Transcript Slide 1
Cross Security Group Presented by: Thomas Carrozza Senior Systems Engineer Agenda • • • • Business Drivers Threat Overview Cross Service Offerings Wrap Up / Questions Security Business Drivers Voice and Data are now applications running on 1 network; this is convergence. Your Network “Is it safe? Is it secure?” Security Business Drivers Ultimately, what are we protecting? Information Predators Security Business Drivers • Viruses/worms/hackers have caused more than $55 Billion in damages in the last 12 months • Federal and State Laws/Regulations Pose Financial and Personal Risk – HIPAA (Health Care) – SOX (Financial Governance) – Gramm-Leach-Blilely- GLBA (Information Security) • Human Error- Data Theft or Lost Data as a Result of Human Error – Dept of Veterans Affairs- Recently lost names, social security numbers, and dates of birth for up to 26.5 million Veterans • VoIP Deployment has opened up additional holes into the data network • Wireless Network Deployments have blurred the definition of “Perimeter” Threats—Total Overload Denial of Service DoS Attacks Up 50% Day Zero Attacks Day Zero Attacks– Increasing in Speed, Sophistication and Level of Stealth Policy and Human Error AFP Published Photo after Katrina- leading to immediate Credit Card Theft Phishing Phishing Increased 39% in Last 6 Months Extortion Wireless and Mobility • • • • Wardriving – Laptop/GPS and software to discover open 802.11 networks Warwalking – iPAQ/GPS and software Warchalking – Symbols indicates wireless settings to others Rogue Access Points Security Threats • • • • • Toll Fraud Viruses/Worms Hackers Espionage Denial of Service (DOS) • Man in the Middle • • • • • • • Extortion PDA Theft Podslurping Bluetooth Access Wireless Bleed Over Rogue Modem Usage IP Packet Hi-Jacking Cross Security Group (CSG) • To help our customers address these security concerns, Cross has formed the Cross Security Group (CSG). • Cross’ Core Offerings are: – Security Jumpstart – Converged Network Security Assessment – Network Security Consulting Security Jumpstart • Security Jumpstart is an assessment of the External Network that identifies and prioritizes vulnerabilities • Customers receive: – – – – – – – Executive Report of Network Security Top 10 Threats to the Network Report Threat Matrix of Vulnerabilities Web Intelligence Report Full Technical Report Current Network Map Outbriefing of the State of Security on Your Network • Performed Remotely- Price: $2,000. Onsite available upon request for added cost. Converged Network Security Assessments (CNSA) • CNSA is a holistic assessment focusing on both the voice and the data network, in order to expose any security associated with a converged network. • The assessment covers: – External Security Assessment – Internal Security Assessment – Wireless Assessment – Bluetooth Assessment – Rogue Modem Assessment – IDS Assessment – SAN’s Assessment – VoIP Assessment – Penetration Testing Cross Security Team • Chief Security Officer—Joseph Seanor – – – – – – – 10 years Central Intelligence Agency, CIC/CNC Department of Justice Telecom Security Staff Private Investigator for 14 years 7 years America Online’s Senior Investigator Learning Tree Instructor on: IDS, Firewalls, Windows Security. Author of 6 books on computer and crime 7th book out “The Black Book on Corporate Security” -Converged Network Security – Avaya Security Managing Consultant 3 years – CBS radio national correspondent – 2 patents pending Cross Security Team • Security Analyst – – – – Security Consultant Avaya DISA Network Consultant America Online Network Security engineer Software programmer • Developed software for DOD, to be reviewed by NSA • Developed Kerberos software for AOL – NSA IAM certified • Certified Security Engineers – – – – – CCIE- Security CISSPs CCSPs Global Information Assurance Certifications (GIAC) Government Clearance Always Ask Your Network “Is it safe? Is it secure?” Questions? www.crosstelecom.com