Download as PDF, PPTX
Uploaded bySymantec
PRESENTATION▶ Cyber Security Services (CSS): Security Simulation
This document discusses a cyber security simulation tool developed by Symantec Corporation to help organizations strengthen their cyber readiness. The simulation provides a cloud-based, virtual training experience that simulates multi-staged attack scenarios. It allows users to assume the identity of attackers to learn their tactics. The simulation has been tested worldwide over 4 years with over 80 events. It assesses user skills and identifies gaps to guide development programs. The tool and its scenarios are continuously updated based on the latest global threat intelligence and real world attacks.
More Related Content
Similar to PRESENTATION▶ Cyber Security Services (CSS): Security Simulation
![5G Explained! A High Level Overview [Introduction]](https://cdn.slidesharecdn.com/ss_thumbnails/5gexplainedahighleveloverview-260119165306-cc137a3e-thumbnail.jpg?width=640&height=640&fit=bounds)
PRESENTATION▶ Cyber Security Services (CSS): Security Simulation
- 1. Cyber Security Simula/on Michael Garvin Senior Manager, Product Management
- 2. Security Organiza/ons are Figh/ng an Asymmetric Ba=le Copyright © 2015 Symantec Corpora;on 2 Cybersecurity top IT skills shortage for 4th year in a row* Staff unproven—lack of hands-‐on experience with a breach Organiza;ons are never certain of cyber-‐readiness Seemingly limitless resources Sophis;cated, mul;-‐ stage aMacks AMacker tac;cs constantly morphing • * ESG’s annual global IT Spending Inten6ons survey has shown a ’problema6c shortage’ of cybersecurity experts as the top IT skills shortage for four years in a row. • hBp://www.esg-‐global.com/research-‐reports/2015-‐it-‐spending-‐inten6ons-‐survey/
- 3. Security Simula/on Strengthens Cyber Readiness • Cloud-‐based, virtual training experience • Live-‐fire simula;on of mul;-‐staged, advanced targeted aMack scenarios • Players assume the iden;ty of their adversaries to learn mo;ves, tac;cs and tools Engaging, immersive security training through gamifica/on Copyright © 2015 Symantec Corpora;on 3
- 4. Simula/on Concept Tested and Proven Worldwide Copyright © 2015 Symantec Corpora;on 4 Annual company-‐wide war games A culture of Educa/on, Innova/on and Passion Currently ac/ve in 30+ countries Now in 4th Year of Ac/ve Deployment 80+ Cyber Readiness events worldwide Focused on Security Awareness and thought leadership Global customer & partner events Largest event -‐ 1500 registrants Largest compe//on -‐ 400 teams
- 5. Innova/on Model for Achieving Cyber Readiness Copyright © 2015 Symantec Corpora;on 5 • Cloud-‐based, virtual training experience simulates mul;-‐staged aMack scenarios allowing players to take on the iden;fy of their adversaries • Gamifica;on provides a more engaging, immersive educa;onal experience • Frequent content updates ensure team stays current on latest adversaries, mo;ves and techniques • Scenarios impart knowledge gleaned from Symantec security experts, threat analysis and current threat landscape THINK LIKE AN ATTACKER • Leaders and par;cipants receive in-‐depth security skill assessments • Provides structured recommenda;ons for cybersecurity skill development • Iden;fy gaps in team coverage and assess skills of new-‐hire candidates ASSESS AND ADVANCE YOUR TEAM Security Simula;on strengthens cyber-‐readiness through live-‐fire simula;on of today’s most sophis;cated advanced targeted aMacks
- 6. Think Like Your A=acker Copyright © 2015 Symantec Corpora;on 6 Hack/vist wants notoriety, a=en/on Cyber Criminal mo/vated by money Cyber Espionage seeking Intellectual Property for profit Cyber War Crimes poli/cally mo/vated, na/on states, looking to gain advantage What They’re Trying to Steal How They Stole It The A=acker Reconnaissance Incursion Discovery Capture Exfiltra/on
- 7. Real-‐world A=ack Scenarios Copyright © 2015 Symantec Corpora;on 7 Scenario 1: The EDC and RKI Scenario 2: The Coffee Shop Hack Scenario 3: EDC and the Lost Laptop Scenario 4: Forensics Examiner Mishandles Evidence Skills: • Ethical hacking • Penetra;on Tes;ng • Forensics • Data exfiltra;on Methods: • Iden;fy targets • Compromise network and systems • Blend aMacks • Exfiltrate data Mission: Breach & Steal Informa/on
- 8. Scenario Storyboard Scenario Map Target & Content Crea/on QA Tes/ng Scenarios and Content Updated as New A=ackers and Techniques Emerge Copyright © 2015 Symantec Corpora;on 8 Symantec Security Experience Global Threat Intelligence Real World A=acks Refine Content Customer Feedback Deploy Scenario
- 9. Implement Skill Assessment and Development Programs Iden/fy Organiza/onal Gaps Assess and Advance Your Team Copyright © 2015 Symantec Corpora;on 9 • Iden;fy skills requirements for individuals and organiza;ons • Iden;fy gaps in team coverage • Assess skills of poten;al job candidates, new hires and exis;ng employees • Focus on security strategy and tac;cs, techniques and procedures (TTP) • Manual and automated skills assessment and performance analysis • Prescrip;ve guidance for skill set development • Conduct itera;ve skill development programs for con;nuous learning Par/cipate Assess skills Create development plan Par/cipate / Learn Assess Progress
- 10. Two Delivery Op/ons Copyright © 2015 Symantec Corpora;on 10 Security Simula/on Yearly Subscrip/on Security Simula/on Exercise One-‐/me Workshop Personalize to organiza;onal objec;ves Delivery Op;ons: • Delivered either Onsite or Online • Facilitated or Self-‐directed • One or Mul;-‐day • Contact your account representa;ve to determine schedule availability • Fully managed, cloud-‐based service • Prac;ce your skills 24x7 – just like the aMackers • Includes all four scenarios as on-‐demand self-‐paced training • Frequent content updates • New scenarios added to address evolving threats
- 11. Thank you! SYMANTEC PROPRIETARY/CONFIDENTIAL – INTERNAL USE ONLY Copyright © 2015 Symantec Corpora;on. All rights reserved. Michael Garvin michael_garvin@symantec.com (919) 454-‐9128
- 12. Mul/-‐Staged A=ack Campaigns Copyright © 2015 Symantec Corpora;on 12 1. Reconnaissance A=acker leverages informa/on from a variety of factors to understand their target. 2. Incursion A=ackers break into network by using social engineering to deliver targeted malware to vulnerable systems and people. 3. Discovery Once in, the a=ackers stay “low and slow” to avoid detec/on. They then map the organiza/ons defenses from the inside and create a ba=le plan and deploy mul/ple parallel kill chains to ensure success.
- 13. Mul/-‐Staged A=ack Campaigns Copyright © 2015 Symantec Corpora;on 13 4. Capture A=ackers access unprotected systems and capture informa/on over an extended period. They may also install malware to secretly acquire data or disrupt opera/ons 5. Exfiltra/on Captured informa/on is sent back to a=ack team’s home base for analysis and further exploita/on fraud – or worse.
- 14. Your Success Can Be Measured. Copyright © 2015 Symantec Corpora;on 14 -‐2 3 8 13 18 23 28 33 38 43 Total Flag Captures per Event and # of Hints used Total Cap Hints Used
- 15. Security Simula/on: Soiware as a Service Copyright © 2015 Symantec Corpora;on 15 • On demand, managed SaaS offering • Hands-‐on, completely browser-‐based • Role-‐based views / scenarios • Scoring and repor;ng • Launching 1H CY15
- 16. Security Simula/on Exercise What do they want, and how will they try to get it? Copyright © 2015 Symantec Corpora;on 16 • On demand, managed SaaS offering • Hands-‐on, completely browser-‐based • Role-‐based views / scenarios • Scoring and repor/ng • Launching 1H CY15 Guided Simula/on
- 17. Assess and Advance Your Team Copyright © 2015 Symantec Corpora;on 17 Assessment • Iden/fy Skills Requirements for Individuals and Organiza/ons • Structure Appropriate Cyclical Programs for Ongoing Learning Training • Classroom and Online Training Op/ons • Integra/on into SSP for Objec/ve based Skills Development in an Exercise • Focused on security strategy and tac/cs, techniques, and procedures (TTP) Evalua/on/Performance • Manual and Automated Skills Assessment / Performance Analysis • Prescrip/ve guidance for exper/se and skill set development