Infosecurity Europe 2013: Day 3 Thoughts
Marcel Santilli 270002FABM firstname.lastname@example.org | | Tags:  ibmsecurity guardium risk security-intelligence infosececurity incident-response infosecurity-uk securie-coding auditing security qradar siem infosecurity-europe san security-requirements ibm_security infosec13 ips risk-assessment mainframe ibm-security infosec database-security
0 Comments | 3,218 Visits
As the third day came to a close on Infosecurity Europe and our stand is now slowly being taken down, I wanted to provide some key highlights of the whiteboarding sessions that happened live on our interactive graffiti wall.
How to Protect your Crown Jewels
First up was David Gray from our business Partner, Satisnet, who delved into the topic of protecting your “crown jewels” with Security Intelligence. David started by talking about the general security ecosystem and the need to have intelligence/monitoring of firewalls, IPS, authentication and patch management. David also then talked about having to have knowledge on external threats such as Advanced Persistent Threats.
He then finished his session by showing and discussing how IBM Security QRadar SIEM is able to monitor and correlate different machine/log types to provide total Security Intelligence. To find out more download the IBM Security QRadar SIEM datasheet.
Secure by Design
Next up to the stand was Peter Vincent who took control of the graffiti wall to engage the audience on Secure by Design. Peter started off by talking about getting things right at the start of the application development cycle to save time, effort and money later on down the line. He gave an example that something that may cost you $50 in development to design, will cost you much more if having to fix in production.
Peter then highlighted the need for security architectural principles, such as: defence in depth, leased privilege and secure by default. He closed by telling the audience that the underlying prerequisite for Secure by Design is the need for organizations to strong technical governance in place and by in from all stakeholders.
What are the security risk and how to defend against them?
The afternoon session started with Salva Sinno presenting “What are the security risks and how to defend against them?” Salva started by asking the audience if they have any security on their SAN (Storage Area Network) System. The response from the audience confirmed that organisations’ today focus on IP security not on SAN because they assume that the Fibre Channel Network can not be attacked.
Then Salva continued by giving an example of how this is a false assumption and that the Fibre Channel Network are vulnerable to traits such as WWN Spoofing, SNS Vulnerability and Fabric Port Address Spoofing. He closed presenting a set of techniques and good practice that can be used to secure the Fibre Channel and the SAN infrastructure and should guide the selection of the hardware when building an enterprise SAN System.
Database Security & Auditing: How to protect your most valuable assets and meet compliance requirements
Our final session was Brian Flasck who in his 15 minutes highlighted to the audience how to protect your most valuable assets and meet compliance requirements through database security and auditing. Brian started by saying that most companies recognise today that the traditional approach of delegating responsibility for database security and auditing to the DB operations team has numerous disadvantages.
He discussed how using inbuilt native DB logging tools is insecure and severely degrades the performance of databases and applications and this is why many organisations are turning to IBM, who provide a solution that gives them full visibility and security over their core databases, but without the performance impact traditionally associated with database auditing Brian finished by talking about one of the most common concerns today of IT security and risk managers, privileged user access to sensitive databases. Security and compliance standards now require full visibility of users such as DBA’s, sysadmins, and developers, but this needs to be accomplished in a way that does not impact system performance and provides segregation of duties expected by auditors.
Please follow @IBMSecurity for more information specifically on our security events, news, collateral and more.
Tom joined the IBM Security Systems marketing team through the acquisition of Q1 Labs team. He was the EMEA Marketing Team Lead for Q1 Labs and worked on the demand generation and channel partner marketing programmes. Tom moved into the WW Marketing team for IBM Security Systems and has been the lead for Demand Generation in Threat and Security Intelligence, and has taken on the role of the IMT first role for Europe. Before joining IBM, Tom worked for 8 years in the advertising industry in London, working on media strategies for large enterprise clients.