NCC Group, profile picture
Uploaded byNCC Group
PDF, PPTX1,503 views

Current & Emerging Cyber Security Threats

The document outlines current and emerging cyber security threats. It discusses threat actors, primary threats like poor software design and lack of network security, and common attack vectors. Current threats include accidental data loss, deliberate exfiltration, and targeted attacks. Emerging threats involve issues from bring your own device (BYOD) use, large data volumes, fast-paced technology evolution, and increased consumer coding and internet of things devices. The document emphasizes that perimeter security is not enough and that cyber risk responsibility cannot be outsourced.

Embed presentation

Download as PDF, PPTX
Current & Emerging Cyber Security Threats
Agenda • The threat actors • Primary threats • Common vectors • Some realities • Current threats • Emerging threats
Before we begin.. Security is emotive
Before we begin.. Some stats https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/261674/bis-13-1293-ftse-350-cyber-governance-health-check-tracker-report.pdf
Before we begin.. Some more stats https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/261674/bis-13-1293-ftse-350-cyber-governance-health-check-tracker-report.pdf
The threat actors
Primary threats
Vectors
Causes • Poorly designed and developed software and systems • Lack of network segregation, access control & monitoring • Level of user education and risk understanding / sense of ownership & responsibility • Security solutions / practices leading to poor UX • Regulatory tick boxing / audit burden
Vendor hype leading to the wrong focus
Some realities • Perimeter security alone has never been sufficient • The definition of a perimeter has changed • Asking people not to click on things is not sustainable • Limiting the use of mobile does not work • Security doesn’t come from free!
Current threats // Internal • Accidental data or device loss • Deliberate data exfiltration • Poor internal security practices // External • Collateral damage compromises • Drive by compromise • Targeted attacks
Emerging threats – BYOD
Emerging threats – data volumes • How to tag data efficiently and effectively • How to control access • How to protectively monitor • How to detect anomalous behaviour • Aggregation of data
Emerging threats – tech evolution pace • Evolution rate increasing • Shorter product life spans • Quicker time to market • Sustaining older products from a security perspective • Agile security engineering
Emerging threats – everyone’s a coder! • A world where everyone is a developer • Traditional security expertise in development / engineering teams diluted • We need better frameworks and platforms
Emerging threats – Internet of things • Traditional patching goes away • Exploitability doesn’t diminish • Machine to machine interactions • Compounded hidden I.T.
Final thoughts • Cyber risk ownership can not be outsourced • Cyber security is just one element of modern good business governance • Investment should be always be proportional • Events will occur! It shouldn’t be a drama..
Thanks? Questions? UK Offices North American Offices Australian Offices Manchester - Head Office San Francisco Sydney Cheltenham Atlanta Edinburgh New York Leatherhead Seattle London Austin Milton Keynes European Offices Amsterdam - Netherlands Munich – Germany Zurich - Switzerland Ollie Whitehouse ollie.whitehouse@nccgroup.com

More Related Content

PPTX
Practical SME Security on a Shoestring
byNCC Group
 
PDF
2012 06-19 --ncc_group_-_iet_seminar_-_mobile_apps_and_secure_by_design
byNCC Group
 
PPTX
Slide Deck – Session 4 – FRSecure CISSP Mentor Program 2017
byFRSecure
 
PPTX
Advanced Persistent Threats (APTs) - Information Security Management
byMayur Nanotkar
 
PDF
What Is Next-Generation Endpoint Security and Why Do You Need It?
byPriyanka Aash
 
PPTX
Valerie Thomas - All Your Door Belong to Me - Attacking Physical Access Systems
bycentralohioissa
 
PPTX
Slide Deck CISSP Class Session 5
byFRSecure
 
PDF
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...
byAPNIC
 
Practical SME Security on a Shoestring
byNCC Group
 
2012 06-19 --ncc_group_-_iet_seminar_-_mobile_apps_and_secure_by_design
byNCC Group
 
Slide Deck – Session 4 – FRSecure CISSP Mentor Program 2017
byFRSecure
 
Advanced Persistent Threats (APTs) - Information Security Management
byMayur Nanotkar
 
What Is Next-Generation Endpoint Security and Why Do You Need It?
byPriyanka Aash
 
Valerie Thomas - All Your Door Belong to Me - Attacking Physical Access Systems
bycentralohioissa
 
Slide Deck CISSP Class Session 5
byFRSecure
 
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...
byAPNIC
 

What's hot

PPTX
Slide Deck – Class Session 1 – FRSecure CISSP Mentor Program
byFRSecure
 
PPTX
Threat Modeling - Locking the Door to Vulnerabilities
bySecurity Innovation
 
PPTX
Purple Teaming - The Collaborative Future of Penetration Testing
byFRSecure
 
PPTX
How to Prepare for the CISSP Exam
bykoidis
 
PDF
Slide Deck CISSP Class Session 4
byFRSecure
 
PDF
IDC Security 2014, Endpoint Security in Depth
byKen Tulegenov
 
PPTX
Chris Haley - Understanding Attackers' Use of Covert Communications
bycentralohioissa
 
PDF
Offensive cyber security engineer updated
byInfosecTrain
 
PDF
Wfh security risks - Ed Adams, President, Security Innovation
byPriyanka Aash
 
PDF
Security Consulting Services - Which Is The Best Option For Me? - Diego Sor, ...
byCore Security
 
PPTX
NTXISSACSC2 - Advanced Persistent Threat (APT) Life Cycle Management Monty Mc...
byNorth Texas Chapter of the ISSA
 
PPTX
Time Traveling: Adapting Techniques from the Future to Improve Reliability, J...
byDigital Bond
 
PDF
Deception Technology: Use Cases & Implementation Approaches
byPriyanka Aash
 
PDF
The Cost of Doing Nothing: A Ransomware Backup Story
byQuest
 
PPTX
Tiptoe Through The Network: Practical Vulnerability Assessments in Control Sy...
byDigital Bond
 
PPT
Latihan6 comp-forensic-bab5
bysabtolinux
 
PDF
Managing Next Generation Threats to Cyber Security
byPriyanka Aash
 
PDF
TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...
bySaraPia5
 
PPTX
Security Culture from Concept to Maintenance: Secure Software Development Lif...
byDilum Bandara
 
PPTX
5 things i wish i knew about sast (DSO-LG July 2021)
byMichael Man
 
Slide Deck – Class Session 1 – FRSecure CISSP Mentor Program
byFRSecure
 
Threat Modeling - Locking the Door to Vulnerabilities
bySecurity Innovation
 
Purple Teaming - The Collaborative Future of Penetration Testing
byFRSecure
 
How to Prepare for the CISSP Exam
bykoidis
 
Slide Deck CISSP Class Session 4
byFRSecure
 
IDC Security 2014, Endpoint Security in Depth
byKen Tulegenov
 
Chris Haley - Understanding Attackers' Use of Covert Communications
bycentralohioissa
 
Offensive cyber security engineer updated
byInfosecTrain
 
Wfh security risks - Ed Adams, President, Security Innovation
byPriyanka Aash
 
Security Consulting Services - Which Is The Best Option For Me? - Diego Sor, ...
byCore Security
 
NTXISSACSC2 - Advanced Persistent Threat (APT) Life Cycle Management Monty Mc...
byNorth Texas Chapter of the ISSA
 
Time Traveling: Adapting Techniques from the Future to Improve Reliability, J...
byDigital Bond
 
Deception Technology: Use Cases & Implementation Approaches
byPriyanka Aash
 
The Cost of Doing Nothing: A Ransomware Backup Story
byQuest
 
Tiptoe Through The Network: Practical Vulnerability Assessments in Control Sy...
byDigital Bond
 
Latihan6 comp-forensic-bab5
bysabtolinux
 
Managing Next Generation Threats to Cyber Security
byPriyanka Aash
 
TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...
bySaraPia5
 
Security Culture from Concept to Maintenance: Secure Software Development Lif...
byDilum Bandara
 
5 things i wish i knew about sast (DSO-LG July 2021)
byMichael Man
 

Viewers also liked

PDF
Emerging Threats - The State of Cyber Security
byCisco Canada
 
PPT
Emerging Threats and Attack Surfaces
byPeter Wood
 
PPTX
Emerging threats of cyberterrorism
byNishith Pandit
 
PPT
Cyber Security Emerging Threats
byisc2dfw
 
PPTX
2013 07-12 ncc-group_data_anonymisation_technical_aspects_v1 0
byNCC Group
 
PDF
How we breach small and medium enterprises (SMEs)
byNCC Group
 
PDF
Pki 202 Architechture Models and CRLs
byNCC Group
 
PPTX
Mobile App Security: Enterprise Checklist
byJignesh Solanki
 
PPTX
Exploiting appliances presentation v1.1-vids-removed
byNCC Group
 
PDF
Proactive Defense: Understanding the 4 Main Threat Actor Types
byRecorded Future
 
PDF
Luncheon 2016-01-21 - Emerging Threats and Strategies for Defense by Paul Fle...
byNorth Texas Chapter of the ISSA
 
PDF
NCC Group 44Con Workshop: How to assess and secure ios apps
byNCC Group
 
PDF
Cryptography101
byNCC Group
 
PDF
07182013 Hacking Appliances: Ironic exploits in security products
byNCC Group
 
PPTX
Cryptography - 101
byn|u - The Open Security Community
 
PDF
Ransomware and Emerging Cyber Threats: Why It's More Than Just An IT Problem ...
bySteve Fantauzzo
 
PDF
USB: Undermining Security Barriers
byNCC Group
 
PDF
2012 12-04 --ncc_group_-_mobile_threat_war_room
byNCC Group
 
PDF
Pki 201 Key Management
byNCC Group
 
PDF
Docking stations andy_davis_ncc_group_slides
byNCC Group
 
Emerging Threats - The State of Cyber Security
byCisco Canada
 
Emerging Threats and Attack Surfaces
byPeter Wood
 
Emerging threats of cyberterrorism
byNishith Pandit
 
Cyber Security Emerging Threats
byisc2dfw
 
2013 07-12 ncc-group_data_anonymisation_technical_aspects_v1 0
byNCC Group
 
How we breach small and medium enterprises (SMEs)
byNCC Group
 
Pki 202 Architechture Models and CRLs
byNCC Group
 
Mobile App Security: Enterprise Checklist
byJignesh Solanki
 
Exploiting appliances presentation v1.1-vids-removed
byNCC Group
 
Proactive Defense: Understanding the 4 Main Threat Actor Types
byRecorded Future
 
Luncheon 2016-01-21 - Emerging Threats and Strategies for Defense by Paul Fle...
byNorth Texas Chapter of the ISSA
 
NCC Group 44Con Workshop: How to assess and secure ios apps
byNCC Group
 
Cryptography101
byNCC Group
 
07182013 Hacking Appliances: Ironic exploits in security products
byNCC Group
 
Cryptography - 101
byn|u - The Open Security Community
 
Ransomware and Emerging Cyber Threats: Why It's More Than Just An IT Problem ...
bySteve Fantauzzo
 
USB: Undermining Security Barriers
byNCC Group
 
2012 12-04 --ncc_group_-_mobile_threat_war_room
byNCC Group
 
Pki 201 Key Management
byNCC Group
 
Docking stations andy_davis_ncc_group_slides
byNCC Group
 

Similar to Current & Emerging Cyber Security Threats

PPTX
2019 NCLGISA Spring Cybersecurity Threats & Trends: Blended Threats and Smart...
byInternetwork Engineering (IE)
 
PPTX
Emerging threats in cyber security: anticipating and mitigating future risks....
bySulaimanAhmad35
 
PPTX
The Expanding Cyber Threat landscape hunt
byNishantKumar175068
 
PDF
Cybersecurity in the Real World: A Practitioner's Perspective on Modern Enter...
byArun Kumar Elengovan
 
PPTX
Contemporary_Issues_in_Cyber_Security_25_Slides.pptx
byankushkatyalidct
 
PPTX
Cyber Security: Understanding Emerging Threats and Defense Strategies
byironhide9707
 
PPTX
Cyber Security – Emerging Threats and Countermeasures
byironhide9707
 
PDF
Cybersecurity | Risk. Impact. Innovations.
byVertex Holdings
 
PPTX
2019 Cyber Security Trends
byInternetwork Engineering (IE)
 
PPTX
CyberSecurity SONI CHANDAN TEACHER TRAINING MATERIALS
bySoniChandan
 
PPTX
CyberSecurity presented by satyam Siddharth university
bysatyamsahani184
 
PPTX
FY Msc IT Cs Notes for Module 1_76e8ec671605f8123b9fee3f71d22c31.pptx
byarjunpanditarjunpand
 
PPTX
Defending Enterprise IT - beating assymetricality
byClaus Cramon Houmann
 
PPTX
11 19-2015 - iasaca membership conference - the state of security
byMatthew Pascucci
 
PPTX
the evolution of cybersecuthe emerging trenfs....
bySarojNarwal
 
PPTX
Cybersecurity in 2025 dominated by generative AI.
byDhruvPatel79152
 
PPTX
Recent Data Breaches in Cyber World.pptx
byyoshuaImmanuel1
 
PDF
Toward Continuous Cybersecurity with Network Automation
byE.S.G. JR. Consulting, Inc.
 
PDF
Toward Continuous Cybersecurity With Network Automation
byKen Flott
 
PDF
The Evolution of Cyber Threats: Past, Present, and Future Trends
byCyberPro Magazine
 
2019 NCLGISA Spring Cybersecurity Threats & Trends: Blended Threats and Smart...
byInternetwork Engineering (IE)
 
Emerging threats in cyber security: anticipating and mitigating future risks....
bySulaimanAhmad35
 
The Expanding Cyber Threat landscape hunt
byNishantKumar175068
 
Cybersecurity in the Real World: A Practitioner's Perspective on Modern Enter...
byArun Kumar Elengovan
 
Contemporary_Issues_in_Cyber_Security_25_Slides.pptx
byankushkatyalidct
 
Cyber Security: Understanding Emerging Threats and Defense Strategies
byironhide9707
 
Cyber Security – Emerging Threats and Countermeasures
byironhide9707
 
Cybersecurity | Risk. Impact. Innovations.
byVertex Holdings
 
2019 Cyber Security Trends
byInternetwork Engineering (IE)
 
CyberSecurity SONI CHANDAN TEACHER TRAINING MATERIALS
bySoniChandan
 
CyberSecurity presented by satyam Siddharth university
bysatyamsahani184
 
FY Msc IT Cs Notes for Module 1_76e8ec671605f8123b9fee3f71d22c31.pptx
byarjunpanditarjunpand
 
Defending Enterprise IT - beating assymetricality
byClaus Cramon Houmann
 
11 19-2015 - iasaca membership conference - the state of security
byMatthew Pascucci
 
the evolution of cybersecuthe emerging trenfs....
bySarojNarwal
 
Cybersecurity in 2025 dominated by generative AI.
byDhruvPatel79152
 
Recent Data Breaches in Cyber World.pptx
byyoshuaImmanuel1
 
Toward Continuous Cybersecurity with Network Automation
byE.S.G. JR. Consulting, Inc.
 
Toward Continuous Cybersecurity With Network Automation
byKen Flott
 
The Evolution of Cyber Threats: Past, Present, and Future Trends
byCyberPro Magazine
 

Recently uploaded

PDF
TrustArc Webinar - From Trends to Action: Fitting AI Governance into Privacy Ops
byTrustArc
 
PDF
shayk.online - Anonymous chat with Sinatra and WebSockets
byEleanor McHugh
 
PPTX
How Does an ICO Launchpad Work Step-by-Step Breakdown.pptx
byTom Hardy S
 
PDF
Safer’s Picks: The 5 FME Transformers You Didn’t Know You Needed
bySafe Software
 
PDF
Oracle Cloud Infrastructure 2025 Architect Professional (1Z0-1127-25) Master ...
byExamCert App
 
PDF
Automated Governance for FME Flow: Smarter Admin at Scale
bySafe Software
 
PDF
Why Many Smart Device Platforms Fail to Scale?
byPromeraki Developments
 
PDF
How to Install XRDP on CentOS 10 .pdf
byGreen Webpage
 
PDF
Escape from the Forbidden Zone: Smuggling green and inclusive tech past the g...
byBookNet Canada
 
PDF
The Manifesto for AI-enabled Governance !
byYannis Charalabidis
 
PDF
How does MES(Manufacturing Execution System) work?
byakipii ogaoga
 
PDF
Session 1/5: Enhancing Automation with Screenplay & Business Rules
bysuhanisingh58689
 
PDF
The Emergence of Empathic XR: AWE Asia 2026 keynote
byMark Billinghurst
 
PDF
Explaining specific examples of purpose-specific BOM
byakipii ogaoga
 
PPTX
Automation Without Apprentices: How AI Challenges the Open Source Way
byIcinga
 
PDF
Writing GPU-Ready AI Models in Pure Java with Babylon
byAna-Maria Mihalceanu
 
PDF
Security-Fails-in-the-Gaps-Between-Systems.pptx.pdf
byOhhproJunction
 
PPTX
Do You Control the AI, or Does the AI Control You?
bymedhateltoukhy
 
PPTX
Beyond the Algorithm: Designing Human-Centric Public Service with AI
byAlan Dix
 
PDF
Transcript: Escape from the Forbidden Zone: Smuggling green and inclusive tec...
byBookNet Canada
 
TrustArc Webinar - From Trends to Action: Fitting AI Governance into Privacy Ops
byTrustArc
 
shayk.online - Anonymous chat with Sinatra and WebSockets
byEleanor McHugh
 
How Does an ICO Launchpad Work Step-by-Step Breakdown.pptx
byTom Hardy S
 
Safer’s Picks: The 5 FME Transformers You Didn’t Know You Needed
bySafe Software
 
Oracle Cloud Infrastructure 2025 Architect Professional (1Z0-1127-25) Master ...
byExamCert App
 
Automated Governance for FME Flow: Smarter Admin at Scale
bySafe Software
 
Why Many Smart Device Platforms Fail to Scale?
byPromeraki Developments
 
How to Install XRDP on CentOS 10 .pdf
byGreen Webpage
 
Escape from the Forbidden Zone: Smuggling green and inclusive tech past the g...
byBookNet Canada
 
The Manifesto for AI-enabled Governance !
byYannis Charalabidis
 
How does MES(Manufacturing Execution System) work?
byakipii ogaoga
 
Session 1/5: Enhancing Automation with Screenplay & Business Rules
bysuhanisingh58689
 
The Emergence of Empathic XR: AWE Asia 2026 keynote
byMark Billinghurst
 
Explaining specific examples of purpose-specific BOM
byakipii ogaoga
 
Automation Without Apprentices: How AI Challenges the Open Source Way
byIcinga
 
Writing GPU-Ready AI Models in Pure Java with Babylon
byAna-Maria Mihalceanu
 
Security-Fails-in-the-Gaps-Between-Systems.pptx.pdf
byOhhproJunction
 
Do You Control the AI, or Does the AI Control You?
bymedhateltoukhy
 
Beyond the Algorithm: Designing Human-Centric Public Service with AI
byAlan Dix
 
Transcript: Escape from the Forbidden Zone: Smuggling green and inclusive tec...
byBookNet Canada
 

Current & Emerging Cyber Security Threats

  • 1.
    Current & EmergingCyber Security Threats
  • 2.
    Agenda • The threatactors • Primary threats • Common vectors • Some realities • Current threats • Emerging threats
  • 3.
    Before we begin..Security is emotive
  • 4.
    Before we begin..Some stats https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/261674/bis-13-1293-ftse-350-cyber-governance-health-check-tracker-report.pdf
  • 5.
    Before we begin..Some more stats https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/261674/bis-13-1293-ftse-350-cyber-governance-health-check-tracker-report.pdf
  • 6.
  • 7.
  • 8.
  • 9.
    Causes • Poorly designedand developed software and systems • Lack of network segregation, access control & monitoring • Level of user education and risk understanding / sense of ownership & responsibility • Security solutions / practices leading to poor UX • Regulatory tick boxing / audit burden
  • 10.
    Vendor hype leadingto the wrong focus
  • 11.
    Some realities • Perimetersecurity alone has never been sufficient • The definition of a perimeter has changed • Asking people not to click on things is not sustainable • Limiting the use of mobile does not work • Security doesn’t come from free!
  • 12.
    Current threats // Internal •Accidental data or device loss • Deliberate data exfiltration • Poor internal security practices // External • Collateral damage compromises • Drive by compromise • Targeted attacks
  • 13.
  • 14.
    Emerging threats –data volumes • How to tag data efficiently and effectively • How to control access • How to protectively monitor • How to detect anomalous behaviour • Aggregation of data
  • 15.
    Emerging threats –tech evolution pace • Evolution rate increasing • Shorter product life spans • Quicker time to market • Sustaining older products from a security perspective • Agile security engineering
  • 16.
    Emerging threats –everyone’s a coder! • A world where everyone is a developer • Traditional security expertise in development / engineering teams diluted • We need better frameworks and platforms
  • 17.
    Emerging threats –Internet of things • Traditional patching goes away • Exploitability doesn’t diminish • Machine to machine interactions • Compounded hidden I.T.
  • 18.
    Final thoughts • Cyberrisk ownership can not be outsourced • Cyber security is just one element of modern good business governance • Investment should be always be proportional • Events will occur! It shouldn’t be a drama..
  • 19.
    Thanks? Questions? UK Offices NorthAmerican Offices Australian Offices Manchester - Head Office San Francisco Sydney Cheltenham Atlanta Edinburgh New York Leatherhead Seattle London Austin Milton Keynes European Offices Amsterdam - Netherlands Munich – Germany Zurich - Switzerland Ollie Whitehouse ollie.whitehouse@nccgroup.com