Cyber Threat Landscape April 2013

Similar documents
RIMS Perk Session Protecting the Crown Jewels A Risk Manager's guide to cyber security March 18, 2015

Governance Ideas Exchange

Are we breached? Deloitte's Cyber Threat Hunting

Cyber Risk Having better conversations on cyber

Enterprise resilience and the role of Standards

Bringing cyber to the Board of Directors & C-level and keeping it there. Dirk Lybaert, Proximus September 9 th 2016

Moving from Prevention to Detection March 2017

The Cyber Savvy CEO Getting to grips with today s growing cyber-threats

RSA INCIDENT RESPONSE SERVICES

Cyber Security Incident Response Fighting Fire with Fire

CYBER RESILIENCE & INCIDENT RESPONSE

EFFECTIVELY TARGETING ADVANCED THREATS. Terry Sangha Sales Engineer at Trustwave

RSA INCIDENT RESPONSE SERVICES

CYBER INSURANCE: MANAGING THE RISK

RSA NetWitness Suite Respond in Minutes, Not Months

Safeguarding company from cyber-crimes and other technology scams ASSOCHAM

Cybersecurity Threat Modeling ISACA Atlanta Chapter Geek Week Conference

DDoS MITIGATION BEST PRACTICES

Incident Response Services to Help You Prepare for and Quickly Respond to Security Incidents

Governing cyber security risk: It s time to take it seriously Seven principles for Boards and Investors

Cyber Resilience. Think18. Felicity March IBM Corporation

Combating Cyber Risk in the Supply Chain

TAN Jenny Partner PwC Singapore

Build Your Zero Trust Security Strategy With Microsegmentation

Insider Threat Program: Protecting the Crown Jewels. Monday, March 2, 2:15 pm - 3:15 pm

UNCLASSIFIED. National and Cyber Security Branch. Presentation for Gridseccon. Quebec City, October 18-21

Robert Hayes Senior Director Microsoft Global Cyber Security & Data Protection Group

A new approach to Cyber Security

Information Security Is a Business

THE CYBER SECURITY PLAYBOOKECTOR SHOULD KNOW BEFPRE, DURING & AFTER WHAT EVERY DIRECTOR SHOULD KNOW BEFORE, DURING AND AFTER AN ATTACK

CRIMINAL NETWORK INTRUSION AND DATA THEFT: Today s Security Landscape and What to Do If You ve Been Compromised

Incentives for IoT Security. White Paper. May Author: Dr. Cédric LEVY-BENCHETON, CEO

SOLUTION BRIEF RSA NETWITNESS SUITE 3X THE IMPACT WITH YOUR EXISTING SECURITY TEAM

The Impact of Cybersecurity, Data Privacy and Social Media

Never a dull moment. Media Conference «Clarity on Cyber Security» 24 May 2016

Cyber Security. It s not just about technology. May 2017

THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION

INTRODUCTION. We would like to thank HelpSystems for supporting this unique research. We hope you will enjoy the report.

Engaging Executives and Boards in Cybersecurity Session 303, Feb 20, 2017 Sanjeev Sah, CISO, Texas Children s Hospital Jimmy Joseph, Senior Manager,

NEXT GENERATION SECURITY OPERATIONS CENTER

Cyber-Threats and Countermeasures in Financial Sector

Big data privacy in Australia

Secure your company s Crown Jewels. workshop

Run the business. Not the risks.

Cyber Espionage A proactive approach to cyber security

Managing Cyber Risk. Robert Entin Executive Vice President Chief Information Officer Vornado Realty Trust

What is ISO ISMS? Business Beam

Canada Highlights. Cybersecurity: Do you know which protective measures will make your company cyber resilient?

AKAMAI CLOUD SECURITY SOLUTIONS

STOPS CYBER ATTACKS BEFORE THEY STOP YOU. Prepare, recognize, and respond to today s attacks earlier with Verizon Security Solutions.

Cyber Due Diligence: Understanding the New Normal in Corporate Risk

2018 Data Security Incident Response Report Building Cyber Resilience: Compromise Response Intelligence in Action

G7 Bar Associations and Councils

Internet of Things (IoT) Securing the Connected Ecosystem

locuz.com SOC Services

Today s cyber threat landscape is evolving at a rate that is extremely aggressive,

Global Information Security Survey. A life sciences perspective

Physical security advisory services Securing your organisation s future

Cyber COBIT. Ophir Zilbiger, CEO SECOZ Shay Zandani, CEO CyberARM. December 2013

CYBER SOLUTIONS & THREAT INTELLIGENCE

Real estate predictions 2017 What changes lie ahead?

Eliminating the Blind Spot: Rapidly Detect and Respond to the Advanced and Evasive Threat

10 FOCUS AREAS FOR BREACH PREVENTION

Defending Our Digital Density.

50% 45% 40% 25% 20% 15%

Prescriptive Security Operations Centers. Leveraging big data capabilities to build next generation SOC

Cyber Incident Response. Prepare for the inevitable. Respond to evolving threats. Recover rapidly. Cyber Incident Response

Secure the value chain. Risk management in the omnichannel consumer and retail environment

Boston Chapter AGA 2018 Regional Professional Development Conference Cyber Security MAY 2018

Continuous protection to reduce risk and maintain production availability

HOSTED SECURITY SERVICES

Credit Union Cyber Crisis: Gaining Awareness and Combatting Cyber Threats Without Breaking the Bank

Does someone else own your company s reputation? EY Global Information Security Survey 2018

Cyber Security: Are digital doors still open?

Cyber Security Law --- Are you ready?

Public vs private cloud for regulated entities

CYBER FRAUD & DATA BREACHES 16 CPE s May 16-17, 2018

OUTSMART ADVANCED CYBER ATTACKS WITH AN INTELLIGENCE-DRIVEN SECURITY OPERATIONS CENTER

GDPR: A QUICK OVERVIEW

Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS

Cybersecurity. Securely enabling transformation and change

Six Weeks to Security Operations The AMP Story. Mike Byrne Cyber Security AMP

Cybersecurity Fortification Initiative (CFI) infrastructure whitepaper

Cyber Security Congress 2017

Security Takes Center Stage

INTELLIGENCE DRIVEN GRC FOR SECURITY

The University of Queensland

with Advanced Protection

Threat Intelligence to enhance Cyber Resiliency KEVIN ALBANO GLOBAL THREAT INTELLIGENCE LEAD IBM X-FORCE INCIDENT RESPONSE AND INTELLIGENCE SERVICES

PONEMON INSTITUTE RESEARCH REPORT 2018 STUDY ON GLOBAL MEGATRENDS IN CYBERSECURITY

Oracle Buys Palerra Extends Oracle Identity Cloud Service with Innovative Cloud Access Security Broker

Changing the Game: An HPR Approach to Cyber CRM007

Hacking and Cyber Espionage

TECHLAW AUSTRALIA. Update on cyber security and data protection. Thursday, 22 June Thursday, 22 June

MITIGATE CYBER ATTACK RISK

Vulnerability Management Trends In APAC

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

DATA SHEET RSA NETWITNESS PLATFORM PROFESSIONAL SERVICES ACCELERATE TIME-TO-VALUE & MAXIMIZE ROI

How to be cyber secure A practical guide for Australia s mid-size business

Key Findings from the Global State of Information Security Survey 2017 Indonesian Insights

Transcription:

www.pwc.co.uk Cyber Threat Landscape April 2013

Cyber Threats: Influences of the global business ecosystem Economic Industry/ Competitors Technology-led innovation has enabled business models to evolve Customer Suppliers where changing business drivers create both opportunity and risk Environmental Consumer Enterprise Service Providers 42% of organisations view themselves as a leader in information security strategy and execution 8% of organisations rank as real leaders. JV/ Partners research launched this week shows costs of breaches for large organisations can total 750,000+. Technology 2

Cyber Threats: from attacks of opportunity to attacks of objective teams around the globe are regularly called upon to provide insight into or help investigate attacks across the following categories of threats. Increasingly, our research and investigations show a degree of overlap by some threat actors across these categories. Motivators Threat Focus Impact Nation states Global competition National security Economic/industrial espionage Highly targeted, long term cyber campaigns with strategic focus on specific data assets Loss of R&D / sensitive intellectual capital Disruption to infrastructure Cyber criminals Illicit profit Fraud Data breaches with a focus on monetisable assets Identity theft Monetary loss Intellectual property loss Loss of trust and privacy Cyber terrorists Ideological Political / retaliatory Malicious havoc Financial and government systems Large or high profile companies Destabilise, disrupt and destroy cyber assets of corporations and enemy nations Hacktivists Political cause rather than personal gain Deniability for states Targeted organisations that stand in the way of their cause Disruption of operations Destabilisation Embarrassment 3

Cyber Threats: Nation States What information have we seen targeted by APT actors? Telco supply chain & hardware / software choices Legal and professional services firms are targeted for M&A data. Drug manufacturing processes. Chemical prototype blueprints. Pricing/contractual documents. Technology blueprints, R&D plans & progress, marketing strategy, supply chain and customer base data Geological maps, survey results & reservoir info. Emails of executives and M&A / divestiture specialists. Trading algorithms, system source code. Customer data, investment strategies Land contracts, crop output data 4

Cyber Threats: Nation States Targeted attack lifecycle overview Advanced cyber intrusions typically follow a series of phases in order to successfully achieve a specific objective. These phases are known as the cyber kill chain. attacker success Degree of 1 Reconnaissance 2 Weaponisation 3 Delivery 4 Exploitation 5 Installation 6 Command & control 7 Data exfiltration Understanding your supply chain, conference attendance etc and developing a believable approach vector to be used later Turning the believable approach, such as a PDF overview of the IAPP Data Protection Intensive, into a malicious payload Deployment of a strategy to get the malicious file into the hands of people likely to open it, via email, USB thumb drives & links. As soon as the file is opened, bugs in software programs are exploited in order to execute the malicious payload The digital equivalent of copying keys now that the attacker is in, they firmly entrench themselves within the IT network With computers now under their control, the attackers begin their hunt for target data They gather relevant information, compress and encrypt it and extract it from the network by making it appear as legitimate traffic 5

Cyber Threats: Cyber criminals St. Petersburg At the time of writing, has worked on at least four large breach incidents, and have knowledge of several more, involving a prolific cybercrime group who focus on network intrusions at card processors, resulting in high value cash out frauds. 2008?? 2011 2012 2012 2013 $9.4m $13m $20m $2m $39m 7m card details compromised 6

Cyber Threats: Hacktivism / Terrorism 7

Cyber Threats: The aftershocks What did they do on our systems? How did they get in and what did they exploit? Who s behind it and what do they want? Are they still on our systems? What data did they get? How do we get rid of them? How do we stop them next time? 8

Cyber Threats: Operating in an Assumed State of Compromise Organisations are adjusting their security posture to anticipate that a security breach/compromise has taken place or will occur. This drives a different perspective on where time and effort is invested. Traditional Security Lifecycle Prevent Correct / Enhance Respond / Remediate State of Compromise Security Management Cyber Incident & Crisis Management Detect Cyber Evolution: A holistic approach Discover Increased volume, complexity and detection difficulty of attacks and the associated impact is driving enterprises to adopt a new approach to security. Triage / Contain 9

Cyber Threats: directing investment to the things that matter Traditional Security Lifecycle Prevent Correct / Enhance Respond / Remediate State of Compromise Security Management Cyber Incident & Crisis Management Detect Detect / Discover Triage / Contain Incremental capabilities needed for resilient Cyber Security: Organization & Governance Information Risk led approach; effective governance and accountability to appropriately reflect cyber security importance to the business. Information asset centric security Clear view of what data exists and what is important. Information governance policy and program Threat Intelligence Detection / Monitoring Security behaviors and culture Capability to understand and adapt security posture to emerging threats Predictive monitoring / analytics bringing together multiple data sources. People behave differently through clear understanding of what matters Full visibility enterprise-wide Security in the business ecosystem Third party and supplier security management, including data in the cloud Incident response & crisis mgmnt Integrated capability to respond to incidents (crisis management together with technical response and forensic capability) Preventative controls and IT Hygiene 10

Kris McConkey Director, Cyber Security +44 (0)207 804 2471 kris.mcconkey@uk.pwc.com The Global Network Our global network comprises more than 3,000 cyber investigative, security, and risk services professionals. This publication has been prepared for general guidance on matters of interest only, and does not constitute professional advice. You should not act upon the information contained in this publication without obtaining specific professional advice. No representation or warranty (express or implied) is given as to the accuracy or completeness of the information contained in this publication, and, to the extent permitted by law, PricewaterhouseCoopers LLP, its members, employees and agents do not accept or assume any liability, responsibility or duty of care for any consequences of you or anyone else acting, or refraining to act, in reliance on the information contained in this publication or for any decision based on it. 2013 PricewaterhouseCoopers LLP. All rights reserved. In this document, refers to PricewaterhouseCoopers LLP (a limited liability partnership in the United Kingdom) which is a member firm of PricewaterhouseCoopers International Limited, each member firm of which is a separate legal entity. 11

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback