Developing a corporate intelligence strategy from online sources

1,381 views

Published on

Published in: Business, Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
1,381
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Developing a corporate intelligence strategy from online sources

  1. 1. Asia Pacific Training Conference 2009 Crafting, Developing and Executing a Corporate Intelligence Program from Online Sources Jeff Bedser, President/COO Internet Crimes Group, Inc. iThreat® Solutions Copyright ICG, Inc. 2000-2008 All rights reserved
  2. 2. Agenda Threats… What kinds of threats are out there? Are they in my neighborhood? Awareness RSS, Blogs, Auction Sites… Analysis False Positives Data quality Action Copyright ICG, Inc. 2000-2008 All rights reserved
  3. 3. Awareness Copyright ICG, Inc. 2000-2008 All rights reserved
  4. 4. Being Aware… of what? Data loss Internal/External Infrastructure manipulation or diversion Planning of attempts to compromise web based services Counterfeit product Consumer product, Pharmaceutical or hardware Attack on products or infrastructure Hardware compromise (mobile phone or appliance) Employee theft High risk individuals/behaviors Piracy Copyright ICG, Inc. 2000-2008 All rights reserved
  5. 5. Becoming Aware… Sources of Data Websites Blogs Message boards Forums Social networking Auction sites Media RSS/XML Feeds Listservs/email IRC (Internet Relay Chat) Copyright ICG, Inc. 2000-2008 All rights reserved
  6. 6. Media Data Sources Mainstream Media CNN, BBC, NYT, WSG, Globe & Mail, FT, etc. Trade Specific Periodicals Pharmaceutical Industrial Piracy Independent Media Indymedia.org Alternet.org Copyright ICG, Inc. 2000-2008 All rights reserved
  7. 7. Blogs Estimate for January 2008 = 145M Copyright ICG, Inc. 2000-2008 All rights reserved
  8. 8. Auction Sites Remember: The sites you have heard the least about are the ones more likely to be used as “fences” for stolen goods. Copyright ICG, Inc. 2000-2008 All rights reserved
  9. 9. Counterfeiting and Diversion » The Internet makes it easier than ever for importers to obtain counterfeit and diverted goods. » Dozens of business-to- business called “Trade Boards” websites help suppliers and importers connect. Copyright ICG, Inc. 2000-2008 All rights reserved
  10. 10. Auction/Trade Boards/Classified Sites Where did the medications come from? Are they counterfeit? Expired? Diverted? The medical devices and bandaging… same issue… also, are they sterile? Is the device safe? Proper codes followed in the manufacturing process? Is stolen property from the facility or production line ending up on these boards being fenced? Is your purchasing or supply entity reselling company property online? Copyright ICG, Inc. 2000-2008 All rights reserved
  11. 11. Wholesale Trade Feeds the Internet Pharmacy Threat Intelligence Identifies Cyber/Physical Relationships Portal Websites Portal SPAM Websites Secondary Mail Order Portal Market Pharmacy Websites Wholesalers Popup Ads Portal Websites Portal Buyers Websites eCommerce Pharmacy Search Engine Placement Anchor Affiliate Programs: Business Rings of Web Sites Copyright ICG, Inc. 2000-2008 All rights reserved
  12. 12. Special Interest Groups that target researchers, ties to donors, high profile staff Animal rights Aids Activists Organized labor Groups that target financial companies, private info, credit card data Phishing Data markets Identity theft Copyright ICG, Inc. 2000-2008 All rights reserved
  13. 13. Extremist Group Fixed Geo-location Copyright ICG, Inc. 2000-2008 All rights reserved
  14. 14. Where to find data/intelligence on these groups?....Networking Sites Social Business Anti-Social Copyright ICG, Inc. 2000-2008 All rights reserved
  15. 15. Analysis Copyright ICG, Inc. 2000-2008 All rights reserved
  16. 16. How do you utilize this new stream of data? Near-real-time threat data Events Warnings Aggregation of news by topic Crime Traffic Weather Nation, region, product, person Copyright ICG, Inc. 2000-2008 All rights reserved
  17. 17. Key Issue: More Sources = More time and effort More sources of information dictate further and more comprehensive analysis This of course facilitates understanding, interpretation and scope of the effort. Copyright ICG, Inc. 2000-2008 All rights reserved
  18. 18. Mapping Threats Your facility Threats to the facility Copyright ICG, Inc. 2000-2008 All rights reserved
  19. 19. Proximity Alerting Copyright ICG, Inc. 2000-2008 All rights reserved
  20. 20. Data Aggregation Open Source Intelligence iThreat® Red Flag Intel Other Information Sources In-House Human Intelligence Copyright ICG, Inc. 2000-2008 All rights reserved
  21. 21. Proximity Alerting Copyright ICG, Inc. 2000-2008 All rights reserved
  22. 22. Create Metrics Copyright ICG, Inc. 2000-2008 All rights reserved
  23. 23. Pitfalls of Open Source Programs Not specific enough or too specific CEO has a very common name Common acronyms have multiple meanings Language not taken into account – contextual translation failures Products have different names in different regions Copyright ICG, Inc. 2000-2008 All rights reserved
  24. 24. Pitfalls of Analysis: False Positives SHAC: Stop Huntingdon Animal Cruelty … or Student Honors Advisory Council Copyright ICG, Inc. 2000-2008 All rights reserved
  25. 25. Action Copyright ICG, Inc. 2000-2008 All rights reserved
  26. 26. Taking Action Organizational Challenges How do you integrate open source intelligence into your workflow? How will it change you business practices? The connection between external and internal threats Understanding and finding the interrelation between these threat vectors. Copyright ICG, Inc. 2000-2008 All rights reserved
  27. 27. Summary Awareness Do you best to know where and when to look for intelligence. Much of it is there to find in the public domain. Analysis Spend the time to interpret the threat and risk to your operation. Action Force the issue in your organization. Be proactive in your response. Copyright ICG, Inc. 2000-2008 All rights reserved
  28. 28. Q&A Jeff Bedser, President/COO Internet Crimes Group, Inc. iThreat® Solutions Copyright ICG, Inc. 2000-2008 All rights reserved

×