latest threats in digital security - securbay (hotel_digital_security_seminar_sept19'14)
DESCRIPTION
By Santosh Satam, CEO, SecurBay Services Santosh has multi-disciplinary skills in software product engineering, technology management and enterprise risk assessment. His areas of expertise are web application security, mobile & cloud security and threat intelligence. His client list includes MNCs, BFSI, hospitality and government agencies. He is an advisor to the Institute for Development and Research in Banking Technology (IDRBT) on matters related to mobile security for banks.TRANSCRIPT
Supported by In association with Presented by
Hotel Digital Security Seminar SEPT 19, 2014
Santosh Satam, CEO, SecurBay Services
LATEST THREATS IN DIGITAL SECURITY
Presented by
In association with
Supported by
Santosh Satam
By X Events Hospitality (www.x-events.in)
2
Hotel Digital Security Seminar & Webinar, Sept 19, 2014
Santosh has multi-disciplinary skills in software product engineering, technology management and enterprise risk assessment.
His areas of expertise are web application security, mobile & cloud security and threat intelligence.
His client list includes MNCs, BFSI, hospitality and government agencies.
He is an advisor to the Institute for Development and Research in Banking Technology (IDRBT) on matters related to mobile security for banks.
Presented by
In association with
Supported by
Agenda
By X Events Hospitality (www.x-events.in) Hotel Digital Security Seminar & Webinar, Sept 19, 2014
3
¨ Current Landscape ¨ Hospitality Industry - Attack Vectors ¨ How to Secure Yourself ¨ Way Forward ¨ Q&A
Presented by
In association with
Supported by
Current Landscape
By X Events Hospitality (www.x-events.in)
4
Hotel Digital Security Seminar & Webinar, Sept 19, 2014
Presented by
In association with
Supported by
Digital universe is growing
By X Events Hospitality (www.x-events.in)
5
Hotel Digital Security Seminar & Webinar, Sept 19, 2014
180 EB
2006 2008
2011
200 EB 1800 EB 44 ZB
2014
1 Exa Byte=1 Billion GB
1 ZB = 1 Trillion GB
Source IDC 2014
Digital Universe is huge and growing exponentially
Presented by
In association with
Supported by
Growth drivers
By X Events Hospitality (www.x-events.in)
6
Hotel Digital Security Seminar & Webinar, Sept 19, 2014
Source: http://thenextweb.com/apple/2012/01/25/there-are-now-more-iphones-sold-than-babies-born-in-the-world-every-day/
371 K Babies born per day
378 K iPhones sold per day
Presented by
In association with
Supported by
Next big thing - IoT
By X Events Hospitality (www.x-events.in)
7
Hotel Digital Security Seminar & Webinar, Sept 19, 2014 Source IDC 2014
Presented by
In association with
Supported by
Is our information safe?
By X Events Hospitality (www.x-events.in)
8
Hotel Digital Security Seminar & Webinar, Sept 19, 2014 Source IDC 2014
of the Information is not protected
50%
Presented by
In association with
Supported by
The numbers don’t lie
By X Events Hospitality (www.x-events.in)
9
Hotel Digital Security Seminar & Webinar, Sept 19, 2014
Source: http://online.wsj.com/news/articles/SB10001424052702303933404577504790964060610
76% of the US Companies had a cyber security incident reported in the last year
Presented by
In association with
Supported by
Attack Vectors for Hospitality Industry
Attack Vectors
By X Events Hospitality (www.x-events.in)
10
Hotel Digital Security Seminar & Webinar, Sept 19, 2014
Presented by
In association with
Supported by
Data breach hits 14 hotels
By X Events Hospitality (www.x-events.in)
11
Hotel Digital Security Seminar & Webinar, Sept 19, 2014 Source: http://www.cnbc.com/id/101396464#.
In 13 of the 14 cases, the malware
was in the credit and debit card
readers at the hotels' restaurants
and gift shops.
Presented by
In association with
Supported by
Keylogger malware
By X Events Hospitality (www.x-events.in)
12
Hotel Digital Security Seminar & Webinar, Sept 19, 2014 http://krebsonsecurity.com/2014/07/beware-keyloggers-at-hotel-business-centers/
The U.S. Secret Service is adv i s i ng the hosp i t a l i t y industry to inspect computers made available to guests in hotel business centers, warning t h a t c rooks have been compromising hotel business center PCs with keystroke-logging malware in a bid to steal personal and financial data from guest.
Presented by
In association with
Supported by
Repeated computer hacks
By X Events Hospitality (www.x-events.in)
13
Hotel Digital Security Seminar & Webinar, Sept 19, 2014 http://edition.cnn.com/2012/06/26/travel/wyndham-hacking/index.html
Wyndham Hotels' lax security pol ic ies a l lowed Russian hackers to access more than 500,000 customer accounts on three separate occasions between 2008 and 2010. Hackers used the data to rack up more than $10.6 million in f r a u d u l e n t c re d i t c a rd transactions, according to the suit filed in the U.S. District Court of Arizona.
Presented by
In association with
Supported by
Attacks on website
By X Events Hospitality (www.x-events.in)
14
Hotel Digital Security Seminar & Webinar, Sept 19, 2014
S Can you spot Security Risk on this compromised Website ?
Presented by
In association with
Supported by
Social engineering attacks
By X Events Hospitality (www.x-events.in)
15
Hotel Digital Security Seminar & Webinar, Sept 19, 2014
Operator to Guest: Excuse me sir, I am calling from Front Desk, Can I have your credit card number please ?
What you will do ?
Presented by
In association with
Supported by
How safe am I?
By X Events Hospitality (www.x-events.in)
16
Hotel Digital Security Seminar & Webinar, Sept 19, 2014
No business is immune from threats. Threats can come in any shape and size Need Threat Intelligence
Presented by
In association with
Supported by
Most common attacks
By X Events Hospitality (www.x-events.in)
17
Hotel Digital Security Seminar & Webinar, Sept 19, 2014 DBIR 2014 Data Breach Report
"The universe of threats may seem limitless, but 92% of the 100,000 incidents we've analyzed from the last 10 years can be described by just nine basic patterns."
Presented by
In association with
Supported by
Is it applicable to me?
By X Events Hospitality (www.x-events.in)
18
Hotel Digital Security Seminar & Webinar, Sept 19, 2014 DBIR 2014 Data Breach Report
Presented by
In association with
Supported by
Cyber risks in India
By X Events Hospitality (www.x-events.in)
19
Hotel Digital Security Seminar & Webinar, Sept 19, 2014 Source: https://gigaom.com/2013/06/25/new-google-report-shows-malware-by-country-highest-rates-in-india-central-europe/
The h ighest ra te o f malware, however, doesn’t belong to obvious suspects like Russia or Ukraine (8% each), but instead India (15%) and many Latin American countries like Mexico (12%) and Chile (11%).
Presented by
In association with
Supported by
Cyber risks in India
By X Events Hospitality (www.x-events.in)
20
Hotel Digital Security Seminar & Webinar, Sept 19, 2014 http://zeenews.india.com/news/nation/9174-indian-websites-hacked-till-may-it-minister_947431.html
9,174 Indian websites were hacked
by various hacker groups from
different parts of the world till May
2014.
62,189 security incidents were
reported during the same period
to the Indian CERT-In
Presented by
In association with
Supported by
How to Secure Yourself?
By X Events Hospitality (www.x-events.in)
21
Hotel Digital Security Seminar & Webinar, Sept 19, 2014
Presented by
In association with
Supported by
Need Systemic Approach
By X Events Hospitality (www.x-events.in)
22
Hotel Digital Security Seminar & Webinar, Sept 19, 2014 http://zeenews.india.com/news/nation/9174-indian-websites-hacked-till-may-it-minister_947431.html
Ad-hoc Approach Ad-hoc Approach
Presented by
In association with
Supported by
What can I do about it?
By X Events Hospitality (www.x-events.in)
23
Hotel Digital Security Seminar & Webinar, Sept 19, 2014
EXECUTE ASSESS MONITOR
Find out your current Security Posture by
doing Gap Assessment
Vulnerability Assessment
and Penetration Testing
Implement the Roadmap
Monitor and Improve
DEFINE
Define Short, Medium and Long tem Action
Plan
Presented by
In association with
Supported by
People, Process & Technology
By X Events Hospitality (www.x-events.in)
24
Hotel Digital Security Seminar & Webinar, Sept 19, 2014
- UTM. Firewalls - IDS/IPS - Data Center - Physical Security - DLP - IRM - SIM/SIEM - Managed Services - Encryption
- Training - Awareness - HR Policies - Background Checks - Roles / responsibilities - Social Engineering - Social Networking - Acceptable Use
- Risk Management - Asset Management - Data Classification - Info Rights Mgt - Data Leak Prevention - Access Management - Change Management - Patch Management - Configuration Mgmt - Incident Response - Incident Management
Technology People Process
Presented by
In association with
Supported by
About us
Hotel Digital Security Seminar & Webinar, Sept 19, 2014
25
X Events manages & supports events exclusively for the hospitality & travel industries.
o Our USP is that we are hoteliers by training. We focus on the two most important aspects of an event; content quality and impact.
o We do it because we believe in it.
www.x-events.in
By X Events Hospitality (www.x-events.in)
HATT is India's young and premium community for CXOs from the Hospitality, Healthcare, Aviation, Travel and Tourism industries.
o With over 1,000 members across India, we are now poised to expand globally with a presence in South East Asia and the Middle East by 2016.
www.hattforum.com FB/hattforum
Presented by
In association with
Supported by
Our host – Brian Pereira
By X Events Hospitality (www.x-events.in)
26
Hotel Digital Security Seminar & Webinar, Sept 19, 2014
Brian is a veteran technology journalist with two decades of experience. He has served as editor for two magazines: CHIP and InformationWeek India. He is a respected speaker & host at conferences worldwide. In his current role at Hannover Milano Fairs India, Brian serves as project head for CeBIT Global Conferences, the world's largest ICT fair that will debut in India this November, in Bangalore.
Presented by
In association with
Supported by
Hotel Digital Security Seminar & Webinar, Sept 19, 2014
27
Five expert speakers 1. Latest threats in digital security (Worms, attacks, viruses, flaws) - Santosh Satam, CEO, SecurBay Services.
2. The immediate action needed to tighten up (Priority list, cost, internal policies) - Ambarish Deshpande, MD - India & SAARC, Blue Coat 3. Information loss prevention (Principles & practices) - Geet Lulla, VP - India & ME, Seclore
4. How to build a business case & get the management's attention - Dhananjay Rokde, CISO, Cox & Kings Group. 5. Global cyber security outlook - A. K. Viswanathan, Senior Director - Enterprise Risk Services, Deloitte India.
By X Events Hospitality (www.x-events.in)
The seminar schedule
Presented by
In association with
Supported by
Our sponsors & supporters
By X Events Hospitality (www.x-events.in) Hotel Digital Security Seminar & Webinar, Sept 19, 2014
28
Thank You
Supported by In association with Presented by
www.x-events.in SEPT 19, 2014
HOTEL DIGITAL SECURITY SEMINAR