1 / 16

EBC terugkomdag Security

EBC terugkomdag Security. Bernhard van der Feen Product Solution Manager Security Microsoft. Agenda. Security status Microsoft Security strategy Propositie Security producten in het Microsoft platform Marktsituatie, marktpositie en concurrentie Discussie. Security status.

camden
Download Presentation

EBC terugkomdag Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. EBC terugkomdagSecurity Bernhard van der Feen Product Solution Manager Security Microsoft

  2. Agenda • Security status • Microsoft Security strategy • Propositie Security producten in het Microsoft platform • Marktsituatie, marktpositie en concurrentie • Discussie

  3. Security status

  4. Security Intelligence Report (SIR) • This Security Intelligence Report contains data and trends observed over the past several years, but focuses on the first half of 2007 (1H07) • Released October 2007 • 3 sections • Software Vulnerability Disclosures • Malicious Software • Potentially Unwanted Software • Report is successor of H206 report and “MSRT Progress Made, Trends Observed” white paper

  5. Software Vulnerability Disclosures • More than 3,400 new vulnerabilities disclosed in 1H07 • Data represents ALL software vendors (not just Microsoft) • A decrease from 2H06 • The first period-to-period decrease in total vulnerabilities since 2003

  6. Software Vulnerability Disclosures OS versus application vulnerabilities • Application vulnerabilities continued to grow relative to operating system vulnerabilities as a percentage of all disclosures during 1H07 • Supports the observation that security vulnerability researchersmay be focusing more on applications than in the past

  7. Microsoft Vulnerability Exploit Details trends • While the number of vulnerability disclosures continues to increase across the software industry, the ratio of exploit code available for these vulnerabilities in Microsoft products remains steady and is even on a slight decline 1H07 Vulnerabilities Vulnerabilities where Exploit Code was available Number of Vulnerabilities Time

  8. Potentially Unwanted Software Windows defender – prevalence by OS • Windows Defender detected 2.8 times less potentiallyunwanted software on computers running Windows Vistathan on computers running Windows XP SP2 (normalized) • The number of detections of potentially unwanted software on computers running Windows Vista was half of the number of detections of potentially unwanted software on computersrunning Windows Server 2003, after normalization

  9. Threats Summary Whaling: Latest e-mail scam targets executives “e-mail security service caught 514 e-mails bound for its customers all targeted at C-level executives in various organizations in a two-hour period.” “In September another blast consisted of 1,100 whaling attacks within 15 hours..” • Attacks targeted and very focused • Financial motives for data and/or machine compromise • Fraudsters more creative in driving new targets to malicious sites – term called “whaling”. • Limited motivation for broad worm/virus attacks • Downloader's and Trojans the new attack vector: spearphising, application and web attacks • Increasing sophistication of attack tools • Increasing use of encryption for files and communications • Malware sophistication increasing to avoid detection and emerging signs of conditional malware behavior • Newer tehnologies require new approaches to security: • Web 2.0, SaaS, Virtulization, Web Services Fraudsters piggyback on search engines By abusing the way that the sites cache search queries to optimize their rankings in other search engines -- most notably, Google -- fraudsters have been able to inject iframe redirects into the cached results.

  10. Ontwikkelingen in bedreigingen • Local Area Networks • First PC virus • Boot sector viruses • Create notorietyor cause havoc • Slow propagation • 16-bit DOS • Internet Era • Macro viruses • Script viruses • Create notorietyor cause havoc • Faster propagation • 32-bit Windows • Hyper jacking • Peer to Peer • Social engineering • Application attacks • Financial motivation • Targeted attacks • 64-bit Windows • Broadbandprevalent • Spyware, Spam • Phishing • Botnets • Rootkits • Financial motivation • Internet wide impact • 32-bit Windows 1986–1995 1995–2000 2000–2005 2006-2007

  11. National Interest Personal Gain Personal Fame Curiosity De mens achter de bedreiging Largest segment by $ spent on defense Spy Largest area by $ lost Fastest growing segment Thief Largest area by volume Trespasser Vandal Author Undergraduate Script-Kiddy Expert Specialist

  12. CSO Security Focus 2008Which topics apply to the CSO security goals? Protection 62% Identity and Access 57% Compliance Management (2007) 44% Secure Messaging & Collaboration 38% Compliance Management 29% Secure Application Architecture36% Patch Management 29% Legacy Platform Migration 14% *Source: CSO Summit 2008 Registration Survey

  13. Microsoft Security Strategy

  14. Optimalisatie van de InfrastructuurBuilding a People-Ready Business Model-Based Approach User Experience • Provides capability framework to help you build an optimized infrastructure (not Microsoft-specific) • Establishes a foundation based on industry analyst, academic, and consortium research • Provides guidance and best practices for step-by-step implementation • Drives cost reduction, security and efficiency gains • Enables agility Application Platform Optimization Model BASIC STANDARDIZED ADVANCED DYNAMIC Development SOA and Business Process Data Management Business Intelligence Business Productivity Infrastructure Optimization Model Unified Communications Collaboration IT and Security Process BASIC STANDARDIZED RATIONALIZED DYNAMIC Enterprise Content Management Enterprise Search Business Intelligence Core Infrastructure Optimization Model Identity and Access Management Desktop, Device, and Server Mgmt BASIC STANDARDIZED RATIONALIZED DYNAMIC Security and Networking Data Protection and Recovery

  15. Core Infrastructure Optimization Model: Security Basic Standardized Rationalized Dynamic Technology • Patch statusof desktopsis unknown • No unified directory for access mgmt • Multiple directories for authentication • Limited automated software distribution • Automate identity and access management • Automatedsystem management • Self provisioning and quarantine capable systems ensure compliance and high availability Process • IT processes undefined • Complexity dueto localized processesand minimal central control • CentralAdmin and configurationof security • Standard desktop images defined,not adopted by all • SLAs are linkedto business objectives • Clearly defined and enforced images, security, best practices • Self-assessing and continuous improvement • Easy, secure access to info from anywhereon Internet Improve IT Maturity while Gaining ROI • IT staff taxed by operational challenges • Users come up with their ownIT solutions • IT Staff trained in best practices such as MOF,ITIL, etc. • Users expect basic services from IT • IT Staff manages an efficient,controlled environment • Users have the right tools,availability, and access to info • IT is astrategic asset • Users look to ITas a valued partner to enable new business initiatives People $1320/PC Cost $580/PC Cost $230/PC Cost < $100/PC Cost

  16. Trustworthy Computing

More Related