SlideShare a Scribd company logo

Cyber Threat Overview for Euro IT counsel

OCTF Industry Engagement
OCTF Industry Engagement

Oct 23rd 2014 Offices of Arthur Cox - Presentation by Paul C Dwyer CEO of Cyber Risk International outlining a high level overview of the holistic cyber threat landscape in 2014

Technology
1 of 39
Cyber Executive Briefing Presenter: Paul C Dwyer euroITcounsel Date: Oct 23rd 2014
Slides and Material May NOT be Distributed In Any Format Without Written Permission Copyright Cyber Risk International Ltd – All Rights Reserved
Paul C Dwyer Paul C Dwyer is an internationally recognised information security expert with over two decades experience and serves as President of ICTTF International Cyber Threat Task Force and Co Chairman of the UK NCA National Crime Agency Industry Group. A certified industry professional by the International Information Systems Security Certification Consortium (ISC2) and the Information System Audit & Control Association (ISACA) and selected for the IT Governance Expert Panel. Paul is a world leading Cyber Security GRC authority. He has been an advisor to Fortune 500 companies including law enforcement agencies, military (NATO) and recently advised DEFCOM UK at Westminster Parliament. He has worked and trained with organisations such as the US Secret Service, Scotland Yard, FBI, National Counter Terrorism Security Office (MI5), is approved by the National Crime Faculty and is a member of the High Tech Crime Network (HTCN). Paul C Dwyer CEO Cyber Risk International
THE CYBER WORLD AND THE PHYSICAL ARE INTEGRATED
Cyber fronts in the Ukraine! Is it War?
What Are Cyber Threats? Cybercrime Cyber Warfare Cyber Espionage Cyber X Adversary
Cyber Statistics • Cybercrime costs £27 billion a year in the UK • £1,000 a second • 170,000 ID’s are stolen each year – 1 every three seconds • Theft of IP £9.2 billion (pharmaceuticals, biotechnology, electronics, IT and chemicals) Source: UK Cabinet Office
What’s happening?
Cybercrime Economy Drivers It’s a business with an excellent economic model. Other reasons, you name it: • Technology • Internet • Recession • “A safe crime” • It’s easy to get involved • Part of Something
Hacktivism? Part of …..
Crimeware Toolkits Copyright - Paul C Dwyer Ltd - All Rights Reserved
Economic Model - the Actors • User – (Account Credentials) • Financial Institution • Supplier • Acquirer/Middlemen • Agents • Carding Forum • Carders • Fraudster (Consumer) • Retailer • Reshipping / drop zone • Money Mule Categories •Wholesalers •Retailers •Independent Contractors
Cybercrime – a Business
“The Daddy” - History TJ/K Max Dark Market & Shadow Crew 2002 ->
Original Crew
A Decade on What Have We Learnt? • Heating/AC Contractors Credentials • Intrusion Months Before Data Theft • Waited for US Thanksgiving Day • Malware KAPTOXA/BlackPOS 7 Months – Average Breach Before Detection 2/3 Cases informed by third party
What do they Want? 19
Example Retailers Data
Cyber Risks for You • Tangible Costs – Loss of funds – Damage to Systems – Regulatory Fines – Legal Damages – Financial Compensation • Intangible Costs – Loss of competitive advantage (Stolen IP) – Loss of customer and/or partner trust – Loss of integrity (compromised digital assets) – Damage to reputation and brand Quantitative vs. Qualitative 46% Reduction in Profits Following Breach
Bottom Line for Retailers • Arms Race – Cat and Mouse • Top 5 Target Groups – Continuously Attacked • You Spend Less on Cyber Security • Low Risk – High Reward for “Bad Guys” – Established Market for Data Assets • Best Data Assets On the Planet • Compliance is NOT Security
Retail Factors • Data on networked and distributed systems that are accessible to a widening array of entry points • Broad adoption of mobile applications by retailers adds many other new points of vulnerability • Complex supply chains - more access and data is given to vendors and external partners • Global expansion may require retailers to expand distribution of their own information around the world
Door left Open
Some Retailers Doors! • Point-of-sale (POS) terminals in stores • Mobile POS access points • Customer-facing e-commerce websites • Links with each third-party vendor, supply-chain vendor, ecosystem partner and contractor • Employee-facing access points — including those that may utilise employee-owned mobile devices — and the social workplace • Links to connected data centers via the cloud • Links to financial institutions and payment processors • Links to managed service providers • Links to delivery services • Links to all other contractors who are provided with network access • B2B, intranet and extranet portals • In-store wireless routers, kiosks and networks • The expanding “Internet of Things”: IP-based printers, IP-linked surveillance cameras and similar devices
Give me some examples
I’m not joking! Hack the Human!
Bad Guy Targets Individual (Asset) Chooses Weapon from underground forum Reconnaissance Weaponisation Delivery Exploitation C2 Lateral Movement Exfiltration Maintenance Gathers Intelligence About Employee and Assets Exploit Run – Comms Established – Command & Control Server Move Laterally Across Network Exfiltrate Data Protection – Maint Mode
It’s a IT Cyber Security Problem, Right?
30 Legally It’s a Challenge for the Board! NO
Regulatory and Legal EU Data Privacy Directive EU Network Information Security Directive European Convention on Cybercrime 400+ Others – 10,000+ Controls – 175 Legal Jurisdictions Your Organisation
Responsibility – Convention Cybercrime All organisations need to be aware of the Convention’s provisions in article 12, paragraph 2: ‘ensure that a legal person can be held liable where the lack of supervision or control by a natural person…has made possible the commission of a criminal offence established in accordance with this Convention’. Now Sit Forward!
Cyber is a Strategic Issue Strategic Level Operational Level Technical Level 33 Macro Security Micro Security How do cyber attacks affect, policies, industry, business decisions? What kind of policies, procedures and business models do we need? How can we solve our security problems with technology?
Board Room Discussion •Loss of market share and reputation •Legal Exposure CEO •Audit Failure •Fines and Criminal Charges •Financial Loss CFO/COO •Loss of data confidentiality, CIO integrity and/or availability CHRO •Violation of employee privacy •Loss of customer trust •Loss of brand reputation CMO Increasingly companies are appointing CRO’s and CISO’s with a direct line to the audit committee.
Corporate Governance Project Governance Risk Management Cyber Governance Risk Management Cyber Governance Cyber Risk Legal & Compliance Operational Technical
Resilience 37 Recognise: Interdependence Leadership Role Responsibility Integrating Cyber Risk Management
BUSINESS ICT REQUIREMENTS Business Legal Regulatory REQUIREMENT DRIVERS The Board DIRECT EVALUATE MONITOR CYBER RISK STRATEGY REACTIVE PROACTIVE
Thank You – Stay Connected www.paulcdwyer.com youtube.com/paulcdwyer mail@paulcdwyer.com +353-(0)85 888 1364 @paulcdwyer WE IDENTIFY, MITIGATE AND MANAGE CYBER RISKS Cyber Risk International Clonmel House – Forster Way – Swords – Co Dublin – Ireland +353-(0)1- 897 0234 xxxxxx mail@cyberriskinternational.com www.cyberriskinternational.com

Recommended

Retail Excellence Ireland - Cyber Threats 2015 Overview
Retail Excellence Ireland - Cyber Threats 2015 OverviewRetail Excellence Ireland - Cyber Threats 2015 Overview
Retail Excellence Ireland - Cyber Threats 2015 Overview
OCTF Industry Engagement
 
CRI "Lessons From The Front Lines" March 26th Dublin
CRI "Lessons From The Front Lines" March 26th Dublin CRI "Lessons From The Front Lines" March 26th Dublin
CRI "Lessons From The Front Lines" March 26th Dublin
OCTF Industry Engagement
 
S719a
S719aS719a
S719aecommerce
 
Privacy and E-Commerce
Privacy and E-CommercePrivacy and E-Commerce
Privacy and E-CommerceAleksandr Yampolskiy
 
Policies and Law in IT
Policies and Law in ITPolicies and Law in IT
Policies and Law in IT
Anushka Perera
 
Cyber crime paper
Cyber crime paperCyber crime paper
Cyber crime paper
aymancoo
 
Managing and insuring cyber risk - coverage of insurance policies
Managing and insuring cyber risk - coverage of insurance policiesManaging and insuring cyber risk - coverage of insurance policies
Managing and insuring cyber risk - coverage of insurance policies
IISPEastMids
 
Your organization is at risk! Upgrade your IT security & IT governance now.
Your organization is at risk! Upgrade your IT security & IT governance now.Your organization is at risk! Upgrade your IT security & IT governance now.
Your organization is at risk! Upgrade your IT security & IT governance now.
Cyril Soeri
 

Recommended

Retail Excellence Ireland - Cyber Threats 2015 Overview
Retail Excellence Ireland - Cyber Threats 2015 OverviewRetail Excellence Ireland - Cyber Threats 2015 Overview
Retail Excellence Ireland - Cyber Threats 2015 Overview
OCTF Industry Engagement
 
CRI "Lessons From The Front Lines" March 26th Dublin
CRI "Lessons From The Front Lines" March 26th Dublin CRI "Lessons From The Front Lines" March 26th Dublin
CRI "Lessons From The Front Lines" March 26th Dublin
OCTF Industry Engagement
 
S719a
S719aS719a
S719aecommerce
 
Privacy and E-Commerce
Privacy and E-CommercePrivacy and E-Commerce
Privacy and E-CommerceAleksandr Yampolskiy
 
Policies and Law in IT
Policies and Law in ITPolicies and Law in IT
Policies and Law in IT
Anushka Perera
 
Cyber crime paper
Cyber crime paperCyber crime paper
Cyber crime paper
aymancoo
 
Managing and insuring cyber risk - coverage of insurance policies
Managing and insuring cyber risk - coverage of insurance policiesManaging and insuring cyber risk - coverage of insurance policies
Managing and insuring cyber risk - coverage of insurance policies
IISPEastMids
 
Your organization is at risk! Upgrade your IT security & IT governance now.
Your organization is at risk! Upgrade your IT security & IT governance now.Your organization is at risk! Upgrade your IT security & IT governance now.
Your organization is at risk! Upgrade your IT security & IT governance now.
Cyril Soeri
 
CMW Cyber Liability Presentation
CMW Cyber Liability PresentationCMW Cyber Liability Presentation
CMW Cyber Liability PresentationSean Graham
 
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
Gohsuke Takama
 
A Breach Carol: 2013 Review, 2014 Predictions
A Breach Carol: 2013 Review, 2014 PredictionsA Breach Carol: 2013 Review, 2014 Predictions
A Breach Carol: 2013 Review, 2014 Predictions
Resilient Systems
 
Adrian Ifrim - prezentare - Cyber Security Trends 2020
Adrian Ifrim - prezentare - Cyber Security Trends 2020Adrian Ifrim - prezentare - Cyber Security Trends 2020
Adrian Ifrim - prezentare - Cyber Security Trends 2020
Business Days
 
Logikcull Webinar: Preventing the Next Panama Papers
Logikcull Webinar: Preventing the Next Panama PapersLogikcull Webinar: Preventing the Next Panama Papers
Logikcull Webinar: Preventing the Next Panama Papers
Logikcull.com
 
Information Assurance And Security - Chapter 3 - Lesson 2
Information Assurance And Security - Chapter 3 - Lesson 2Information Assurance And Security - Chapter 3 - Lesson 2
Information Assurance And Security - Chapter 3 - Lesson 2
MLG College of Learning, Inc
 
BYOD - Bringing Technology to work | Sending Data Everywhere
BYOD - Bringing Technology to work | Sending Data EverywhereBYOD - Bringing Technology to work | Sending Data Everywhere
BYOD - Bringing Technology to work | Sending Data Everywhere
Jim Brashear
 
Erik Nachbahr "Dealership Technology"
Erik Nachbahr "Dealership Technology"Erik Nachbahr "Dealership Technology"
Erik Nachbahr "Dealership Technology"
Sean Bradley
 
Protecting Client Data 11.09.11
Protecting Client Data 11.09.11Protecting Client Data 11.09.11
Protecting Client Data 11.09.11
pdewitte
 
74 x9019 bea legal slides short form ged12.12.16
74 x9019 bea legal slides short form ged12.12.1674 x9019 bea legal slides short form ged12.12.16
74 x9019 bea legal slides short form ged12.12.16
Glenn E. Davis
 
ACEDS-ACFCS Cybersecurity Webcast
ACEDS-ACFCS Cybersecurity WebcastACEDS-ACFCS Cybersecurity Webcast
ACEDS-ACFCS Cybersecurity Webcast
Logikcull.com
 
PCI Compliance with Tripp Lite Wall Mount Rack Cabinets
PCI Compliance with Tripp Lite Wall Mount Rack CabinetsPCI Compliance with Tripp Lite Wall Mount Rack Cabinets
PCI Compliance with Tripp Lite Wall Mount Rack Cabinets
Tripp Lite
 
Privacy & Data Security for InHouse Counsel
Privacy & Data Security for InHouse CounselPrivacy & Data Security for InHouse Counsel
Privacy & Data Security for InHouse Counselamprivacy
 
IoT PPT Deck
IoT PPT DeckIoT PPT Deck
IoT PPT DeckJohn Yates
 
10 Reasons to buy Cyber Liability Insurance
10 Reasons to buy Cyber Liability Insurance 10 Reasons to buy Cyber Liability Insurance
10 Reasons to buy Cyber Liability Insurance
Hubbard Insurance Group
 
GDPR Part 1: Quick Facts
GDPR Part 1: Quick FactsGDPR Part 1: Quick Facts
GDPR Part 1: Quick Facts
Adrian Dumitrescu
 
Cybersecurity Law and Risk Management
Cybersecurity Law and Risk ManagementCybersecurity Law and Risk Management
Cybersecurity Law and Risk Management
Keelan Stewart
 
How to safe your company from having a security breach
How to safe your company from having a security breachHow to safe your company from having a security breach
How to safe your company from having a security breach
Baltimax
 
Cyber Threat
Cyber ThreatCyber Threat
Cyber ThreatJames Stuart
 
Social Engineering, Insider and Cyber Threat
Social Engineering, Insider and Cyber Threat Social Engineering, Insider and Cyber Threat
Social Engineering, Insider and Cyber Threat
Advent IM Ltd
 
The Cyber Threat Landscape
The Cyber Threat LandscapeThe Cyber Threat Landscape
The Cyber Threat Landscape
Government Technology and Services Coalition
 
Cyber Threat Detection and Interpretation
Cyber Threat Detection and InterpretationCyber Threat Detection and Interpretation
Cyber Threat Detection and Interpretation
DataWorks Summit/Hadoop Summit
 

More Related Content

What's hot

CMW Cyber Liability Presentation
CMW Cyber Liability PresentationCMW Cyber Liability Presentation
CMW Cyber Liability PresentationSean Graham
 
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
Gohsuke Takama
 
A Breach Carol: 2013 Review, 2014 Predictions
A Breach Carol: 2013 Review, 2014 PredictionsA Breach Carol: 2013 Review, 2014 Predictions
A Breach Carol: 2013 Review, 2014 Predictions
Resilient Systems
 
Adrian Ifrim - prezentare - Cyber Security Trends 2020
Adrian Ifrim - prezentare - Cyber Security Trends 2020Adrian Ifrim - prezentare - Cyber Security Trends 2020
Adrian Ifrim - prezentare - Cyber Security Trends 2020
Business Days
 
Logikcull Webinar: Preventing the Next Panama Papers
Logikcull Webinar: Preventing the Next Panama PapersLogikcull Webinar: Preventing the Next Panama Papers
Logikcull Webinar: Preventing the Next Panama Papers
Logikcull.com
 
Information Assurance And Security - Chapter 3 - Lesson 2
Information Assurance And Security - Chapter 3 - Lesson 2Information Assurance And Security - Chapter 3 - Lesson 2
Information Assurance And Security - Chapter 3 - Lesson 2
MLG College of Learning, Inc
 
BYOD - Bringing Technology to work | Sending Data Everywhere
BYOD - Bringing Technology to work | Sending Data EverywhereBYOD - Bringing Technology to work | Sending Data Everywhere
BYOD - Bringing Technology to work | Sending Data Everywhere
Jim Brashear
 
Erik Nachbahr "Dealership Technology"
Erik Nachbahr "Dealership Technology"Erik Nachbahr "Dealership Technology"
Erik Nachbahr "Dealership Technology"
Sean Bradley
 
Protecting Client Data 11.09.11
Protecting Client Data 11.09.11Protecting Client Data 11.09.11
Protecting Client Data 11.09.11
pdewitte
 
74 x9019 bea legal slides short form ged12.12.16
74 x9019 bea legal slides short form ged12.12.1674 x9019 bea legal slides short form ged12.12.16
74 x9019 bea legal slides short form ged12.12.16
Glenn E. Davis
 
ACEDS-ACFCS Cybersecurity Webcast
ACEDS-ACFCS Cybersecurity WebcastACEDS-ACFCS Cybersecurity Webcast
ACEDS-ACFCS Cybersecurity Webcast
Logikcull.com
 
PCI Compliance with Tripp Lite Wall Mount Rack Cabinets
PCI Compliance with Tripp Lite Wall Mount Rack CabinetsPCI Compliance with Tripp Lite Wall Mount Rack Cabinets
PCI Compliance with Tripp Lite Wall Mount Rack Cabinets
Tripp Lite
 
Privacy & Data Security for InHouse Counsel
Privacy & Data Security for InHouse CounselPrivacy & Data Security for InHouse Counsel
Privacy & Data Security for InHouse Counselamprivacy
 
10 Reasons to buy Cyber Liability Insurance
10 Reasons to buy Cyber Liability Insurance 10 Reasons to buy Cyber Liability Insurance
10 Reasons to buy Cyber Liability Insurance
Hubbard Insurance Group
 
GDPR Part 1: Quick Facts
GDPR Part 1: Quick FactsGDPR Part 1: Quick Facts
GDPR Part 1: Quick Facts
Adrian Dumitrescu
 
Cybersecurity Law and Risk Management
Cybersecurity Law and Risk ManagementCybersecurity Law and Risk Management
Cybersecurity Law and Risk Management
Keelan Stewart
 
How to safe your company from having a security breach
How to safe your company from having a security breachHow to safe your company from having a security breach
How to safe your company from having a security breach
Baltimax
 

What's hot (18)

CMW Cyber Liability Presentation
CMW Cyber Liability PresentationCMW Cyber Liability Presentation
CMW Cyber Liability Presentation
 
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
 
A Breach Carol: 2013 Review, 2014 Predictions
A Breach Carol: 2013 Review, 2014 PredictionsA Breach Carol: 2013 Review, 2014 Predictions
A Breach Carol: 2013 Review, 2014 Predictions
 
Adrian Ifrim - prezentare - Cyber Security Trends 2020
Adrian Ifrim - prezentare - Cyber Security Trends 2020Adrian Ifrim - prezentare - Cyber Security Trends 2020
Adrian Ifrim - prezentare - Cyber Security Trends 2020
 
Logikcull Webinar: Preventing the Next Panama Papers
Logikcull Webinar: Preventing the Next Panama PapersLogikcull Webinar: Preventing the Next Panama Papers
Logikcull Webinar: Preventing the Next Panama Papers
 
Information Assurance And Security - Chapter 3 - Lesson 2
Information Assurance And Security - Chapter 3 - Lesson 2Information Assurance And Security - Chapter 3 - Lesson 2
Information Assurance And Security - Chapter 3 - Lesson 2
 
BYOD - Bringing Technology to work | Sending Data Everywhere
BYOD - Bringing Technology to work | Sending Data EverywhereBYOD - Bringing Technology to work | Sending Data Everywhere
BYOD - Bringing Technology to work | Sending Data Everywhere
 
Erik Nachbahr "Dealership Technology"
Erik Nachbahr "Dealership Technology"Erik Nachbahr "Dealership Technology"
Erik Nachbahr "Dealership Technology"
 
Protecting Client Data 11.09.11
Protecting Client Data 11.09.11Protecting Client Data 11.09.11
Protecting Client Data 11.09.11
 
74 x9019 bea legal slides short form ged12.12.16
74 x9019 bea legal slides short form ged12.12.1674 x9019 bea legal slides short form ged12.12.16
74 x9019 bea legal slides short form ged12.12.16
 
ACEDS-ACFCS Cybersecurity Webcast
ACEDS-ACFCS Cybersecurity WebcastACEDS-ACFCS Cybersecurity Webcast
ACEDS-ACFCS Cybersecurity Webcast
 
PCI Compliance with Tripp Lite Wall Mount Rack Cabinets
PCI Compliance with Tripp Lite Wall Mount Rack CabinetsPCI Compliance with Tripp Lite Wall Mount Rack Cabinets
PCI Compliance with Tripp Lite Wall Mount Rack Cabinets
 
Privacy & Data Security for InHouse Counsel
Privacy & Data Security for InHouse CounselPrivacy & Data Security for InHouse Counsel
Privacy & Data Security for InHouse Counsel
 
IoT PPT Deck
IoT PPT DeckIoT PPT Deck
IoT PPT Deck
 
10 Reasons to buy Cyber Liability Insurance
10 Reasons to buy Cyber Liability Insurance 10 Reasons to buy Cyber Liability Insurance
10 Reasons to buy Cyber Liability Insurance
 
GDPR Part 1: Quick Facts
GDPR Part 1: Quick FactsGDPR Part 1: Quick Facts
GDPR Part 1: Quick Facts
 
Cybersecurity Law and Risk Management
Cybersecurity Law and Risk ManagementCybersecurity Law and Risk Management
Cybersecurity Law and Risk Management
 
How to safe your company from having a security breach
How to safe your company from having a security breachHow to safe your company from having a security breach
How to safe your company from having a security breach
 

Viewers also liked

Social Engineering, Insider and Cyber Threat
Social Engineering, Insider and Cyber Threat Social Engineering, Insider and Cyber Threat
Social Engineering, Insider and Cyber Threat
Advent IM Ltd
 
The Cyber Threat Landscape
The Cyber Threat LandscapeThe Cyber Threat Landscape
The Cyber Threat Landscape
Government Technology and Services Coalition
 
Cyber Threat Detection and Interpretation
Cyber Threat Detection and InterpretationCyber Threat Detection and Interpretation
Cyber Threat Detection and Interpretation
DataWorks Summit/Hadoop Summit
 
Rapid Threat Modeling : case study
Rapid Threat Modeling : case studyRapid Threat Modeling : case study
Rapid Threat Modeling : case study
Antonio Fontes
 
Global Cyber Threat Intelligence
Global Cyber Threat IntelligenceGlobal Cyber Threat Intelligence
Global Cyber Threat Intelligence
NTT Innovation Institute Inc.
 
Improve Your Threat Intelligence Strategy With These Ideas
Improve Your Threat Intelligence Strategy With These IdeasImprove Your Threat Intelligence Strategy With These Ideas
Improve Your Threat Intelligence Strategy With These Ideas
Recorded Future
 
Présentation Microsoft Advanced Threat Analytics | Deep-Dive - MSCloud Summi...
Présentation Microsoft Advanced Threat Analytics | Deep-Dive - MSCloud Summi...Présentation Microsoft Advanced Threat Analytics | Deep-Dive - MSCloud Summi...
Présentation Microsoft Advanced Threat Analytics | Deep-Dive - MSCloud Summi...
☁️Seyfallah Tagrerout☁ [MVP]
 
Countering the Cyber Threat
Countering the Cyber ThreatCountering the Cyber Threat
Countering the Cyber Threat
Ollie Whitehouse
 
bsides NOVA 2017 So You Want to Be a Cyber Threat Analyst eh?
bsides NOVA 2017 So You Want to Be a Cyber Threat Analyst eh?bsides NOVA 2017 So You Want to Be a Cyber Threat Analyst eh?
bsides NOVA 2017 So You Want to Be a Cyber Threat Analyst eh?
Anthony Melfi
 
Threat Modelling
Threat ModellingThreat Modelling
Threat Modelling
n|u - The Open Security Community
 
Critical Infrastructure and Cyber Threat
Critical Infrastructure and Cyber ThreatCritical Infrastructure and Cyber Threat
Critical Infrastructure and Cyber Threat
Motorola Solutions
 
Proactive Defense: Understanding the 4 Main Threat Actor Types
Proactive Defense: Understanding the 4 Main Threat Actor TypesProactive Defense: Understanding the 4 Main Threat Actor Types
Proactive Defense: Understanding the 4 Main Threat Actor Types
Recorded Future
 
Cyber defense: Understanding and Combating the Threat
Cyber defense: Understanding and Combating the ThreatCyber defense: Understanding and Combating the Threat
Cyber defense: Understanding and Combating the Threat
IBM Government
 
Symantec Internet Security Threat Report 2014 - Volume 19
Symantec Internet Security Threat Report 2014 - Volume 19Symantec Internet Security Threat Report 2014 - Volume 19
Symantec Internet Security Threat Report 2014 - Volume 19
Symantec
 
Top 6 Sources for Identifying Threat Actor TTPs
Top 6 Sources for Identifying Threat Actor TTPsTop 6 Sources for Identifying Threat Actor TTPs
Top 6 Sources for Identifying Threat Actor TTPs
Recorded Future
 
IBM Cyber Threat Analysis
IBM Cyber Threat AnalysisIBM Cyber Threat Analysis
IBM Cyber Threat Analysis
IBM Government
 
Threats to Information Resources - MIS - Shimna
Threats to Information Resources - MIS - ShimnaThreats to Information Resources - MIS - Shimna
Threats to Information Resources - MIS - Shimna
Chinnu Shimna
 
Threat Modeling web applications (2012 update)
Threat Modeling web applications (2012 update)Threat Modeling web applications (2012 update)
Threat Modeling web applications (2012 update)
Antonio Fontes
 

Viewers also liked (20)

Cyber Threat
Cyber ThreatCyber Threat
Cyber Threat
 
Social Engineering, Insider and Cyber Threat
Social Engineering, Insider and Cyber Threat Social Engineering, Insider and Cyber Threat
Social Engineering, Insider and Cyber Threat
 
The Cyber Threat Landscape
The Cyber Threat LandscapeThe Cyber Threat Landscape
The Cyber Threat Landscape
 
Cyber Threat Detection and Interpretation
Cyber Threat Detection and InterpretationCyber Threat Detection and Interpretation
Cyber Threat Detection and Interpretation
 
Rapid Threat Modeling : case study
Rapid Threat Modeling : case studyRapid Threat Modeling : case study
Rapid Threat Modeling : case study
 
Global Cyber Threat Intelligence
Global Cyber Threat IntelligenceGlobal Cyber Threat Intelligence
Global Cyber Threat Intelligence
 
Improve Your Threat Intelligence Strategy With These Ideas
Improve Your Threat Intelligence Strategy With These IdeasImprove Your Threat Intelligence Strategy With These Ideas
Improve Your Threat Intelligence Strategy With These Ideas
 
Présentation Microsoft Advanced Threat Analytics | Deep-Dive - MSCloud Summi...
Présentation Microsoft Advanced Threat Analytics | Deep-Dive - MSCloud Summi...Présentation Microsoft Advanced Threat Analytics | Deep-Dive - MSCloud Summi...
Présentation Microsoft Advanced Threat Analytics | Deep-Dive - MSCloud Summi...
 
Countering the Cyber Threat
Countering the Cyber ThreatCountering the Cyber Threat
Countering the Cyber Threat
 
Cyber Threat Landscape
Cyber Threat LandscapeCyber Threat Landscape
Cyber Threat Landscape
 
bsides NOVA 2017 So You Want to Be a Cyber Threat Analyst eh?
bsides NOVA 2017 So You Want to Be a Cyber Threat Analyst eh?bsides NOVA 2017 So You Want to Be a Cyber Threat Analyst eh?
bsides NOVA 2017 So You Want to Be a Cyber Threat Analyst eh?
 
Threat Modelling
Threat ModellingThreat Modelling
Threat Modelling
 
Critical Infrastructure and Cyber Threat
Critical Infrastructure and Cyber ThreatCritical Infrastructure and Cyber Threat
Critical Infrastructure and Cyber Threat
 
Proactive Defense: Understanding the 4 Main Threat Actor Types
Proactive Defense: Understanding the 4 Main Threat Actor TypesProactive Defense: Understanding the 4 Main Threat Actor Types
Proactive Defense: Understanding the 4 Main Threat Actor Types
 
Cyber defense: Understanding and Combating the Threat
Cyber defense: Understanding and Combating the ThreatCyber defense: Understanding and Combating the Threat
Cyber defense: Understanding and Combating the Threat
 
Symantec Internet Security Threat Report 2014 - Volume 19
Symantec Internet Security Threat Report 2014 - Volume 19Symantec Internet Security Threat Report 2014 - Volume 19
Symantec Internet Security Threat Report 2014 - Volume 19
 
Top 6 Sources for Identifying Threat Actor TTPs
Top 6 Sources for Identifying Threat Actor TTPsTop 6 Sources for Identifying Threat Actor TTPs
Top 6 Sources for Identifying Threat Actor TTPs
 
IBM Cyber Threat Analysis
IBM Cyber Threat AnalysisIBM Cyber Threat Analysis
IBM Cyber Threat Analysis
 
Threats to Information Resources - MIS - Shimna
Threats to Information Resources - MIS - ShimnaThreats to Information Resources - MIS - Shimna
Threats to Information Resources - MIS - Shimna
 
Threat Modeling web applications (2012 update)
Threat Modeling web applications (2012 update)Threat Modeling web applications (2012 update)
Threat Modeling web applications (2012 update)
 

Similar to Cyber Threat Overview for Euro IT counsel

CRI Retail Cyber Threats
CRI Retail Cyber ThreatsCRI Retail Cyber Threats
CRI Retail Cyber Threats
OCTF Industry Engagement
 
CRI Extract from "Cyber Lessons from the Front lines"
CRI Extract from "Cyber Lessons from the Front lines"CRI Extract from "Cyber Lessons from the Front lines"
CRI Extract from "Cyber Lessons from the Front lines"
OCTF Industry Engagement
 
CRI Cyber Board Briefing
CRI Cyber Board Briefing CRI Cyber Board Briefing
CRI Cyber Board Briefing
OCTF Industry Engagement
 
nerfslides.pptx
nerfslides.pptxnerfslides.pptx
nerfslides.pptx
ssusera5ade5
 
The Basics of Cyber Insurance
The Basics of Cyber InsuranceThe Basics of Cyber Insurance
The Basics of Cyber Insurance
HB Litigation Conferences
 
Blockchains : Risk or Mitigation?
Blockchains : Risk or Mitigation?Blockchains : Risk or Mitigation?
Blockchains : Risk or Mitigation?
ITU
 
Legal vectors - Survey of Law, Regulation and Technology Risk
Legal vectors - Survey of Law, Regulation and Technology RiskLegal vectors - Survey of Law, Regulation and Technology Risk
Legal vectors - Survey of Law, Regulation and Technology Risk
William Gamble
 
Cyber security
Cyber securityCyber security
Cyber security
Perfect Training Center
 
WCIT 2014 Som Mittal - Managing risks in an interdependent economy risks rela...
WCIT 2014 Som Mittal - Managing risks in an interdependent economy risks rela...WCIT 2014 Som Mittal - Managing risks in an interdependent economy risks rela...
WCIT 2014 Som Mittal - Managing risks in an interdependent economy risks rela...WCIT 2014
 
Cyber security by Gaurav Singh
Cyber security by Gaurav SinghCyber security by Gaurav Singh
Cyber security by Gaurav Singh
Gaurav Singh
 
NextLevel Cyber Security Executive Briefing
NextLevel Cyber Security Executive BriefingNextLevel Cyber Security Executive Briefing
NextLevel Cyber Security Executive Briefing
Joe Nathans
 
SEC OCIE - Cybersecurity Focus Areas, Guidance, and Best Practices
SEC OCIE - Cybersecurity Focus Areas, Guidance, and Best PracticesSEC OCIE - Cybersecurity Focus Areas, Guidance, and Best Practices
SEC OCIE - Cybersecurity Focus Areas, Guidance, and Best Practices
Kroll
 
Protecting Your Business From Cyber Risks
Protecting Your Business From Cyber RisksProtecting Your Business From Cyber Risks
Protecting Your Business From Cyber Risks
This account is closed
 
How to handle data breach incidents under GDPR
How to handle data breach incidents under GDPRHow to handle data breach incidents under GDPR
How to handle data breach incidents under GDPR
Charlie Pownall
 
Cybersecurity mitigation strategies webinar AIG ecoDa FERMA 24 March 2016
Cybersecurity mitigation strategies webinar AIG ecoDa FERMA 24 March 2016Cybersecurity mitigation strategies webinar AIG ecoDa FERMA 24 March 2016
Cybersecurity mitigation strategies webinar AIG ecoDa FERMA 24 March 2016
FERMA
 
cyber-protect-may-17-law-society-presentation.pptx
cyber-protect-may-17-law-society-presentation.pptxcyber-protect-may-17-law-society-presentation.pptx
cyber-protect-may-17-law-society-presentation.pptx
ParasSehgal12
 
cyber-protect-may-17-law-society-presentation.pptx
cyber-protect-may-17-law-society-presentation.pptxcyber-protect-may-17-law-society-presentation.pptx
cyber-protect-may-17-law-society-presentation.pptx
biswajitghosal4
 
Improve IT Security and Compliance with Mainframe Data in Splunk
Improve IT Security and Compliance with Mainframe Data in SplunkImprove IT Security and Compliance with Mainframe Data in Splunk
Improve IT Security and Compliance with Mainframe Data in Splunk
Precisely
 
L12. Digital Forensics BS.pptx
L12. Digital Forensics BS.pptxL12. Digital Forensics BS.pptx
L12. Digital Forensics BS.pptx
talhajann43
 
Cybersecurity in ME April 25 slides
Cybersecurity in ME April 25 slidesCybersecurity in ME April 25 slides
Cybersecurity in ME April 25 slides
American Chamber of Commerce in Bahrain
 

Similar to Cyber Threat Overview for Euro IT counsel (20)

CRI Retail Cyber Threats
CRI Retail Cyber ThreatsCRI Retail Cyber Threats
CRI Retail Cyber Threats
 
CRI Extract from "Cyber Lessons from the Front lines"
CRI Extract from "Cyber Lessons from the Front lines"CRI Extract from "Cyber Lessons from the Front lines"
CRI Extract from "Cyber Lessons from the Front lines"
 
CRI Cyber Board Briefing
CRI Cyber Board Briefing CRI Cyber Board Briefing
CRI Cyber Board Briefing
 
nerfslides.pptx
nerfslides.pptxnerfslides.pptx
nerfslides.pptx
 
The Basics of Cyber Insurance
The Basics of Cyber InsuranceThe Basics of Cyber Insurance
The Basics of Cyber Insurance
 
Blockchains : Risk or Mitigation?
Blockchains : Risk or Mitigation?Blockchains : Risk or Mitigation?
Blockchains : Risk or Mitigation?
 
Legal vectors - Survey of Law, Regulation and Technology Risk
Legal vectors - Survey of Law, Regulation and Technology RiskLegal vectors - Survey of Law, Regulation and Technology Risk
Legal vectors - Survey of Law, Regulation and Technology Risk
 
Cyber security
Cyber securityCyber security
Cyber security
 
WCIT 2014 Som Mittal - Managing risks in an interdependent economy risks rela...
WCIT 2014 Som Mittal - Managing risks in an interdependent economy risks rela...WCIT 2014 Som Mittal - Managing risks in an interdependent economy risks rela...
WCIT 2014 Som Mittal - Managing risks in an interdependent economy risks rela...
 
Cyber security by Gaurav Singh
Cyber security by Gaurav SinghCyber security by Gaurav Singh
Cyber security by Gaurav Singh
 
NextLevel Cyber Security Executive Briefing
NextLevel Cyber Security Executive BriefingNextLevel Cyber Security Executive Briefing
NextLevel Cyber Security Executive Briefing
 
SEC OCIE - Cybersecurity Focus Areas, Guidance, and Best Practices
SEC OCIE - Cybersecurity Focus Areas, Guidance, and Best PracticesSEC OCIE - Cybersecurity Focus Areas, Guidance, and Best Practices
SEC OCIE - Cybersecurity Focus Areas, Guidance, and Best Practices
 
Protecting Your Business From Cyber Risks
Protecting Your Business From Cyber RisksProtecting Your Business From Cyber Risks
Protecting Your Business From Cyber Risks
 
How to handle data breach incidents under GDPR
How to handle data breach incidents under GDPRHow to handle data breach incidents under GDPR
How to handle data breach incidents under GDPR
 
Cybersecurity mitigation strategies webinar AIG ecoDa FERMA 24 March 2016
Cybersecurity mitigation strategies webinar AIG ecoDa FERMA 24 March 2016Cybersecurity mitigation strategies webinar AIG ecoDa FERMA 24 March 2016
Cybersecurity mitigation strategies webinar AIG ecoDa FERMA 24 March 2016
 
cyber-protect-may-17-law-society-presentation.pptx
cyber-protect-may-17-law-society-presentation.pptxcyber-protect-may-17-law-society-presentation.pptx
cyber-protect-may-17-law-society-presentation.pptx
 
cyber-protect-may-17-law-society-presentation.pptx
cyber-protect-may-17-law-society-presentation.pptxcyber-protect-may-17-law-society-presentation.pptx
cyber-protect-may-17-law-society-presentation.pptx
 
Improve IT Security and Compliance with Mainframe Data in Splunk
Improve IT Security and Compliance with Mainframe Data in SplunkImprove IT Security and Compliance with Mainframe Data in Splunk
Improve IT Security and Compliance with Mainframe Data in Splunk
 
L12. Digital Forensics BS.pptx
L12. Digital Forensics BS.pptxL12. Digital Forensics BS.pptx
L12. Digital Forensics BS.pptx
 
Cybersecurity in ME April 25 slides
Cybersecurity in ME April 25 slidesCybersecurity in ME April 25 slides
Cybersecurity in ME April 25 slides
 

More from OCTF Industry Engagement

Judgement Day - Slovakia
Judgement Day - SlovakiaJudgement Day - Slovakia
Judgement Day - Slovakia
OCTF Industry Engagement
 
Cyberpol ISIS Threats Presentation - Redacted
Cyberpol ISIS Threats Presentation - RedactedCyberpol ISIS Threats Presentation - Redacted
Cyberpol ISIS Threats Presentation - Redacted
OCTF Industry Engagement
 
KidSafe - Parental Training Presentation
KidSafe - Parental Training PresentationKidSafe - Parental Training Presentation
KidSafe - Parental Training Presentation
OCTF Industry Engagement
 

More from OCTF Industry Engagement (7)

Cyber999 Brochure
Cyber999 BrochureCyber999 Brochure
Cyber999 Brochure
 
Judgement Day - Slovakia
Judgement Day - SlovakiaJudgement Day - Slovakia
Judgement Day - Slovakia
 
Cyberpol ISIS Threats Presentation - Redacted
Cyberpol ISIS Threats Presentation - RedactedCyberpol ISIS Threats Presentation - Redacted
Cyberpol ISIS Threats Presentation - Redacted
 
Cyber-Risk-Management-Assessment (1)
Cyber-Risk-Management-Assessment (1)Cyber-Risk-Management-Assessment (1)
Cyber-Risk-Management-Assessment (1)
 
CRI-Exec-Cyber-Briefings (1)
CRI-Exec-Cyber-Briefings (1)CRI-Exec-Cyber-Briefings (1)
CRI-Exec-Cyber-Briefings (1)
 
CRI-Corporate-Profile (1)
CRI-Corporate-Profile (1)CRI-Corporate-Profile (1)
CRI-Corporate-Profile (1)
 
KidSafe - Parental Training Presentation
KidSafe - Parental Training PresentationKidSafe - Parental Training Presentation
KidSafe - Parental Training Presentation
 

Recently uploaded

AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
Product School
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
DanBrown980551
 
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsTo Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
Paul Groth
 
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
UiPathCommunity
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Ramesh Iyer
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
Cheryl Hung
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
Safe Software
 
ODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User GroupODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User Group
CatarinaPereira64715
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Product School
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
Prayukth K V
 
Accelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish CachingAccelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish Caching
Thijs Feryn
 
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Product School
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance
 
Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
OnBoard
 
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Product School
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
ThousandEyes
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
Product School
 
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
Product School
 
PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)
Ralf Eggert
 

Recently uploaded (20)

AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
 
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsTo Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
 
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
 
ODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User GroupODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User Group
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
 
Accelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish CachingAccelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish Caching
 
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
 
Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
 
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
 
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
 
PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)
 

Cyber Threat Overview for Euro IT counsel

  • 1. Cyber Executive Briefing Presenter: Paul C Dwyer euroITcounsel Date: Oct 23rd 2014
  • 2. Slides and Material May NOT be Distributed In Any Format Without Written Permission Copyright Cyber Risk International Ltd – All Rights Reserved
  • 3. Paul C Dwyer Paul C Dwyer is an internationally recognised information security expert with over two decades experience and serves as President of ICTTF International Cyber Threat Task Force and Co Chairman of the UK NCA National Crime Agency Industry Group. A certified industry professional by the International Information Systems Security Certification Consortium (ISC2) and the Information System Audit & Control Association (ISACA) and selected for the IT Governance Expert Panel. Paul is a world leading Cyber Security GRC authority. He has been an advisor to Fortune 500 companies including law enforcement agencies, military (NATO) and recently advised DEFCOM UK at Westminster Parliament. He has worked and trained with organisations such as the US Secret Service, Scotland Yard, FBI, National Counter Terrorism Security Office (MI5), is approved by the National Crime Faculty and is a member of the High Tech Crime Network (HTCN). Paul C Dwyer CEO Cyber Risk International
  • 4. THE CYBER WORLD AND THE PHYSICAL ARE INTEGRATED
  • 5. Cyber fronts in the Ukraine! Is it War?
  • 6.
  • 7. What Are Cyber Threats? Cybercrime Cyber Warfare Cyber Espionage Cyber X Adversary
  • 8.
  • 9. Cyber Statistics • Cybercrime costs £27 billion a year in the UK • £1,000 a second • 170,000 ID’s are stolen each year – 1 every three seconds • Theft of IP £9.2 billion (pharmaceuticals, biotechnology, electronics, IT and chemicals) Source: UK Cabinet Office
  • 11. Cybercrime Economy Drivers It’s a business with an excellent economic model. Other reasons, you name it: • Technology • Internet • Recession • “A safe crime” • It’s easy to get involved • Part of Something
  • 13. Crimeware Toolkits Copyright - Paul C Dwyer Ltd - All Rights Reserved
  • 14. Economic Model - the Actors • User – (Account Credentials) • Financial Institution • Supplier • Acquirer/Middlemen • Agents • Carding Forum • Carders • Fraudster (Consumer) • Retailer • Reshipping / drop zone • Money Mule Categories •Wholesalers •Retailers •Independent Contractors
  • 15. Cybercrime – a Business
  • 16. “The Daddy” - History TJ/K Max Dark Market & Shadow Crew 2002 ->
  • 18. A Decade on What Have We Learnt? • Heating/AC Contractors Credentials • Intrusion Months Before Data Theft • Waited for US Thanksgiving Day • Malware KAPTOXA/BlackPOS 7 Months – Average Breach Before Detection 2/3 Cases informed by third party
  • 19. What do they Want? 19
  • 21. Cyber Risks for You • Tangible Costs – Loss of funds – Damage to Systems – Regulatory Fines – Legal Damages – Financial Compensation • Intangible Costs – Loss of competitive advantage (Stolen IP) – Loss of customer and/or partner trust – Loss of integrity (compromised digital assets) – Damage to reputation and brand Quantitative vs. Qualitative 46% Reduction in Profits Following Breach
  • 22. Bottom Line for Retailers • Arms Race – Cat and Mouse • Top 5 Target Groups – Continuously Attacked • You Spend Less on Cyber Security • Low Risk – High Reward for “Bad Guys” – Established Market for Data Assets • Best Data Assets On the Planet • Compliance is NOT Security
  • 23. Retail Factors • Data on networked and distributed systems that are accessible to a widening array of entry points • Broad adoption of mobile applications by retailers adds many other new points of vulnerability • Complex supply chains - more access and data is given to vendors and external partners • Global expansion may require retailers to expand distribution of their own information around the world
  • 25. Some Retailers Doors! • Point-of-sale (POS) terminals in stores • Mobile POS access points • Customer-facing e-commerce websites • Links with each third-party vendor, supply-chain vendor, ecosystem partner and contractor • Employee-facing access points — including those that may utilise employee-owned mobile devices — and the social workplace • Links to connected data centers via the cloud • Links to financial institutions and payment processors • Links to managed service providers • Links to delivery services • Links to all other contractors who are provided with network access • B2B, intranet and extranet portals • In-store wireless routers, kiosks and networks • The expanding “Internet of Things”: IP-based printers, IP-linked surveillance cameras and similar devices
  • 26. Give me some examples
  • 27. I’m not joking! Hack the Human!
  • 28. Bad Guy Targets Individual (Asset) Chooses Weapon from underground forum Reconnaissance Weaponisation Delivery Exploitation C2 Lateral Movement Exfiltration Maintenance Gathers Intelligence About Employee and Assets Exploit Run – Comms Established – Command & Control Server Move Laterally Across Network Exfiltrate Data Protection – Maint Mode
  • 29. It’s a IT Cyber Security Problem, Right?
  • 30. 30 Legally It’s a Challenge for the Board! NO
  • 31. Regulatory and Legal EU Data Privacy Directive EU Network Information Security Directive European Convention on Cybercrime 400+ Others – 10,000+ Controls – 175 Legal Jurisdictions Your Organisation
  • 32. Responsibility – Convention Cybercrime All organisations need to be aware of the Convention’s provisions in article 12, paragraph 2: ‘ensure that a legal person can be held liable where the lack of supervision or control by a natural person…has made possible the commission of a criminal offence established in accordance with this Convention’. Now Sit Forward!
  • 33. Cyber is a Strategic Issue Strategic Level Operational Level Technical Level 33 Macro Security Micro Security How do cyber attacks affect, policies, industry, business decisions? What kind of policies, procedures and business models do we need? How can we solve our security problems with technology?
  • 34. Board Room Discussion •Loss of market share and reputation •Legal Exposure CEO •Audit Failure •Fines and Criminal Charges •Financial Loss CFO/COO •Loss of data confidentiality, CIO integrity and/or availability CHRO •Violation of employee privacy •Loss of customer trust •Loss of brand reputation CMO Increasingly companies are appointing CRO’s and CISO’s with a direct line to the audit committee.
  • 35. Corporate Governance Project Governance Risk Management Cyber Governance Risk Management Cyber Governance Cyber Risk Legal & Compliance Operational Technical
  • 36.
  • 37. Resilience 37 Recognise: Interdependence Leadership Role Responsibility Integrating Cyber Risk Management
  • 38. BUSINESS ICT REQUIREMENTS Business Legal Regulatory REQUIREMENT DRIVERS The Board DIRECT EVALUATE MONITOR CYBER RISK STRATEGY REACTIVE PROACTIVE
  • 39. Thank You – Stay Connected www.paulcdwyer.com youtube.com/paulcdwyer mail@paulcdwyer.com +353-(0)85 888 1364 @paulcdwyer WE IDENTIFY, MITIGATE AND MANAGE CYBER RISKS Cyber Risk International Clonmel House – Forster Way – Swords – Co Dublin – Ireland +353-(0)1- 897 0234 xxxxxx mail@cyberriskinternational.com www.cyberriskinternational.com