Intermediaries and regulation
|
|
- Alaina Ward
- 6 years ago
- Views:
Transcription
1 Intermediaries and regulation Economics of Security and Privacy (BMEVIHIAV15) Mark Felegyhazi assistant professor CrySyS Lab. Intermediaries and regulation BME Department of Telecommunications (Híradástechnikai Tanszék) mfelegyhazi(atat)crysys(dot)hu
2 Information security: the big picture software vendor security company ISP ISP Carol, Dave, domain hosting ISP Bob ISP domain hosting government Malice Intermediaries and regulation domain registrar content provider Alice cyber-insurance company 2
3 Spam filtering strategies block source using local or global blacklists reasons for blacklisting is often unclear content analysis and drop using spam signatures user feedback question: How to compile blacklists add and remove items Andrei Serjantov and Richard Clayton, Modelling Incentives for Blocking Strategies, WEIS 2005 Intermediaries and regulation 3
4 Intermediaries and regulation 4 s A C 50 B s flowing between ISPs ISPs have different sizes large ISP A does not want to receive from either of the small ISPs
5 Intermediaries and regulation 5 Model C A = users of A V B : C B N = vulnerability of the clients of B (that is cost of spam sent by users of B to one address) utility of A: U(A) = self-sending B s.t. (A,B) E accept connection from B if U(C B ) C A U(A) self = U(C A ) C A V A (C A ) U(C B ) C A V B (C B ) 0. lete (viz: the node is owned b B s.t. (B,A) E V B (C B )
6 Intermediaries and regulation 6 ISP behavior scan user machines indicate the need for patches avoid the node being blocked - reputation ISPs cannot precisely measure V B (C B ) notice and time to correct important to publish removal efficiency sometimes long time to unblock blocking strategy blocking is at the subnet/as level check ISPs with few ham s sent block ISPs where the spam/ham ratio is high make this blocking very dynamic
7 ISPs role is botnet and spam mitigation malware botnets botnets vehicle for cybercrime the swiss army knife for miscreants significant percentage of machines is infected owners don t know mostly used for spam intermediaries contribute to the botnet problem most infection comes from users and SMEs ISPs are in a key position to mitigate the problem M. van Eeten, J. M. Bauer, H. Asghari, S. Tabatabaie and D. Rand, The Role of Internet Service Providers in Botnet Mitigation: An Empirical Analysis Based on Spam Data, WEIS 2010 Intermediaries and regulation 7
8 Intermediaries and regulation 8 ISPs responsibility ISPs can mitigate the threat should they do it? substantial costs when taking actions pressure from governments code of conduct and good practices no reliable data ISPs deal only with fraction of infected machines Questions: ISPs as critical control points for botnet mitigation comparison of efficiency performance vs. ISP characteristics
9 Intermediaries and regulation 9 Data collection no reliable source of botnets spam trap with 138m IP addresses typical sources data collected external to the botnet - honeypots, IDS, spam traps - identifying infected machines by their behavior (spam, DoS) - good coverage, average accuracy (FPs and FNs) data collected internal to the botnet - traffic redirection, infiltrating IRC channels (C&C) - intercepting communications within the botnet - limited coverage, good accuracy
10 Intermediaries and regulation 10 Botnets as spam sources 80-90% of all is spam Ironport, MessageLabs most spam comes via botnets other techniques? spam originating IP likely an infected machine setup a spam trap
11 Intermediaries and regulation 11 Data collection methodology (1/2) for each IP AS number country MaxMind GeoIP historical coverage number of spam from this IP AS to ISP mapping is difficult historical market data on ISPs historical WHOIS data check names of ASs
12 Intermediaries and regulation 12 Data collection methodology (2/2) issues NAT underestimate infected machines dynamic IP addresses overestimates infected machines bias is not balanced + churn over time solutions correlate with spam volume calculate with daily averages
13 Intermediaries and regulation 13 ISPs as critical points blocking port 25 How many machines are actually in the ISPs networks? vs. hosting providers, application network providers, university and corporate networks Wide spectrum of ISPs few large, legitimate, well known ISPs grey area, rogue ISPs - many of them short-lived, dynamic - disproportionately involved in spam - evade collective actions
14 Intermediaries and regulation 14 ISPs as critical points data (1/2) data within large ISPs 63-69% of sources (77-82% in the same countries) 50-64% of spam
15 Intermediaries and regulation 15 ISPs as critical points data (1/2) most sources within the top ISPs instead of collective actions control top ISPs!
16 Intermediaries and regulation 16 ISPs performance (1/3) by size infected machines proportional to size still some ISPs are much more efficient
17 Intermediaries and regulation 17 ISPs performance (2/3) over time (a) Variability in absolute number of sources (b) Variability in relative number of sources stable core of non-efficient ISPs
18 Intermediaries and regulation 18 ISP performance (3/3) large ISPs less peer pressure worse performance FALSE: they are slightly better lower revenue per user higher financial pressure worse performance FALSE: unrelated cable providers different technology and userbase easier security improvements (partially) TRUE: but volume matches more regulation (London Action Plan / Cybercrime Convention) less botnet infections TRUE more piracy more infections (slightly) TRUE higher education levels awareness less infections TRUE
19 Intermediaries and regulation 19 Intermediate summary ISPs indeed critical control points Enough to regulate a few large, well established ISPs
20 Intermediaries and regulation 20 Incentive issues for ISPs market competition is fierce cost to handle reports, small effect of solving issues free-riding maintain good relationship with customers careless customers no lesser experience, but cost to get involved expert help is especially costly if the message is clear, users do care strong expectations from customers but tech support is not specialized in malware removal no reliable market signals for security M. van Eeten, J. M. Bauer, H. Asghari, S. Tabatabaie and D. Rand, The Role of Internet Service Providers in Botnet Mitigation: An Empirical Analysis Based on Spam Data, WEIS 2010 Richard Clayton, Might Governments Clean-up Malware?, WEIS 2010
21 Can governments help? government to care about this public good analogy public health subsidize expert services beneficial for users bulk purchase gets better prices a sales point for experts (ex. to promote anti-virus products) Richard Clayton, Might Governments Clean-up Malware?, WEIS 2010 Intermediaries and regulation 21
22 Government intervention subsidize expert services beneficial for users bulk purchase gets better prices a sales point for experts (ex. to promote anti-virus products) experts computer retailers community groups utility companies (?!) Richard Clayton, Might Governments Clean-up Malware?, WEIS 2010 Intermediaries and regulation 22
23 Intermediaries and regulation Proposed workflow ISP info material and removal tools Alice 4b. 4a. hires expert security expert 4b. subsidizes expert government
24 Intermediaries and regulation 24 Key benefits small improvement in number of infected computers reduction in data loss by citizens improved confidence in using the Internet considered as a major communication channel influence other countries show examples transfer know-how
25 Intermediaries and regulation 25 Issues and objections ISP control over third-parties ISP cooperation consistent reporting governments could involve the market for clean-up should stay in the loop to establish credibility and maintain quality controls government subsidy reduces and limits market subsidy is limited that leaves enough playground for the market players
26 Reading for next time K. Levchenko, N. Chachra, B. Enright, M. Félegyházi, C. Grier, T. Halvorson, C. Kanich, C. Kreibich, H. Liu, D. McCoy, A. Pitsillidis, N. Weaver, V. Paxson, G. M. Voelker, and S. Savage, Click Trajectories: End-to-End Analysis of the Spam Value Chain, IEEE S&P 2011 optional: Kanich, C. and Kreibich, C. and Levchenko, K. and Enright, B. and Voelker, G.M. and Paxson, V. and Savage, S., Spamalytics: An empirical analysis of spam marketing conversion, ACM CCS 2008 Cyber-insurance 26
Underground economy. Economics of Security and Privacy (BMEVIHIAV15) Mark Felegyhazi. assistant professor CrySyS Lab.
Underground economy Economics of Security and Privacy (BMEVIHIAV15) Mark Felegyhazi assistant professor CrySyS Lab. Underground economy BME Department of Telecommunications (Híradástechnikai Tanszék) mfelegyhazi(atat)crysys(dot)hu
More informationOn the Effects of Registrar-level Intervention
On the Effects of Registrar-level Intervention He (Lonnie) Liu Kirill Levchenko Geoffrey M. Voelker Stefan Savage UC San Diego Mark Felegyhazi Christian Kreibich UC Berkeley ICSI 1 Spam 2 Spam Infrastructure
More informationNo Plan Survives Contact
No Plan Survives Contact Experience with Cybercrime Measurement Chris Kanich Neha Chachra Damon McCoy Chris Grier David Wang Marti Motoyama Kirill Levchenko Stefan Savage Geoffrey M. Voelker UC San Diego
More informationCISCO NETWORKS BORDERLESS Cisco Systems, Inc. All rights reserved. 1
CISCO BORDERLESS NETWORKS 2009 Cisco Systems, Inc. All rights reserved. 1 Creating New Business Models The Key Change: Putting the Interaction Where the Customer Is Customer Experience/ Innovation Productivity/
More informationAnalyzing and Modeling Longitudinal Security Data: Promises and Pitfalls. Benjamin Edwards, Steven Hofmeyr, Stephanie Forrest, and Michel van Eeten
Analyzing and Modeling Longitudinal Security Data: Promises and Pitfalls Benjamin Edwards, Steven Hofmeyr, Stephanie Forrest, and Michel van Eeten What security interventions have a long-term impact on
More informationThe role of phone numbers in understanding cyber-crime
The role of phone numbers in understanding cyber-crime A. J. Isachenkova M. Balduzzi + A. Francillon D. Balzarotti Eurecom, Sophia Antipolis, France + Trend Micro Research, EMEA July 11, 2013 1/34 Introduction
More informationCyber Security in Smart Commercial Buildings 2017 to 2021
Smart Buildings Cyber Security in Smart Commercial Buildings 2017 to 2021 Published: Q2 2017 Cyber Security in Smart Buildings Synopsis 2017 This report will help all stakeholders and investors in the
More informationMalicious Activity and Risky Behavior in Residential Networks
Malicious Activity and Risky Behavior in Residential Networks Gregor Maier 1, Anja Feldmann 1, Vern Paxson 2,3, Robin Sommer 2,4, Matthias Vallentin 3 1 TU Berlin / Deutsche Telekom Laboratories 2 International
More informationShould ISPs be liable for negative externalities of botnets?
Should ISPs be liable for negative externalities of botnets? Shinya Kinukawa June 24, 2012 Abstract A botnet, a network of computers under the control of an on-line attacker, is an important threat to
More informationDetecting Spammers with SNARE: Spatio-temporal Network-level Automatic Reputation Engine
Detecting Spammers with SNARE: Spatio-temporal Network-level Automatic Reputation Engine Shuang Hao, Nadeem Ahmed Syed, Nick Feamster, Alexander G. Gray, Sven Krasser Motivation Spam: More than Just a
More informationService Provider View of Cyber Security. July 2017
Service Provider View of Cyber Security July 2017 Quick Stats Caribbean and LatAm: 3 rd largest population of Internet Users You Are Here Visualization from the Opte Project of the various routes through
More informationDNS Abuse Handling. FIRST TC Noumea New Caledonia. Champika Wijayatunga Regional Security, Stability and Resiliency Engagement Manager Asia Pacific
DNS Abuse Handling FIRST TC Noumea New Caledonia Champika Wijayatunga Regional Security, Stability and Resiliency Engagement Manager Asia Pacific 10 September 2018 1 The Domain Name System (DNS) The root
More informationSecond International Barometer of Security in SMBs
1 2 Contents 1. Introduction. 3 2. Methodology.... 5 3. Details of the companies surveyed 6 4. Companies with security systems 10 5. Companies without security systems. 15 6. Infections and Internet threats.
More informationSecurity Gap Analysis: Aggregrated Results
Email Security Gap Analysis: Aggregrated Results Average rates at which enterprise email security systems miss spam, phishing and malware attachments November 2017 www.cyren.com 1 Email Security Gap Analysis:
More informationAn Introduction to DDoS attacks trends and protection Alessandro Bulletti Consulting Engineer, Arbor Networks
An Introduction to DDoS attacks trends and protection Alessandro Bulletti Consulting Engineer, Arbor Networks abulletti@arbor.net Topics Covered The DDOS cyber threat and impacts Cyprus attacks trend in
More informationOffice 365 Buyers Guide: Best Practices for Securing Office 365
Office 365 Buyers Guide: Best Practices for Securing Office 365 Microsoft Office 365 has become the standard productivity platform for the majority of organizations, large and small, around the world.
More informationCyber Security: Threat and Prevention
Expand Your Horizons Webinar Series Cyber Security: Threat and Prevention February 24, 2015 1:00 1:45pm The Webinar will begin shortly. You can ask a question in the box on the right hand side. We will
More informationEnsure holiday s reach the inbox
Ensure holiday emails reach the inbox 2013 2014 Experian Information Solutions, Inc. All rights reserved. Experian and the marks used herein are service marks or registered trademarks of Experian Information
More informationNo domain left behind
No domain left behind is Let s Encrypt democratizing encryption? M Aertsen 1, M Korzyński 2, G Moura 3 1 National Cyber Security Centre The Netherlands 2 Delft University of Technology The Netherlands
More informationA Framework for Managing Crime and Fraud
A Framework for Managing Crime and Fraud ASIS International Asia Pacific Security Forum & Exhibition Macau, December 4, 2013 Torsten Wolf, CPP Head of Group Security Operations Agenda Introduction Economic
More informationCOST OF CYBER CRIME STUDY INSIGHTS ON THE SECURITY INVESTMENTS THAT MAKE A DIFFERENCE
2017 COST OF CYBER CRIME STUDY INSIGHTS ON THE SECURITY INVESTMENTS THAT MAKE A DIFFERENCE NUMBER OF SECURITY BREACHES IS RISING AND SO IS SPEND Average number of security breaches each year 130 Average
More informationKaspersky Security Network
The Kaspersky Security Network (KSN) is a complex distributed infrastructure dedicated to intelligently processing cybersecurity-related data streams from millions of voluntary participants around the
More informationChapter 2 Malicious Networks for DDoS Attacks
Chapter 2 Malicious Networks for DDoS Attacks Abstract In this chapter, we explore botnet, the engine of DDoS attacks, in cyberspace. We focus on two recent techniques that hackers are using to sustain
More informationISE Cyber Security UCITS Index (HUR)
ISE Cyber Security UCITS Index (HUR) Why Cybersecurity is important Data breaches have become almost commonplace in the last few years Cybersecurity focuses on protecting computers, networks, programs,
More informationA Strategy for a secure Information Society Dialogue, Partnership and empowerment
A Strategy for a secure Information Society Dialogue, Partnership and empowerment Gerard.Galler@ec.europa.eu European Commission DG Information Society & Media Unit INFSO/A3: Internet; Network & Information
More informationSystemic Analyser in Network Threats
Systemic Analyser in Network Threats www.project-saint.eu @saintprojecteu #saintprojecteu John M.A. Bothos jbothos@iit.demokritos.gr Integrated System Laboratory Institute of Informatics & Telecommunication
More informationProduct Roadmap Symantec Endpoint Protection Suzanne Konvicka & Paul Murgatroyd
Product Roadmap Symantec Endpoint Protection Suzanne Konvicka & Paul Murgatroyd Symantec Endpoint Protection Product Roadmap 1 Safe Harbor Disclaimer Any information regarding pre-release Symantec offerings,
More informationFighting Spam, Phishing and Malware With Recurrent Pattern Detection
Fighting Spam, Phishing and Malware With Recurrent Pattern Detection White Paper September 2017 www.cyren.com 1 White Paper September 2017 Fighting Spam, Phishing and Malware With Recurrent Pattern Detection
More informationSupercharge Your SIEM: How Domain Intelligence Enhances Situational Awareness
Supercharge Your SIEM: How Domain Intelligence Enhances Situational Awareness Introduction Drowning in data but starving for information. It s a sentiment that resonates with most security analysts. For
More informationIBM Global Technology Services Provide around-the-clock expertise and protect against Internet threats.
IBM Global Technology Services Provide around-the-clock expertise and protect against Internet threats. Enhancing cost to serve and pricing maturity Keeping up with quickly evolving ` Internet threats
More informationThailand Initiatives and Challenges in Cyber Terrorism
Thailand Initiatives and Challenges in Cyber Terrorism Agenda Cyber-Terrorism weapons & tactics MICT Cyber Inspector Group IT Laws Development Challenges Cyber-Terrorism weapons & tactics What is Cyber-Terrorism?
More informationRegistry Internet Safety Group (RISG)
Registry Internet Safety Group (RISG) Re: Potential for Malicious Conduct and new TLD Process RISG s mission is to facilitate data exchange and promulgate best practices to address Internet identity theft,
More informationRadware: Anatomy of an IoT Botnet and Economics of Defense
BRKPAR-4000 Radware: Anatomy of an IoT Botnet and Economics of Defense Eric Grubel Anatomy of an IoT Botnet and Economics of Defense Eric Grubel VP, Business Development January 2018 Theme of Discussion
More informationThe Spam Problem. Suresh Ramasubramanian, IBM Joe St Sauver, M 3 AAWG Senior Technical Advisor October 2012 New Delhi
The Spam Problem Suresh Ramasubramanian, IBM Joe St Sauver, M 3 AAWG Senior Technical Advisor October 2012 New Delhi M 3 AAWG Workshop: Fighting Spam and Bots EWI, NASSCOM, FICCI 3rd Worldwide Cybersecurity
More informationSymantec Protection Suite Add-On for Hosted Security
Symantec Protection Suite Add-On for Hosted Email Security Overview Malware and spam pose enormous risk to the health and viability of IT networks. Cyber criminal attacks are focused on stealing money
More informationCombating Today s Cyber Threats Inside Look at McAfee s Security
Combating Today s Cyber Threats Inside Look at McAfee s Security Charles Ross, Director Sales Engineering Public Sector 2008 McAfee, Inc. Agenda Today s Threat Landscape McAfee s Security Challenges McAfee
More informationProvisional Translation
Provisional Translation Environmental Change Vision to aim as a Goal Merger and Integration of Cyberspace and Real-space [expansion/penetration, progress of the use/application, global] Increasing Serious
More informationThe Domain Abuse Activity Reporting System (DAAR)
The Domain Abuse Activity Reporting System (DAAR) Dave Piscitello APWG EU October 2017 The Domain Abuse Activity Reporting system What is the Domain Abuse Activity Reporting system? A system for reporting
More informationKey Findings from the Global State of Information Security Survey 2017 Indonesian Insights
www.pwc.com/id Key Findings from the State of Information Security Survey 2017 n Insights Key Findings from the State of Information Security Survey 2017 n Insights By now, the numbers have become numbing.
More informationMajor Area Exam Reading List
Major Area Exam Reading List Gianluca Stringhini 1 Botnet Analysis and Mitigation [33, 45, 12, 3, 4, 21, 12, 27, 19, 42, 69, 103, 76, 97, 13, 51, 89, 7, 80, 16, 5, 70, 11, 34, 91, 35, 84, 24, 105, 95,
More informationANATOMY OF AN ATTACK!
ANATOMY OF AN ATTACK! Are Your Crown Jewels Safe? Dom Kapac, Security Evangelist WHAT DO WE MEAN BY CROWN JEWELS? Crown jewels for most organizations are critical infrastructure and data Data is a valuable
More informationINFORMATION SECURITY NO MORE THE CINDERELLA?
INFORMATION SECURITY NO MORE THE CINDERELLA? Lord Toby Harris THE VIEW FROM THE KITCHEN Information security the Cinderella of technology Information security the Cinderella of security Who are the Ugly
More informationCyber Attack: Is Your Business at Risk?
15 July 2017 Cyber Attack: Is Your Business at Risk? Stanley Wong Regional Head of Financial Lines, Asia Pacific Agenda Some common misconceptions by SMEs around cyber protection Cyber Claims and Industry
More informationThe Abuse Sharing Economy: Understanding the Limits of Threat Exchanges
The Abuse Sharing Economy: Understanding the Limits of Threat Exchanges Kurt Thomas 1, Rony Amira 1, Adi Ben-Yoash 1, Ori Folger 1, Amir Hardon 1, Ari Berger 1, Elie Bursztein 1, and Michael Bailey 2 1
More informationSafeguarding company from cyber-crimes and other technology scams ASSOCHAM
www.pwc.com Safeguarding company from cyber-crimes and other technology scams ASSOCHAM Rahul Aggarwal - Director The new digital business ecosystem is complex and highly interconnected The new business
More informationSynchronized Security
Synchronized Security 2 Endpoint Firewall Synchronized Security Platform and Strategy Admin Manage All Sophos Products Self Service User Customizable Alerts Partner Management of Customer Installations
More informationInternet Multi-Homing Problems:
Internet Multi-Homing Problems: Explanations from Economics Richard Clayton richard.clayton@cl.cam.ac.uk Eighth WEIS London Eighth WEIS, London 25 th June 2009 Outline TECHNICAL How does Internet routing
More informationCOPYRIGHT 2018 NETSCOUT SYSTEMS, INC. 1
COPYRIGHT 2018 NETSCOUT SYSTEMS, INC. 1 Worldwide Infrastructure Security Report Highlights Volume XIII C F Chui, Principal Security Technologist COPYRIGHT 2018 NETSCOUT SYSTEMS, INC. 2 Overview This presentation
More informationREAL-WORLD STRATEGIES FOR MEDICAL DEVICE SECURITY
SEPTEMBER 11 13, 2017 BOSTON, MA REAL-WORLD STRATEGIES FOR MEDICAL DEVICE SECURITY HealthcareSecurityForum.com/Boston/2017 #HITsecurity Brian Selfridge Partner, Meditology Services https://www.meditologyservices.com/
More informationENDPOINT SECURITY AND THE CLOUD: HOW TO APPLY PREDICTIVE ANALYTICS AND BIG DATA
SESSION ID: SPO3-R04 ENDPOINT SECURITY AND THE CLOUD: HOW TO APPLY PREDICTIVE ANALYTICS AND BIG DATA Brian Gladstein Cybersecurity Market Strategist Carbon Black @briangladstein ASYMMETRIC WARFARE IT S
More informationHow To Build or Buy An Integrated Security Stack
SESSION ID: PDIL-W03 How To Build or Buy An Integrated Security Stack Jay Leek CISO Blackstone Haddon Bennett CISO Change Healthcare Defining the problem 1. Technology decisions not reducing threat 2.
More informationAdvanced Threat Defense Certification Testing Report. Symantec Corporation Symantec Advanced Threat Protection
Advanced Threat Defense Certification Testing Report Symantec Advanced Threat Protection ICSA Labs Advanced Threat Defense December 8, 2015 Prepared by ICSA Labs 1000 Bent Creek Blvd., Suite 200 Mechanicsburg,
More informationFuture and Emerging Threats in ICT
Future and Emerging Threats in ICT www.ict-forward.eu Edita Djambazova Institute for Parallel Processing Bulgarian Academy of Sciences 1 Description ICT-FORWARD is a Coordination Action that aims at promoting
More informationCA Security Management
CA Security CA Security CA Security In today s business environment, security remains one of the most pressing IT concerns. Most organizations are struggling to protect an increasing amount of disparate
More informationThe Challenge of Spam An Internet Society Public Policy Briefing
The Challenge of Spam An Internet Society Public Policy Briefing 30 October 2015 Introduction Spam email, those unsolicited email messages we find cluttering our inboxes, are a challenge for Internet users,
More information9 Steps to Protect Against Ransomware
9 Steps to Protect Against Ransomware IT Support Analyst Task Overview Security Manager Security Dashboard Self Service log Secur Devices With Vulnerabilities Critical Important/High Moderate/Medium 40
More informationGFI product comparison: GFI MailEssentials vs. McAfee Security for Servers
GFI product comparison: GFI MailEssentials vs. McAfee Security for Email Servers Features GFI MailEssentials McAfee Integrates with Microsoft Exchange Server 2003/2007/2010/2013 Scans incoming and outgoing
More informationMay the (IBM) X-Force Be With You
Ann Arbor, Michigan July 23-25 May the (IBM) X-Force Be With You A QUICK PEEK INTO ONE OF THE MOST RENOWNED SECURITY TEAMS IN THE WORLD Marlon Machado Worldwide Standardization Leader, Application Security
More informationRevealing Botnet Membership Using DNSBL Counter-Intelligence
Revealing Botnet Membership Using DNSBL Counter-Intelligence David Dagon dagon@cc.gatech.edu Anirudh Ramachandran, Nick Feamster, College of Computing, Georgia Tech From the presses Botnets send masses
More informationTHE CRITICAL COMMUNICATIONS COMPANY CYBER SECURITY AS A SERVICE
THE CRITICAL COMMUNICATIONS COMPANY CYBER SECURITY AS A SERVICE International Maritime Organization Regulations IMO has given shipowners and managers until 2021 to incorporate cyber risk management into
More informationWHITE PAPER. Operationalizing Threat Intelligence Data: The Problems of Relevance and Scale
WHITE PAPER Operationalizing Threat Intelligence Data: The Problems of Relevance and Scale Operationalizing Threat Intelligence Data: The Problems of Relevance and Scale One key number that is generally
More informationInternet of Things Toolkit for Small and Medium Businesses
Your Guide #IoTatWork to IoT Security #IoTatWork Internet of Things Toolkit for Small and Medium Businesses Table of Contents Introduction 1 The Internet of Things (IoT) 2 Presence of IoT in Business Sectors
More information!!!!!!!!!!!!!!!!!!!!!!!!!!!"!#$%%!&'!"(&)'*!!!!!!"#$%!&'(!)*+',+%!!
"#$%%&'"(&)'* "#$%&'()*+',+% -&..+*/0+1*'2"#$%&'()*+',+% #,3410,$3*41(,3%&'()*+',+#,0531+67/-&..+*/0+1*' "'+3*(50+1*' For too long, service providers have been getting a free pass on addressing some of
More informationPersonal Cybersecurity
Personal Cybersecurity The Basic Principles Jeremiah School, CEO How big is the issue? 9 8 7 6 5 4 3 2 1 Estimated global damages in 2018 0 2016 2018 2020 2022 2024 2026 2028 2030 Internet Users Billions
More informationCOMESA CYBER SECURITY PROGRAM KHARTOUM, SUDAN
COMESA CYBER SECURITY PROGRAM KHARTOUM, SUDAN 24-27 July 2016 1 CONTENT INTRODUCTION POLICY OBJECTIVES POLICY AND LEGISLATIVE PRINCIPLES CYBER SECURITY STRATEGY CHALLENGES AND OPPORTUNITIES CAPACITY BUILDING
More informationAT&T Endpoint Security
AT&T Endpoint Security November 2016 Security Drivers Market Drivers Online business 24 x 7, Always on Globalization Virtual Enterprise Business Process / IT Alignment Financial Drivers CapEx / OpEx Reduction
More informationCopyright 2011 Trend Micro Inc.
Copyright 2011 Trend Micro Inc. 2008Q1 2008Q2 2008Q3 2008Q4 2009Q1 2009Q2 2009Q3 2009Q4 2010Q1 2010Q2 2010Q3 2010Q4 2011Q1 2011Q2 2011Q3 2011Q4 M'JPY Cloud Security revenue Q to Q Growth DeepSecurity/Hosted/CPVM/IDF
More informationBringing cyber to the Board of Directors & C-level and keeping it there. Dirk Lybaert, Proximus September 9 th 2016
Bringing cyber to the Board of Directors & C-level and keeping it there Dirk Lybaert, Proximus September 9 th 2016 Dirk Lybaert Chief Group Corporate Affairs We constantly keep people connected to the
More informationPENETRATION TESTING OF AUTOMOTIVE DEVICES. Dr. Ákos Csilling Robert Bosch Kft., Budapest HUSTEF 15/11/2017
PENETRATION TESTING OF AUTOMOTIVE DEVICES Dr. Ákos Csilling Robert Bosch Kft., Budapest HUSTEF 15/11/2017 Imagine your dream car 2 Image: 2017 ESCRYPT. Exemplary attack demonstration only. This is NOT
More informationChallenges in Developing National Cyber Security Policy Frameworks
Challenges in Developing National Cyber Security Policy Frameworks Regional Workshop on Frameworks for Cybersecurity and Critical Information Infrastructure Protection William McCrum Deputy Director General
More informationSecuring the SMB Cloud Generation
Securing the SMB Cloud Generation Intelligent Protection Against the New Generation of Threats Colin Brackman, National Distribution Manager, Consumer Sales, Symantec Christopher Covert Principal Product
More informationCompliance Audit Readiness. Bob Kral Tenable Network Security
Compliance Audit Readiness Bob Kral Tenable Network Security Agenda State of the Market Drifting Out of Compliance Continuous Compliance Top 5 Hardest To Sustain PCI DSS Requirements Procedural support
More informationBotnets: major players in the shadows. Author Sébastien GOUTAL Chief Science Officer
Botnets: major players in the shadows Author Sébastien GOUTAL Chief Science Officer Table of contents Introduction... 3 Birth of a botnet... 4 Life of a botnet... 5 Death of a botnet... 8 Introduction
More informationCyber security tips and self-assessment for business
Cyber security tips and self-assessment for business Last year one in five New Zealand SMEs experienced a cyber-attack, so it s essential to be prepared. Our friends at Deloitte have put together this
More informationEnterprise SM VOLUME 1, SECTION 5.7: SECURE MANAGED SERVICE
VOLUME 1, SECTION 5.7: SECURE MANAGED EMAIL SERVICE 5.7 SECURE MANAGED EMAIL SERVICE (SMES) [C.2.10.8] The Level 3 Team s (SMES) will meet or exceed the Government s requirements for SMES, as defined in
More informationIt s Flow Time! The Role and Importance of Flow Monitoring in Network Operations and Security
It s Flow Time! The Role and Importance of Flow Monitoring in Network Operations and Security Pavel Minařík, Chief Technology Officer Neutral Peering Days 2018, The Hague Your customers depend on your
More informationIC B01: Internet Security Threat Report: How to Stay Protected
IC B01: Internet Security Threat Report: How to Stay Protected Piero DePaoli Director, Product Marketing IC B01: Internet Security Threat Report: How to Stay Protected 1 Topics 1 Targeted Attacks 2 Spam
More informationGUIDE. MetaDefender Kiosk Deployment Guide
GUIDE MetaDefender Kiosk Deployment Guide 1 SECTION 1.0 Recommended Deployment of MetaDefender Kiosk(s) OPSWAT s MetaDefender Kiosk product is deployed by organizations to scan portable media and detect
More informationCommtouch Messaging Security for Hosting Providers
Commtouch Messaging Security for Hosting Providers September 2009 nospam@commtouch.com www.commtouch.com blog.commtouch.com About Commtouch Since 1991 NASDAQ: CTCH Profitable Double digit growth Over 100
More informationCybersecurity Session IIA Conference 2018
www.pwc.com/me Cybersecurity Session IIA Conference 2018 Wael Fattouh Partner PwC Cybersecurity and Technology Risk PwC 2 There are only two types of companies: Those that have been hacked, and those that
More informationComparing Management Systems that Protect Against Spam, Viruses, Malware and Phishing Attacks
Comparing Email Management Systems that Protect Against Spam, An Osterman Research White Paper Published December 2006 Osterman Research, Inc. P.O. Box 1058 Black Diamond, Washington 98010-1058 Phone:
More informationFP7 NEMESYS Project: Advances on Mobile Network Security
Enhanced Network Security for Seamless Service Provisioning in the Smart Mobile Ecosystem FP7 NEMESYS Project: Advances on Mobile Network Security Elina Theodoropoulou R&D Projects Section Manager etheodorop@cosmote.gr
More informationSimple and Powerful Security for PCI DSS
Simple and Powerful Security for PCI DSS The regulations AccessEnforcer helps check off your list. Most merchants think they are too small to be targeted by hackers. In fact, their small size makes them
More informationThe data quality trends report
Report The 2015 email data quality trends report How organizations today are managing and using email Table of contents: Summary...1 Research methodology...1 Key findings...2 Email collection and database
More informationUser Interface. An Introductory Guide
User Interface An Introductory Guide Last update: 18 May 2017 Index Introduction 3 Vulnerability Database 4 Overview 5 Targets 6 Findings 7 Vulnerability Details 8 Risk Acceptance 9 Network Interface Configuration
More informationDetecting Spamming Activities by Network Monitoring with Bloom Filters
Detecting Spamming Activities by Network Monitoring with Bloom Filters Po-Ching Lin, Ping-Hai Lin, Pin-Ren Chiou, Chien-Tsung Liu Department of Computer Science and Information Engineering National Chung
More informationConsumerization. Copyright 2014 Trend Micro Inc. IT Work Load
Complete User Protection Consumerization IT Work Load 2 Then... File/Folder & Removable Media Email & Messaging Web Access Employees IT Admin 3 Now! File/Folder & Removable Media Email & Messaging Web
More informationPrivacy Dimensions to Canada's Anti-Spam Legislation (CASL)
Privacy Dimensions to Canada's Anti-Spam Legislation (CASL) IAPP Canada Privacy Symposium 2012 May 9 11, 2012 Toronto, Ontario Michael De Santis, Legal Counsel Office of the Privacy Commissioner of Canada
More informationAutomating Security Response based on Internet Reputation
Add Your Logo here Do not use master Automating Security Response based on Internet Reputation IP and DNS Reputation for the IPS Platform Anthony Supinski Senior Systems Engineer www.h3cnetworks.com www.3com.com
More informationRichard Clayton
Why SHIM6 is likely to fail Richard Clayton richard.clayton@cl.cam.ac.uk 10 th November 2009 TECHNICAL How does Internet routing work? (simple view) Autonomous Systems (ASs) announce their routes (addresses)
More informationACM Retreat - Today s Topics:
ACM Retreat - Today s Topics: Phase II Cyber Risk Management Services - What s next? Policy Development External Vulnerability Assessment Phishing Assessment Security Awareness Notification Third Party
More informationSaaS Flyer for Trend Micro
SaaS Flyer for Trend Micro Prices Effective July 1, 2008 1 Internet Security 2008 Trend Micro Internet Security 2008 makes it easy to protect your home or small business network, personal identity, and
More informationComputer and Network Security
CIS 551 / TCOM 401 Computer and Network Security Spring 2009 Lecture 5 Announcements First project: Due: 6 Feb. 2009 at 11:59 p.m. http://www.cis.upenn.edu/~cis551/project1.html Group project: 2 or 3 students
More informationOptimal WLAN Design for Retail, Healthcare and the Enterprise
Optimal WLAN Design for Retail, Healthcare and the Enterprise Ron Walczak, PMP, RMP, RCCD Sr. Program Manager Highmark Principal Consultant Walczak Technology Consultants, Inc. Its harder than he thinks!
More informationCredit Union Cyber Crisis: Gaining Awareness and Combatting Cyber Threats Without Breaking the Bank
Credit Union Cyber Crisis: Gaining Awareness and Combatting Cyber Threats Without Breaking the Bank Introduction The 6,331 credit unions in the United States face a unique challenge when it comes to cybersecurity.
More informationDelivering Integrated Cyber Defense for the Cloud Generation Darren Thomson
Delivering Integrated Cyber Defense for the Generation Darren Thomson Vice President & CTO, EMEA Region Symantec In 2009 there were 2,361,414 new piece of malware created. In 2015 that number was 430,555,582
More informationHow technology changed fraud investigations. Jean-François Legault Senior Manager Analytic & Forensic Technology June 13, 2011
How technology changed fraud investigations Jean-François Legault Senior Manager Analytic & Forensic Technology June 13, 2011 The Changing Cyberfraud Landscape Underground Economy Malware Authors Organized
More informationThe Cost of Denial-of-Services Attacks
The Cost of Denial-of-Services Attacks Sponsored by Akamai Technologies Independently conducted by Ponemon Institute LLC Publication Date: March 2015 Ponemon Institute Research Report The Cost of Denial-of-Service
More informationTHE BUSINESS CASE FOR OUTSIDE-IN DATA CENTER SECURITY
THE BUSINESS CASE FOR OUTSIDE-IN DATA CENTER SECURITY DATA CENTER WEB APPS NEED MORE THAN IP-BASED DEFENSES AND NEXT-GENERATION FIREWALLS table of contents.... 2.... 4.... 5 A TechTarget White Paper Does
More informationADVANCED THREAT PREVENTION FOR ENDPOINT DEVICES 5 th GENERATION OF CYBER SECURITY
ADVANCED THREAT PREVENTION FOR ENDPOINT DEVICES 5 th GENERATION OF CYBER SECURITY OUTLINE Advanced Threat Landscape (genv) Why is endpoint protection essential? Types of attacks and how to prevent them
More information