HCSCA106 Threat Defense and Information Security Development Trends

Threat Defense and Informati
on Security Development Tre

nds
www.huawei.com
15 MINUTES BREAK – CLASS RESUMES 8:30 PM EAT (+3

UTC)
Copyright © 2018 Huawei Technologies Co., Ltd. All rights reserved.
Foreword
 The previous courses have introduced some basic concepts and knowledge
about information security and common attack types. Consider this questio
n: What measures should we take to ensure enterprises' information securit
y?
 Defense against security threats not only requires professional tools but als
o the awareness of everyone involved in information security construction.
Copyright © 2018 Huawei Technologies Co., Ltd. All rights reserved. Page 3
Objectives
 Upon completion of this course, you will be able to:
 Describe the basic elements of security threat defense.
 Describe the importance of information security awareness in security protectio
n.
 Describe the future development trends of information security.
Contents
1. Security Threat Defense
2. Information Security Awareness
3. Information Security Development Trends
Key Elements of Information Security Protection
• Ensure security compliance during
process operations of enterprises.
Security O&M Implement in-time response, defense, and
and Management improvement when threats occur.
• "People are the weakest
link in information
security."
• It is very important to
ensure that enterprise
employees have high
security awareness.
• Security protection
technologies ensure
appropriate action can be
implemented.
• Security protection
Security Products technologies have
People and Technologies different protection
methods at different
technical layers and
domains.
Three interconnected elements

Information Security Protection Methods
• Network security: firewall, IPS/IDS, anti-DDoS, etc.

• System security: server security, host security, etc.
• Endpoint security: secure access, identity authentication, etc.
Security products and
• Application security: antivirus, vulnerability scanning, penetration testing, technologies
etc.
• Security operation
O&M and management • Emergency response
• Disaster recovery
• Fostering security awareness in enterprise employees Security awareness

• Raising awareness of social engineering
Contents
Cyber Security Awareness Survey
 Do you read the User Agreement in detail when you register an account?
 Do you use the same password for all your accounts?
 Do you think the current cyber environment is secure?
49.1% TheOth
samers
e 0.7 Uniq
pas% ue
swo pas
32.8% Notrd to swo
all all rd to
accacc eac
ountount h
s s acc
use13.8 ount
the % 24.1
sam
9.2% e
%
6.9%
pas
2.0% swo
rd
61.4
Extremely safe Very safe Safe Very dangerous Extremely %
dangerous
Public Wi-Fi Security Awareness
 Do you connect to free Wi-Fi in public places? Things People Do on Public Wi-Fi Networks
 Do you do online shopping, payment, money transfer, or 25.1%
 other similar things while connected to a public Wi-Fi network?
13.6%
Connection to Public Wi-Fi Networks
Acces
s any
Others
2%
free
Wi-Fi
netw
ork Email & chatting Online shopping & banking
Acces availa transactions
s only ble
prote 18%
Do
cted
not
Wi-Fi
acces
netw
s any
orks
publi
of
c Wi-
well-
Fi
know
netw
n
ork
brand
19%
s
60%
Security Risks of Wi-Fi in Public Places
 Eighty percent of Wi-Fi networks can be easily cracked. Every year, access to public Wi-Fi net
works incurs an economic loss as high as CNY 5 billion (eBank theft, online account theft, et
c.). Below are some examples of public Wi-Fi security risks:
Unexpected Shocking Up-to-date
The hacker steals CNY 34,000 from the A financial scam using McDonalds' Wi- Phishing Wi-Fi in buses
person who steals the neighbor's Wi-Fi Fi cost some users CNY 2000
Suffocating Aggrieved Harmful
Online game purchases accumulated Those who intend to save money may Hackers routinely succeed in obtaining
over a number of years stolen by be at risk due to weak security user password information
hackers
Social Engineering
 Social engineering was first appeared in the 1960s as a formal discipline.
 Social engineering was discussed in The Art of Deception by the infamous hacker Kevin Mitnick, who au
thored the book following a prison term for hacking-related offenses. It refers to the psychological man
ipulation of people to give away important personal information, which can cause great damage to the
victims.
Is this an example of social engineering?
People are the weakest link.

— World's most notorious hacker Kevin Mitnick
Case Study
 Discussion: If you find another person's SIM card, what information can you
obtain?
Personal information of the
SIM card owner
Alipay Login Use QQ (Chinese Facebook)
details and Weibo (Chinese Twitter) to
Obtain name of the card obtain information such as the
owner. birthday, location, and age of
the card owner.
Phone number Information about social

relationships
Insert the SIM card into a phone. Obtain information about friends,
The phone displays the SIM card relatives, and photos of the card
number. owner from social platforms such
as Weibo.
Web browsing
history
Login for the online service
center of the SIM card Using the web browsing history provided by the
service center, you can obtain the owner's most
Obtain the first four and last four digits of the card
frequently visited websites, QQ account, and
owner ID number. Hackers can guess the remaining
Weibo account.
digits based on the birth date and area.
Fostering Security Awareness
 Remaining vigilant when online is an effective way to defend against cyber
security scams.
Practices
Search for the truth

Think before you act
Attention to details
Willing to
learn
Think like a detective
Be Skeptical
Be Observant
Contents
Gartner Top 10 Security Technologies
Mic
ro seg
te men
mo r tati
Re wse on
bro
Ne an
tw aly
n
o r si s
tio
kt
ep
ra
c
ffi
De
c
Endpoint
Detection and Cloud access
Response security
(EDR) brokers
Gartner Top 10 Security (CASBs)
Technologies
re ctio d
Co ecu
se
sp n
an det nag
on
n t r it
s
ai y
a
e
M
ne
r
d
Clo d
ud ine
w
pro orklo e-def Ps)
r D
tect ad t wa s (S
plat io
form n Sof meter
i
s per
Future Development Trends of Security Protecti
on
Security as a service
Endpoint detection
increasingly important
Traffic control
IP addresses -> applications
Software-defined security
protection solution
Trend 1: Security as a Service
Behavior
Security check
File
service
Traffic
App Anomaly
Reverse proxy
Internet
Client
Trend 2: Endpoint Detection Increasingly Import
ant
Detect unknown malicious files and C&C Locate internal endpoints infected by
communications malicious files
MD5 of
MD5 of 2 Locate infected endpoints using
Sandbox executed
malicious 3 MD5 and address threats
Detection Correlate to files
Log 1 files
malicious files
Infected E E E E E
Traffic Analysis Unknown C&C endpoints
Metadata malicious files anomalies E E E E E
Correlate to C&C First infected
1 attack source IP endpoint
Targeted IP
addresses IP addresses 3
addresses of Locate infected endpoints based on
Endpoint C&C attacks 2 of infected the C&C attack traffic. Find the first
Log endpoints infected endpoint and end further
infection.
Trend 3: Traffic Control — from IP Addresses to
Applications
Anti
Spam
App
DDoS
IP Content
VPN
Port User IPS
Protocol Threat
Antivirus
location
URL
DLP
Layer-4 quintuple
Layer-7 application threat control
control
Trend 4: Software-defined Security Solution (Hu
awei SDSec)
Analyzer Global security
intelligence center Detection Intelligence
CIS FireHunter • AI-based auto-learning and detection of threats,
from reactive to proactive defense
Analyzer
Analyzer • Huawei third-generation sandbox based on deep
neural network algorithms
Controller
Handling Intelligence
SecoManager
• Cyber security collaboration, single-point defense
-> network-wide associative defense
Controller
Controller • Security service orchestration
Integrate
DFW
O&M Intelligence
Associate • Service-driven policy management, manual
Router Wi-Fi AR Switch FW/vFW AntiDDoS DFW Third-party
security O&M -> intelligent O&M
Enforcer
Enforcer • Automated service provision for tenants
• Based on automatic mapping from services to
policies
Quiz
1. Which of the Esecurity protection?
A. A. Security O&M and management
B. B. Monitoring
C. C. Security products and technologies
D. D. People
2. Which of the following password settings is more secure?

A. A. Digits only
B. B. Letters only
C. C. Digits + letters
D. D. Digits + letters + special characters
Summary
 Basic elements of security threat defense
 Importance of information security awareness in
security protection
 Future development trends of information security
Thank You
www.huawei.com

HCSCA106 Threat Defense and Information Security Development Trends

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

HCSCA106 Threat Defense and Information Security Development Trends

Uploaded by

Copyright:

Available Formats

Threat Defense and Informati

on Security Development Tre

15 MINUTES BREAK – CLASS RESUMES 8:30 PM EAT (+3

Three interconnected elements

• Network security: firewall, IPS/IDS, anti-DDoS, etc.

• Fostering security awareness in enterprise employees Security awareness

Unexpected Shocking Up-to-date

Suffocating Aggrieved Harmful

People are the weakest link.

Phone number Information about social

Search for the truth

Think like a detective

Port User IPS

2. Which of the following password settings is more secure?

You might also like