There are big loss from data breach incidents world wide in 3 M to 7.4 M USD. All incidents caused by malicious attacks form Internet hackers for economic purpose. It's introduced the 1st best performance tools of Web Apps security scan and malicious URL detection worldwide. OWASP tools is 82% detect rate by SAST and DAST using exploit codes, So performance is 1/50 than tools shown in this presentation. APT malware are form Email Phishing and web malware links. Through the tools - Bit Scanners and PCDS provides the services in lowest cost like monthly pay to show user';s loss to half.

1. Cost Effective Cyber Security
Chaeho Lim
skscogh@naver.com

2. Abstracts 1
• Target : CIA(Confidentiality, Integrity, Availability)
• 2 Major Cyber Security Controls
• Protect Data Breach & Service Down
• No Software Vulnerability and Abusing
• No Web Apps Attacks and APT Malware Attacks
• General Security Control Measure Enhancement
• Set Up Security Controls 10 - 20 at least
• Excellent Tools and Persons and Well Trained and Educated
• Real Time Security Risk Management
• With Cloud Computing
2020-08-25 비용효과적인 사이버보안 전략 2
Client ServerRequest
Respond
Client - Server Internet
Exploit
Vulnerable

3.  Data Breach : 3.86 M USD
• 524 Incident, 17 Countries and Industries
• Malware Attacks 52% : Account(19%), Cloud(19%), SW(16%),
Phishing(14%)
 Major Security Control Up : Down to 2 M USD
• Web APPS : Bit Scanner 100%
• TCP/IP Web Detect, Internet. Mobile, IoT
• Crawling, Attack Simulation. Recovery Codes
• OWASP : SAST 82%, DAST : Real Attacks(No Guarantee)
• APT Malware : PCDS & HIDS
• PCDS : 현재 20만 Black List and Update(Regex Analysis)
• HIDS : 각 PC Real Time Abusing Detect(Reverse Engineering)
2020-08-25 비용효과적인 사이버보안 전략 3
1. Cost of a Data Breach Report https://www.ibm.com/security/data-breach
2. https://www.ptsecurity.com/ww-en/analytics/web-vulnerabilities-2020/
Abstracts 2

4. Contents
1. Data Protection
2. Major Security Items
• Web Apps Vulnerabilities
• APT Malware Abusing
• Penetration Test
3. Cyber Security Controls
• Set Up Security Controls
• Security Control Data Gathering and Analyzing
4. Cost Benefit Analysis
5. Conclusion
Add 1: Security Professionals
Add 2:
2020-08-25 비용효과적인 사이버보안 전략 4
1. https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-37r2.pdf
Risk Management
Risk
Intelligence
Risk
Event/Data
Business
Analyzing

5. Data Protection
2020-08-25 비용효과적인 사이버보안 전략 5
1. https://www.slideshare.net/DataReportal/digital-2020-global-digital-overview-january-2020-v01-226017535/8-
9JAN2020SOURCES_POPULATION_UNITED_NATIONS_LOCAL
2. https://www.csoonline.com/article/2130877/the-biggest-data-breaches-of-the-21st-century.html
3. https://1c7fab3im83f5gqiow2qqs2k-wpengine.netdna-ssl.com/2015-wp/wp-content/uploads/2017/10/2017-Cybercrime-Report.pdf
 Digital Internet Economy, 4.5 B Internet Users(59%)
 Data Breach Incident : Privacy, intellectual property
• Adobe, eBay, Equifax, Heartland Payment Systems LinkedIn,
Marriott International, Yahoo
 Cyber Terror : Service Down Attacks by North Korea
• 320 Cyber Terror, 77DDOS, 125 Terror
 More Internet Attack Space and Criminals
• Web, Mobile and IoT Sensors
• China, North Korea, Russia
• Cyber Crime : 6 Trillians

6. Data Protection
2020-08-25 비용효과적인 사이버보안 전략 6
1. https://www.ibm.com/security/data-breach
 Cost 3.86 MD from 524 Data Breach Incidents
 Health Care Industry, 280 Days to Detect
• 150 USD cost/record
• Security Controls Problem ; Technical Issues : 52%(Web, APT/Phishing)
Attack 52%
System 25%
Person 23%
China CERT Security Vulnerability Trends (Boan News)

7. 2 Major Security Controls 1
2020-08-25 비용효과적인 사이버보안 전략 7
1. 해킹의 비밀을 푸는 KEY 15, http://www.yes24.com/Product/Goods/8358065
2. Advanced Persistent Threats: A Decade in Review, https://paper.seebug.org/papers/APT/APT_CyberCriminal_Campagin/2011/C5_APT_ADecadeInReview.pdf
3. https://content.fireeye.com/apt/rpt-apt38
 Pen Test via Contract Company
 Find Web Apps Vulnerability
 RAT Attack
 Data Breach – Intellectual Property
 Attack to Main Company
Bank Penetration Test
APT Malware
Penetration Test
Company Penetration Test
Web Apps
 Prepare APT Malware Code
 Edit RAT Tools, Consult Virus Total
 Email Using Social Engineering
 Bypass ASS
 30- 40 Victim PC, DB Manager
 Critical Issues in AVS

8. 2 Major Security Controls 2
2020-08-25 비용효과적인 사이버보안 전략 8
1. https://1c7fab3im83f5gqiow2qqs2k-wpengine.netdna-ssl.com/2015-wp/wp-content/uploads/2017/10/2017-Cybercrime-Report.pdf
• Need Security Controls “Daily”
• Web Apps Vulnerability Scan
APT Malware Scan
• Web 1.5 Billion Web Sites
• Software 1,100 B New Codes
• Contents 2020 96 Zeta Bytes
• Dark Web Dark Web Crime Services
There are 111 billion lines of new software code being
produced each year — which introduces a massive
number of vulnerabilities that can be exploited.

9. Web Apps Security 1
2020-08-25 비용효과적인 사이버보안 전략 9
1. https://cwe.mitre.org/top25/archive/2020/2020_cwe_top25.html
2. http://www.opennaru.com/opennaru-blog/owasp-zap-devops-and-security/
3. http://journalhome.ap-northeast-2.elasticbeanstalk.com/journals/jkiisc/digital-library/23308

10. Web Apps Security 2
2020-08-25 비용효과적인 사이버보안 전략 10
1. https://www.dhs.gov/science-and-technology/news/2019/11/26/snapshot-top-25-most-dangerous-software-errors
2. 위험관리 기반의 비용 효율적인 실시간 웹 애플리케이션 소프트웨어 보안취약점 테스팅, http://journalhome.ap-northeast-2.elasticbeanstalk.com/journals/jkiisc/digital-library/23308
 From smartphone games and personal email accounts to
international banking and hospital records, software is
everywhere. It entertains, boosts efficiency, and even saves
lives. Unfortunately, for every new program developed, there is
likely a hacker ready to disrupt and exploit it. That’s why it is
vital for software designers, developers, and cybersecurity
experts to keep apprised of potential weaknesses that could
cause substantial damage to their computer systems. – DHS
 Korea made a model that considers all program vulnerabilities
linked in TCP/IP HTTP Web communication with the Client
Server Internet
• Web HTTP with Web, Mobile and IoT
• There are exploit codes in Client to attack vulnerable server
• Using attack simulation in HTTP
• OWASP Tools Try SAST(82%), DAST(No Web Service Guarantee)
• SDLC & DevOps Model

11. Web Apps Security 3
2020-08-25 비용효과적인 사이버보안 전략 11
1. https://www.dailysecu.com/news/articleView.html?idxno=1308
2. http://journalhome.ap-northeast-2.elasticbeanstalk.com/journals/jkiisc/digital-library/23308
3. https://www.ptsecurity.com/ww-en/analytics/web-vulnerabilities-2020/
 “Similar services exist in Japan. But in the end, the reason I chose Korean tools
was because of two advantages.” “First, it was too powerful compared to other
services in terms of speed. As a result of testing on several company sites, the
light scan service was completed in 8 minutes that other companies' products took
more than 8 hours. Another advantage is that it does not damage the website at
all while checking quickly.” -Director Masaharu Shirasugi, IWI Group, Japan
 50 times the speed (OWASP 8 hours, Light Scan Co., Ltd. 8 minutes)
 SDLC VS DevOps 체계
 Server Programs can be Revised any Time
 OWASP 도구 : SAST 82%

12. Web Apps Security 4
2020-08-25 비용효과적인 사이버보안 전략 12
Crawl
Attack
Simulation
Structure
Analysis
Report
1. http://journalhome.ap-northeast-2.elasticbeanstalk.com/journals/jkiisc/digital-library/23308
1
2
3
4

13. APT Malware Detection 1
2020-08-25 비용효과적인 사이버보안 전략 13
1. https://us-cert.cisa.gov/northkorea
2. https://globalcybersecurityreport.com/2017/08/04/dhs-st-announces-commercialization-of-renigma-malware-reverse-engineering-tool/
 Malware?
 Code in abnormal in PC. Web, Mobile
 Web Malware URL, Email. Mobile
Execution of Malware

14. APT Malware Detection 2
2020-08-25 비용효과적인 사이버보안 전략 14
https://us-cert.cisa.gov/northkorea
https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-30r1.pdf
 HIDS 악성코드 탐지
 Host Intrusion Detection
1. Scan all PC disk NEW Files
2. Analyze Using “Reverse Engineering”
3. If Problems “RESTORE”
4. Delete malware
5. Add “Black List”

15. APT Malware Detection 3
2020-08-25 비용효과적인 사이버보안 전략 15
https://us-cert.cisa.gov/northkorea
https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-30r1.pdf
 PCDS
 Pre Crime Detection Satellite
1. Crawling Web Servers :
• 12 회 6M. 48 회 2 M
2. Analyzing in Regex in Full Depths
3. Update Black List : 200,000 Record
• Under 10,000
 국내 주요 클라우드 업체 이용 중
 Ransomware 탐지

16. Cyber Security Control 1
2020-08-25 비용효과적인 사이버보안 전략 16
1. https://en.wikipedia.org/wiki/Comprehensive_National_Cybersecurity_Initiative
2. http://www.yes24.com/Product/Goods/40974900
 CNCI
 Comprehensive National Cybersecurity Initiative
• Governance
• Architecture
• Normal Profile
• Response Capability

17. Cyber Security Control 2
2020-08-25 비용효과적인 사이버보안 전략 17
https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53r4.pdf
 Security Control
 보안통제 를 지키는지 Rule 규칙을 이용함

18. Cyber Security Control 3
2020-08-25 비용효과적인 사이버보안 전략 18
국가 사이버보안 대응체계 혁신에 관한 연구 KAIST
 SPMS
 Security Performance (enhancement) System

19. Cost Benefit Analysis 1
2020-08-25 비용효과적인 사이버보안 전략 19
1. Performance Measurement Guide for Information Security , https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-55r1.pdf
 Cyber Security Risk Management System
• Security Control Performance Measure
• Like SPMS : Raw Data 수집
• 실무데이터의 분석
• 각 건별 공격성공 확률계산
• 각 건별 비용의 지속적인 관찰

20. Cost Benefit Analysis 2
2020-08-25 비용효과적인 사이버보안 전략 20
1. https://www.federaltimes.com/it-networks/2019/12/11/agencies-achieve-historic-results-on-new-modernization-scorecard/
• Score Card
• 2015년 11월에 Score Card를 시작했을 때 F, D가 있
었고 B는 2개 이었다.
• 스코어 카드는 특정시점이다. 매일 결과를 제공하고
현대화 분야에서 개선되고 있다.
• DHS는 가장 큰 개선을 보았다. 데이터센터 최적화
에서 "A"점수를 받아 전체 "D-"에서 "B"로 뛰어 올
랐다.
• 국무부, 원자력 규제위원회, 사회보장국이 모두 무
너졌다.
• 스코어카드 이후 보고 구조가 개선되었다 . 법에 따
라 기관 CIO는 기관장 또는 대리인에게 보고해야
한다.
• 보건 복지부, 노동부, 법무부, 주 및 NRC 등 5 개 기
관 만이 해당 요건을 준수하지 않았다. 전반적인 점
수는 향상되지 않았다. Government Accountability
Office의 IT 관리문제 Carol Harris 이사에 따르면 3
개 기관은 "허용되는"CIO보고 모델을 보유하고 있
으며 16 개 기관은 적절한 구조를 갖추고 있다.
•

21. Conclusion
2020-08-25 비용효과적인 사이버보안 전략 21
• Quantitative risk management system
• Risk Index = SUM(Control/Target Asset X 100)
• Score Card or Periodic Rule Check Data
• Daily Check :
• Web Apps Security and APT Malware Check
• World Best Tools : Bit Scanner and PCDS
1. https://msexperttalk.com/azure-security-center-cloud-security-posture-management/
A Client’s Security
C Class : 631/880

22. Add 1 Security Professional
2020-08-25 비용효과적인 사이버보안 전략 22
1. https://www.nist.gov/itl/applied-cybersecurity/nice/nice-framework-resource-center
2. https://resources.infosecinstitute.com/keeping-your-cybersecurity-skills-relevant/#gref
1. Intrusion Detection:
2. Software Reverse-Engineering
3. Analytical Skills:
4. Risk Mitigation:
5. Cloud Security:
6. Incident Response:
7. Encryption Technologies:
8. Penetration Testing:

23. Add 2 Content of Future Book
2020-08-25 비용효과적인 사이버보안 전략 23
I. Cyber Security Abstract
II. Strategy
III. Cyber Security Issues
IV. Penetration Test
V. IDS and Information Warfare
VI. Practical Case
Cyber Security Abstract
1. Strategy
2. Software Security
3. Cloud Security
4. US Cyber Security
5. Incident Case Analysis
6. Cyber Security Jobs
7. Penetration Strategy
8. APT Malware
9. Web Apps
10. Information Warfare
11. IDS
12. Security Measure
13. Risk Managemment