Diese Präsentation wurde erfolgreich gemeldet.
Wir verwenden Ihre LinkedIn Profilangaben und Informationen zu Ihren Aktivitäten, um Anzeigen zu personalisieren und Ihnen relevantere Inhalte anzuzeigen. Sie können Ihre Anzeigeneinstellungen jederzeit ändern.

The benefits of police and industry investigation - NPCC Conference

1.311 Aufrufe

Veröffentlicht am

Keynote presentation delivered at an NPCC internal conference
Jan 2020

Veröffentlicht in: Technologie
  • Did you try ⇒ www.WritePaper.info ⇐?. They know how to do an amazing essay, research papers or dissertations.
       Antworten 
    Sind Sie sicher, dass Sie …  Ja  Nein
    Ihre Nachricht erscheint hier

The benefits of police and industry investigation - NPCC Conference

  1. 1. @DinisCruz The benefits of Police and Industry Investigation Jan 2020, Dinis Cruz Keynote , Conference
  2. 2. @DinisCruz Who am I?
  3. 3. @DinisCruz Collaborated with Workshop for Sussex Police
  4. 4. @DinisCruz Mapping the landscape
  5. 5. @DinisCruz security Security team Incident Response MVP (Minimum Viable Prototypes) Genesis Custom Built Product Commodity invisiblevisible The Landscape
  6. 6. @DinisCruz Comms Cloud Services Security Automation Data Science Automating processes Innovation Not integrated Main areas
  7. 7. @DinisCruz Buy or Outsource Build Build Relationships Build vs Buy Share and Collaborate
  8. 8. @DinisCruz security Security team Incident Response MVP (Minimum Viable Prototypes) Genesis Custom Built Product Commodity invisiblevisible What we need Create products Commoditized solutions
  9. 9. @DinisCruz Case Study: Modern Security toolkit
  10. 10. @DinisCruz The reality in Jan/2020
  11. 11. @DinisCruz If the organization Has an history of attacks or major security incidents
  12. 12. @DinisCruz There is budget, focus and accountability
  13. 13. @DinisCruz If the organization Does not have An history of attacks or major security incidents
  14. 14. @DinisCruz It is a ‘Best Effort’ and Marketing exercise
  15. 15. @DinisCruz What scales
  16. 16. @DinisCruz Disrupt the Attacker’s Business Model
  17. 17. @DinisCruz * created by Ashraf Aboukass
  18. 18. @DinisCruz * created by Ashraf Aboukass
  19. 19. @DinisCruz * created by Ashraf Aboukass
  20. 20. @DinisCruz Automation
  21. 21. @DinisCruz Case study: Modern Security Incident Response Playbooks
  22. 22. @DinisCruz Capture data into graph
  23. 23. @DinisCruz Create feedback loops
  24. 24. @DinisCruz Create issue and confirm activity with user
  25. 25. @DinisCruz Close issue (depending on response and rules)
  26. 26. @DinisCruz Thinking in Graphs
  27. 27. @DinisCruz
  28. 28. @DinisCruz You need to think in Graphs
  29. 29. @DinisCruz You need an Graph Database
  30. 30. @DinisCruz You can’t Outsource this
  31. 31. @DinisCruz Creating Graphs is a key capability you need to have in-house
  32. 32. @DinisCruz You need Developers and Data Scientists In your Teams
  33. 33. @DinisCruz APIs
  34. 34. @DinisCruz You need to think in APIs
  35. 35. @DinisCruz This is how Amazon did it Memo from 2002
  36. 36. @DinisCruz Push Model (broadcast only) No APIs Where are the Police and NPCC APIs?
  37. 37. @DinisCruz NPCC needs to be where the action is
  38. 38. @DinisCruz It’s APIs Everywhere
  39. 39. @DinisCruz Embrace Data Science
  40. 40. @DinisCruz Great Examples
  41. 41. @DinisCruz Content and Code Licensing
  42. 42. @DinisCruz Collaborate internally, externally
  43. 43. @DinisCruz Case Study: Glasswall is sharing how it works
  44. 44. @DinisCruz Case study: Glasswall Engineering Blog
  45. 45. @DinisCruz Case study: Glasswall Security Policies
  46. 46. @DinisCruz Transparency is the new security
  47. 47. @DinisCruz You can do it
  48. 48. @DinisCruz Remove duplication
  49. 49. @DinisCruz You already have all resources you need
  50. 50. @DinisCruz Leverage best in class
  51. 51. @DinisCruz Use Pioneers, Settlers and Town Planners
  52. 52. @DinisCruz Content Disarm & Reconstruction (CDR)
  53. 53. @DinisCruz
  54. 54. @DinisCruz Case Study: Glasswall Threat Intelligence
  55. 55. @DinisCruz How do we Give you our Threat Intelligence?
  56. 56. @DinisCruz How do we Consume your Threat Intelligence?
  57. 57. @DinisCruz We need joint playbooks and collaboration touchpoints
  58. 58. @DinisCruz Wardley Maps
  59. 59. @DinisCruz Created by this gentleman See his presentations!!! Read his book
  60. 60. @DinisCruz https://www.youtube.com/watch?v=ZB-4ynJPDIA Mapping Policing in the UK with Tim Ebenezer
  61. 61. @DinisCruz Great GCHQ publication on technology change
  62. 62. @DinisCruz See also (in slideshare) https://www.slideshare.net/DinisCruz/using-w ardley-maps-to-understand-securitys-landsca pe-and-strategy-191404053 https://www.slideshare.net/DinisCruz/modern -security-using-graphs-automation-and-data- science
  63. 63. @DinisCruz Wrapping up
  64. 64. @DinisCruz You need To engage with Industry BEFORE incidents
  65. 65. @DinisCruz You need To have modern development workflows
  66. 66. @DinisCruz You need To add value to the Top and Bottom line of business
  67. 67. @DinisCruz You need To proactively defend the Customer/Public
  68. 68. @DinisCruz You need To work with companies that want to engage with you
  69. 69. @DinisCruz You need to Productise and commoditize your services and mission
  70. 70. @DinisCruz Thanks

×