The Cyber Security Landscape. A Regional View Niraj Mathur Manager Security Practice
Gulf Business Machines Presentation | GBM Confidential | 2013
START LOADING THE FUTURE with the Leading Provider of IT Business Solutions in the GCC
Agenda • Trends in 2012 • What to expect in 2013? • Approach to Security
• GBM Security Framework Gulf Business Machines Presentation | GBM Confidential | 2013
START LOADING THE FUTURE with the Leading Provider of IT Business Solutions in the GCC
Changes in the Threat Landscape in the Middle East
9 arrested for $45mn bank muscat, Rakbank prepaid card fraud
Gulf Business Machines Presentation | GBM Confidential | 2013
START LOADING THE FUTURE with the Leading Provider of IT Business Solutions in the GCC
Cybercrime Ecosystem
China
1 in 5 students claim becoming a Hacker is life Goal. Source: Cisco Gulf Business Machines Presentation | GBM Confidential | 2013
START LOADING THE FUTURE with the Leading Provider of IT Business Solutions in the GCC
High
Cybercrime is 1 Billion $ industry POTENTIALS
RISING STARS
Cloud Infrastructure Hacking
VoIP Abuse
Success/Growth
Mass Account Compromise
Mobile Devices
DOGS
CASH COWS Social Networking Attacks
Pharma Spam
Web Exploits
Data Theft Trojans
Click/ Redirect Fraud
Phishing 1.0 Advanced Fee Fraud
Spyware/Scare ware
Low
DOoS
Money Laundering (Muling)
Source: Cisco
Low
High
Scalability/Revenue Gulf Business Machines Presentation | GBM Confidential | 2013
START LOADING THE FUTURE with the Leading Provider of IT Business Solutions in the GCC
The Security Challenge Technologic Shift: The Proliferation of Mobile and Connected Devices The Demographic Shift: The Role of Social Networks
The Economic Shift: Virtualization and Cloud
Gulf Business Machines Presentation | GBM Confidential | 2013
START LOADING THE FUTURE with the Leading Provider of IT Business Solutions in the GCC
ď‚Œ
The Proliferation of Connected Devices More Connected Devices than people
Gulf Business Machines Presentation | GBM Confidential | 2013
START LOADING THE FUTURE with the Leading Provider of IT Business Solutions in the GCC
GBM Survey More than 900 Organizations in the GCC, Q4 2012
Gulf Business Machines Presentation | GBM Confidential | 2013
START LOADING THE FUTURE with the Leading Provider of IT Business Solutions in the GCC
ď‚Œ
The Proliferation of Connected Devices A Regional View
Source: GBM Survey 2012 Gulf Business Machines Presentation | GBM Confidential | 2013
START LOADING THE FUTURE with the Leading Provider of IT Business Solutions in the GCC
The biggest industry inflexion point ever seen ‘Smart’ devices worldwide 2012: 1.1 billion units 23% growth
Windows 36%
Others 64%
PCs worldwide 2012: 461 million units 11.3% growth
Others 26%
Windows 74%
Source: Canalys estimates, Netpad and Smart Phone Analysis, March 2012 Gulf Business Machines Presentation | GBM Confidential | 2013
START LOADING THE FUTURE with the Leading Provider of IT Business Solutions in the GCC
ď‚?
Gulf Business Machines Presentation | GBM Confidential | 2013
START LOADING THE FUTURE with the Leading Provider of IT Business Solutions in the GCC
Source: Cisco Connected World Technology Report Gulf Business Machines Presentation | GBM Confidential | 2013
START LOADING THE FUTURE with the Leading Provider of IT Business Solutions in the GCC
ď‚?
Your Employees Loaded with Devices and Not Overly Concerned About Security
Gulf Business Machines Presentation | GBM Confidential | 2013
START LOADING THE FUTURE with the Leading Provider of IT Business Solutions in the GCC
ď‚?
Social Networking + social engineering = security compromise
Hackers have adopted social networking o Use profile information to create targeted social engineering o Impersonate friends to launch attacks o Leverage news feeds to spread SPAM, scams and massive attacks
Gulf Business Machines Presentation | GBM Confidential | 2013
START LOADING THE FUTURE with the Leading Provider of IT Business Solutions in the GCC
ď‚?
Social Networking Regional Business Restrictions
Source: GBM Survey 2012 Gulf Business Machines Presentation | GBM Confidential | 2013
START LOADING THE FUTURE with the Leading Provider of IT Business Solutions in the GCC
Cloud Computing
The Zettabyte Era Data Center Growth 4 times by 2014 New consumption models By 2016, 3.4 billion internet user. 45% of world’s population Business IP traffic in MEA will grow at CAGR 33%. Global Average 20%
Gulf Business Machines Presentation | GBM Confidential | 2013
START LOADING THE FUTURE with the Leading Provider of IT Business Solutions in the GCC
Gulf Business Machines Presentation | GBM Confidential | 2013
START LOADING THE FUTURE with the Leading Provider of IT Business Solutions in the GCC
2013 - ROCRA • The "Red October" Campaign - An Advanced Cyber
Espionage Network Targeting Diplomatic and Government Agencies GReAT Kaspersky Lab Expert Posted January 14, 13:00 GMT
Affected Gulf Locations • UAE • Oman • Qatar
• Saudi • Kuwait
Gulf Business Machines Presentation | GBM Confidential | 2013
START LOADING THE FUTURE with the Leading Provider of IT Business Solutions in the GCC
Security Trends in 2013
Gulf Business Machines Presentation | GBM Confidential | 2013
START LOADING THE FUTURE with the Leading Provider of IT Business Solutions in the GCC
IT Security Initiatives vs. Risk Reduction Value Realization Long Term
High
Short Term
Infrastructure Security
Risk Reduction Level
Security Operations & Management
Critical Information Protection
IT security Policies and Procedures
Low
User Protection & Awareness
The Size of the bubble represents the effort & investment required to implement / improve the initiative.
Gulf Business Machines Presentation | GBM Confidential | 2013
START LOADING THE FUTURE with the Leading Provider of IT Business Solutions in the GCC
Key Customer challenges Hackers & Attack Sophistication IT Security Compliance & Risk Mitigation Security Intelligence, Monitoring & Management
People
Data
Application
Infrastructure
BYOD
Leakage & Loss
Webification
Remote Access
Virus, Malware
Roles & Responsibilities
Eavesdropping
Source code bugs
Guest Access
Secured Connectivity
Recruitment, Training & Awareness
Data in Rest / Motion
Spam
Internet Security
Physical Access
Gulf Business Machines Presentation | GBM Confidential | 2013
START LOADING THE FUTURE with the Leading Provider of IT Business Solutions in the GCC
GBM Security Framework Security Portfolio Security Governance Risk and Compliance ISO 27001
Best Practices
PCI
I2 / GRC
IT Security and Compliance Analytics & Reporting QRadar SIEM
QRadar Log Manager
QRadar Risk Manager
Security Consulting & Implementation
IT Infrastructure – Operational Security Domains People
Data
Applications
Infrastructure Network
Systems and Storage
Endpoint
Systems Director Security Services
Endpoint Manager (BigFix)
Identity & Access Management Suite
Guardium Database Security
AppScan Source Edition
Firewall, Network Intrusion Prevention or UTM
Federated Identity Manager
Optim Data Masking
AppScan Standard Edition
DataPower Security Gateway
Server System Compliance Profiles
zSecure, Server and Virtualization Security
Enterprise Single Sign-On
Key Lifecycle Manager
Security Policy Manager
QRadar Anomaly Detection / QFlow
Storage Data Encryption Services
Native Server Security (RACF, IBM Systems)
Identity & Services Access
Encryption and DLP Deployment
Web Application Firewall
Web and Email Security
Physical Security & Digital Surveillance
DOS / DDOS
Data Security Assessment
Application Assessment
Penetration Testing Services
STG Security Assessment Consultancy
Social Engineering Assessment
Identity Management Assessment
Gulf Business Machines Presentation | GBM Confidential | 2013
Assessment & Compliance Services
Managed Services
START LOADING THE FUTURE with the Leading Provider of IT Business Solutions in the GCC
Riccardo Coroneo Security Consultant Khorafi Business Machines P.O. Box 4175, Safat, Kuwait M:+965 51024263 Riccardo@kw.gbm.ihost.com
Gulf Business Machines Presentation | GBM Confidential | 2013
START LOADING THE FUTURE with the Leading Provider of IT Business Solutions in the GCC