enfo siem säkerhetsdagen_2013
TRANSCRIPT
“Sony Makes it Official: PlayStation Network Hacked”
“Sony PlayStation network hacked again ...”
“New York Times hacked”
“New York Times hacked for Four Months Straight”
“Wall Street Journal says it has also been hacked”
“Google kills Iranian blog with 3 million hacked bank accounts”
“Försvaret, TT, SJ, Swedbank och SEB utsatta för ’denial of service”
”Praktikanten läste ex-pojkvännens journal”
Datainspektionen - Samtliga landsting bryter mot lagen!
40.000 anställda i (Stockholm) landsting har åtkomst till dina journaler
SIEM as a solution
Security information management:
“Analysis and reporting for compliance and forensic”
Security event management:
“Immediate reaction to threats detected by real-time tracking”
SIEM based business intelligence:
“Support business decision-making with usage information”
Then, HIPAA compliance in reality?
”Tidigare var det sekretess runt varje förvaltning i vården. Nu råder i stället
sekretess i hela landstinget. Tystnadsplikten mot allmänheten är fortfarande lika
sträng men internt har den öppnats upp. Med öppenheten följer också
konsekvenser för patientens integritet. Om en patient till exempel anförtrott
sexuella övergrepp till en doktor finns numera möjlighet för andra
landstingsanställda att ta del av anteckningar”
More professional threats …
Source: IBM “Executive guide to security intelligence” January 2013
Top 5 security threats for 2013*
1. Cyber (in)security
2. Supply chain security
3. Big data
4. Data security in the cloud
5. Consumerization – securing consumer devices
* Source: The Information Security Forum
Is the ‘detection’ out-sourced??
Source: Verizon Risk Team, “2012 Data breach investigations report”
Case: Optimize IT infrastructure
0%10%20%30%40%50%60%70%80%90%
Peak load
Average load
0%
20%
40%
60%
80%
100%
120%
1 2 3 4 5 6 7
Berlin
London
Copenhagen
Stockholm
Helsinki
Monitor / Upgrade?
Consolidate servers?
Application server utilization graph
Enfo SIEM service layers
SIEM consultancy services Audit reports, GAP-analysis, ICT security strategy
SIEM requirements , specifications and configurations
SIEM monitoring & analysis services Ongoing security and compliance monitoring
Ongoing SIEM business intelligence services
SIEM Hosting services Platform-services for SIEM software & databases
Fault tolerance- and back-up services
Pro
ject
based
S
erv
ice b
ased
Further information & contact
• Pekka Hagström, Senior Consultant
Telephone: +46 70-971 93 63
E-mail: pekka.hagströ[email protected]
• Claes Dagnell, Business Area manager
Telephone: +46 70-6021689
E-mail: [email protected]
• Peter Selemark, Sales manager
Telephone: +46 73-365 77 98
E-mail: [email protected]
• Peter Lörincz, CEO
Telephone: +46 736-840866
E-mail: [email protected]