Managing Threats in Changing World
John DeGroot
Lead Architect – Security, RBC
Federation of Security Professionals – October 26, 2012
Trends
• Canada’s auditor general report on
cyber-security
• Failure to pass US 2012 Cybersecurity
Act
• Cyber attack on Canadian government
in 2011
• DDOS attacks on US banks
• Many others
Evolution of Threats
Organized
Crime,
Nation States
Increasing
sophistication
and impact
Fraudsters
“Script Kiddies”,
Individuals
Number of attackers
What is changing?
• APT – Advanced Persistent Threats
Targeted
Highly motivated
Well-financed
Coordinated across attack points
Will try multiple times using multiple
methods
• Cloud computing and mobility
increase complexity and attack
surface
Evolutionary, not revolutionary change
What is the same?
• Same bad guys
• Same motivation
Using new tools, operating in IT world,
leveraging the cloud
Where are the gaps?
• Defenses are strongly attack-oriented
Signature-based defenses geared to
single general attacks
• Controls are strongly people-oriented
Awareness programs, discretionary
security, application development
• Defenses often deployed in silos
• Security “bolted on”
• Defense in Depth
Layers rather than breadth
Integrated Defense
7
Toward Integrated Defense
• Acknowledge reality
The bad guys are already in
Denial of service attacks will cause outages
You will be attacked
• Understand your business
• Integrate with operational risk management
• Proactive approach to threat management
Threat modeling and predictive analysis
What does a coordinated attack look like?
Prepare for attack and test your response
Behavior analysis – good and bad
Toward Integrated Defense
• Security by design
Embed security into processes, applications, data,
and infrastructure
Move from discretionary to policy-driven security
Simplify and automate
• Virtual security operations centre
Provide complete visibility into operational
environment
Provide useful and relevant information
Provide effective intelligence – inside and out
Share information and services
• Invest in people with threat management
skills
Thank You
10