Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Your cyber security webinar

418 views

Published on

With more than 50,000 new malware created every day organisations can no longer afford to risk the financial and reputational impacts of a security or data breach, which can be too much for a business to recover from. Because of this, IT managers face increasing scrutiny and pressure from CEOs, managing directors and boards to prove that they are keeping the organisation secure.

The changing threat landscape means organisations need to be vigilant and smarter about security. While businesses still face threats from infected devices and malware, attackers have also moved beyond that. For example, there is an increasing number of targeted email attacks with cyber criminals spending time to monitor communications so they can imitate emails that are so sophisticated that even relatively savvy users will open them.

This webinar will explore the building blocks required to ensure you have the roadmap required to best protection against cyber attacks. We will provide you with a high level view of the following topics:

· Audit and discovery – What are your weaknesses and are you compliant?
· Education – Do your employees know when not to open that attachment?
· Policy – Do you have the right policies for your industry?
· Technology – Where to start and what has changed?

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Your cyber security webinar

  1. 1. Your cyber security roadmap
  2. 2. • Introduction • Bevan Sinclair - Practice Manager, Cloud Design and Integration, Intergen • Sven Ross - Chief Executive Officer, Diamond Cyber • Mark Blower - National Business Manager – Networks and Security, Empired • Why are we vulnerable to a cyber attack? • What can we do to mitigate the threat? • How the threat landscape is changing • How Intergen can help • Free offering and competition • Questions Agenda
  3. 3. Introduction Why are we here? • Business beats with a digital heart • Rates of cyber crime increasing exponentially • Cyber crime is highly lucrative and largely anonymous • Attacks are becoming increasingly sophisticated, targeted and persistent risk profiles are ever increasing We need to stay one step ahead
  4. 4. Why are we vulnerable to cyber attack?
  5. 5. The face of cyber crime has changed • A commercial venture with low point of entry • Anonymous ransomware • Large scale, industrial approach to exploitation • New threats by the minute Why are we so vulnerable to cyber attack
  6. 6. • The manipulation of people and technology to do something other than its original purpose • The intention behind the hacking dictates whether it is malicious or not • Effective law enforcement and prevention of cyber crime is difficult for many reasons What is hacking?
  7. 7. In business we have competing demands: • Market share and profitability • Responding to customer demand • Innovating your products and services IT systems are connected together like never before. Truly effective cyber security management requires a broader view than just IT. Where to find the time to ‘be secure’? Competing demands vie for our attention Source: Diamond Cyber
  8. 8. Time is a key construct of vulnerability to malicious activity. • The competing demands of business vie for all our time. • The IT teams’ available time is split between new initiatives, innovation, break/fix, proactive management and more. For the cyber criminal time is their most valuable asset. • A persistent threat attacker is spending more time trying to break in than you are trying to prevent it. The attacker may be more dedicated Source: Diamond Cyber
  9. 9. The attacker may be more dedicated Time spent on defensive measures, limited by cost, prioritised by uptime. Level of security achieved, measured in time- to-compromise. Efficiency Hacker: Time invested in achieving compromising, limited by motivation. Example: Criminal No compromise Compromise Hacker: Time invested in achieving compromising, limited by motivation. Example: State This is why a realistic threat should dictate defensive spend, and why defensive efficiency (strategy) is important Source: Diamond Cyber
  10. 10. To a large extent, we are vulnerable due to the compliance driven approach to security. • Some of us have an annual audit for security • Sometimes security checks are done outside of audits Hackers do not wait for your yearly security audits to create new attacks! Process; a help and a hindrance Verify Controls Apply Controls Exploit Vulnerability Identify Vulnerability 6 Months 6 Months Source: Diamond Cyber
  11. 11. Advanced • Targeted, coordinated, purposeful Persistent • Month after month, year after year Threat • Person(s) with intent, opportunity and capability The Cyber Kill Chain 1. Reconnaissance Harvesting email addresses, conference information, etc. 7. Actions on objective With ‘hands on’ access the intruders accomplish their goal 2. Weaponisation Couple exploit with backdoor into a payload. 3. Delivery Delivery of exploit to victim. Email, web, USB, etc. 6. Command and control Command channel for remote manipulation 4. Installation Installing malware on the asset 5. Exploitation Exploit a vulnerability to execute code on the asset Source: Diamond Cyber
  12. 12. What can we do to mitigate the threat?
  13. 13. Understand the enemy • Persistent, advanced and human-based. Actively probing for weakness • Multiple threat vectors, changing daily • Likely spending more time trying to attack you than you are defending Identify your risks and exposure • Where are your information assets and how protected are they? • Where are your weaknesses? Build a defensive strategy and execute upon it • Plan to protect what matters the most Continuously validate its effectiveness • Optimise your defences by probing for weakness What should businesses do?
  14. 14. What should business do? Develop a cyber program
  15. 15. • Identify business/mission objectives and high-level organisational priorities • Determine the scope of systems and assets that support the selected business line or process • Identify related systems and assets, regulatory requirements, and overall risk approach • Identify the Threat Groups most likely to target the organisation and understand why. Prioritise, Scope & Orient • Identify a framework to reference cyber control definitions (NIST, COBIT, ISO 27001, CIS-CSC) • Develops a Current Profile by indicating what cyber controls currently exist in the business • Determine the maturity of controls Create Current State Profile • Assessment is guided by the organisation’s overall risk management process or previous risk assessment activities. • Analyse the operational environment in order to discern the likelihood of a cybersecurity event and the impact that the event could have on the organisation. • Identify the Most Likely and Most Dangerous threat scenarios which could occur. Conduct Risk Assessment Cyber program development
  16. 16. • Create a Target Profile that focuses on the assessment of the identified Controls describing the organisation’s desired cybersecurity outcomes • Consider influences and requirements of external stakeholders such as sector entities, customers, and business partners when creating a Target Profile Create Target State Profile • Compare the Current Profile and the Target Profile to determine gaps • Create a prioritised action plan to address those gaps that draws upon mission drivers, a cost/benefit analysis, and understanding of risk to achieve the outcomes in the Target Profile • Determine resources necessary to address the gaps Determine & Prioritise Gaps • Determine which actions to take in regards to the gaps, if any, identified in the previous step • Monitor the cybersecurity practices against the Target Profile Implement Action Plan Cyber program development
  17. 17. Cyber program development – Core Functions Identify Protect DetectRespond Recover • Identify the components of your business that require protection and how this is achieved. • Implement process and technology to protect your information assets. • Build capability to detect when an attack may occur, is occurring or has occurred. • Establish people, process and technology to respond to cyber incidents. • Create a cyber resilient business that is capable of recovering from cyber incidents.
  18. 18. How the threat landscape is changing “Only two things are infinite, the universe and human stupidity, and I'm not sure about the former” Albert Einstein
  19. 19. • The traditional firewall and E-mail protection is dead • Next generation firewalls (UTMs) and advanced mail protection are a step in the right direction • We need threat analytics and real time protection • Considerations for bespoke vs unified solutions Perimeter protection
  20. 20. Antivirus technology is dated and not effective We need: • Real time protection • Ways to enforce corporate policy to the remote worker • Mobile device protection Antivirus and antimalware
  21. 21. • We can’t consider the wired network is safe anymore • Provide accessibility to the correct people • Prepare yourself for IoT Protect your network
  22. 22. Application Control Devices (ACDs) provide visibility of who accesses what and when. They enable us to • Protect the application in any location • Provision accessibility for the correct user and block others Protect your application
  23. 23. Insight is crucial to effective management of the threat landscape No visibility = minimal benefit Unify systems Security Incident and Event Management Visibility and monitoring
  24. 24. How Intergen can help
  25. 25. How Intergen can help Audit and compliance Enhancement and remediation Threat response and containment
  26. 26. Thank you.

×