Download
network security overview n.
Skip this Video
Loading SlideShow in 5 Seconds..
Network Security Overview PowerPoint Presentation
Download Presentation
Network Security Overview

Network Security Overview

107 Views Download Presentation
Download Presentation

Network Security Overview

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. Network Security Overview Ali Shayan 2008.08.06

  2. Network Security Management’s Perspective • Dangers: • Negligence • Dereliction of duty • Liable for damaged • Misconduct • Sabotage • Aiding and abetting crime

  3. Network Security Management’s Perspective • Issues • Training • Continuity and crisis planning • Assume information security is YOUR responsibility Lack of awareness can lead to negligence and liability!

  4. Understanding Components of an IT Security Audit

  5. Modern Technology Roadmap • Early 1990s: Virus scanners • Mid 1990s: Firewalls • Late 1990s: Over-reliance on encryption (PKI) • Early 2000s: Over-reliance on intrusion detection systems (IDS) • Late 2000s: Over-reliance on intrusion prevention systems/artificial intelligence

  6. Vulnerabilities • There was a total of 7,247 vulnerabilities in 2006, 39.5% more than 2005. • June was the busiest month of the year with 696 vulnerabilities. • Week 46 (the week before Thanksgiving) was the busiest week of 2006 for new vulnerabilities. • The most popular day for vulnerability discloser was Tuesday. • The top three vulnerable vendor in 2006 were Microsoft, Oracle and Apple. • 88.4 percent of all 2006 vulnerabilities could be exploited remotely. • Over half (50.6%) of 2006 vulnerabilities would allow an attacker to gain access to the host after successful exploitation.

  7. VulnerabilitiesPer Annum Vulnerabilities Count

  8. VulnerabilitiesPer Month

  9. Vulnerabilities by Day of Week

  10. Vulnerabilitiesby Day of Week

  11. VulnerabilitiesWeekdays vs. Weekends

  12. VulnerabilitiesTop Ten Vulnerable Vendors

  13. From which countries does spam originate?

  14. Incident and Events by Sector

  15. Quantifying by Losses • 9 out of 10 businesses affected by cybercrime (FBI 2005) • $67.2 billion per year is lost to cybercrime in the USA (FBI 2005) • 61% of US computers are compromised (Cyber Security Alliance 2006) • Estimated 14,000 – 17,000 Botnet C&Cs (Shadowserver.org)

  16. Notable Trends in Cyber Criminality • Motivation: Financial motives are making attackers more sophisticated. • Targeted attacks: Attacks are much more targeted than before. • Targets: The user and the user workstation (desktop or laptop) becomes the easiest path into the network.

  17. References • http://www.coresecurity.com • http://www.cert.com • http://www.iss.com • http://www.alexa.com

  18. Thanks