law for data protection, replacing the current inconsistent patchwork of national laws.

Companies will deal with one law, not 28.

One-stop-shop: The Regulation will establish a 'one-stop-shop' for businesses:

companies will only have to deal with one single supervisory authority, not 28, making it simpler and cheaper for companies to do business in the EU.

The same rules for all companies – regardless of their establishment: Today

European companies have to adhere to stricter standards than their competitors established outside the EU but also doing business on our Single Market.

(11)

© 2015 Imperva, Inc. All rights reserved.

Impact of the reform for citizens (1)

• A right to be forgotten: When you no longer want your data to be processed and there are no legitimate grounds for retaining it, the data will be deleted.

This is about empowering individuals, not about erasing past events or restricting freedom of the press.

• Easier access to your own data: A right to data portability will make it easier for you to transfer your personal data between service providers.

Confidential 11

(12)

Impact of the reform for citizens (2)

• Putting you in control: When your consent is required to process your data, you must be asked to give it explicitly. It cannot be assumed. Saying nothing is not the same thing as saying yes. Businesses and organizations will also need to inform you without undue delay about data breaches that could

adversely affect you.

• Data protection first, not an afterthought: ‘Privacy by design’ and ‘privacy by default’ will also become essential principles in EU data protection rules – this means that data protection safeguards should be built into products and

services from the earliest stage of development, and that privacy-friendly default settings should be the norm – for example on social networks.

(13)

© 2015 Imperva, Inc. All rights reserved.

A regulation with POWER

• The European Parliament agrees that the new data protection law for the

private and public sector should be a Regulation, and no longer a Directive.

• The European Parliament agrees that national data protection authorities need to be able to impose effective sanctions in case of breach of the law. It has proposed strengthening the Commission's proposal by making sure that fines can go up to 5% of the annual worldwide turnover of a company (up from 2% in the Commission's proposal):

Confidential 13

(14)

Traditional

security

(15)

Protect

what’s

(16)

Protecting

is exactly what Imperva does

(17)

APPLICATION

Protects structured and unstrucutred data where it resides: databases and fileservers

Protects where it’s accessed:

Web applications

Guards against both outside threats and internal actors

(18)

User Rights Management for File Data Loss Prevention SecureSphere File Firewall File Activity Monitor

SecureSphere Database Assessment Server SecureSphere Database Firewall SecureSphere for Big Data SecureSphere Database Activity Monitor User Rights Management Data Masking

Vulnerability Assessment

Incapsula

Back Door Detection

Skyfence Cloud Discovery Skyfence Cloud Analytics Skyfence Cloud Protection Skyfence

Cloud Governance Incapsula

Infrastructure Protection Incapsula

Website Protection Incapsula

Name Server Protection SecureSphere

WAF

(19)

© 2015 Imperva, Inc. All rights reserved.

(20)

Onsite: SecureShpere Data Center Security

Internal

Employees Malicious Insiders Compromised Insiders Usage

Audit User Rights Management

Access Control Tech. Attack

Protection Logic Attack

Protection Fraud Prevention

External

Customers Staff, Partners

Hackers

Data Center

Systems and Admins

Discovery &

Classification Privileged User

Monitoring Vulnerability

Scanning Virtual Patching

Attack Protection

Auditing and Reporting

(21)

© 2015 Imperva, Inc. All rights reserved. Confidential 21

(22)

Offsite: Comprehensive Coverage for the Cloud

Customer-Facing Applications SaaS Applications

SecureSphere WAF for AWS

(23)

© 2015 Imperva, Inc. All rights reserved.

Gartner: Big Data Needs a Data-Centric Security Focus

Gartner: Organizations that have not developed data- centric security policies to coordinate management processes and security controls across data silos need to act.

Source: Market Guide for Data-Centric Audit and Protection, November 2014

(24)
(25)

Security and compliance

are our ONLY focus

(26)
(27)

References

Related documents

In China, the issuance of shares shall comply with the principle of fairness and impartiality, the shares of the same class shall have the same rights and

The resolution of the general meeting authorized the management board ‘to exclude shareholders’ subscription rights up to an amount when using this authorization [to

While those living in towns and cities have higher rates of were more likely to have access to improved sanitation (28.6%) than those in rural areas (10.5%, Republic of Ghana,

On the other hand, if we consider that the effects of reward-associated cues can occur on cognitive in- terference implicitly, as shown here, we can extrapolate and add to

Swift Architecture Load Balancer Proxy Server Object Server Container Server Account Server Zone1 Proxy Server Object Server Container Server Account Server Zone2

More recent research has focused on the notion that television is at the same time globalized, regionalized, nationalized and even localized with audiences engaging at

FleetVision Version 2.0 for Windows with MapInfo support Order: 31600-20 1 x FleetVision Software CD 1 x Training Manual Depending on type of communications network used, need

Menu Path: Logistics Information System (LIS) > Logistics Data Warehouse > Updating > Updating Control > Settings: Transportation > Statistics Groups >