Information Security Risk Assessment and Plans

About This Presentation

Title:

Information Security Risk Assessment and Plans

Description:

Windows SMB/CIFS file sharing service (garden variety Windows Ffile Ssharing ... would be most likely: Windows file sharing attack would only be one attack ... – PowerPoint PPT presentation

Number of Views:54

Avg rating:3.0/5.0

Slides: 20

Provided by: tri3

Learn more at: https://radix.www.upenn.edu

Category:

more less

Transcript and Presenter's Notes

Title: Information Security Risk Assessment and Plans

1
Information Security Risk Assessment and Plans

NPTF, October 18, 2004

2
Meeting Objective

Briefly review 2003-2004 objectives
Do a reasonableness check on our plans for the
next two years prior to costing them out.

3
Security Strategies

Risk-driven focus on those opportunities with
highest risk reduction bang for the buck.
Make security the default wherever possible.
Achievable, affordable plans. Concrete steps and
early deliverables. Extend early successes in
subsequent years.
Security-in-depth prevention, detection,
response.
Evaluate a network design and migration strategy
that balances availability against security, and
capable of supporting broader preventative
network security measures.

4
2003-2004 Activities
5
Intrusion Detection

A new tool, Arbor Peakflow, allows us to collect
and analyze network "flow" info from Penn
routers.
This helps us to see lists of
top talkers,
traffic by protocol (web vs email vs p2p vs voice
vs video, etc),
traffic by destination service provider (Cogent
vs Qwest vs Abilene/Internet2),
and much more.

6
Intrusion Detection

Peakflow also allows us to identify denial of
service (DoS, DDoS) attacks in progress,
including sources and protocols, and possible
filtering options.
In this role, the Arbor Peakflow tools act as a
very sophisticated distributed IDS, helping us to
do targeting filtering during major network-based
attacks.
No dedicated IDS systems needed to be put inline
into the network. Netflow data from the routers
is used.

7
2004-2005 Risk Assessment
8
Proposed Security Plans
9
Improving Web App Security
10
Sniffing
11
New machines arrive on campus
12
Viruses/Worms
13
Phishing
Phishing attacks use 'spoofed' e-mails and
fraudulent websites designed to fool recipients
into divulging personal financial data such as
credit card numbers, account usernames and
passwords, social security numbers, etc. By
hijacking the trusted brands of well-known banks,
online retailers and credit card companies,
phishers are able to convince up to 5 of
recipients to respond to them.
14
Phishing
15
Phishing
62-99-200-17.sdsl-line.inode.at
16
Phishing
17
Malicious Employee
18
Patches for Applications
19
Zero Day Worm

Write a Comment

User Comments (0)