03. the security weakest links
DESCRIPTION
This presentation presentated by Gildas Deograt Lumy "Simulasi Scirital Information Infrastructure Protection (CIIP)" , Bandung, Indonesia 10th September 2013 on #IISF2013TRANSCRIPT
Security is Like a Chain...as Strong as The Weakest link
90% cyber security implementation is inconsistent... :’(
XecureIT
© PT IMAN Teknologi InformasiThe Security Weakest Links v2.0
© PT IMAN Teknologi Informasi XecureITThe Security Weakest Links v2.0
People: Unaware and Ignorance“Amateur hacks the systems. Professional hacks the people.”
© PT IMAN Teknologi Informasi XecureITThe Security Weakest Links v2.0
People: Unaware and Ignorance“Amateur hacks the systems. Professional hacks the people.”
Policies and Procedures
InconsistentInconsistent
UnclearUnclear
Technology Implementation
Completely Wrong :’(
Technology Implementation
Complete Failure :’(
Physical Cable Weakness
Technology Weakness
Border Gateway Protocol (BGP) Poisoning
Technology Vulnerability“We are like sitting duck.”
Anti Malware is Ineffective“Updated anti malware is ineffective.”
Anti Malware is Ineffective“Malware is more stealthy.”
Targeted Attack“Updated anti malware is useless.”
Government and Business Cooperation
© PT IMAN Teknologi Informasi XecureITThe Security Weakest Links v2.0
Government and Business Cooperation
© PT IMAN Teknologi Informasi XecureITThe Security Weakest Links v2.0
BackdoorVendors: “Backdoors are critical vulnerabilities.”
© PT IMAN Teknologi Informasi XecureITThe Security Weakest Links v2.0
BackdoorVendors: “Discovered hidden key is a critical vulnerability.”
© PT IMAN Teknologi Informasi XecureITThe Security Weakest Links v2.0
BackdoorVendors: “Discovered hidden key is a critical vulnerability.”
© PT IMAN Teknologi Informasi XecureITThe Security Weakest Links v2.0
BackdoorFirmware
© PT IMAN Teknologi Informasi XecureITThe Security Weakest Links v2.0
BackdoorKill Switch
© PT IMAN Teknologi Informasi XecureITThe Security Weakest Links v2.0
End-PointMalware in The Browser and ATM
Insider AttackThe enemy is “brought” inside by authorized people :’(
© PT IMAN Teknologi Informasi XecureITThe Security Weakest Links v2.0
The History of War
© PT IMAN Teknologi Informasi XecureITThe Security Weakest Links v2.0
The Cyberwar
© PT IMAN Teknologi Informasi XecureITThe Security Weakest Links v2.0
Mobile Device
© PT IMAN Teknologi Informasi XecureITThe Security Weakest Links v2.0
Mobile Device