1 / 8

Defending your Data in the Modern Corporate Environment

Defending your Data in the Modern Corporate Environment. Nigel Stanley Practice Leader, Security Bloor Research. The biggest threats. Ignorance and complacency Dodgy websites Phishing Spam ID theft New and emerging ...and then we have data loss.

orli
Télécharger la présentation

Defending your Data in the Modern Corporate Environment

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Defending your Data in the Modern Corporate Environment Nigel Stanley Practice Leader, Security Bloor Research

  2. The biggest threats... • Ignorance and complacency • Dodgy websites • Phishing • Spam • ID theft • New and emerging ...and then we have data loss

  3. Citigroup Blames UPS forCustomer Data Loss3.9 million records lost on computer tapes Daily News 50p 6th June 2005 Gfdsghseiogljhdfkljhlkhlkhaf Kjahdfhasdfjkhasdfhasdfhasklfhasodfhasdfh;asdhf;asdlfhasdlhf;asdlhfsdfh;sdlkfhwreoptyrepotyreooty3potypqro8yfpqoyfwofyqweofyqwepofyqwepofywepfyofydpofyqpofyqpotiytyqptioyqrpotyitioyqprtyiqtoiyqptioyqptopqwoiytpoitypoqtiypoiyy Gfdsghseiogljhdfkljhlkhlkhaf Kjahdfhasdfjkhasdfhasdfhasklfhasodfhasdfh;asdhf;asdlfhasdlhf;asdlhfsdfh;sdlkfhwreoptyrepotyreooty3potypqro8yfpqoyfwofyqweofyqwepofyqwepofywepfyofydpofyqpofyqpotiytyqptioyqrpotyitioyqprtyiqtoiyqptioyqptopqwoiytpoitypoqtiypoiyy Gfdsghseiogljhdfkljhlkhlkhaf Kjahdfhasdfjkhasdfhasdfhasklfhasodfhasdfh;asdhf;asdlfhasdlhf;asdlhfsdfh;sdlkfhwreoptyrepotyreooty3potypqro8yfpqoyfwofyqweofyqwepofyqwepofywepfyofydpofyqpofyqpotiytyqptioyqrpotyitioyqprtyiqtoiyqptioyqptopqwoiytpoitypoqtiypoiyy http://www.forbes.com/facesinthenews/2005/06/06/0606autofacescan09.html

  4. Zurich Insurance Loses DataUnencrypted tapes go missing Daily News 50p 24th March 2010 Gfdsghseiogljhdfkljhlkhlkhaf Kjahdfhasdfjkhasdfhasdfhasklfhasodfhasdfh;asdhf;asdlfhasdlhf;asdlhfsdfh;sdlkfhwreoptyrepotyreooty3potypqro8yfpqoyfwofyqweofyqwepofyqwepofywepfyofydpofyqpofyqpotiytyqptioyqrpotyitioyqprtyiqtoiyqptioyqptopqwoiytpoitypoqtiypoiyy Gfdsghseiogljhdfkljhlkhlkhaf Kjahdfhasdfjkhasdfhasdfhasklfhasodfhasdfh;asdhf;asdlfhasdlhf;asdlhfsdfh;sdlkfhwreoptyrepotyreooty3potypqro8yfpqoyfwofyqweofyqwepofyqwepofywepfyofydpofyqpofyqpotiytyqptioyqrpotyitioyqprtyiqtoiyqptioyqptopqwoiytpoitypoqtiypoiyy Gfdsghseiogljhdfkljhlkhlkhaf Kjahdfhasdfjkhasdfhasdfhasklfhasodfhasdfh;asdhf;asdlfhasdlhf;asdlhfsdfh;sdlkfhwreoptyrepotyreooty3potypqro8yfpqoyfwofyqweofyqwepofyqwepofywepfyofydpofyqpofyqpotiytyqptioyqrpotyitioyqprtyiqtoiyqptioyqptopqwoiytpoitypoqtiypoiyy http://www.theregister.co.uk/2010/03/24/zurich_insurance_data_security_breach/

  5. The inside threat • Incompetent and non-malicious • Competent and malicious

  6. US Compliance • State level data breach notification laws • Regulation 201 CMR 17.00 • Health Insurance Portability and Accountability Act of 1996 • Sarbanes-Oxley Act (SOX) • Gramm-Leach-Bliley Act

  7. EU compliance • Data Protection Act • EU data breach notification laws • Some national legislation amongst EU countries ... • Federal Data Protection Act (BDSG) • PCI DSS (Intl.)

  8. Summary • We all need to defend our data • Compliance is set to increase • IT Sec people need to be on top of their game

More Related