europe’s largest cdc & soc - 2020 · autonomous driving: “everycar connectivity“ needs...
TRANSCRIPT
Europe’s largest CDC & SOC
Dirk BackofenSVP & Head of Telekom Security
13th March 2019
@Backofen
D
PLATZHALTER: Intro Film SOC
Neu von mBox
SOC
Prevention is no longer enough…
Managed cyber defense
with Innovative SOC Operation
Who can detect whether an attacker has already Infiltrated your Infrastructure in 24/7 ?
Comprehensive Use case Library out of
all Industries
We run Europe‘s largest integrated Cyber Defense and Security Operation center in Bonn
Collaboration of all SOCs (Darmstadt, Kiel, Bad Kreuznach, Leipzig, Prague, Košice,
Budapest, Vienna, Madrid, Johannesburg/Cape Town,
Singapore (coming soon))
3
240 Cyber Security Professionals4
Magenta heartbeat for cyber security
“Made in Germany”
Central incident coordination, Threat-Intelligence,
Forensic
2
5 Use cases out of each industries
Master CDC + SOC1
PLATZHALTER: 40 Sekunden Film SOC
Neu von Nordisch
integrated CDC + SOC: One Platform for all Customers
Threat intelligence / Threat Hunting / Forensic
SOC + SIEM Tools
In total > 70
DAXCorporation 1
DAXCorporation 2
… SMECorporation 1
SMECorporation 2
SMECorporation n
…TelekomDAX
Corporation 3
Linde Group
Knowledge / Threat intelligence / Use Cases
BENEFIT from our Self-Learning / SELF-IMPROVING platform
DAXCorporation 1
DAXCorporation 2
DAXCorporation n
SMECorporation 1
SMECorporation 2
SMECorporation n
Telekom
Knowledge-Transfer: All clients benefit automatically and immediately from new insights into types of
attacks!
Strict data separation Data exchange between clients is impossible!
Security Operation Center
24 / 7 / 365
16 / 5 / 365
Optional: De-only Resources
Otherwise: Mix De /
Nearshore
project price
Security Outsourcing
demand for complete Outsourcing Security Operation
Prevent Detect Respond
Policy Auditing
Vulnerability Scanning
Mobile/Endpoint Protection
Anti-SPAM
Firewall
Security Gateway
CERT
Incident Coordination
Incident Response
IT Forensics
Malware Analysis
Threat Intelligence
SIEM
IDS / IPS
Advanced Threat Protection
Endpoint Detection & Response
Threat Hunting
Service Management
Reporting
Consulting
Honeypot Monitoring
DDOS Protection
APT Protection
Black Hole Monitoring
Mobile Protection
PLATZHALTER: VIDEO
Fraudulent Domain Monitoring
PLATZHALTER: VIDEO
Last Line Of Defense / Database Activity Monitoring
[email protected] [email protected] [email protected] [email protected] [email protected] [email protected] puiseauxVladi´[email protected] [email protected] [email protected] [email protected] [email protected] [email protected] (m4rc3ll4)[email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] c00larch………………………………………
MONITORING OF Leaked CredentialsCompany Usernames and Passwords
Leaked Credentials are a RISK for the Company
New dimension of targets
Photocredit: PublicDomainPictures, 127071, geralt, wasimkhanssrk,
pexels| Pixabay
( )
Corporate Networks Industrial NetworksAutonomous Driving
InfrastructureConnected Car
Comprehensive protection established:
In the future, Every car needs to be protected like a corporate network
Secure E2E connection to datacentre/cloud3
Secure in-vehicle network2
Advanced Security Hub necessary for every car1
Secure identity for each car4
Security analytics on automotive data5
Central Car-SOC for Europe6
Honey-Cars to collect attack data & new threats7
Autonomous Driving: “Everycar connectivity“ needs “everything security“
Car2Car
Car2Backend
Car2Infrastructure
Car2Mobile
In-Car
Car-Diagnostics
Sensor Data
Aggregation of User data
Sensor Data, Routing-Information, Traffic Control
Traffic Optimization, E-Charging
Access Control Data, User Data / Media, Travel Information,
Car Control (Climate, Media, Speed, Route Control
Traffic Flow, Distance Control, Speed, Warnings,
Direction change, Collision Prevention Data
Sensor-Actor-ECU-Communication (In-Car Data), User Data
Photocredit: TayebMEZAHDIA | Pixabay
Connected car Architecture
Autonomous
Driving Backend
Car-Backend
Device
App-Server
App
Private APN
Web-Server
Interfaces
GSM
BluetoothWlan NFCUSB/SD
Key/DataStorage
Key
Interfaces Key-Storage
NFC Bluetooth
Wireless
OBD-Dongle
Interfaces Storage
UserInternet
Automotive-SOC
Security
Data
Drive
Control units/
Interfaces / Buses
Infotainme
nt
Keyless-Go
/ Body
Control
Autonomou
s Driving
Diagnose
Motion
BUS-systems
(CAN, Most, Lin, Flex, Eth.)
Connected Car
Security Monitoring/
Intrusion DetectionFirewall
Communication
Unit
OBD2-Port
Ce
ntr
al G
ate
wa
y
Comfort
e.g. CAN
or
FlexRay
e.g.
automotive
Ethernet
IDS
European Car-SOC is Necessary
CAR-SOC Europe
Special runbooks for every car manufacturer and attack scenario
3
Professional analysis of all indicators of compromise (IOCs)2
24/7/365 monitoring of all security-relevant events1
Exclusive "Car Honeypots" for every vehicle model 4
Global knowledge transfer of threats and countermeasures5
World’s leading threat intelligence for vehicles6
Connection of all CDC & SOC experiences of telecommunications
/ corporate networks and networked vehicles7
How you Could benefit from more than 20 years of expertise in cyber security
1.500 cyber security professionals
Europe’s largest integrated
CDC and SOC
Zero Impact approach
Security and data privacy made in Germany
One of the largest threat intelligence databanks
Same high professional tools like in internal use
Different attack vectors out of all industry sectors
Telekom SECURITY
Security by Design based
T-SystemsLet’s Power higher performance!
Connectivity Cloud & InfrastructureDigital
Ready for 5G, Designed for Security, Digital and Scalable
Security
Self-learning system as the key to success2
Security is for sharing3
Vision: AI Of the defender levers out the
AI of the attacker4
5 We Create …
Cyber Security - Knowledge & Experience
is the Biggest USP1
Key Take-Aways
CDC+SOC
PLATZHALTER: Outro Film SOC
Neu von mBox