Strategic threat assessment

Slides:



Advertisements
Similar presentations
1© Copyright 2011 EMC Corporation. All rights reserved. The Future of the Advance Soc 3rd Annual Privacy, Access and Security Congress, Ottawa, 2012 Mike.
Advertisements

What is Insider Threat? “Potential damage to the interests of an organization by a person(s) who is regarded, falsely, as loyally working for or on behalf.
© 2013 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual.
Cyber Resilience Simon Onyons Financial Stability – Resilience Team.
Global Information Security Issues According to the E&Y Global Survey, Managers Say the Right Thing… –90% of 1400 companies surveyed in 66 countries say.
IT Security Readings A summary of Management's Role in Information Security in a Cyber Economy and The Myth of Secure Computing.
© Infosys Technologies Limited Consulting Services Paul Cole Managing Director – Infosys Consulting.
Intrusion Detection MIS ALTER 0A234 Lecture 11.
90% of EU exports consist of product and services of IPR-intensive industries. Among 269 senior risk managers, 53% said IP loss or theft had inflicted.
Topic: Information Security Risk Management Framework: China Aerospace Systems Engineering Corporation (Case Study) Supervisor: Dr. Raymond Choo Student:
Network Security Policy Anna Nash MBA 737. Agenda Overview Goals Components Success Factors Common Barriers Importance Questions.
Did You Hear That Alarm? The impacts of hitting the information security snooze button.
What Keeps You Awake at Night Compliance Corporate Governance Critical Infrastructure Are there regulatory risks? Do employees respect and adhere to internal.
Prepared by: Dinesh Bajracharya Nepal Security and Control.
Managing the Privacy Function at a Large Company Kimberly S. Gray, Esq., CIPP Chief Privacy Officer Highmark Inc.
Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.
Managing Data Against Insider Threats Dr. John D. Johnson, CISSP.
Lesson 7-Managing Risk. Overview Defining risk. Identifying the risk to an organization. Measuring risk.
Introduction: Information security services. We adhere to the strictest and most respected standards in the industry, including: -The National Institute.
Connected Security Your best defense against advanced threats Anne Aarness – Intel Security.
A global nonprofit: Focusing on IP Protection and Anti-Corruption Sharing leading practices based on insights from global companies, academics, organizations.
The cost of Cybercrime 1 Steve Lamb Regional Marketing Manager – EMEA, Enterprise Security Products Twitter: actionlamb.
Latest Strategies for IT Security Margaret Myers Principal Director, Deputy CIO United States Department of Defense North American Day 2006.
Legal Jeopardy: Whose Risk Is It?. SPEAKERS Jason Straight Chief Privacy Officer and Senior Vice President Cyber Risk Solutions at UnitedLex Patrick Manzo.
By, CA K RAGHU, PAST PRESIDENT – INSTITUTE OF CHARTERED ACCOUNTANTS OF INDIA.
External Threats Internal Threats Nation States Cyber Terrorists Hacktivists Organised criminal networks Independent insider Insider planted by external.
BY: AUSTIN NEIGH. WHAT IS CYBER WARFARE? Hacking that is politically motivated to conduct sabotage or espionage Form of information warfare Typically.
Cyber Risks: Protecting confidential data against unauthorized access Vik Bansal Deloitte & Touche LLP John Reidhead State of Utah March 17, 2016.
Cyber Security – Client View Peter Gibbons | Head of Cyber Security, Group Business Services Suppliers’ Summer Conference 15/07/2015.
Edison Electric Institute Cybersecurity 101 October 24,
Cyber Security Phillip Davies Head of Content, Cyber and Investigations.
What, when and how – are you prepared?
Defining your requirements for a successful security (and compliance
Proactive Incident Response
Cybersecurity as a Business Differentiator
Law Firm Data Security: What In-house Counsel Need to Know
Increasing Information and Data Security in Today’s Cybersecurity World 2017 Conference Review 6/6/2017.
Comprehensive Security and Compliance at an Affordable Price.
Data Minimization Framework
Cyber Security: State of the Nation
Compliance with hardening standards
Lecture 8. Cyber Security, Ethics and Trust
COSO and ERM Committee of Sponsoring Organizations (COSO) is an organization dedicated to providing thought leadership and guidance on internal control,
Board Concerns About Cyber Security
Gelişmiş Tehdit Korumasının İnkar Edilemez 4 Gerçeği
Cybersecurity EXERCISE (CE) ATD Scenario intro
Cyber defense management
Data Security Team 1.
Making Information Security Manageable with GRC
Securing Your Digital Transformation
Threat Landscape for Data Security
Security Agility: Creating a Multi-Disciplinary Framework
cyberopsalliance.com |
11/17/2018 9:32 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.
Unit 1.6 Systems security Lesson 2
Securing the Threats of Tomorrow, Today.
CRITICAL INFRASTRUCTURE CYBERSECURITY
INFORMATION SYSTEMS SECURITY and CONTROL
Cyber security Policy development and implementation
Cybercrime and Canadian Businesses
Information Protection
MAZARS’ CONSULTING PRACTICE Helping your Business Venture Further
MAZARS’ CONSULTING PRACTICE Helping your Business Venture Further
Texas Assisted Living Association 2019 Conference
Information Protection
AIR-T11 What We’ve Learned Building a Cyber Security Operation Center: du Case Study Tamer El Refaey Senior Director, Security Monitoring and Operations.
Anatomy of a Common Cyber Attack
Protecting Knowledge Assets – Case & Method for New CISO Portfolio
Presentation transcript:

Strategic threat assessment helping organizations understand how threat actors Attack vulnerable assets

Cyber attacks will remain rampant until businesses prioritize and implement security tools across the entire organization The average cost of a data breach globally continues to rise

Every organization faces security risks, but the risks aren’t the same for everyone Threat actor Motive Impact Personal advantage, monetary gain Sabotage for personal reasons Bribery Disclosure of trade secrets Disrupt business activities Brand damage External Threats Financial gain Collect information for future financial gain  Espionage or influence Regulatory inquiry/penalty Brand/reputation damage Consumer lawsuits Organized crime/ Nation State Political change Pressure business to change their practices Create fear or uncertainty Disrupt business activities Consumer confidence loss Every organization faces security risks, but the risks aren’t the same for everyone. An attacker targeting a retail organization, for example, will likely go after different assets than an attacker targeting a hospital. Within the organization, targets vary, too. An attack on the accounting department might target financial data or employees’ personal information, while an attack on the engineering department might target trade secrets and other intellectual property. Hacktivists

Strategic threat assessment from IBM X-Force IRIS Take Action at Different Levels of Intelligence Outsiders Outsiders 45% 40% TACTICAL OPERATIONAL STRATEGIC MACHINE-TO-MACHINE INTELLIGENCE TO DETECT AND PREVENT THE KNOWN AND UNKNOWN ATTACKS IDENTIFY RISK LEVEL, ATTACKER INSIGHTS, AND PRIORTIZE ALERT RESPONSE THREAT ACTOR AND INDUSTRY INSIGHTS TO STAY AHEAD OF THE ATTACKER AND TAKE ACTIONS HOW DOES IT WORK? Review a client’s key assets to characterize threat events by the typical attackers, the likely infection vectors, and the techniques and procedures that adversaries employ. Our unique understanding of adversaries and their tactics is derived from fusing information gathered at incident response investigations, technical observations, and open sources.  

It’s vital to understand the types of attackers and where an attack might occur and the procedures attackers are likely to employ What is discovered with STA? What can we do about it? it? Employ malicious code protection mechanisms at entry and exit points to detect and eradicate malicious code. Include practical exercises in security awareness training that simulate actual cyber attacks. Manages excess capacity, bandwidth, or other redundancy to limit the effects of information flooding denial of service attacks. Malicious code execution in unsecured databases Phishing Commodity Malware URL spoofing to gain credentials SQL-attacks Third-party access Credential Theft DDoS Attacks Exploit Kits Removable media Social Engineering Based on data IBM gathers for the client, threats are characterized by types of attackers, common points where an infection might occur and the procedures attackers are likely to employ—information an organization can use to protect itself.  

Combining our knowledge about threats to a report for senior leaders Malware Threat Groups Threat Activity Industry Using incident response investigations and technical observations by IBM experts, plus information on previous attacks at the organization and data from open sources, X-Force IRIS assigns a risk rating for the client. It then provides recommendations for improving security measures, such as utilizing threat intelligence to update risk assessment plans or briefing leaders on key threat intelligence regarding attackers, tools, vectors of infection and methods of exfiltration.

Through a better understanding of how bad actors behave you can target your company’s protection of asset Prioritize security investment decisions across the business based on potential impact of threat activity from similar firms Inform the board about changing strategic risks to company operations and assets Breakdown internal security silos by developing a common understanding of threats and business harms Implement threat intelligence to enhance enterprise security operations

IBM Security provides the expertise, talent, and end-to-end approach you need to deliver value Unparalleled Expertise Best-in-class Managed Security Services Integrated Approach IBM X-Force® Exchange and Threat Research teams providing zero-day threat alerts to clients Over 1400 employees serving 130+ countries, with a 95% retention rate 35 billion security events analyzed daily across 4,500+ global clients Access to a global network of skilled industry experts Deep industry service delivery experience across numerous types of operations Ability to lead and execute large, transformational projects Integrated portfolio of security services and technology Open ecosystem with 100+ technology alliances and 30+ services partners 800+ technical vendor and 150+ professional security certifications

4/19/2019 Mandatory closing slide with copyright and legal disclaimers.