SlideShare ist ein Scribd-Unternehmen logo

Cybersecurity concepts & Defense best practises

‱
‱
WAJAHAT IQBAL
WAJAHAT IQBAL

This presentation is an attempt to present the complex Subject of Cybersecurity in a concise format with main focus to present the core of Cybersecurity and best practises and standards to protect an enterprise Network.Comments of readers welcomed.Thank You (Wajahat Iqbal) Email: Wajahat_Iqbal@yahoo.com

Internet
1 von 45
Downloaden Sie, um offline zu lesen
Cybersecurity Concept & Defense best practices Presented by Wajahat Iqbal B.E(Computer Science),ISO 27001 LI,ISO 22301 LI
Cybersecurity Concept & Framework
Definition Cybersecurity Domain is a collection of best practices,Technologies,Frameworks & Standards to protect an enterprise,organization ,Govt entities,Military establishment,Individual user from global cyber threats(Theft Identity,Cybertheft,Cyber- ransom,Infrastructure damage) resulting in either Financial,Economical,Copyright Information,Personal identity,Infrastructure loss. 3
Major Cybersecurity standards  NIST Cybersecurity Framework (De-facto standard)  ISO 27001 (Information Security Management Framework)  ISACA COBIT5  NIST SP800-53  NIST SP800-30  ISA 62443  ISO 27005 The Cybersecurity standards were first adopted in the Seoul (South Korea) Conference on Global Cybersecurity in 2013 4
Cybersecurity holistic view  Manage physical access to IT Infrastructure  Manage sensitive documents and output Devices  Monitor the Infrastructure for security related Events  Protect against Malware (*** Most challenging )  Manage Network and Connectivity security  Manage User Identity and logical access  Protect critical and vital Infrastructure (Banks,Vital Industrial installations,IT,Nuclear power,Dams,Defense) 5
Cybersecurity Lifecycle The Cybersecurity Lifecycle can be described aptly by the below (Figure-1) which decomposes the various stages . 6 (1) Identify Business outcomes (2)Understand Vulnerabilities Threats (3)Create current profile (4)Conduct Risk assessments (5)Apply Controls (6)Create Target profile (7)Determine/ prioritize gaps (8)Implement plan (9)Report to stakeholders (10)Continuous monitoring Cyber security Lifecycle
Risk actions 7 Risk Actions: The most generally accepted Actions on Risk Management Cycle are: (1) Risk Acceptance (2) Risk Transfer (3) Risk Avoidance (4) Risk Mitigation – Most practised action Depending on Risk Appetite/Risk Tolerance threshold of an Organisation These are drawn from the ISO 27001 Standard for ISMS which is the most widely used and accepted standard on IT Security involving Risk Management processes
HACKERS & ATTACKS
Threat to Cyberdefense 9 The damage caused by threats to Cyberdefense can be characterized by loss of “Confidentiality, Integrity or availability (CIA)”, the basic model of Data Security as practiced in ISO27001/27002 and other globally accepted standards
Hackers profile The different type of Hackers are:  Individual Hacker  State Sponsored (With Political & Military Agenda)  Cyber Criminals (Organised Mafia) 10
Hacker Kill Chain The USA Aeronautics Major Lockheed Martin – Kill Chain methodology describes seven steps from reconnaissance through actions on the objectives and recommends defenses be designed to align with each of the seven steps in the process below: 11
Summary of Kill Chain  Reconnaissance:  Finding the Host,Internet Website,Domain  Do IP Address Scan of the Business Domain  Do Port Scan of the Active hosts  Automated scanning by Botnets (Compromised Systems)  Locate Network Topology and identify potential access control Devices 12
Summary of Kill Chain(Cont’d)  Weaponization:  Identify the Vulnerability  Initiate the Attack  Coupling a remote access Trojan(RAT) with an Exploit into a deliverable payload,typically by means of an automated tool (The commonly used weaponizer are Adobe PDF and Microsoft Office documents)  Delivery:  Transmission of Weapon to the targeted environment  Three most prevalent delivery vectors for weaponzied payloads are – Emails,Compromised Web Sites & USB removal media 13
Summary of Kill Chain (Cont’d)  Exploitation:  Email,Website &USB explore a Vulnerability on launch and Hacket gets remote access to admin Shell  Exploitation targets Operating System or Application vulnerability  Installation:  Install Malware(Malicious Code) into Memory,Disk or Operating System Kernel,modify windows registry,modify Unix Kernel  Allow installation of remote access Trojan or backdoor on the victim system 14
Summary of Kill Chain (Cont’d)  Command & Control (C2):  Compromised system/hosts beacon back to the Master Controller to establish C2 Channel  Hacker gains complete control of the compromised system  Intruders have “hands on the keyboard” access to the targeted environment  Action:  This Activity is data exfiltration that involves collecting,encrypting and extraction information (e,g Deface Website,Steal Credit Card Information,Steal Copyright Information,Steal IE passwords,Modify Banking websites,Steal medical records) etc 15
BOTNET Attack(Automated) These days professional Hackers,Malware developers,Cyber Criminals work in tandem to develop automated Tools to initiate a Cyber Attack against the intended victim/host.The mechanism is to install remote access Trojan(RAT) on compromised system(BOTNETS) which could number in thousands and then initiate the attack in phases as shown in Figure- 2 (next page) Key Components of a BOTNET Attack:  BOTNET Construction Kit  Command & Control Capability  Remote Access Trojan(RAT)  Custom developed Malware(Malicious Code) for the intended Victim/Host (Example BOTNET Attacks - ZEUS,CITADEL,GO ZEUS) 16
BOTNET Attack(Automated) These 17
Type of Cyber Attacks 18
Famous hack attacks 19
MALWARE
Malware:Types & Protection 21
SOC - CYBERSECURITY ARCHITECTURE
SOC Components Lately SOC has become an integral part of any Organisation to protect itself from Cyber attacks and detect/correct/recover from a Cyber Incident in the quickest span of time without further damage to its reputation. The critical components of a SOC are:  IDS/IPS Infrastructure  Firewall Infrastructure  SIEM (Security Information and Event Monitoring System)  Logging and Alerting mechanism  Security Incident Processes  Forensics capability  User Training & Retention  Managing Evidence 23
SOC Individual Process Layers 24
Cybersecurity Architecture 25 ‱ Network Security ‱ Identity,Authentication and Access Management ‱ Data Protection and Cryptography ‱ Monitoring Vulnerability & Patch Management ‱ High Availablity,Disaster Recovery & Physical protection ‱ Asset Management & Supply Chain ‱ Policy,Audit,E-Discover & Training ‱ Systems Adminstration ‱ Application Security ‱ Endpoint,Server & Device Security Cybersecurity Architecture The Cyber Architecture consists of the following components:
Defense in Depth(DOD) This is the most common practice employed by Organisation to create and implement a multilayered approach to Cybersecurity.It is described by the following process (Figure-3) and can be implemented at various layers of the Network Infrastructure 26 .
9 Basic steps of Cybersecurity These are the guidelines to follow while drawing up a comprehensive Cybersecurity program in an Organisation  #1 : Explore the Legislation and other requirements  #2: Define the Business benefits and get top Management support (Very Important)  #3: Setting the Cybersecurity requirements  #4: Choosing the framework for Cybersecurity Implementation  #5:Organizing the Implementation(Setting up Teams,PM Resources,Project Charter,Budget etc)  #6: Risk Assessment & Mitigation (Applying Controls)  #7: Implementation of Controls  #8: Training & Awareness  #9: Continuous Monitoring and Checks and Reporting to Senior Management (C Level Executives) 27
Cybersecurity operational processes To maintain an effective Cybersecurity posture,the CISO should maintain a number of enterprise operational processes to include the following:  Policies and Policies Exception Management  Project and Change Security Reviews  Risk Management  Control Management  Auditing and Deficiency Tracking  Asset Inventory and audit  Change Control  Configuration Management Database Re-Certification  Supplier reviews and Risk assessments 28
Cybersecurity operational processes  CyberIntrusion Response  All-Hazards Emergency preparedness Exercises  Vulnerability Scanning,Tracking & Management  Patch Management & Deployment  Security Monitoring  Password and Key Management  Account and Access periodic Re-Certification  Privileged Account activity Audit 29
SANS TOP 20 CRITICAL SECURITY CONTROLS
SANS top 20 Controls These are widely established critical controls to maintain a healthy Network security posture 31
INCIDENT PROCESS & MANAGEMENT
Incident Process & Management 33
NETWORK PERIMETER SECURITY (BEST PRACTISES)
Network perimeter best security practises  Restrict use of administrative utilities(e,g Microsoft Management Console)  Use secure File permission system i.e NTFS & UFS File System  Manage Users properly especially the Admin Accounts on Unix & Windows machines  Perform Effective Group Management for – Admin,Print,Power,Server operator & Normal Users in Windows 2000 O.S  Enforce strong password policy,password aging for Users  Enable Windows O.S and Unix O.S logging facility  Eliminate unnecessary Accounts (especially the Employee’s who have left the Organisation)  Disable Resource sharing service and remove hidden administrative shares – C$,ADMIN$,WIN NT$ in older version of Windows O.S  Disable unneeded Service in Unix – Telnet,Finger ,tftp,NTP(Network Time protocol)  Applications should use the latest Security patches in Production Environment 35
Network perimeter best security practises  Enforce using NAT(Network Address Translation) & PAT(Port Address Translation) in internal Network (Firewalls & Routers)  Enable DNS Spoofing,DOS Attacks (Smurf & Direct Broadcast Attacks) mitigation policies on Gateway Routers via ACL and Cisco IOS  Enforce Best Industry practice of secure Application Coding to mitigate “Buffer Overflow” Vulnerability in the Memory  Enforce strong password policy,password aging,lockout policy for Application Databases (Oracle,Sybase)  Install latest O.S and Application patches as soon they are available from Vendors  Install latest Security patches for Browsers,Flash Players,Microsoft Applications  Update the Anti-Virus & IDS/IPS /HIDS Signatures on frequent basis  Update the Business Continuity/DR Plan and keep latest backup of all critical Servers 36
Network perimeter best security practises  Update and Install latest Security patches for Application Gateways(Proxies),Web Filltering Devices,Firewalls  Check the Logs daily on Firewalls,IPS/IDS,HIDS for any Security Incident triggered by any malicious Activity  Implement Industry Best practices to secure the Network (NIST Guidelines,SANS 20 Critical Security Controls,NSA Guidelines etc)  Place the Mission Critical Web Servers (User Interface) on a Screened Subnet,DMZ and the backend Application Server & Oracle Database Server in the internal Network  Change the Default Password of SNMP Community string on Network Devices 37
NETWORK PERIMETER SECURITY (CASE STUDY)
CASE STUDY – Cyber attack secure design 39
CASE STUDY – Cyber attack secure design Design Features:  Border Router:A Gateway Router connects the network to the Internet and provides basic Filtering through ACL(Access Control Lists) on Ingress & Egress Interfaces  Just behind the Gateway Router is Stateful Inspection Firewall that enforces the majority of access control of the network  Public services and private services have been separated by putting them on different network segments (DMZ,Corporate & Screened Subnet)  Split DNS is being used on public DNS Server and it provides Name resolution for public services only  Intrusion Detection Systems(IDS) are located on the public,private,network perimeter end points to watch for unusual activity  The Front end Application Web server is on the Screened Subnet and the backed Oracle DB Server is behind the Internal Firewall 40
CASE STUDY – Cyber attack secure design  Host based IDS(HIDS) complement the Network by adding additional layer of security and are placed on the individual mission critical servers(Anti-Virus,Email Proxy,Web Proxy,Internal Email Server,Oracle DB Server) to monitor the systems network activity,log files,Files Systems Integrity and User actions.A host based IDS will also detect and generate an alarm when it detects escalation of privileges for a Guest user to Admin Account  Host based IDS can help detect attacks that network IDS evasion techniques  Host based IDS is also useful for correlating attacks picked up by Network sensors  All security log entries are sent to the SIEM(Security Information and Event Monitoring System) for Data Analysis and Forensics.The SIEM generates an Alert when suspicious activity is detected  For the Remote Office users all their Laptops are installed with Personal Firewalls to mitigate/detect Hacker entry through backdoor channels 41
CASE STUDY – Cyber attack secure design  All configuration of security devices is performed from the management console  Additionally one can install TACACS,RADIUS Servers to monitor Users access on the Gateway Router and other mission critical Servers The sample Rule base configured for the above Network Design on the Stateful Inspection Firewall can be as follows (Illustrative purpose only): Next page 42
CASE STUDY – Cyber attack secure design 43
CONCLUSION Conclusion Note: The process to securing and making a perfect “Digital World” is a ongoing continuous Journey ,and with ever changing Modus operandi of the Hackers and the Cyber Criminals globally,we always have to be one step forward in the race to protect our Digital Assets,Intellectual property,Identity,Infrastructure. Thank You (Wajahat Iqbal) 44
Disclaimer Note: This is Copyright Material © of Wajahat Iqbal (2016) and the Information shown is collected from Internet repositories and any typo, error, omission is regretted on behalf of Author.The Author does not hold any responsibility or liability for the incorrectness of the Information shared.This technical presentation can be shared/Printed/Distributed keeping in view that Credit is given rightly to the Author. Contact E-Mail: Wajahat_Iqbal@Yahoo.com LinkedIn: http://www.linkedin.com/in/wiqbal 45

Empfohlen

Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]David Sweigert
 
CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...
CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...
CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...PECB
 
Introduction to Cyber Security
Introduction to Cyber SecurityIntroduction to Cyber Security
Introduction to Cyber SecurityStephen Lahanas
 
7 Steps to Build a SOC with Limited Resources
7 Steps to Build a SOC with Limited Resources7 Steps to Build a SOC with Limited Resources
7 Steps to Build a SOC with Limited ResourcesLogRhythm
 
Cyber security fundamentals
Cyber security fundamentalsCyber security fundamentals
Cyber security fundamentalsCloudflare
 
Enterprise Security Architecture for Cyber Security
Enterprise Security Architecture for Cyber SecurityEnterprise Security Architecture for Cyber Security
Enterprise Security Architecture for Cyber SecurityThe Open Group SA
 
Social Engineering - Human aspects of industrial and economic espionage
Social Engineering - Human aspects of industrial and economic espionageSocial Engineering - Human aspects of industrial and economic espionage
Social Engineering - Human aspects of industrial and economic espionageMarin Ivezic
 
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Edureka!
 

Empfohlen

Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]David Sweigert
 
CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...
CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...
CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...PECB
 
Introduction to Cyber Security
Introduction to Cyber SecurityIntroduction to Cyber Security
Introduction to Cyber SecurityStephen Lahanas
 
7 Steps to Build a SOC with Limited Resources
7 Steps to Build a SOC with Limited Resources7 Steps to Build a SOC with Limited Resources
7 Steps to Build a SOC with Limited ResourcesLogRhythm
 
Cyber security fundamentals
Cyber security fundamentalsCyber security fundamentals
Cyber security fundamentalsCloudflare
 
Enterprise Security Architecture for Cyber Security
Enterprise Security Architecture for Cyber SecurityEnterprise Security Architecture for Cyber Security
Enterprise Security Architecture for Cyber SecurityThe Open Group SA
 
Social Engineering - Human aspects of industrial and economic espionage
Social Engineering - Human aspects of industrial and economic espionageSocial Engineering - Human aspects of industrial and economic espionage
Social Engineering - Human aspects of industrial and economic espionageMarin Ivezic
 
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Edureka!
 
Cyber Security Seminar.pptx
Cyber Security Seminar.pptxCyber Security Seminar.pptx
Cyber Security Seminar.pptxDESTROYER39
 
To Build Or Not To Build: Can SOC-aaS Bridge Your Security Skills Gap?
To Build Or Not To Build: Can SOC-aaS Bridge Your Security Skills Gap?To Build Or Not To Build: Can SOC-aaS Bridge Your Security Skills Gap?
To Build Or Not To Build: Can SOC-aaS Bridge Your Security Skills Gap?NetEnrich, Inc.
 
Cyber kill chain
Cyber kill chainCyber kill chain
Cyber kill chainAnkita Ganguly
 
Cybersecurity
CybersecurityCybersecurity
CybersecurityANGIEPAEZ304
 
Cybersecurity Interview Questions and Answers | CyberSecurity Interview Tips ...
Cybersecurity Interview Questions and Answers | CyberSecurity Interview Tips ...Cybersecurity Interview Questions and Answers | CyberSecurity Interview Tips ...
Cybersecurity Interview Questions and Answers | CyberSecurity Interview Tips ...Edureka!
 
Cybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationCybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationTriCorps Technologies
 
CyberSecurity
CyberSecurityCyberSecurity
CyberSecuritydivyanshigarg4
 
Application Security - Your Success Depends on it
Application Security - Your Success Depends on itApplication Security - Your Success Depends on it
Application Security - Your Success Depends on itWSO2
 
Security Operations Center (SOC) Essentials for the SME
Security Operations Center (SOC) Essentials for the SMESecurity Operations Center (SOC) Essentials for the SME
Security Operations Center (SOC) Essentials for the SMEAlienVault
 
What is ATT&CK coverage, anyway? Breadth and depth analysis with Atomic Red Team
What is ATT&CK coverage, anyway? Breadth and depth analysis with Atomic Red TeamWhat is ATT&CK coverage, anyway? Breadth and depth analysis with Atomic Red Team
What is ATT&CK coverage, anyway? Breadth and depth analysis with Atomic Red TeamMITRE ATT&CK
 
Cyber Security Governance
Cyber Security GovernanceCyber Security Governance
Cyber Security GovernancePriyanka Aash
 
Introduction to Cybersecurity Fundamentals
Introduction to Cybersecurity FundamentalsIntroduction to Cybersecurity Fundamentals
Introduction to Cybersecurity FundamentalsToño Herrera
 
Introduction to cyber security amos
Introduction to cyber security amosIntroduction to cyber security amos
Introduction to cyber security amosAmos Oyoo
 
Cyber threat intelligence ppt
Cyber threat intelligence pptCyber threat intelligence ppt
Cyber threat intelligence pptKumar Gaurav
 
Information Security Career Day Presentation
Information Security Career Day PresentationInformation Security Career Day Presentation
Information Security Career Day Presentationdjglass
 
Security architecture
Security architectureSecurity architecture
Security architectureDuncan Unwin
 
Cyber Security PPT - 2023.pptx
Cyber Security PPT - 2023.pptxCyber Security PPT - 2023.pptx
Cyber Security PPT - 2023.pptxChandanChandu928137
 
Cybersecurity Incident Management Powerpoint Presentation Slides
Cybersecurity Incident Management Powerpoint Presentation SlidesCybersecurity Incident Management Powerpoint Presentation Slides
Cybersecurity Incident Management Powerpoint Presentation SlidesSlideTeam
 
Cyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionalsCyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionalsKrishna Srikanth Manda
 
Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025Radar Cyber Security
 
Cyber Security Professionals Viewed via Supply Chain
Cyber Security Professionals Viewed via Supply ChainCyber Security Professionals Viewed via Supply Chain
Cyber Security Professionals Viewed via Supply Chainaletarw
 
Clearance barriers to Cyber Security Profession
Clearance barriers to Cyber Security ProfessionClearance barriers to Cyber Security Profession
Clearance barriers to Cyber Security Professionaletarw
 

Weitere Àhnliche Inhalte

Was ist angesagt?

Cyber Security Seminar.pptx
Cyber Security Seminar.pptxCyber Security Seminar.pptx
Cyber Security Seminar.pptxDESTROYER39
 
To Build Or Not To Build: Can SOC-aaS Bridge Your Security Skills Gap?
To Build Or Not To Build: Can SOC-aaS Bridge Your Security Skills Gap?To Build Or Not To Build: Can SOC-aaS Bridge Your Security Skills Gap?
To Build Or Not To Build: Can SOC-aaS Bridge Your Security Skills Gap?NetEnrich, Inc.
 
Cyber kill chain
Cyber kill chainCyber kill chain
Cyber kill chainAnkita Ganguly
 
Cybersecurity
CybersecurityCybersecurity
CybersecurityANGIEPAEZ304
 
Cybersecurity Interview Questions and Answers | CyberSecurity Interview Tips ...
Cybersecurity Interview Questions and Answers | CyberSecurity Interview Tips ...Cybersecurity Interview Questions and Answers | CyberSecurity Interview Tips ...
Cybersecurity Interview Questions and Answers | CyberSecurity Interview Tips ...Edureka!
 
Cybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationCybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationTriCorps Technologies
 
Application Security - Your Success Depends on it
Application Security - Your Success Depends on itApplication Security - Your Success Depends on it
Application Security - Your Success Depends on itWSO2
 
Security Operations Center (SOC) Essentials for the SME
Security Operations Center (SOC) Essentials for the SMESecurity Operations Center (SOC) Essentials for the SME
Security Operations Center (SOC) Essentials for the SMEAlienVault
 
What is ATT&CK coverage, anyway? Breadth and depth analysis with Atomic Red Team
What is ATT&CK coverage, anyway? Breadth and depth analysis with Atomic Red TeamWhat is ATT&CK coverage, anyway? Breadth and depth analysis with Atomic Red Team
What is ATT&CK coverage, anyway? Breadth and depth analysis with Atomic Red TeamMITRE ATT&CK
 
Cyber Security Governance
Cyber Security GovernanceCyber Security Governance
Cyber Security GovernancePriyanka Aash
 
Introduction to Cybersecurity Fundamentals
Introduction to Cybersecurity FundamentalsIntroduction to Cybersecurity Fundamentals
Introduction to Cybersecurity FundamentalsToño Herrera
 
Introduction to cyber security amos
Introduction to cyber security amosIntroduction to cyber security amos
Introduction to cyber security amosAmos Oyoo
 
Cyber threat intelligence ppt
Cyber threat intelligence pptCyber threat intelligence ppt
Cyber threat intelligence pptKumar Gaurav
 
Information Security Career Day Presentation
Information Security Career Day PresentationInformation Security Career Day Presentation
Information Security Career Day Presentationdjglass
 
Security architecture
Security architectureSecurity architecture
Security architectureDuncan Unwin
 
Cyber Security PPT - 2023.pptx
Cyber Security PPT - 2023.pptxCyber Security PPT - 2023.pptx
Cyber Security PPT - 2023.pptxChandanChandu928137
 
Cybersecurity Incident Management Powerpoint Presentation Slides
Cybersecurity Incident Management Powerpoint Presentation SlidesCybersecurity Incident Management Powerpoint Presentation Slides
Cybersecurity Incident Management Powerpoint Presentation SlidesSlideTeam
 
Cyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionalsCyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionalsKrishna Srikanth Manda
 
Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025Radar Cyber Security
 

Was ist angesagt? (20)

Cyber Security Seminar.pptx
Cyber Security Seminar.pptxCyber Security Seminar.pptx
Cyber Security Seminar.pptx
 
To Build Or Not To Build: Can SOC-aaS Bridge Your Security Skills Gap?
To Build Or Not To Build: Can SOC-aaS Bridge Your Security Skills Gap?To Build Or Not To Build: Can SOC-aaS Bridge Your Security Skills Gap?
To Build Or Not To Build: Can SOC-aaS Bridge Your Security Skills Gap?
 
Cyber kill chain
Cyber kill chainCyber kill chain
Cyber kill chain
 
Cybersecurity
CybersecurityCybersecurity
Cybersecurity
 
Cybersecurity Interview Questions and Answers | CyberSecurity Interview Tips ...
Cybersecurity Interview Questions and Answers | CyberSecurity Interview Tips ...Cybersecurity Interview Questions and Answers | CyberSecurity Interview Tips ...
Cybersecurity Interview Questions and Answers | CyberSecurity Interview Tips ...
 
Cybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationCybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your Organization
 
CyberSecurity
CyberSecurityCyberSecurity
CyberSecurity
 
Application Security - Your Success Depends on it
Application Security - Your Success Depends on itApplication Security - Your Success Depends on it
Application Security - Your Success Depends on it
 
Security Operations Center (SOC) Essentials for the SME
Security Operations Center (SOC) Essentials for the SMESecurity Operations Center (SOC) Essentials for the SME
Security Operations Center (SOC) Essentials for the SME
 
What is ATT&CK coverage, anyway? Breadth and depth analysis with Atomic Red Team
What is ATT&CK coverage, anyway? Breadth and depth analysis with Atomic Red TeamWhat is ATT&CK coverage, anyway? Breadth and depth analysis with Atomic Red Team
What is ATT&CK coverage, anyway? Breadth and depth analysis with Atomic Red Team
 
Cyber Security Governance
Cyber Security GovernanceCyber Security Governance
Cyber Security Governance
 
Introduction to Cybersecurity Fundamentals
Introduction to Cybersecurity FundamentalsIntroduction to Cybersecurity Fundamentals
Introduction to Cybersecurity Fundamentals
 
Introduction to cyber security amos
Introduction to cyber security amosIntroduction to cyber security amos
Introduction to cyber security amos
 
Cyber threat intelligence ppt
Cyber threat intelligence pptCyber threat intelligence ppt
Cyber threat intelligence ppt
 
Information Security Career Day Presentation
Information Security Career Day PresentationInformation Security Career Day Presentation
Information Security Career Day Presentation
 
Security architecture
Security architectureSecurity architecture
Security architecture
 
Cyber Security PPT - 2023.pptx
Cyber Security PPT - 2023.pptxCyber Security PPT - 2023.pptx
Cyber Security PPT - 2023.pptx
 
Cybersecurity Incident Management Powerpoint Presentation Slides
Cybersecurity Incident Management Powerpoint Presentation SlidesCybersecurity Incident Management Powerpoint Presentation Slides
Cybersecurity Incident Management Powerpoint Presentation Slides
 
Cyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionalsCyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionals
 
Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025
 

Andere mochten auch

Cyber Security Professionals Viewed via Supply Chain
Cyber Security Professionals Viewed via Supply ChainCyber Security Professionals Viewed via Supply Chain
Cyber Security Professionals Viewed via Supply Chainaletarw
 
Clearance barriers to Cyber Security Profession
Clearance barriers to Cyber Security ProfessionClearance barriers to Cyber Security Profession
Clearance barriers to Cyber Security Professionaletarw
 
Cyber Hacking & Security - IEEE - Univ of Houston 2015-04
Cyber Hacking & Security - IEEE - Univ of Houston 2015-04Cyber Hacking & Security - IEEE - Univ of Houston 2015-04
Cyber Hacking & Security - IEEE - Univ of Houston 2015-04Kyle Lai
 
How Security can be stronger than a Firewall: 13 different ways breaking thro...
How Security can be stronger than a Firewall: 13 different ways breaking thro...How Security can be stronger than a Firewall: 13 different ways breaking thro...
How Security can be stronger than a Firewall: 13 different ways breaking thro...Community Protection Forum
 
International Nuclear and Radiological Event Scale (INES) - 12 April 2011
International Nuclear and Radiological Event Scale (INES) - 12 April 2011International Nuclear and Radiological Event Scale (INES) - 12 April 2011
International Nuclear and Radiological Event Scale (INES) - 12 April 2011International Atomic Energy Agency
 
Lesson 5 Fission and Chain Reactions | The Harnessed Atom (2016)
Lesson 5 Fission and Chain Reactions | The Harnessed Atom (2016)Lesson 5 Fission and Chain Reactions | The Harnessed Atom (2016)
Lesson 5 Fission and Chain Reactions | The Harnessed Atom (2016)ORAU
 
Cyber security 22-07-29=013
Cyber security 22-07-29=013Cyber security 22-07-29=013
Cyber security 22-07-29=013Dr. Amitabha Yadav
 
NIST Cybersecurity Framework Background and Review | Jack Whitsitt
NIST Cybersecurity Framework Background and Review | Jack WhitsittNIST Cybersecurity Framework Background and Review | Jack Whitsitt
NIST Cybersecurity Framework Background and Review | Jack WhitsittJack Whitsitt
 
Countering insider threat attacks - CDE themed call launch 14 May 2013
Countering insider threat attacks - CDE themed call launch 14 May 2013Countering insider threat attacks - CDE themed call launch 14 May 2013
Countering insider threat attacks - CDE themed call launch 14 May 2013Defence and Security Accelerator
 
ObserveIT - Unintentional Insider Threat featuring Dr. Eric Cole
ObserveIT - Unintentional Insider Threat featuring Dr. Eric ColeObserveIT - Unintentional Insider Threat featuring Dr. Eric Cole
ObserveIT - Unintentional Insider Threat featuring Dr. Eric ColeObserveIT
 
Cyber Security
Cyber SecurityCyber Security
Cyber SecurityRamiro Cid
 
National Cybersecurity - Roadmap and Action Plan
National Cybersecurity - Roadmap and Action PlanNational Cybersecurity - Roadmap and Action Plan
National Cybersecurity - Roadmap and Action PlanDr David Probert
 
Cyber Crime Threat Landscape - A Focus on the Financial Industry
Cyber Crime Threat Landscape - A Focus on the Financial IndustryCyber Crime Threat Landscape - A Focus on the Financial Industry
Cyber Crime Threat Landscape - A Focus on the Financial IndustryWilliam McBorrough
 
Cyber security , an Analysis of State Security in Sri Lanka
Cyber security , an Analysis of State Security in Sri LankaCyber security , an Analysis of State Security in Sri Lanka
Cyber security , an Analysis of State Security in Sri LankaEvan Pathiratne
 
Ht seminar uniten-cyber security threat landscape
Ht seminar uniten-cyber security threat landscapeHt seminar uniten-cyber security threat landscape
Ht seminar uniten-cyber security threat landscapeHaris Tahir
 
Basic Safety Concepts in Nuclear Engineering
Basic Safety Concepts in Nuclear EngineeringBasic Safety Concepts in Nuclear Engineering
Basic Safety Concepts in Nuclear EngineeringGlobal Risk Forum GRFDavos
 
Smarter cyber security v8
Smarter cyber security v8Smarter cyber security v8
Smarter cyber security v8John Palfreyman
 
Cyber & Process Attack Scenarios for ICS
Cyber & Process Attack Scenarios for ICSCyber & Process Attack Scenarios for ICS
Cyber & Process Attack Scenarios for ICSJim Gilsinn
 

Andere mochten auch (20)

Cyber Security Professionals Viewed via Supply Chain
Cyber Security Professionals Viewed via Supply ChainCyber Security Professionals Viewed via Supply Chain
Cyber Security Professionals Viewed via Supply Chain
 
Clearance barriers to Cyber Security Profession
Clearance barriers to Cyber Security ProfessionClearance barriers to Cyber Security Profession
Clearance barriers to Cyber Security Profession
 
Cyber Hacking & Security - IEEE - Univ of Houston 2015-04
Cyber Hacking & Security - IEEE - Univ of Houston 2015-04Cyber Hacking & Security - IEEE - Univ of Houston 2015-04
Cyber Hacking & Security - IEEE - Univ of Houston 2015-04
 
Uud amandemen
Uud amandemenUud amandemen
Uud amandemen
 
How Security can be stronger than a Firewall: 13 different ways breaking thro...
How Security can be stronger than a Firewall: 13 different ways breaking thro...How Security can be stronger than a Firewall: 13 different ways breaking thro...
How Security can be stronger than a Firewall: 13 different ways breaking thro...
 
International Nuclear and Radiological Event Scale (INES) - 12 April 2011
International Nuclear and Radiological Event Scale (INES) - 12 April 2011International Nuclear and Radiological Event Scale (INES) - 12 April 2011
International Nuclear and Radiological Event Scale (INES) - 12 April 2011
 
Lesson 5 Fission and Chain Reactions | The Harnessed Atom (2016)
Lesson 5 Fission and Chain Reactions | The Harnessed Atom (2016)Lesson 5 Fission and Chain Reactions | The Harnessed Atom (2016)
Lesson 5 Fission and Chain Reactions | The Harnessed Atom (2016)
 
Cyber security 22-07-29=013
Cyber security 22-07-29=013Cyber security 22-07-29=013
Cyber security 22-07-29=013
 
NIST Cybersecurity Framework Background and Review | Jack Whitsitt
NIST Cybersecurity Framework Background and Review | Jack WhitsittNIST Cybersecurity Framework Background and Review | Jack Whitsitt
NIST Cybersecurity Framework Background and Review | Jack Whitsitt
 
Countering insider threat attacks - CDE themed call launch 14 May 2013
Countering insider threat attacks - CDE themed call launch 14 May 2013Countering insider threat attacks - CDE themed call launch 14 May 2013
Countering insider threat attacks - CDE themed call launch 14 May 2013
 
APR 1400 Presentation
APR 1400 PresentationAPR 1400 Presentation
APR 1400 Presentation
 
ObserveIT - Unintentional Insider Threat featuring Dr. Eric Cole
ObserveIT - Unintentional Insider Threat featuring Dr. Eric ColeObserveIT - Unintentional Insider Threat featuring Dr. Eric Cole
ObserveIT - Unintentional Insider Threat featuring Dr. Eric Cole
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
National Cybersecurity - Roadmap and Action Plan
National Cybersecurity - Roadmap and Action PlanNational Cybersecurity - Roadmap and Action Plan
National Cybersecurity - Roadmap and Action Plan
 
Cyber Crime Threat Landscape - A Focus on the Financial Industry
Cyber Crime Threat Landscape - A Focus on the Financial IndustryCyber Crime Threat Landscape - A Focus on the Financial Industry
Cyber Crime Threat Landscape - A Focus on the Financial Industry
 
Cyber security , an Analysis of State Security in Sri Lanka
Cyber security , an Analysis of State Security in Sri LankaCyber security , an Analysis of State Security in Sri Lanka
Cyber security , an Analysis of State Security in Sri Lanka
 
Ht seminar uniten-cyber security threat landscape
Ht seminar uniten-cyber security threat landscapeHt seminar uniten-cyber security threat landscape
Ht seminar uniten-cyber security threat landscape
 
Basic Safety Concepts in Nuclear Engineering
Basic Safety Concepts in Nuclear EngineeringBasic Safety Concepts in Nuclear Engineering
Basic Safety Concepts in Nuclear Engineering
 
Smarter cyber security v8
Smarter cyber security v8Smarter cyber security v8
Smarter cyber security v8
 
Cyber & Process Attack Scenarios for ICS
Cyber & Process Attack Scenarios for ICSCyber & Process Attack Scenarios for ICS
Cyber & Process Attack Scenarios for ICS
 

Ähnlich wie Cybersecurity concepts & Defense best practises

CYBERSECURITY - Best Practices,Concepts & Case Study (Mindmap)
CYBERSECURITY - Best Practices,Concepts & Case Study (Mindmap)CYBERSECURITY - Best Practices,Concepts & Case Study (Mindmap)
CYBERSECURITY - Best Practices,Concepts & Case Study (Mindmap)WAJAHAT IQBAL
 
Critical Infrastructure Assessment Techniques to Prevent Threats and Vulnerab...
Critical Infrastructure Assessment Techniques to Prevent Threats and Vulnerab...Critical Infrastructure Assessment Techniques to Prevent Threats and Vulnerab...
Critical Infrastructure Assessment Techniques to Prevent Threats and Vulnerab...Shakeel Ali
 
Analysis on Common Network Attacks & Vulnerability Scanners
Analysis on Common Network Attacks & Vulnerability ScannersAnalysis on Common Network Attacks & Vulnerability Scanners
Analysis on Common Network Attacks & Vulnerability ScannersPROBOTEK
 
Cyber security for business
Cyber security for businessCyber security for business
Cyber security for businessDaniel Thomas
 
Advantages And Disadvantages Of Nc
Advantages And Disadvantages Of NcAdvantages And Disadvantages Of Nc
Advantages And Disadvantages Of NcKristen Wilson
 
Best Practices in IBM i Security
Best Practices in IBM i SecurityBest Practices in IBM i Security
Best Practices in IBM i SecurityPrecisely
 
Cyber Attack Methodologies
Cyber Attack MethodologiesCyber Attack Methodologies
Cyber Attack MethodologiesGeeks Anonymes
 
CCNA 1 Routing and Switching v5.0 Chapter 11
CCNA 1 Routing and Switching v5.0 Chapter 11CCNA 1 Routing and Switching v5.0 Chapter 11
CCNA 1 Routing and Switching v5.0 Chapter 11Nil Menon
 
Risk Mitigation Plan Based On Inputs Provided
Risk Mitigation Plan Based On Inputs ProvidedRisk Mitigation Plan Based On Inputs Provided
Risk Mitigation Plan Based On Inputs ProvidedTiffany Graham
 
hashdays 2011: Felix 'FX' Lindner - Targeted Industrial Control System Attack...
hashdays 2011: Felix 'FX' Lindner - Targeted Industrial Control System Attack...hashdays 2011: Felix 'FX' Lindner - Targeted Industrial Control System Attack...
hashdays 2011: Felix 'FX' Lindner - Targeted Industrial Control System Attack...Area41
 
Trends in network security feinstein - informatica64
Trends in network security feinstein - informatica64Trends in network security feinstein - informatica64
Trends in network security feinstein - informatica64Chema Alonso
 
Wajug: Cyber war, Cyber Attacks and Ethical Hacking - Frédéric de Pauw - Dece...
Wajug: Cyber war, Cyber Attacks and Ethical Hacking - Frédéric de Pauw - Dece...Wajug: Cyber war, Cyber Attacks and Ethical Hacking - Frédéric de Pauw - Dece...
Wajug: Cyber war, Cyber Attacks and Ethical Hacking - Frédéric de Pauw - Dece...wajug
 
How can a successful SOC2-compliant ISMS be built without power, money and a...
How can a successful SOC2-compliant ISMS be built without power, money and a...How can a successful SOC2-compliant ISMS be built without power, money and a...
How can a successful SOC2-compliant ISMS be built without power, money and a...Vsevolod Shabad
 
Secure Financial Intelligence System
Secure Financial Intelligence SystemSecure Financial Intelligence System
Secure Financial Intelligence SystemJoseph Yosi Margalit
 
Ak03402100217
Ak03402100217Ak03402100217
Ak03402100217ijceronline
 
Cyber Security: Threats and Needed Actions
Cyber Security: Threats and Needed ActionsCyber Security: Threats and Needed Actions
Cyber Security: Threats and Needed ActionsJohn Gilligan
 
CCNA RS_NB - Chapter 11
CCNA RS_NB - Chapter 11CCNA RS_NB - Chapter 11
CCNA RS_NB - Chapter 11Irsandi Hasan
 
SCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia WatsonSCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia WatsonPatricia M Watson
 
Cybersecurity Interview Preparation Questions.pdf
Cybersecurity Interview Preparation Questions.pdfCybersecurity Interview Preparation Questions.pdf
Cybersecurity Interview Preparation Questions.pdfHaris Chughtai
 
Ce hv8 module 04 enumeration
Ce hv8 module 04 enumerationCe hv8 module 04 enumeration
Ce hv8 module 04 enumerationMehrdad Jingoism
 

Ähnlich wie Cybersecurity concepts & Defense best practises (20)

CYBERSECURITY - Best Practices,Concepts & Case Study (Mindmap)
CYBERSECURITY - Best Practices,Concepts & Case Study (Mindmap)CYBERSECURITY - Best Practices,Concepts & Case Study (Mindmap)
CYBERSECURITY - Best Practices,Concepts & Case Study (Mindmap)
 
Critical Infrastructure Assessment Techniques to Prevent Threats and Vulnerab...
Critical Infrastructure Assessment Techniques to Prevent Threats and Vulnerab...Critical Infrastructure Assessment Techniques to Prevent Threats and Vulnerab...
Critical Infrastructure Assessment Techniques to Prevent Threats and Vulnerab...
 
Analysis on Common Network Attacks & Vulnerability Scanners
Analysis on Common Network Attacks & Vulnerability ScannersAnalysis on Common Network Attacks & Vulnerability Scanners
Analysis on Common Network Attacks & Vulnerability Scanners
 
Cyber security for business
Cyber security for businessCyber security for business
Cyber security for business
 
Advantages And Disadvantages Of Nc
Advantages And Disadvantages Of NcAdvantages And Disadvantages Of Nc
Advantages And Disadvantages Of Nc
 
Best Practices in IBM i Security
Best Practices in IBM i SecurityBest Practices in IBM i Security
Best Practices in IBM i Security
 
Cyber Attack Methodologies
Cyber Attack MethodologiesCyber Attack Methodologies
Cyber Attack Methodologies
 
CCNA 1 Routing and Switching v5.0 Chapter 11
CCNA 1 Routing and Switching v5.0 Chapter 11CCNA 1 Routing and Switching v5.0 Chapter 11
CCNA 1 Routing and Switching v5.0 Chapter 11
 
Risk Mitigation Plan Based On Inputs Provided
Risk Mitigation Plan Based On Inputs ProvidedRisk Mitigation Plan Based On Inputs Provided
Risk Mitigation Plan Based On Inputs Provided
 
hashdays 2011: Felix 'FX' Lindner - Targeted Industrial Control System Attack...
hashdays 2011: Felix 'FX' Lindner - Targeted Industrial Control System Attack...hashdays 2011: Felix 'FX' Lindner - Targeted Industrial Control System Attack...
hashdays 2011: Felix 'FX' Lindner - Targeted Industrial Control System Attack...
 
Trends in network security feinstein - informatica64
Trends in network security feinstein - informatica64Trends in network security feinstein - informatica64
Trends in network security feinstein - informatica64
 
Wajug: Cyber war, Cyber Attacks and Ethical Hacking - Frédéric de Pauw - Dece...
Wajug: Cyber war, Cyber Attacks and Ethical Hacking - Frédéric de Pauw - Dece...Wajug: Cyber war, Cyber Attacks and Ethical Hacking - Frédéric de Pauw - Dece...
Wajug: Cyber war, Cyber Attacks and Ethical Hacking - Frédéric de Pauw - Dece...
 
How can a successful SOC2-compliant ISMS be built without power, money and a...
How can a successful SOC2-compliant ISMS be built without power, money and a...How can a successful SOC2-compliant ISMS be built without power, money and a...
How can a successful SOC2-compliant ISMS be built without power, money and a...
 
Secure Financial Intelligence System
Secure Financial Intelligence SystemSecure Financial Intelligence System
Secure Financial Intelligence System
 
Ak03402100217
Ak03402100217Ak03402100217
Ak03402100217
 
Cyber Security: Threats and Needed Actions
Cyber Security: Threats and Needed ActionsCyber Security: Threats and Needed Actions
Cyber Security: Threats and Needed Actions
 
CCNA RS_NB - Chapter 11
CCNA RS_NB - Chapter 11CCNA RS_NB - Chapter 11
CCNA RS_NB - Chapter 11
 
SCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia WatsonSCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia Watson
 
Cybersecurity Interview Preparation Questions.pdf
Cybersecurity Interview Preparation Questions.pdfCybersecurity Interview Preparation Questions.pdf
Cybersecurity Interview Preparation Questions.pdf
 
Ce hv8 module 04 enumeration
Ce hv8 module 04 enumerationCe hv8 module 04 enumeration
Ce hv8 module 04 enumeration
 

KĂŒrzlich hochgeladen

Nanded City ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready ...
Nanded City ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready ...Nanded City ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready ...
Nanded City ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready ...tanu pandey
 
Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
Call Girls Service Chandigarh Lucky ❀ 7710465962 Independent Call Girls In C...
Call Girls Service Chandigarh Lucky ❀ 7710465962 Independent Call Girls In C...Call Girls Service Chandigarh Lucky ❀ 7710465962 Independent Call Girls In C...
Call Girls Service Chandigarh Lucky ❀ 7710465962 Independent Call Girls In C...Sheetaleventcompany
 
On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024APNIC
 
INDIVIDUAL ASSIGNMENT #3 CBG, PRESENTATION.
INDIVIDUAL ASSIGNMENT #3 CBG, PRESENTATION.INDIVIDUAL ASSIGNMENT #3 CBG, PRESENTATION.
INDIVIDUAL ASSIGNMENT #3 CBG, PRESENTATION.CarlotaBedoya1
 
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >àŒ’8448380779 Escort Service
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >àŒ’8448380779 Escort ServiceEnjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >àŒ’8448380779 Escort Service
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >àŒ’8448380779 Escort ServiceDelhi Call girls
 
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)Delhi Call girls
 
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call GirlVIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girladitipandeya
 
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip CallDelhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Callshivangimorya083
 
Hot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night Stand
Hot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night StandHot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night Stand
Hot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night Standkumarajju5765
 
Call Now ☎ 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.soniya singh
 
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...Call Girls in Nagpur High Profile
 
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$
Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$
Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$kojalkojal131
 
â‚č5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
â‚č5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...â‚č5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
â‚č5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...Diya Sharma
 
AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptxAWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptxellan12
 

KĂŒrzlich hochgeladen (20)

Nanded City ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready ...
Nanded City ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready ...Nanded City ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready ...
Nanded City ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready ...
 
Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝
 
Rohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No AdvanceRohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
 
Call Girls Service Chandigarh Lucky ❀ 7710465962 Independent Call Girls In C...
Call Girls Service Chandigarh Lucky ❀ 7710465962 Independent Call Girls In C...Call Girls Service Chandigarh Lucky ❀ 7710465962 Independent Call Girls In C...
Call Girls Service Chandigarh Lucky ❀ 7710465962 Independent Call Girls In C...
 
On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024
 
INDIVIDUAL ASSIGNMENT #3 CBG, PRESENTATION.
INDIVIDUAL ASSIGNMENT #3 CBG, PRESENTATION.INDIVIDUAL ASSIGNMENT #3 CBG, PRESENTATION.
INDIVIDUAL ASSIGNMENT #3 CBG, PRESENTATION.
 
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >àŒ’8448380779 Escort Service
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >àŒ’8448380779 Escort ServiceEnjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >àŒ’8448380779 Escort Service
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >àŒ’8448380779 Escort Service
 
Russian Call Girls in %(+971524965298 )# Call Girls in Dubai
Russian Call Girls in %(+971524965298 )# Call Girls in DubaiRussian Call Girls in %(+971524965298 )# Call Girls in Dubai
Russian Call Girls in %(+971524965298 )# Call Girls in Dubai
 
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
 
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call GirlVIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
 
Dwarka Sector 26 Call Girls | Delhi | 9999965857 đŸ«Š Vanshika Verma More Our Se...
Dwarka Sector 26 Call Girls | Delhi | 9999965857 đŸ«Š Vanshika Verma More Our Se...Dwarka Sector 26 Call Girls | Delhi | 9999965857 đŸ«Š Vanshika Verma More Our Se...
Dwarka Sector 26 Call Girls | Delhi | 9999965857 đŸ«Š Vanshika Verma More Our Se...
 
Rohini Sector 22 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 22 Call Girls Delhi 9999965857 @Sabina Saikh No AdvanceRohini Sector 22 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 22 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
 
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip CallDelhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
 
Hot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night Stand
Hot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night StandHot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night Stand
Hot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night Stand
 
Call Now ☎ 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.
 
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
 
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
 
Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$
Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$
Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$
 
â‚č5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
â‚č5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...â‚č5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
â‚č5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
 
AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptxAWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
 

Cybersecurity concepts & Defense best practises

  • 1. Cybersecurity Concept & Defense best practices Presented by Wajahat Iqbal B.E(Computer Science),ISO 27001 LI,ISO 22301 LI
  • 3. Definition Cybersecurity Domain is a collection of best practices,Technologies,Frameworks & Standards to protect an enterprise,organization ,Govt entities,Military establishment,Individual user from global cyber threats(Theft Identity,Cybertheft,Cyber- ransom,Infrastructure damage) resulting in either Financial,Economical,Copyright Information,Personal identity,Infrastructure loss. 3
  • 4. Major Cybersecurity standards  NIST Cybersecurity Framework (De-facto standard)  ISO 27001 (Information Security Management Framework)  ISACA COBIT5  NIST SP800-53  NIST SP800-30  ISA 62443  ISO 27005 The Cybersecurity standards were first adopted in the Seoul (South Korea) Conference on Global Cybersecurity in 2013 4
  • 5. Cybersecurity holistic view  Manage physical access to IT Infrastructure  Manage sensitive documents and output Devices  Monitor the Infrastructure for security related Events  Protect against Malware (*** Most challenging )  Manage Network and Connectivity security  Manage User Identity and logical access  Protect critical and vital Infrastructure (Banks,Vital Industrial installations,IT,Nuclear power,Dams,Defense) 5
  • 6. Cybersecurity Lifecycle The Cybersecurity Lifecycle can be described aptly by the below (Figure-1) which decomposes the various stages . 6 (1) Identify Business outcomes (2)Understand Vulnerabilities Threats (3)Create current profile (4)Conduct Risk assessments (5)Apply Controls (6)Create Target profile (7)Determine/ prioritize gaps (8)Implement plan (9)Report to stakeholders (10)Continuous monitoring Cyber security Lifecycle
  • 7. Risk actions 7 Risk Actions: The most generally accepted Actions on Risk Management Cycle are: (1) Risk Acceptance (2) Risk Transfer (3) Risk Avoidance (4) Risk Mitigation – Most practised action Depending on Risk Appetite/Risk Tolerance threshold of an Organisation These are drawn from the ISO 27001 Standard for ISMS which is the most widely used and accepted standard on IT Security involving Risk Management processes
  • 9. Threat to Cyberdefense 9 The damage caused by threats to Cyberdefense can be characterized by loss of “Confidentiality, Integrity or availability (CIA)”, the basic model of Data Security as practiced in ISO27001/27002 and other globally accepted standards
  • 10. Hackers profile The different type of Hackers are:  Individual Hacker  State Sponsored (With Political & Military Agenda)  Cyber Criminals (Organised Mafia) 10
  • 11. Hacker Kill Chain The USA Aeronautics Major Lockheed Martin – Kill Chain methodology describes seven steps from reconnaissance through actions on the objectives and recommends defenses be designed to align with each of the seven steps in the process below: 11
  • 12. Summary of Kill Chain  Reconnaissance:  Finding the Host,Internet Website,Domain  Do IP Address Scan of the Business Domain  Do Port Scan of the Active hosts  Automated scanning by Botnets (Compromised Systems)  Locate Network Topology and identify potential access control Devices 12
  • 13. Summary of Kill Chain(Cont’d)  Weaponization:  Identify the Vulnerability  Initiate the Attack  Coupling a remote access Trojan(RAT) with an Exploit into a deliverable payload,typically by means of an automated tool (The commonly used weaponizer are Adobe PDF and Microsoft Office documents)  Delivery:  Transmission of Weapon to the targeted environment  Three most prevalent delivery vectors for weaponzied payloads are – Emails,Compromised Web Sites & USB removal media 13
  • 14. Summary of Kill Chain (Cont’d)  Exploitation:  Email,Website &USB explore a Vulnerability on launch and Hacket gets remote access to admin Shell  Exploitation targets Operating System or Application vulnerability  Installation:  Install Malware(Malicious Code) into Memory,Disk or Operating System Kernel,modify windows registry,modify Unix Kernel  Allow installation of remote access Trojan or backdoor on the victim system 14
  • 15. Summary of Kill Chain (Cont’d)  Command & Control (C2):  Compromised system/hosts beacon back to the Master Controller to establish C2 Channel  Hacker gains complete control of the compromised system  Intruders have “hands on the keyboard” access to the targeted environment  Action:  This Activity is data exfiltration that involves collecting,encrypting and extraction information (e,g Deface Website,Steal Credit Card Information,Steal Copyright Information,Steal IE passwords,Modify Banking websites,Steal medical records) etc 15
  • 16. BOTNET Attack(Automated) These days professional Hackers,Malware developers,Cyber Criminals work in tandem to develop automated Tools to initiate a Cyber Attack against the intended victim/host.The mechanism is to install remote access Trojan(RAT) on compromised system(BOTNETS) which could number in thousands and then initiate the attack in phases as shown in Figure- 2 (next page) Key Components of a BOTNET Attack:  BOTNET Construction Kit  Command & Control Capability  Remote Access Trojan(RAT)  Custom developed Malware(Malicious Code) for the intended Victim/Host (Example BOTNET Attacks - ZEUS,CITADEL,GO ZEUS) 16
  • 18. Type of Cyber Attacks 18
  • 23. SOC Components Lately SOC has become an integral part of any Organisation to protect itself from Cyber attacks and detect/correct/recover from a Cyber Incident in the quickest span of time without further damage to its reputation. The critical components of a SOC are:  IDS/IPS Infrastructure  Firewall Infrastructure  SIEM (Security Information and Event Monitoring System)  Logging and Alerting mechanism  Security Incident Processes  Forensics capability  User Training & Retention  Managing Evidence 23
  • 25. Cybersecurity Architecture 25 ‱ Network Security ‱ Identity,Authentication and Access Management ‱ Data Protection and Cryptography ‱ Monitoring Vulnerability & Patch Management ‱ High Availablity,Disaster Recovery & Physical protection ‱ Asset Management & Supply Chain ‱ Policy,Audit,E-Discover & Training ‱ Systems Adminstration ‱ Application Security ‱ Endpoint,Server & Device Security Cybersecurity Architecture The Cyber Architecture consists of the following components:
  • 26. Defense in Depth(DOD) This is the most common practice employed by Organisation to create and implement a multilayered approach to Cybersecurity.It is described by the following process (Figure-3) and can be implemented at various layers of the Network Infrastructure 26 .
  • 27. 9 Basic steps of Cybersecurity These are the guidelines to follow while drawing up a comprehensive Cybersecurity program in an Organisation  #1 : Explore the Legislation and other requirements  #2: Define the Business benefits and get top Management support (Very Important)  #3: Setting the Cybersecurity requirements  #4: Choosing the framework for Cybersecurity Implementation  #5:Organizing the Implementation(Setting up Teams,PM Resources,Project Charter,Budget etc)  #6: Risk Assessment & Mitigation (Applying Controls)  #7: Implementation of Controls  #8: Training & Awareness  #9: Continuous Monitoring and Checks and Reporting to Senior Management (C Level Executives) 27
  • 28. Cybersecurity operational processes To maintain an effective Cybersecurity posture,the CISO should maintain a number of enterprise operational processes to include the following:  Policies and Policies Exception Management  Project and Change Security Reviews  Risk Management  Control Management  Auditing and Deficiency Tracking  Asset Inventory and audit  Change Control  Configuration Management Database Re-Certification  Supplier reviews and Risk assessments 28
  • 29. Cybersecurity operational processes  CyberIntrusion Response  All-Hazards Emergency preparedness Exercises  Vulnerability Scanning,Tracking & Management  Patch Management & Deployment  Security Monitoring  Password and Key Management  Account and Access periodic Re-Certification  Privileged Account activity Audit 29
  • 30. SANS TOP 20 CRITICAL SECURITY CONTROLS
  • 31. SANS top 20 Controls These are widely established critical controls to maintain a healthy Network security posture 31
  • 33. Incident Process & Management 33
  • 35. Network perimeter best security practises  Restrict use of administrative utilities(e,g Microsoft Management Console)  Use secure File permission system i.e NTFS & UFS File System  Manage Users properly especially the Admin Accounts on Unix & Windows machines  Perform Effective Group Management for – Admin,Print,Power,Server operator & Normal Users in Windows 2000 O.S  Enforce strong password policy,password aging for Users  Enable Windows O.S and Unix O.S logging facility  Eliminate unnecessary Accounts (especially the Employee’s who have left the Organisation)  Disable Resource sharing service and remove hidden administrative shares – C$,ADMIN$,WIN NT$ in older version of Windows O.S  Disable unneeded Service in Unix – Telnet,Finger ,tftp,NTP(Network Time protocol)  Applications should use the latest Security patches in Production Environment 35
  • 36. Network perimeter best security practises  Enforce using NAT(Network Address Translation) & PAT(Port Address Translation) in internal Network (Firewalls & Routers)  Enable DNS Spoofing,DOS Attacks (Smurf & Direct Broadcast Attacks) mitigation policies on Gateway Routers via ACL and Cisco IOS  Enforce Best Industry practice of secure Application Coding to mitigate “Buffer Overflow” Vulnerability in the Memory  Enforce strong password policy,password aging,lockout policy for Application Databases (Oracle,Sybase)  Install latest O.S and Application patches as soon they are available from Vendors  Install latest Security patches for Browsers,Flash Players,Microsoft Applications  Update the Anti-Virus & IDS/IPS /HIDS Signatures on frequent basis  Update the Business Continuity/DR Plan and keep latest backup of all critical Servers 36
  • 37. Network perimeter best security practises  Update and Install latest Security patches for Application Gateways(Proxies),Web Filltering Devices,Firewalls  Check the Logs daily on Firewalls,IPS/IDS,HIDS for any Security Incident triggered by any malicious Activity  Implement Industry Best practices to secure the Network (NIST Guidelines,SANS 20 Critical Security Controls,NSA Guidelines etc)  Place the Mission Critical Web Servers (User Interface) on a Screened Subnet,DMZ and the backend Application Server & Oracle Database Server in the internal Network  Change the Default Password of SNMP Community string on Network Devices 37
  • 39. CASE STUDY – Cyber attack secure design 39
  • 40. CASE STUDY – Cyber attack secure design Design Features:  Border Router:A Gateway Router connects the network to the Internet and provides basic Filtering through ACL(Access Control Lists) on Ingress & Egress Interfaces  Just behind the Gateway Router is Stateful Inspection Firewall that enforces the majority of access control of the network  Public services and private services have been separated by putting them on different network segments (DMZ,Corporate & Screened Subnet)  Split DNS is being used on public DNS Server and it provides Name resolution for public services only  Intrusion Detection Systems(IDS) are located on the public,private,network perimeter end points to watch for unusual activity  The Front end Application Web server is on the Screened Subnet and the backed Oracle DB Server is behind the Internal Firewall 40
  • 41. CASE STUDY – Cyber attack secure design  Host based IDS(HIDS) complement the Network by adding additional layer of security and are placed on the individual mission critical servers(Anti-Virus,Email Proxy,Web Proxy,Internal Email Server,Oracle DB Server) to monitor the systems network activity,log files,Files Systems Integrity and User actions.A host based IDS will also detect and generate an alarm when it detects escalation of privileges for a Guest user to Admin Account  Host based IDS can help detect attacks that network IDS evasion techniques  Host based IDS is also useful for correlating attacks picked up by Network sensors  All security log entries are sent to the SIEM(Security Information and Event Monitoring System) for Data Analysis and Forensics.The SIEM generates an Alert when suspicious activity is detected  For the Remote Office users all their Laptops are installed with Personal Firewalls to mitigate/detect Hacker entry through backdoor channels 41
  • 42. CASE STUDY – Cyber attack secure design  All configuration of security devices is performed from the management console  Additionally one can install TACACS,RADIUS Servers to monitor Users access on the Gateway Router and other mission critical Servers The sample Rule base configured for the above Network Design on the Stateful Inspection Firewall can be as follows (Illustrative purpose only): Next page 42
  • 43. CASE STUDY – Cyber attack secure design 43
  • 44. CONCLUSION Conclusion Note: The process to securing and making a perfect “Digital World” is a ongoing continuous Journey ,and with ever changing Modus operandi of the Hackers and the Cyber Criminals globally,we always have to be one step forward in the race to protect our Digital Assets,Intellectual property,Identity,Infrastructure. Thank You (Wajahat Iqbal) 44
  • 45. Disclaimer Note: This is Copyright Material © of Wajahat Iqbal (2016) and the Information shown is collected from Internet repositories and any typo, error, omission is regretted on behalf of Author.The Author does not hold any responsibility or liability for the incorrectness of the Information shared.This technical presentation can be shared/Printed/Distributed keeping in view that Credit is given rightly to the Author. Contact E-Mail: Wajahat_Iqbal@Yahoo.com LinkedIn: http://www.linkedin.com/in/wiqbal 45