Loading presentation...

Present Remotely

Send the link below via email or IM

Copy

Present to your audience

Start remote presentation

  • Invited audience members will follow you as you navigate and present
  • People invited to a presentation do not need a Prezi account
  • This link expires 10 minutes after you close the presentation
  • A maximum of 30 users can follow your presentation
  • Learn more about this feature in our knowledge base article

Do you really want to delete this prezi?

Neither you, nor the coeditors you shared it with will be able to recover it again.

DeleteCancel

Defense in Depth and Defense in Breadth

No description
by

Faham Usman

on 22 May 2014

Comments (0)

Please log in to add your comment.

Report abuse

Transcript of Defense in Depth and Defense in Breadth

Information Security
Defense in Depth and Defense in Breadth
Awareness Campaign
Agenda
Salim is your Cyber Security Advisor.
Aims at promoting, building and ensuring a safer & secure cyber environment and culture in the UAE.
About aeCERT
One of the initiatives of the UAE Telecommunications Regulatory Authority.
aeCERT is the United Arab Emirates Computer Emergency Response Team.
About aeCERT
Defense in Depth
Information Assurance
Layered Security
Case Study
Defensive Layer
Defense in Breadth

aeCERT
Salim (aeCERT)
@salim_aecert
For more information
www.aecert.ae
info@aecert.ae
Questions
Layer—each protects against specific attack vector
Depth—redundant layers

Breadth—one layer protects against one attack vector, second protects against different attack vector

What are Defensive Layers?
Summary
Mandiant prepared a 76 page report, videos, list of md5 hashes showing Chinese military stealing terabytes of data from corporations.

Mandiant released report to New York Times and others.
Military Unit 61398 部队
Mandiant Report points to Chinese
Layered Security
Video:

http://youtu.be/6p7FqSav6Ho

Ugly gorilla hacker
Defense in Depth: People, Technology, Operations.

Which one failed?
APT1 Exposes Weaknesses
United Arab Emirates Telecommunications Regulatory Authority web site was attacked on 19 July 2013 from Egypt.

Asian and African hackers were arrested by Dubai police on 3rd March 2013 for stealing AED 7 million from exchange companies.

Threats - Example
Global Virus Map
World is full of threats out there. Check global virus map below to see where viruses are most active.
Al Arabiya News reported that Saudi Arabia was the primary target country for attackers in the Gulf followed by UAE

Saudi Arabia 796,000 incidents in 9 months in 2011

UAE 248,000 incidents

Source: Al Arabiya News, http://home.mcafee.com/virusinfo/global-virus-map
Threats - Example
The APT1 Attack
Threats - Example
Layered Protection
Layered Security
Firewall
Firewall
IPS
IPS
IDS
ID
Layered security means implementing more than one security control, one complementing another, so that together they present an impenetrable force

Defense in depth recognizes that no security scheme is 100% effective, rather it focuses on putting up stumbling blocks to slow down an attack.

Layered Security
Encrypted Communication
vs
Layered vs. Defense in Depth
Data
Application
Host
Internal Network
Perimeter
Physical
Policies
“Practical Strategy for achieving Information assurance in today’s highly networked environments.”—NSA

“Information security strategy integration people, technology, and operations capabilities to establish variable barriers across multiple layer and missions of the organization.”—NIST

“Cisco recommends multiple and overlapping solutions.”—Cisco 640-553 certification guide

Defense in Depth
People, Technology, Operations
WEBC2-QBP Backdoor
Failure in Technology: antivirus software, weakness in Windows OS
The APT1 Attack
Understand Depth and Breadth
Backdoor Capabilities
What is the operational envelope of
the network?
“A planned, systematic set of multidisciplinary activities that seek to identify, manage, and reduce risk of exploitable vulnerabilities at every state of the system, network, of subcomponent life cycle.”—NIST


Defense in Breadt
People
Technology
Operations
Information Assurance
What is the operational envelope
of the network?
What should I protect?
Full transcript