The presentation by Morakinyo Animasaun of NetPlus Ltd discusses the evolving threat of cybercrime, emphasizing its organization and economic impact, particularly in Nigeria. It advocates for the necessity of preparedness against attacks, highlighting the need for proactive measures, incident management, and comprehensive awareness among organizations. The document outlines strategies for enhancing cybersecurity capabilities through visibility, awareness, and response, urging business leaders to take ownership of cyber risks.

2. MORAKINYO ANIMASAUN,
NETPLUS LTD
Presentation by

3.  What has VAR got to do with Cyber Security?
Find out in this presentation.
r1

4. Slide 3
r1 rt, 27/09/2018

5. About Cyber Crime
 Cyber Crime is WARFARE
 Cyber criminals do not take any prisoners
 Everyone is a target, no one is safe: 62% of
businesses are being attacked at least weekly,
while 30% are attacked daily and 10% hourly orwhile 30% are attacked daily and 10% hourly or
continuously.
 Data breach is still a common objective; but
growing trend of business disruption.

6. About Cyber Crime
 Cyber Crime is BUSINESS
 ORGANISED - Cyber criminals, hackers and malware developers
are no longer hobbyists but now part of organised crime syndicates
that invest heavily in R&D (Lazarus Group, NCPH, Carbanak etc)
 BIG – According to widely accepted estimates, cybercrime costs
the world economy the sum of US $ 500 billion, only slightly less
than the GDP of Nigeria (521.8 billion dollars), the largest economy
in Africa.in Africa.
 Cybercrime estimated to cost the Nigerian economy between $
450m - $ 500m per annum
 Over $1billion was stolen from a bank using the Carbanak exploit.
 More than $850 million in fraudulent SWIFT network
transactions from Bangladesh Central Bank, of which $80
million has still not been recovered.
 REWARDING - Ransomware attacks in 2016 fetched $1billion.
Risk – Reward ratio is very favourable. Risk is often low and
reward high

8. Cyber criminals follow:
 Money – Opportunity, Reward, ROI
 People/ Users – the more, the merrier
 Systems/Devices – the more generic,
the betterthe better
 Vulnerabilities – the weaker, the easier
 IT trends – leverage advancement in
technologies and take advantage of
new trends. Cyber crime has gone
cloud, mobile, blockchain and fintech.

9. The Threat Environment
 Threat landscape is constantly evolving
 Perimeter is being redefined
 Attack surface is increasing
 Cyber criminals capabilities are Cyber criminals capabilities are
improving
 Cyber criminals are getting better
access to technology and resources
 Cyber Security teams are
overwhelmed and lagging behind

10. Current Realities
 Volume – Over 340,000 new exploits are released in the wild daily.
 Speed – Agility, quickness of cyber criminals in taking advantage of
vulnerabilities, new developments, trends and technologies. Day 1
vulnerabilities more widespread than Day 0.
 Sophistication – Advanced, Complex e.g. polymorhpic malware
 Collaboration – Unholy alliances, Dark Web, Cloud, MaaS, AaaS,
FaaSFaaS
 Innovation – Cyber criminals are investing part of their loot on R & D
 Severity – in losses and damages
 Customisation – Targetted attacks, customised malware, spear
phishing, increase in banking malwares
 Persistence – continuous attack on some businesses
 Anonymity – Obfuscation, Stealth, TOR, Cryptocurrency,

11. 1. Why do you need to be prepared?
 The cost and consequences of a breach can be
high and damaging
 Attacks are almost inevitable
 No organisation is exempted from being a target
– none too big, none too small– none too big, none too small
 The more unprepared you are the more
attractive you are – even cyber criminals
appreciate soft targets.
 Cyber criminals (your enemies) are not joking at
all, they are taking preparation to attack you very
seriously.

12. One example
 In March, the US Department of Justice indicted
9 Iranian hackers over an alleged spree of
attacks on more than 300 universities
 144 US universities
176 universities in 21 other countries 176 universities in 21 other countries
 47 private companies, and
 Other targets like the United Nations, the US
Federal Energy Regulatory Commission, and the
states of Hawaii and Indiana.
 Loss of 31TB of data, estimated to be worth $3
billion in intellectual property.

13. Why Universities?
 So, what could explain this degree of threat and
the volume of attacks?
 Attractive and many targets
 Cyber criminals are not joking and if the University had
nothing valuable they would not pay close attention.nothing valuable they would not pay close attention.
 Universities look after student, parent, alumni and
personnel databases. They also manage financial
information, private health records and they process
transactions.
 Cutting-edge research and development departments
whose work creates potentially valuable patents as
well as trade-secret related data.
 Large attack surface due to the multitude of connected
devices

14. Why Universities?
 Easy Targets
 The very open nature of most universities. That’s
part of every university’s foundational purpose, of
course. They are places that encourage and
promote the free exchange of ideas andpromote the free exchange of ideas and
information.
 Anonymity and Diversity
 Constantly changing population of students,
researchers, academics and staff with differing
motivations and awareness.
 Proliferation of devices ‘BYOD’ - that all want
access to the network.

15. Be Prepared
Your overall preparation objectives should be:
 To limit opportunities for a breach -
Prevention
 Increase chances of discovering when a
breach has occurred - Detectionbreach has occurred - Detection
 Reduce time to respond to a breach when it
has been detected – Response
 Minimise the impact of a breach on your
operations – Incident Management,
Resilience
 Restore to normalcy – Recovery

16. 2. What should you be concerned about?
 It is hard to prepare when you do not
know what you’re preparing against if you
are not sufficiently knowledgeable about
what you are preparing to defend against.what you are preparing to defend against.
 Threats, Risks and Vulnerabilities in
changing threat landscape.
 Understanding the challenges that you
face is the first step

18. 3. What should you consider in addressing your
concerns?
 Internal – Those things under your control
 External – Those things you don’t have
control over but that will affect you
neverthelessnevertheless

19. 4. How do you prepare to address these
concerns?
 How can we be prepared? What does it
mean to be prepared?
 It means you MUST have CERTAIN It means you MUST have CERTAIN
capabilities:

21. CAPABILITIES
 PROACTIVE CAPABILITIES
 PREDICT an Attack – Threat Intelligence
 PREVENT an Attack – Endpoint Security,
Firewalls, Security Awareness Training,Firewalls, Security Awareness Training,
Policies, and so on
 OPERATE under an Attack – Resilience,
segmentation,

22. CAPABILITIES
 REACTIVE CAPABILITIES
 DETECT an Attack – Log management,
SIEMS, Baselining, AI, ML
 RESPOND to an Attack – AI, ML, RESPOND to an Attack – AI, ML,
 RECOVER from an Attack - resilient
infrastructure, backup,


23. 5. How can you tell if you are well prepared?
 Benchmarking
 Risk Assessment
 Vulnerability Assessment
 Penetration Testing
 Simulations
 Subscription to Global Threat Analysis
Reports

24. Basic Checklist
 Cyber Security Awareness for Staff and Students
 Cyber Hygiene - Patch management e.t.c.
 Default usernames and passwords - which allow
unauthorized access to the system
 Open interfaces enabling remote management Open interfaces enabling remote management
 Default and Insecure settings
 Unencrypted connections
 Access control measures and segregation of
duties (SoD) conflicts
 Insecure trusted connections
 Security event log management

25. VAR Analogy

26. VAR analogy
Areas you need to look at:
 VAR - Visibility, Awareness, Responsiveness (not the
Video Assistant Referee)
 Visibility – You cannot hit what you cannot see. It’s
difficult to defend against what you cannot even see.difficult to defend against what you cannot even see.
 Provide visibility into the activities and events within your IT
infrastructure from a security point of view
 Awareness - enhance ability to identify danger through
training, technology solutions and 3rd party expertise
and services
 Improve threat detection, analysis and response
 Protect against advanced threats and targeted attacks

27. Be Prepared
Your overall preparation objectives should be:
 To limit opportunities for a breach -
Prevention
 Increase chances of discovering when a
breach has occurred - Detectionbreach has occurred - Detection
 Reduce time to respond to a breach when it
has been detected – Response
 Minimise the impact of a breach on your
operations – Incident Management,
Resilience
 Restore to normalcy – Recovery

28. Winning Approach to Cyber Security
•Stay a step ahead of cyber threats
•Multi-pronged, multi-layer security
•Adaptive Security
oPredict
oPrevent
DetectoDetect
oRespond
•Collaborative
•Responsive

29. Solutions
 Intelligence Services: Threat Feeds
 Intelligence Services: Cybersecurity Education
 Intelligence Services: Incident investigation
 Intelligence Services: Botnet Threat Tracking
 Anti-APT
 SOC Security Operations Centre SOC Security Operations Centre
 Security Awareness Training
 Penetration Testing
 Vulnerability Assessment
 Resilience
 Recovery
 Reporting
 Policies
 Training

30. Kaspersky Solutions to Consider
 Kasperky Security for Cloud
 Kapsersky Endpoint Security
 EDR - Kaspesrky Endpoint Detection and
Response
 KATA - Kaspersky Anti-Targetted Attack KATA - Kaspersky Anti-Targetted Attack
 SoC – Security Operations Centre
 Encryption Security
 Security for Virtualisation
 Security for Storage
 Threat Intelligence

31. WHOSE RISK is Cyber Security Risk?
 In the past, cyber security risk was an IT
Risk.
 If it is still so in your organisation, you are
living in the past
 CYBER SECURITY RISK is no longer CYBER SECURITY RISK is no longer
just an IT Risk
 CYBER SECURITY RISK is now a
Business Risk
 Business leaders must take ownership of
Cyber Security

32.  Thank You
 Contact: morakinyo@netplusng.com