Koniec projektu przed terminem? Tak, gdy inaczej planujesz czas.
보안세미나_발표자료 - 박형근
Transcript of 보안세미나_발표자료 - 박형근
![Page 1: 보안세미나_발표자료 - 박형근](https://reader035.fdocument.pub/reader035/viewer/2022062514/55b11086bb61eb332e8b462c/html5/thumbnails/1.jpg)
© 2015 IBM Corporation
IBM Security Systems
1 © 2015 IBM Corporation
보안 경영의 시작,
한 눈에 보는 IBM 보안 프레임워크
박형근 실장 IBM AP Security Tiger
![Page 2: 보안세미나_발표자료 - 박형근](https://reader035.fdocument.pub/reader035/viewer/2022062514/55b11086bb61eb332e8b462c/html5/thumbnails/2.jpg)
© 2015 IBM Corporation
IBM Security Systems
2
IBM 보안 전략 2015
메가 트랜드
Advanced
Threats Cloud Mobile / IOT Compliance
Skills
Shortage
참여자
CISO CIO 현업
최신 동향을 설명하기 위한 통합과 혁신을 통한
차별화된, 폭넓은 솔루션 포트폴리오 전달
CISO 아젠다 지원 1
핵심 보안 동향 기반
혁신 과제 수행 2
포트폴리오
Management Consulting
Systems Integration
Integrated Products
Security as a Service
Managed Security
Strategy, Risk and Compliance
Cybersecurity Assessment and Response
Security Intelligence and Operations
Advanced Fraud
Protection
Identity and Access
Management
Data Security
Application Security
Network, Mobile and Endpoint
Protection
Advanced Threat and Security Research
선택 영역에 대한
기술 리더쉽 3
![Page 3: 보안세미나_발표자료 - 박형근](https://reader035.fdocument.pub/reader035/viewer/2022062514/55b11086bb61eb332e8b462c/html5/thumbnails/3.jpg)
© 2015 IBM Corporation
IBM Security Systems
3
2014 IBM CISO Assessment Report 결과 – 미래를 위한 강화
보다 많은 영향과 지원 획득
외부 위협에 대한 많은 우려
보다 많은 외부와의 협업 기대
오늘날 기술에 대한 집중
정부의 역할에 대한 불확실성
![Page 4: 보안세미나_발표자료 - 박형근](https://reader035.fdocument.pub/reader035/viewer/2022062514/55b11086bb61eb332e8b462c/html5/thumbnails/4.jpg)
© 2015 IBM Corporation
IBM Security Systems
4
83% CISO - 지난 3년 사이 외부 위협이 증가했다
Source: IBM X-Force Threat Intelligence Quarterly – 1Q 2015 and 2014 IBM Chief Information Security Officer Assessment
민감한 데이터가 거의 메일
유출
40% 증가 보고된 데이터 유출 및 사고 내
여러 방법의 혹독한 사용
800,000,000 이상 레코드 유출, 반면 미래에 대한
변화의 징후는 없음.
침해된 레코드의 “미친 것 같은” 양
42% CISO 과거에서 극적으로 증가된 외부
위협으로부터 위험을 주장.
![Page 5: 보안세미나_발표자료 - 박형근](https://reader035.fdocument.pub/reader035/viewer/2022062514/55b11086bb61eb332e8b462c/html5/thumbnails/5.jpg)
© 2015 IBM Corporation
IBM Security Systems
5 Source: IBM X-Force Threat Intelligence Quarterly – 1Q 2015
![Page 6: 보안세미나_발표자료 - 박형근](https://reader035.fdocument.pub/reader035/viewer/2022062514/55b11086bb61eb332e8b462c/html5/thumbnails/6.jpg)
© 2015 IBM Corporation
IBM Security Systems
6
2014년 공개된 취약점의 수
Source: IBM X-Force Threat Intelligence Quarterly – 1Q 2015
![Page 7: 보안세미나_발표자료 - 박형근](https://reader035.fdocument.pub/reader035/viewer/2022062514/55b11086bb61eb332e8b462c/html5/thumbnails/7.jpg)
© 2015 IBM Corporation
IBM Security Systems
7
2014년 – 심각한 설계 취약점 유행
Heartbleed CVE-2014-0160
OpenSSL
Shellshock CVE-2014-6271/7169
Unix Bash shell
POODLE CVE-2014-3566/8730
SSL 3.0 Protocol
GHOST CVE-2015-0235
Linux GNU C Library
![Page 8: 보안세미나_발표자료 - 박형근](https://reader035.fdocument.pub/reader035/viewer/2022062514/55b11086bb61eb332e8b462c/html5/thumbnails/8.jpg)
© 2015 IBM Corporation
IBM Security Systems
8
• 현재 혹은 신규 보안 솔루션이 너무 중복되거나 충돌하지 않나요?
• 보안 솔루션을 통합/정리하고 싶은데 영향도 파악이 되지 않나요?
• 새로운 IT 기술 도입 시 빠르게 적용해야 할 통제 영역이 확인되나요?
• 현 보안 인프라 중 부족한 영역은 어디일까요?
![Page 9: 보안세미나_발표자료 - 박형근](https://reader035.fdocument.pub/reader035/viewer/2022062514/55b11086bb61eb332e8b462c/html5/thumbnails/9.jpg)
© 2015 IBM Corporation
IBM Security Systems
9
보안 프레임워크?
• 커뮤니케이션 툴이자 참조 모델
• 전사 보안 영역에 대한 큰 그림 제시
• 보안 전략과 정책에 대한 기반과 방향성.
• 보안 아키텍처를 위한 뼈대 제공
• 최적화는 어떻게?
![Page 10: 보안세미나_발표자료 - 박형근](https://reader035.fdocument.pub/reader035/viewer/2022062514/55b11086bb61eb332e8b462c/html5/thumbnails/10.jpg)
© 2015 IBM Corporation
IBM Security Systems
10
IBM 보안 프레임워크
고도화된 위협, 선제 방어
클라우드
모바일/ IoT
법, 규제, 내/외부 감사
보안 전문 인력 부족
5대 핵심 과제 CISO의 변화하는 역할
The IBM Security Framework
![Page 11: 보안세미나_발표자료 - 박형근](https://reader035.fdocument.pub/reader035/viewer/2022062514/55b11086bb61eb332e8b462c/html5/thumbnails/11.jpg)
© 2015 IBM Corporation
IBM Security Systems
11
참조모델 1. 비즈니스 중심 보안 프레임워크의 활용
비즈니스 관점
보안 영역
보안 프로세스 공통 보안 요소
아키텍처 관점
기술적 관점 플랫폼 컴포넌트 구성 비즈니스 중심
보안 프레임워크
보안 블루프린트
보안 아키텍처
비즈니스 기술, 아키텍처
원칙과 선도사례
표준과 기술
보안 이슈와 동인
비즈니스 동향 정의
기술 동향 정의
보안과 IT 아키텍처의 통합된 카테고리
![Page 12: 보안세미나_발표자료 - 박형근](https://reader035.fdocument.pub/reader035/viewer/2022062514/55b11086bb61eb332e8b462c/html5/thumbnails/12.jpg)
© 2015 IBM Corporation
IBM Security Systems
12
![Page 13: 보안세미나_발표자료 - 박형근](https://reader035.fdocument.pub/reader035/viewer/2022062514/55b11086bb61eb332e8b462c/html5/thumbnails/13.jpg)
© 2015 IBM Corporation
IBM Security Systems
13
IBM 보안 프레임워크
![Page 14: 보안세미나_발표자료 - 박형근](https://reader035.fdocument.pub/reader035/viewer/2022062514/55b11086bb61eb332e8b462c/html5/thumbnails/14.jpg)
© 2015 IBM Corporation
IBM Security Systems
14
보안 프레임워크를 재정의할 때에는 반드시 통합과 연계를 통해 보안의 가치를 극대화하십시오.
IBM Confidential
통합 인텔리젼스 새로운 보안 위협을 자동으로 탐지하고 대응하기 위해서는 따로 격리된 정보들 간의 상관 관계를 분석해야 합니다.
통합 방어 보다 향상된 보안 체계 구축을 위해서는 하나의 기술, 솔루션, 체계가 아닌 여러 통제 영역이 서로 간의 상호 협업과 시너지를 통해 보다 결합력 있고, 쉬운 보안 관리를 제공합니다.
통합 혁신 취약점, 공격 그리고 악성코드에 대한 최신 정보를 여러 통제 영역에 걸쳐 공유하고, 새로운 위협에 대한 대응을 통합적인 관점에서 연구하고 혁신시킵니다.
![Page 15: 보안세미나_발표자료 - 박형근](https://reader035.fdocument.pub/reader035/viewer/2022062514/55b11086bb61eb332e8b462c/html5/thumbnails/15.jpg)
© 2015 IBM Corporation
IBM Security Systems
15 IBM Confidential
![Page 16: 보안세미나_발표자료 - 박형근](https://reader035.fdocument.pub/reader035/viewer/2022062514/55b11086bb61eb332e8b462c/html5/thumbnails/16.jpg)
© 2015 IBM Corporation
IBM Security Systems
16
![Page 17: 보안세미나_발표자료 - 박형근](https://reader035.fdocument.pub/reader035/viewer/2022062514/55b11086bb61eb332e8b462c/html5/thumbnails/17.jpg)
© 2015 IBM Corporation
IBM Security Systems
17
IBM Security Trusteer Apex Advanced Malware Protection
IBM Confidential
<141>Oct 6 14:47:38 teep[2885]: LEEF:1.0
Trusteer
Trusteer Enterprise Protection
ver_1303.1
ProcessCreate.cp_cmd_killer
devTime=Oct 06 2014 14:47:38.000 UTC
resource=00000000000000000000000000000000295C9079AF472F7004F48E72B45795C6
cat=exploitation
src=1.1.1.2
sev=9
exploited_process_path=c:\program files\java\jre6\bin\java.exe
exploited_process=java.exe
suspicious_item_md5=8099567CC6C532B940632455E8A3BD4B
suspicious_item=csrs.exe
suspicious_item_command_line=
rapport_bin_version=3.5.1404.11
scenario_version=version1
…
rapport_conf_revision=1954730
scenario_name=ProcessCreate.cp_cmd_killer
devTimeFormat=MMM dd yyyy HH:mm:ss.SSS z
![Page 18: 보안세미나_발표자료 - 박형근](https://reader035.fdocument.pub/reader035/viewer/2022062514/55b11086bb61eb332e8b462c/html5/thumbnails/18.jpg)
© 2015 IBM Corporation
IBM Security Systems
18
우회 공격 탐지 및 가상 패치 기술 – IBM Security Network Protection
IBM Confidential
![Page 19: 보안세미나_발표자료 - 박형근](https://reader035.fdocument.pub/reader035/viewer/2022062514/55b11086bb61eb332e8b462c/html5/thumbnails/19.jpg)
© 2015 IBM Corporation
IBM Security Systems
19
![Page 20: 보안세미나_발표자료 - 박형근](https://reader035.fdocument.pub/reader035/viewer/2022062514/55b11086bb61eb332e8b462c/html5/thumbnails/20.jpg)
© 2015 IBM Corporation
IBM Security Systems
20
![Page 21: 보안세미나_발표자료 - 박형근](https://reader035.fdocument.pub/reader035/viewer/2022062514/55b11086bb61eb332e8b462c/html5/thumbnails/21.jpg)
© 2015 IBM Corporation
IBM Security Systems
21
![Page 22: 보안세미나_발표자료 - 박형근](https://reader035.fdocument.pub/reader035/viewer/2022062514/55b11086bb61eb332e8b462c/html5/thumbnails/22.jpg)
© 2015 IBM Corporation
IBM Security Systems
22 IBM Confidential
![Page 23: 보안세미나_발표자료 - 박형근](https://reader035.fdocument.pub/reader035/viewer/2022062514/55b11086bb61eb332e8b462c/html5/thumbnails/23.jpg)
© 2015 IBM Corporation
IBM Security Systems
23
IBM 보안 솔루션 포트폴리오
![Page 24: 보안세미나_발표자료 - 박형근](https://reader035.fdocument.pub/reader035/viewer/2022062514/55b11086bb61eb332e8b462c/html5/thumbnails/24.jpg)
© 2015 IBM Corporation
IBM Security Systems
24
IBM 보안 서비스 포트폴리오
IBM Security Services Portfolio
People Data Applications Infrastructure
Identity
Assessment & Strategy Crown Jewels Discovery & Protection SDLC Program Development Security Optimization
User Provisioning/Access Mgmt Database Security Dynamic and Static Testing Design, Deployment & Migration
Total Authentication Solution Encryption and
Data Loss Prevention
Embedded Device Testing Staff Augmentation
Managed/Cloud Identity Mobile Application Testing
Strategy, Risk & Compliance
Security Maturity
Benchmarking
Security Strategy &
Roadmap Development
Security Risk Assessment &
Program Design
Industrial Controls
(NIST, SCADA) PCI Advisory
Firewall / Unified Threat
Management
Intrusion Detection &
Prevention
Web Protection & Managed
DDoS
Hosted E-Mail & Web
Vulnerability Mgmt
Managed SIEM &
Log Management
Security Operations
Security Intelligence Operations Center Design & Build Out Services
Cloud and Managed Services
Cybersecurity Assessment & Response
Threat Intelligence Advisory X-Force Threat Analysis Penetration Testing Incident Preparation Emergency Response
![Page 25: 보안세미나_발표자료 - 박형근](https://reader035.fdocument.pub/reader035/viewer/2022062514/55b11086bb61eb332e8b462c/html5/thumbnails/25.jpg)
© 2014 IBM Corporation
IBM Security Systems
25
www.ibm.com/security
© Copyright IBM Corporation 2013. All rights reserved. The information contained in these materials is provided for informational purposes
only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use
of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any
warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement
governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in
all countries in which IBM operates. Product release dates and/or capabilities referenced in these materials may change at any time at IBM’s sole
discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any
way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United
States, other countries or both. Other company, product, or service names may be trademarks or service marks of others.
Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response
to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed or misappropriated
or can result in damage to or misuse of your systems, including to attack others. No IT system or product should be considered completely secure
and no single product or security measure can be completely effective in preventing improper access. IBM systems and products are designed to
be part of a comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems,
products or services to be most effective. IBM DOES NOT WARRANT THAT SYSTEMS AND PRODUCTS ARE IMMUNE FROM THE
MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY.
www.ibm.com/security
© Copyright IBM Corporation 2014. All rights reserved. The information contained in these materials is provided for informational purposes
only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use
of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any
warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement
governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in
all countries in which IBM operates. Product release dates and/or capabilities referenced in these materials may change at any time at IBM’s sole
discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any
way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United
States, other countries or both. Other company, product, or service names may be trademarks or service marks of others.
Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response
to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed or misappropriated
or can result in damage to or misuse of your systems, including to attack others. No IT system or product should be considered completely secure
and no single product or security measure can be completely effective in preventing improper access. IBM systems and products are designed to
be part of a comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems,
products or services to be most effective. IBM DOES NOT WARRANT THAT SYSTEMS AND PRODUCTS ARE IMMUNE FROM THE
MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY.