© 2012 ibm corporation ibm security 1 bitcoin : technology implications of a digital currency...

© 2012 IBM Corporation

IBM Security

11

Bitcoin : Technology Implications of a Digital Currency

Technology & Innovation - the Future of Security in Financial Services

Scott AinslieSenior Security Consultant


IBM Security

22

What is Cryptocurrency? It is a digital currency designed to provide peer-to-peer transactions

– Not regulated

– Decentralised system of management

– Takes advantage of cryptography or mathematical approach to provide surety of transaction

– Presently not regulated but closely monitored by regulatory authorities from both the financial and law enforcement sectors

– The cryptocurrency is generally capped – limited release Several types exist of which most notable is Bitcoin


IBM Security

33

What is Bitcoin?

“Bitcoin lets you instantly, securely, and anonymously send digital payments from anywhere in the world to anywhere in the world without any governments, corporations or banks, and for negligible fees. It represents the world's first invention of a decentralized electronic currency, with no central authority or trusted parties whatsoever. ”

“We believe that Bitcoin represents something fundamental and powerful, an open and distributed Internet peer to peer protocol for transferring purchasing power. It reminds us of SMTP, HTTP, RSS, and BitTorrent in its architecture and openness.“…. “Money wasn’t built for the internet; Bitcoin was”

– Fred Wilson (Union Square Ventures) http://www.usv.com/2013/05/coinbase.php


IBM Security

44

Bitcoin Security Landscape

Regulation and legal frameworks

Technical Experience, Core Developers, Geopolitics, …

Bitcoin NetworkDouble Spend, SHA256, 51%, Finney, (D)DOS,

ExchangesThe usual web

stuff,Legal risk

Online WalletsThe usual web

stuff…

MinersPool Operators,

ASIC fabs

End UsersUsability, Wallet

sec,Legal risk?


IBM Security

55

The regulators are very interested but still feeling their way…


IBM Security

66

© 2011 IBM Corporation7 IBM Confidential7 IBM Confidential

IBM Security StrategyIBM Security

So what went wrong?

What is the threat landscape out there today…. ?


IBM Security

88

The current environment’s new demands on IT Risk/Security

Social Business - Blurring “Social” IdentitiesSocial Business - Blurring “Social” Identities

New Business Models, New TechnologiesNew Business Models, New Technologies

Cloud / Virtualization

Large IT infrastructures with a globalized workforce, and 3rd party services

Velocity of CyberSecurity ThreatsVelocity of CyberSecurity Threats

Expanding RegulationsExpanding Regulations

-

•Potential Impacts

Malware infection Loss of productivity IP Theft via

Data Leakage

Data or DeviceLoss or Theft Regulatory Fines

and Reputational Damage

$$$$$$

Mobile / BYOD


IBM Security

99

2013 Sampling of Security Incidents by Attack Type, Time and ImpactConjecture of relative breach impact is based on publicly disclosed information regarding leaked records and financial losses

IBM X-Force has tracked massive rise in attacks – Banking targeted


IBM Security

1010

Cyber Security Intelligence Index – Industry Perspective

Global AverageGlobal Average Top 5 Targeted IndustriesTop 5 Targeted Industries

Types of security incidentsTypes of security incidents


IBM Security

1111

The majority of attacks are perpetrated byOpportunistic Outsiders who use Insiders as a “way in”

Attacker Motivation

Opportunistic

Industrial espionage, financial

crime, terrorism,data theft

Dissatisfaction with employer / job Social activism/

civil disobedience

Other

49%

23%

15%7%

6%

Outsiders/Insiders 52.7%

Outsiders 46.3%

Malicious Insiders 0.8%

Inadvertent Actor 0.2%

Attacker Type


IBM Security

1212

The Mobile Banking Security Challenge

Malicious Mobile Threats Report 2010/2011

Consumers & Mobile Financial Services March 2012

increase in Android malware sincesummer 2010.400%

apps in the official mobile app stores (Apple and Google) 1,000,000

of end users do not adopt mobile banking due to security concerns48%

Almost 40,000 new apps a month

More than 40 rogue mobile banking apps were introduced to the android market

The Federal Reserve

Juniper Networks



IBM Security Intelligence …..

Less threat – more intelligence


IBM Security

1515

Criminals Attack the Weak Link With Malware

Customer Accounts

Cyber Criminals

Difficult

Easy

EasyRetail/Business

Customer


IBM Security

1616

Anatomy of Malware Attack

Web Injection, Capture Credentials

Social Engineering

Web / OS Vulnerability

Code InstallMule Transfers, Real-time Fraud

User Target

SystemExploit

Malware Infection

Fraud Scheme Execution

Money Loss


IBM Security

1717

IBM security strategy – target fraud & cybercrime- Acquisition strengthens the IBM portfolio of integrated solutions

IBM Enters Web Fraud Protection leading web fraud capabilities assists IBM’s financial services and web commerce customers

Strengthens Mobile SecurityTrusteer helps enable secure transactions from devices to the back office

Extends Advanced Threat Protectionprovides a unique endpoint solution to help identify and prevent Advanced Persistent Threats

Security-as-a-Servicecloud-based deployment enables rapid adoption and real-time updates


IBM Security

1818

Dashboard

Offenses Log Activity Network Activity

Assets Investigation Reports Administration

LogManagement

NextGenSIEM

Network Activity Monitoring

RiskManagement

Vulnerability Management

Network Forensics


IBM Security

1919

Amplifying Security Intelligence with Big Data Analytics

The Triggers That Motivate Big Data Analytics for Security Intelligence:


IBM Security

2020

Influencers•Confident / prepared

•Strategic focus

Protectors•Less confident

•Somewhat strategic

•Lack necessary structural elements

Responders•Least confident

•Focus on protection and compliance

have a dedicated CISO

have a security/riskcommittee

have information securityas a board topic

use a standard set ofsecurity metrics to tracktheir progress

focused on improvingenterprise communication/ collaboration

focused on providingeducation and awareness

How they differ

Source: IBM Center for Applied Insights, Finding a Strategic Voice: Insights from the 2012-13 IBM Chief Information Security Officer Assessment

IBM’s ‘Chief Information Security Officer Study’ revealed the changing role of the CISO

The People approach


IBM Security

2121

The layered approach - technology

Detecting threats• Arm yourself with comprehensive security intelligence

1.

Detecting insider fraud• Next-generation SIEM with identity correlation

3.

Better predicting risks to your business• Full life cycle of compliance and risk management for network and security

infrastructures4.

Addressing regulation mandates• Automated data collection and configuration audits

5.

Consolidating data silos• Collect, correlate and report on data in one integrated solution

2.

Defence in Depth remains a solid cornerstone



It is all about trust


IBM Security

2323

Valuable Offerings, Recognised Leadership – WHY NOT?

According to IDC, IBM has pushed According to IDC, IBM has pushed into third place in into third place in worldwide enterprise security worldwide enterprise security revenue, dominating in revenue, dominating in identity and access management as well as security and identity and access management as well as security and vulnerability management. IBM is considered to be in third vulnerability management. IBM is considered to be in third place in “server security” and “network intrusion detection place in “server security” and “network intrusion detection and prevention.and prevention.

” ” Brendan Hannigan is general manager of the IBM Brendan Hannigan is general manager of the IBM Security Systems DivisionSecurity Systems Division


IBM Security

2424

Top 10 essential practices for IT Risk and Security Leaders

8. Manage third party security compliance

7. Address new complexity of cloud and virtualization

6. Control network access and assure resilience

1. Build a risk aware culture and management system

2. Manage security incidents with intelligence

3. Defend the mobile and social workplace

5. Automate security “hygiene”

4. Secure services, by design

10. Manage the identity lifecycle

9. Secure data and protect privacy

10 Essential Practices10 Essential Practices


IBM Security

2525

Security FoundationSecurity Foundation

GRC, IT Risk and Security Risk Management Convergence

QRadar Risk Manager and Security Intelligence

Primarily driven by IT Security teams focusing on log collection, event analysis and compliance reportingFocus is on distilling vast amounts of data in an IT environment down to timely, relevant security intelBottom up approach to requirements

OpenPages – Enterprise GRC Platform

Primarily driven by Enterprise Risk Management teams focusing on regulations such as ORM, FCM/S-OX, FFIECFocus is on Finance, Legal and Operational requirements (e.g. Finance controls, business continuity, vertical regulations)Top down approach to requirements

Business AnalyticsBusiness Analytics

Enterprise GRCEnterprise GRC

IT GRC

Security GRC

Peo

ple

Peo

ple

Dat

aD

ata

AppApp

Infr

aIn

fra

Vulnerability ManagementVulnerability Management

Log ManagementLog Management

Security Information and Event Management

Security Information and Event Management

IT GRC PlatformIT GRC Platform

GRCStackGRCStack

Security portfolio, leading assets in:

Identity managementData securityApplication security Network and endpoint security


IBM Security

2626

Valuable Offerings, Recognised Leadership – WHY NOT?Recent Wins

Security Consulting Managed Security Services

Forrester Wave



Questions?

Thank You

Intelligence.

Integration.

Expertise.

Security.


IBM Security

2929

ibm.com/security

© Copyright IBM Corporation 2012. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or capabilities referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others.

Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed or misappropriated or can result in damage to or misuse of your systems, including to attack others. No IT system or product should be considered completely secure and no single product or security measure can be completely effective in preventing improper access. IBM systems and products are designed to be part of a comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT SYSTEMS AND PRODUCTS ARE IMMUNE FROM THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY.

© 2012 ibm corporation ibm security 1 bitcoin : technology implications of a digital currency...

Documents