SlideShare ist ein Scribd-Unternehmen logo

Threat Actors and Innovators - Webinar

Als PPTX, PDF herunterladen
Sparity Inc.
Sparity Inc.

In this Webinar, our Director of Cyber Security Practice, Mr. Surratt will talk about "Threat Actors and Industry Targets" with the following key takeaways: 1. Understanding the threat landscape. 2. Industries currently targeted by threat actors. 3. The threat actor targeting process. 4. Sparity Foundational Security Services.

Internet
1 von 23
© 2019 Sparity Inc | For Webinar Use Only | Do Not Redistribute oTHREAT ACTORS AND INDUSTRY TARGETS Welcome to Live Webinar Jeff Surratt – CISP, CDFE, CIST Director – Cybersecurity Practice Sparity Inc
© 2019 Sparity Inc | For Webinar Use Only | Do Not Redistribute  About Sparity  About the speaker  Impact Analysis  Target Industries  Sources of Cyber Threats  Geographies  The cost to US business  Intelligence Driven Targeting process  Data Aggregation and the Targeting Process  Sparity’s solution for your security program Agenda
© 2019 Sparity Inc | For Webinar Use Only | Do Not Redistribute We are a global technology enterprise specialized in providing Digital Transformation and complex technology services to a wide range of enterprises, unicorn startups and social institutions. Established in 2010 with a goal to become a Global Innovation & Development partner. With nearly a decade of experience, we add compelling value through our agile and collaborative approach across your digital value chain. Next Generation Cyber Security for Connected Enterprises
© 2019 Sparity Inc | For Webinar Use Only | Do Not Redistribute Jeff Surratt, CISSP, CDFE, CIST Director of Cyber Security Practice, Sparity Inc. Mr. Surratt has worked in Information Security for 20 years in various public and private sector Information Technology positions. Before becoming a Director at Sparity, he worked in the architecture team at CenturyLink advising clients on corporate and multinational cyber security solutions paying attention to the GRC requirements of the related industry. During his government career at the Naval Criminal Investigative Service (NCIS) he had roles in Counterintelligence, Force Protection, Supply Chain Risk and as Liaison to the Defense Intelligence Agency. Throughout his 20 year career he has concentrated on threats from Russia and the Asia Pacific region covering counterintelligence and cyber activities of Nation States and the businesses that support them. About the Speaker
© 2019 Sparity Inc | For Webinar Use Only | Do Not Redistribute Discussions in the targeted business often revolves around “what” happened, “when” it happened and “what data was lost” Discovery includes - ”methods” and “data loss” but often the results focus on business impact and ramifications and ignore the “Who did it” and “Why”. 5 Impact analysis is only the beginning Impact Analysis
© 2019 Sparity Inc | For Webinar Use Only | Do Not Redistribute Threat Actors and Industry Targets Supply Chain Supplychainattacksfundamentallyabusethe trustedchannels we(everyone oneofus) have withthe softwareprovidersandtheapplications thatempower dailybusinessandpersonal activities. Utilities From April toAugust,the unidentifiedhackershave targetedatleast17.Thetallyjumpedfromthe three utilitiesthe companyreportedon in Augustaftera freshbatchofphishing emails wasfound. Education Valuableintellectual propertyfromcampusresearch • Studentandemployeepersonalinformation • Computerprocessing powerusedforBitcoin mining Banking / Finance In a2018survey, 78%offinancialinstitutionswere confidentin theircybersecuritystrategies, yet1 ofevery 3 is successfullyattackedresulting in a72%increasein monetaryloss. Government Government andmilitarysecuritybreachestendtobehigh- profile.This sectoris targetedby: • Foreign powerstryingtospyornegatively impacta global competitor • Hacktivistslooking tomakea politicalstatement • Cybercriminalsseeking tomonetizetheabundant personalinformationin federal,state,andlocal databases
© 2018 Sparity Inc | For Webinar Use Only | Do Not Redistribute HIGH
© 2019 Sparity Inc | For Webinar Use Only | Do Not Redistribute Russia STONTIUM Operating since 2004 they launched a new campaign against the embassies and Ministry of Foreign Affairs in Eastern Europe and Central Asian countries. Sandworm Only one Russian hacker group has actually caused real-world blackouts: Cybersecurity analysts widely believe the hacker team called Sandworm, also known as Voodoo Bear and Telebots, carried out attacks on Ukrainian electric utilities in 2015 and 2016 that cut off power to hundreds of thousands of people. Palmetto Fusion The hackers behind the fresh series of attempted intrusions of US energy utilities remain far more mysterious than Energetic Bear or Sandworm. The group has hit energy utilities with "watering hole" and phishing attacks since 2015, with targets as far- flung as Ireland and Turkey in addition to the recently reported American COZY BEAR - Advanced Persistent Threat 28 and related threat actors sponsored by the General Staff of the Armed Forces of the Russian Federation (GRC) and the Federal Security Service FSB (ФСБ)
© 2019 Sparity Inc | For Webinar Use Only | Do Not Redistribute China Gothic Panda is the first threat actor group attributed with a high degree of confidence directly to the Chinese Ministry of State Security (MSS). They are associated with Boyusec. • China Information Technology Evaluation Center (CNITSEC) is associated with ITSEC • CNITSEC’s Director, Wu Shizhong – has a corporate association with Huawei which is the largest cellphone maker in Asia Gothic Panda (Advanced Persistent Threat 3)
© 2019 Sparity Inc | For Webinar Use Only | Do Not Redistribute China TICK (REDBALDKNIGHT) Cyber espionage group that first became notice in 2008 and recently launched a malware development campaign that targeted Government, Defense. While the main focus of the attack was in Asia, it is interesting to note that they have become active again. WINNTI formerly WICKED PANDA (APT 17) Cyber espionage group linked to the People’s Liberation Army (PLA) that first became noticed in 2009 and recently launched attacks against shortening common service such as Gmail to goo.gl It is believed they are not sharing information with other Chinese based groups and are not referred to Winnti Umbrella. Targets are often software organizations in the United States, Japan and China.
© 2019 Sparity Inc | For Webinar Use Only | Do Not Redistribute TA407 (Silent Librarian associated with Iran) Silent Librarian is a prolific financially motivated actor operating out of Iran. The group was cited for “obtaining unauthorized access to computer systems, stealing proprietary data from those systems, and selling stolen data to Iranian customers, including the Iranian government and Iranian universities.” TA407’s activities resulted in the following damages: • Approximately $3.4 billion worth of intellectual property loss due to unauthorized access • 31.5 terabytes of academic data and IP theft from compromised universities • 7998 university accounts were successfully compromised worldwide • 3768 accounts compromised that belonged to professors at US-based universities Victims of the scheme included: • Approximately 144 universities in the United States • 176 foreign universities in 21 countries • Five federal and state government agencies in the United States • 36 private companies in the United States • 11 foreign private companies • Two international non-governmental organizations
© 2019 Sparity Inc | For Webinar Use Only | Do Not Redistribute About Sparity INTELLIGENCE DRIVEN TARGETING PROCESS
© 2019 Sparity Inc | For Webinar Use Only | Do Not Redistribute Data Aggregation - Use of related information to develop target profiles - High level executives - Management - Military Officers - Civilian Employees - Family - Friends - Memberships Attacks have become target specific based upon passed success and desired information. 1 – 2 Relationships - Customer data - Financial transactions - Partner data - International banks and corporations face regulations in each Country of operation. 3 - 4 Finance - Manipulation of components - Compromise of vendors - IoT attacks 5 - 6 Supply Chain - Banking and Finance - Health Care - Utilities - Government - Education 7 Industry 1 2 3 45 6 7 Data Reposito ry
© 2019 Sparity Inc | For Webinar Use Only | Do Not Redistribute Data Aggregation and the Targeting Process InformationCollection Data Linkage Corporate Knowledge System Design Part Diagram Attack Method decided by what the target is and what may have worked in the past. If it is custom, then usually pass to a different division orcodeis paid for on the Dark WebTarget Analysis Social Media Corporate Directory News Who might nowabout the target Result Evaluation Relevant data acquired? Y or N The Hunt Begins Data Collection
© 2018 Sparity Inc | For Webinar Use Only | Do Not Redistribute As the number of cyberattacks increase, and take more time to resolve, the cost of cybercrime continues to rise. In the last year, we have observed many stealthy, sophisticated and targeted cyberattacks against public and private sector organizations. Combined with the expanding threat landscape, organizations are seeing a steady rise in the number of security breaches—from 130 in 2017 to 145 in 2018 (see Figure 1). The impact of these cyberattacks to organizations, industries and society is substantial. Alongside the growing number of security breaches, the total cost of cybercrime for each company increased from US$11.7 million in 2017 to a new 2018 high of US$13.0 million—a rise of 12 percent (see Figure 2). The Cost to US Business
© 2019 Sparity Inc | For Webinar Use Only | Do Not Redistribute About Sparity INTELLIGENCE DRIVEN TARGETING PROCESS SPARITY SOLUTIONS FOR YOUR SECURITY PROGRAM
© 2019 Sparity Inc | For Webinar Use Only | Do Not Redistribute Our comprehensive portfolio under Vulnerability Management is focused on ensuring whether your enterprise can Identify, Manage and Mitigate Vulnerabilities. Threat and Vulnerability Assessment
© 2019 Sparity Inc | For Webinar Use Only | Do Not Redistribute Cyber Analytics Cyber Analytics is an approach to cybersecurity focused on the analysis of data to produce proactive security measures. For example, monitored network traffic could be used to identify indicators of compromise before an actual threat occurs. Cyber analytics can analyse security events and it is possible to detect a threat before it has a chance to impact your infrastructure and bottom line.
© 2019 Sparity Inc | For Webinar Use Only | Do Not Redistribute Implementation of our cyber framework, set of measured rules and practises, helps your organization to better manage and reduce cybersecurity risk. Our strategy and framework are intended to cultivate communications between both inner and outer authoritative partners. Our Framework • Asset Management • Business Environment Governance • Risk Assessment • Risk Management Strategy • Access Control • Awareness & Training • Data Security • Info protection & Procedures • Maintenance • Protective Tech • Anomalies & Events • Security Continuous Monitoring • Detection Process • Response Planning • Communications • Analysis • Mitigation • Improvements • Recovery Planning • Improvements • Communication • Mitigation • Improvements
© 2019 Sparity Inc | For Webinar Use Only | Do Not Redistribute Implementation: • Confirm that all necessary components are well defined and link together • Ensure that internal control frameworks, policies, and procedures are appropriate • Clearly define and communicate roles and responsibilities • Use technology to facilitate implementation • Address stakeholder expectations with confidence Enterprise Risk Management
© 2019 Sparity Inc | For Webinar Use Only | Do Not Redistribute This made it past my SPAM filter last night!
© 2019 Sparity Inc | For Webinar Use Only | Do Not Redistribute Q & A
© 2019 Sparity Inc | For Webinar Use Only | Do Not Redistribute

Empfohlen

August 2017 - Anatomy of a Cyber Attacker
August 2017 - Anatomy of a Cyber AttackerAugust 2017 - Anatomy of a Cyber Attacker
August 2017 - Anatomy of a Cyber Attacker
seadeloitte
 
WSIS10 Action Line C5 Building Confidence and Security in the use of ICT's
WSIS10 Action Line C5 Building Confidence and Security in the use of ICT'sWSIS10 Action Line C5 Building Confidence and Security in the use of ICT's
WSIS10 Action Line C5 Building Confidence and Security in the use of ICT's
Dr Lendy Spires
 
Adrian Ifrim - prezentare - Cyber Security Trends 2020
Adrian Ifrim - prezentare - Cyber Security Trends 2020Adrian Ifrim - prezentare - Cyber Security Trends 2020
Adrian Ifrim - prezentare - Cyber Security Trends 2020
Business Days
 
Cyber Security small
Cyber Security smallCyber Security small
Cyber Security small
Henry Worth
 
Facebook
FacebookFacebook
Facebook
BabelNews
 
The Proactive Approach to Cyber Security
The Proactive Approach to Cyber SecurityThe Proactive Approach to Cyber Security
The Proactive Approach to Cyber Security
Nathan Desfontaines
 
Cosmin Vilcu - Sonicwal - prezentare - Cyber Security Trends 2020
Cosmin Vilcu - Sonicwal - prezentare - Cyber Security Trends 2020Cosmin Vilcu - Sonicwal - prezentare - Cyber Security Trends 2020
Cosmin Vilcu - Sonicwal - prezentare - Cyber Security Trends 2020
Business Days
 
IDC Best Practices in Private Sector Cyber Security
IDC Best Practices in Private Sector Cyber SecurityIDC Best Practices in Private Sector Cyber Security
IDC Best Practices in Private Sector Cyber Security
inside-BigData.com
 

Empfohlen

August 2017 - Anatomy of a Cyber Attacker
August 2017 - Anatomy of a Cyber AttackerAugust 2017 - Anatomy of a Cyber Attacker
August 2017 - Anatomy of a Cyber Attacker
seadeloitte
 
WSIS10 Action Line C5 Building Confidence and Security in the use of ICT's
WSIS10 Action Line C5 Building Confidence and Security in the use of ICT'sWSIS10 Action Line C5 Building Confidence and Security in the use of ICT's
WSIS10 Action Line C5 Building Confidence and Security in the use of ICT's
Dr Lendy Spires
 
Adrian Ifrim - prezentare - Cyber Security Trends 2020
Adrian Ifrim - prezentare - Cyber Security Trends 2020Adrian Ifrim - prezentare - Cyber Security Trends 2020
Adrian Ifrim - prezentare - Cyber Security Trends 2020
Business Days
 
Cyber Security small
Cyber Security smallCyber Security small
Cyber Security small
Henry Worth
 
Facebook
FacebookFacebook
Facebook
BabelNews
 
The Proactive Approach to Cyber Security
The Proactive Approach to Cyber SecurityThe Proactive Approach to Cyber Security
The Proactive Approach to Cyber Security
Nathan Desfontaines
 
Cosmin Vilcu - Sonicwal - prezentare - Cyber Security Trends 2020
Cosmin Vilcu - Sonicwal - prezentare - Cyber Security Trends 2020Cosmin Vilcu - Sonicwal - prezentare - Cyber Security Trends 2020
Cosmin Vilcu - Sonicwal - prezentare - Cyber Security Trends 2020
Business Days
 
IDC Best Practices in Private Sector Cyber Security
IDC Best Practices in Private Sector Cyber SecurityIDC Best Practices in Private Sector Cyber Security
IDC Best Practices in Private Sector Cyber Security
inside-BigData.com
 
Cyber Security small
Cyber Security smallCyber Security small
Cyber Security small
Henry Worth
 
2015 Global Threat Intelligence Report Executive Summary | NTT i3
2015 Global Threat Intelligence Report Executive Summary | NTT i32015 Global Threat Intelligence Report Executive Summary | NTT i3
2015 Global Threat Intelligence Report Executive Summary | NTT i3
NTT Innovation Institute Inc.
 
Information Security - Hiring Trends and Trends for the Future PDF
Information Security - Hiring Trends and Trends for the Future PDFInformation Security - Hiring Trends and Trends for the Future PDF
Information Security - Hiring Trends and Trends for the Future PDF
Alexander Goodwin
 
IMC 618 - Public Relations Campaign
IMC 618 - Public Relations CampaignIMC 618 - Public Relations Campaign
IMC 618 - Public Relations Campaign
Stephanie Holman
 
Cyber security for ia and risk 150601
Cyber security for ia and risk 150601Cyber security for ia and risk 150601
Cyber security for ia and risk 150601
Grant Barker
 
The ever increasing threat of cyber crime
The ever increasing threat of cyber crimeThe ever increasing threat of cyber crime
The ever increasing threat of cyber crime
Nathan Desfontaines
 
Supersized Security Threats – Can You Stop 2016 from Repeating?
Supersized Security Threats – Can You Stop 2016 from Repeating?Supersized Security Threats – Can You Stop 2016 from Repeating?
Supersized Security Threats – Can You Stop 2016 from Repeating?
Valerie Lanzone
 
Security troubles in e commerce website
Security troubles in e commerce websiteSecurity troubles in e commerce website
Security troubles in e commerce website
Dr. Raghavendra GS
 
InfoSec's Guide to Social Media [WHITEPAPER]
InfoSec's Guide to Social Media [WHITEPAPER]InfoSec's Guide to Social Media [WHITEPAPER]
InfoSec's Guide to Social Media [WHITEPAPER]
Josh Stein
 
Networkers cyber security market intelligence report
Networkers cyber security market intelligence reportNetworkers cyber security market intelligence report
Networkers cyber security market intelligence report
Simon Clements FIRP DipRP
 
The Executive's Guide to the 2016 Global Threat Intelligence Report
The Executive's Guide to the 2016 Global Threat Intelligence ReportThe Executive's Guide to the 2016 Global Threat Intelligence Report
The Executive's Guide to the 2016 Global Threat Intelligence Report
Simona Franciosi
 
Corporate Cybersecurity: A Serious Game
Corporate Cybersecurity: A Serious GameCorporate Cybersecurity: A Serious Game
Corporate Cybersecurity: A Serious Game
Tatainteractive1
 
Yugo Neumorni - prezentare - Cyber Security Trends 2020
Yugo Neumorni - prezentare - Cyber Security Trends 2020Yugo Neumorni - prezentare - Cyber Security Trends 2020
Yugo Neumorni - prezentare - Cyber Security Trends 2020
Business Days
 
Online security – an assessment of the new
Online security – an assessment of the newOnline security – an assessment of the new
Online security – an assessment of the new
sunnyjoshi88
 
Reducing-Cyber-Risk-Whitepaper-Email (UK)
Reducing-Cyber-Risk-Whitepaper-Email (UK)Reducing-Cyber-Risk-Whitepaper-Email (UK)
Reducing-Cyber-Risk-Whitepaper-Email (UK)
Mark Baker
 
40 under 40 in cybersecurity. top cyber news magazine
40 under 40 in cybersecurity. top cyber news magazine40 under 40 in cybersecurity. top cyber news magazine
40 under 40 in cybersecurity. top cyber news magazine
Bradford Sims
 
IBM 2015 Cyber Security Intelligence Index
IBM 2015 Cyber Security Intelligence IndexIBM 2015 Cyber Security Intelligence Index
IBM 2015 Cyber Security Intelligence Index
Andreanne Clarke
 
SucessfulInsiderThreat
SucessfulInsiderThreatSucessfulInsiderThreat
SucessfulInsiderThreat
HammerNJ
 
Cyber Security - Things you need to know
Cyber Security - Things you need to knowCyber Security - Things you need to know
Cyber Security - Things you need to know
Nathan Desfontaines
 
Cost of Cybercrime Study in Financial Services: 2019 Report
Cost of Cybercrime Study in Financial Services: 2019 ReportCost of Cybercrime Study in Financial Services: 2019 Report
Cost of Cybercrime Study in Financial Services: 2019 Report
accenture
 
2020 Cost of Insider Threats Global Report with Dr. Larry Ponemon, Chairman ...
2020 Cost of Insider Threats Global Report with Dr. Larry Ponemon, Chairman ... 2020 Cost of Insider Threats Global Report with Dr. Larry Ponemon, Chairman ...
2020 Cost of Insider Threats Global Report with Dr. Larry Ponemon, Chairman ...
Proofpoint
 
Étude mondiale d'EY sur la cybersécurité (2018)
Étude mondiale d'EY sur la cybersécurité (2018)Étude mondiale d'EY sur la cybersécurité (2018)
Étude mondiale d'EY sur la cybersécurité (2018)
Paperjam_redaction
 

Weitere ähnliche Inhalte

Was ist angesagt?

Cyber Security small
Cyber Security smallCyber Security small
Cyber Security small
Henry Worth
 
Information Security - Hiring Trends and Trends for the Future PDF
Information Security - Hiring Trends and Trends for the Future PDFInformation Security - Hiring Trends and Trends for the Future PDF
Information Security - Hiring Trends and Trends for the Future PDF
Alexander Goodwin
 
Supersized Security Threats – Can You Stop 2016 from Repeating?
Supersized Security Threats – Can You Stop 2016 from Repeating?Supersized Security Threats – Can You Stop 2016 from Repeating?
Supersized Security Threats – Can You Stop 2016 from Repeating?
Valerie Lanzone
 
InfoSec's Guide to Social Media [WHITEPAPER]
InfoSec's Guide to Social Media [WHITEPAPER]InfoSec's Guide to Social Media [WHITEPAPER]
InfoSec's Guide to Social Media [WHITEPAPER]
Josh Stein
 
The Executive's Guide to the 2016 Global Threat Intelligence Report
The Executive's Guide to the 2016 Global Threat Intelligence ReportThe Executive's Guide to the 2016 Global Threat Intelligence Report
The Executive's Guide to the 2016 Global Threat Intelligence Report
Simona Franciosi
 
Reducing-Cyber-Risk-Whitepaper-Email (UK)
Reducing-Cyber-Risk-Whitepaper-Email (UK)Reducing-Cyber-Risk-Whitepaper-Email (UK)
Reducing-Cyber-Risk-Whitepaper-Email (UK)
Mark Baker
 
SucessfulInsiderThreat
SucessfulInsiderThreatSucessfulInsiderThreat
SucessfulInsiderThreat
HammerNJ
 
Cyber Security - Things you need to know
Cyber Security - Things you need to knowCyber Security - Things you need to know
Cyber Security - Things you need to know
Nathan Desfontaines
 

Was ist angesagt? (19)

Cyber Security small
Cyber Security smallCyber Security small
Cyber Security small
 
2015 Global Threat Intelligence Report Executive Summary | NTT i3
2015 Global Threat Intelligence Report Executive Summary | NTT i32015 Global Threat Intelligence Report Executive Summary | NTT i3
2015 Global Threat Intelligence Report Executive Summary | NTT i3
 
Information Security - Hiring Trends and Trends for the Future PDF
Information Security - Hiring Trends and Trends for the Future PDFInformation Security - Hiring Trends and Trends for the Future PDF
Information Security - Hiring Trends and Trends for the Future PDF
 
IMC 618 - Public Relations Campaign
IMC 618 - Public Relations CampaignIMC 618 - Public Relations Campaign
IMC 618 - Public Relations Campaign
 
Cyber security for ia and risk 150601
Cyber security for ia and risk 150601Cyber security for ia and risk 150601
Cyber security for ia and risk 150601
 
The ever increasing threat of cyber crime
The ever increasing threat of cyber crimeThe ever increasing threat of cyber crime
The ever increasing threat of cyber crime
 
Supersized Security Threats – Can You Stop 2016 from Repeating?
Supersized Security Threats – Can You Stop 2016 from Repeating?Supersized Security Threats – Can You Stop 2016 from Repeating?
Supersized Security Threats – Can You Stop 2016 from Repeating?
 
Security troubles in e commerce website
Security troubles in e commerce websiteSecurity troubles in e commerce website
Security troubles in e commerce website
 
InfoSec's Guide to Social Media [WHITEPAPER]
InfoSec's Guide to Social Media [WHITEPAPER]InfoSec's Guide to Social Media [WHITEPAPER]
InfoSec's Guide to Social Media [WHITEPAPER]
 
Networkers cyber security market intelligence report
Networkers cyber security market intelligence reportNetworkers cyber security market intelligence report
Networkers cyber security market intelligence report
 
The Executive's Guide to the 2016 Global Threat Intelligence Report
The Executive's Guide to the 2016 Global Threat Intelligence ReportThe Executive's Guide to the 2016 Global Threat Intelligence Report
The Executive's Guide to the 2016 Global Threat Intelligence Report
 
Corporate Cybersecurity: A Serious Game
Corporate Cybersecurity: A Serious GameCorporate Cybersecurity: A Serious Game
Corporate Cybersecurity: A Serious Game
 
Yugo Neumorni - prezentare - Cyber Security Trends 2020
Yugo Neumorni - prezentare - Cyber Security Trends 2020Yugo Neumorni - prezentare - Cyber Security Trends 2020
Yugo Neumorni - prezentare - Cyber Security Trends 2020
 
Online security – an assessment of the new
Online security – an assessment of the newOnline security – an assessment of the new
Online security – an assessment of the new
 
Reducing-Cyber-Risk-Whitepaper-Email (UK)
Reducing-Cyber-Risk-Whitepaper-Email (UK)Reducing-Cyber-Risk-Whitepaper-Email (UK)
Reducing-Cyber-Risk-Whitepaper-Email (UK)
 
40 under 40 in cybersecurity. top cyber news magazine
40 under 40 in cybersecurity. top cyber news magazine40 under 40 in cybersecurity. top cyber news magazine
40 under 40 in cybersecurity. top cyber news magazine
 
IBM 2015 Cyber Security Intelligence Index
IBM 2015 Cyber Security Intelligence IndexIBM 2015 Cyber Security Intelligence Index
IBM 2015 Cyber Security Intelligence Index
 
SucessfulInsiderThreat
SucessfulInsiderThreatSucessfulInsiderThreat
SucessfulInsiderThreat
 
Cyber Security - Things you need to know
Cyber Security - Things you need to knowCyber Security - Things you need to know
Cyber Security - Things you need to know
 

Ähnlich wie Threat Actors and Innovators - Webinar

2020 Cost of Insider Threats Global Report with Dr. Larry Ponemon, Chairman ...
2020 Cost of Insider Threats Global Report with Dr. Larry Ponemon, Chairman ... 2020 Cost of Insider Threats Global Report with Dr. Larry Ponemon, Chairman ...
2020 Cost of Insider Threats Global Report with Dr. Larry Ponemon, Chairman ...
Proofpoint
 
What trends will 2018 bring for Business Continuity Professionals?
What trends will 2018 bring for Business Continuity Professionals?What trends will 2018 bring for Business Continuity Professionals?
What trends will 2018 bring for Business Continuity Professionals?
PECB
 
The digital economy and cybersecurity
The digital economy and cybersecurityThe digital economy and cybersecurity
The digital economy and cybersecurity
Mark Albala
 
CII Whitepaper India Cyber Risk & Resilience Review 2018
CII Whitepaper India Cyber Risk & Resilience Review 2018CII Whitepaper India Cyber Risk & Resilience Review 2018
CII Whitepaper India Cyber Risk & Resilience Review 2018
Confederation of Indian Industry
 
Endpoint Detection & Response - FireEye
Endpoint Detection & Response - FireEyeEndpoint Detection & Response - FireEye
Endpoint Detection & Response - FireEye
Prime Infoserv
 

Ähnlich wie Threat Actors and Innovators - Webinar (20)

Cost of Cybercrime Study in Financial Services: 2019 Report
Cost of Cybercrime Study in Financial Services: 2019 ReportCost of Cybercrime Study in Financial Services: 2019 Report
Cost of Cybercrime Study in Financial Services: 2019 Report
 
2020 Cost of Insider Threats Global Report with Dr. Larry Ponemon, Chairman ...
2020 Cost of Insider Threats Global Report with Dr. Larry Ponemon, Chairman ... 2020 Cost of Insider Threats Global Report with Dr. Larry Ponemon, Chairman ...
2020 Cost of Insider Threats Global Report with Dr. Larry Ponemon, Chairman ...
 
Étude mondiale d'EY sur la cybersécurité (2018)
Étude mondiale d'EY sur la cybersécurité (2018)Étude mondiale d'EY sur la cybersécurité (2018)
Étude mondiale d'EY sur la cybersécurité (2018)
 
What trends will 2018 bring for Business Continuity Professionals?
What trends will 2018 bring for Business Continuity Professionals?What trends will 2018 bring for Business Continuity Professionals?
What trends will 2018 bring for Business Continuity Professionals?
 
The digital economy and cybersecurity
The digital economy and cybersecurityThe digital economy and cybersecurity
The digital economy and cybersecurity
 
The State of Cyber
The State of CyberThe State of Cyber
The State of Cyber
 
CII Whitepaper India Cyber Risk & Resilience Review 2018
CII Whitepaper India Cyber Risk & Resilience Review 2018CII Whitepaper India Cyber Risk & Resilience Review 2018
CII Whitepaper India Cyber Risk & Resilience Review 2018
 
Cyber security investments 2021
Cyber security investments 2021Cyber security investments 2021
Cyber security investments 2021
 
Cyber Threat Intelligence − How to Get Ahead of Cybercrime
Cyber Threat Intelligence − How to Get Ahead of CybercrimeCyber Threat Intelligence − How to Get Ahead of Cybercrime
Cyber Threat Intelligence − How to Get Ahead of Cybercrime
 
Cyber Threat Intelligence − How to Get Ahead of Cybercrime
Cyber Threat Intelligence − How to Get Ahead of CybercrimeCyber Threat Intelligence − How to Get Ahead of Cybercrime
Cyber Threat Intelligence − How to Get Ahead of Cybercrime
 
Scalar security study2017_slideshare_rev[1]
Scalar security study2017_slideshare_rev[1]Scalar security study2017_slideshare_rev[1]
Scalar security study2017_slideshare_rev[1]
 
2017 Scalar Security Study Summary
2017 Scalar Security Study Summary2017 Scalar Security Study Summary
2017 Scalar Security Study Summary
 
Future Watch: Cybersecurity market in South Africa
Future Watch: Cybersecurity market in South Africa Future Watch: Cybersecurity market in South Africa
Future Watch: Cybersecurity market in South Africa
 
Understanding Cyber Security Risks in Asia
Understanding Cyber Security Risks in AsiaUnderstanding Cyber Security Risks in Asia
Understanding Cyber Security Risks in Asia
 
Endpoint Detection & Response - FireEye
Endpoint Detection & Response - FireEyeEndpoint Detection & Response - FireEye
Endpoint Detection & Response - FireEye
 
The importance of understanding the global cybersecurity index
The importance of understanding the global cybersecurity indexThe importance of understanding the global cybersecurity index
The importance of understanding the global cybersecurity index
 
L123
L123L123
L123
 
White Paper :- Spear-phishing, watering hole and drive-by attacks :- The New ...
White Paper :- Spear-phishing, watering hole and drive-by attacks :- The New ...White Paper :- Spear-phishing, watering hole and drive-by attacks :- The New ...
White Paper :- Spear-phishing, watering hole and drive-by attacks :- The New ...
 
idg_secops-solutions
idg_secops-solutionsidg_secops-solutions
idg_secops-solutions
 
Ninth Annual Cost of Cybercrime Study in Financial Services – 2019 Report
Ninth Annual Cost of Cybercrime Study in Financial Services – 2019 ReportNinth Annual Cost of Cybercrime Study in Financial Services – 2019 Report
Ninth Annual Cost of Cybercrime Study in Financial Services – 2019 Report
 

Kürzlich hochgeladen

Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort Service
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort ServiceBusty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort Service
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort Service
Delhi Call girls
 
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
Diya Sharma
 
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
Delhi Call girls
 
( Pune ) VIP Baner Call Girls 🎗️ 9352988975 Sizzling | Escorts | Girls Are Re...
( Pune ) VIP Baner Call Girls 🎗️ 9352988975 Sizzling | Escorts | Girls Are Re...( Pune ) VIP Baner Call Girls 🎗️ 9352988975 Sizzling | Escorts | Girls Are Re...
( Pune ) VIP Baner Call Girls 🎗️ 9352988975 Sizzling | Escorts | Girls Are Re...
nilamkumrai
 
Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...
Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...
Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...
SUHANI PANDEY
 
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
SUHANI PANDEY
 
Call Girls in Prashant Vihar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Prashant Vihar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort ServiceCall Girls in Prashant Vihar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Prashant Vihar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
9953056974 Low Rate Call Girls In Saket, Delhi NCR
 
Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...
Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...
Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...
SUHANI PANDEY
 
VVVIP Call Girls In Connaught Place ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...
VVVIP Call Girls In Connaught Place ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...VVVIP Call Girls In Connaught Place ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...
VVVIP Call Girls In Connaught Place ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...
Call Girls In Delhi Whatsup 9873940964 Enjoy Unlimited Pleasure
 
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls DubaiDubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
kojalkojal131
 
Real Escorts in Al Nahda +971524965298 Dubai Escorts Service
Real Escorts in Al Nahda +971524965298 Dubai Escorts ServiceReal Escorts in Al Nahda +971524965298 Dubai Escorts Service
Real Escorts in Al Nahda +971524965298 Dubai Escorts Service
Escorts Call Girls
 
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
SUHANI PANDEY
 
VIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 Booking
dharasingh5698
 
Nanded City ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready ...
Nanded City ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready ...Nanded City ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready ...
Nanded City ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready ...
tanu pandey
 
Call Now ☎ 8264348440 !! Call Girls in Rani Bagh Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Rani Bagh Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Rani Bagh Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Rani Bagh Escort Service Delhi N.C.R.
soniya singh
 
VIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 Booking
dharasingh5698
 
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
Escorts Call Girls
 
Sarola * Female Escorts Service in Pune | 8005736733 Independent Escorts & Da...
Sarola * Female Escorts Service in Pune | 8005736733 Independent Escorts & Da...Sarola * Female Escorts Service in Pune | 8005736733 Independent Escorts & Da...
Sarola * Female Escorts Service in Pune | 8005736733 Independent Escorts & Da...
SUHANI PANDEY
 

Kürzlich hochgeladen (20)

Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort Service
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort ServiceBusty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort Service
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort Service
 
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
 
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
 
( Pune ) VIP Baner Call Girls 🎗️ 9352988975 Sizzling | Escorts | Girls Are Re...
( Pune ) VIP Baner Call Girls 🎗️ 9352988975 Sizzling | Escorts | Girls Are Re...( Pune ) VIP Baner Call Girls 🎗️ 9352988975 Sizzling | Escorts | Girls Are Re...
( Pune ) VIP Baner Call Girls 🎗️ 9352988975 Sizzling | Escorts | Girls Are Re...
 
Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...
Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...
Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...
 
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
 
Call Girls in Prashant Vihar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Prashant Vihar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort ServiceCall Girls in Prashant Vihar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Prashant Vihar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
 
Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...
Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...
Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...
 
Russian Call Girls in %(+971524965298 )# Call Girls in Dubai
Russian Call Girls in %(+971524965298 )# Call Girls in DubaiRussian Call Girls in %(+971524965298 )# Call Girls in Dubai
Russian Call Girls in %(+971524965298 )# Call Girls in Dubai
 
Real Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirtReal Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirt
 
VVVIP Call Girls In Connaught Place ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...
VVVIP Call Girls In Connaught Place ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...VVVIP Call Girls In Connaught Place ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...
VVVIP Call Girls In Connaught Place ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...
 
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls DubaiDubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
 
Real Escorts in Al Nahda +971524965298 Dubai Escorts Service
Real Escorts in Al Nahda +971524965298 Dubai Escorts ServiceReal Escorts in Al Nahda +971524965298 Dubai Escorts Service
Real Escorts in Al Nahda +971524965298 Dubai Escorts Service
 
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
 
VIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 Booking
 
Nanded City ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready ...
Nanded City ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready ...Nanded City ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready ...
Nanded City ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready ...
 
Call Now ☎ 8264348440 !! Call Girls in Rani Bagh Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Rani Bagh Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Rani Bagh Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Rani Bagh Escort Service Delhi N.C.R.
 
VIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 Booking
 
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
 
Sarola * Female Escorts Service in Pune | 8005736733 Independent Escorts & Da...
Sarola * Female Escorts Service in Pune | 8005736733 Independent Escorts & Da...Sarola * Female Escorts Service in Pune | 8005736733 Independent Escorts & Da...
Sarola * Female Escorts Service in Pune | 8005736733 Independent Escorts & Da...
 

Threat Actors and Innovators - Webinar

  • 1. © 2019 Sparity Inc | For Webinar Use Only | Do Not Redistribute oTHREAT ACTORS AND INDUSTRY TARGETS Welcome to Live Webinar Jeff Surratt – CISP, CDFE, CIST Director – Cybersecurity Practice Sparity Inc
  • 2. © 2019 Sparity Inc | For Webinar Use Only | Do Not Redistribute  About Sparity  About the speaker  Impact Analysis  Target Industries  Sources of Cyber Threats  Geographies  The cost to US business  Intelligence Driven Targeting process  Data Aggregation and the Targeting Process  Sparity’s solution for your security program Agenda
  • 3. © 2019 Sparity Inc | For Webinar Use Only | Do Not Redistribute We are a global technology enterprise specialized in providing Digital Transformation and complex technology services to a wide range of enterprises, unicorn startups and social institutions. Established in 2010 with a goal to become a Global Innovation & Development partner. With nearly a decade of experience, we add compelling value through our agile and collaborative approach across your digital value chain. Next Generation Cyber Security for Connected Enterprises
  • 4. © 2019 Sparity Inc | For Webinar Use Only | Do Not Redistribute Jeff Surratt, CISSP, CDFE, CIST Director of Cyber Security Practice, Sparity Inc. Mr. Surratt has worked in Information Security for 20 years in various public and private sector Information Technology positions. Before becoming a Director at Sparity, he worked in the architecture team at CenturyLink advising clients on corporate and multinational cyber security solutions paying attention to the GRC requirements of the related industry. During his government career at the Naval Criminal Investigative Service (NCIS) he had roles in Counterintelligence, Force Protection, Supply Chain Risk and as Liaison to the Defense Intelligence Agency. Throughout his 20 year career he has concentrated on threats from Russia and the Asia Pacific region covering counterintelligence and cyber activities of Nation States and the businesses that support them. About the Speaker
  • 5. © 2019 Sparity Inc | For Webinar Use Only | Do Not Redistribute Discussions in the targeted business often revolves around “what” happened, “when” it happened and “what data was lost” Discovery includes - ”methods” and “data loss” but often the results focus on business impact and ramifications and ignore the “Who did it” and “Why”. 5 Impact analysis is only the beginning Impact Analysis
  • 6. © 2019 Sparity Inc | For Webinar Use Only | Do Not Redistribute Threat Actors and Industry Targets Supply Chain Supplychainattacksfundamentallyabusethe trustedchannels we(everyone oneofus) have withthe softwareprovidersandtheapplications thatempower dailybusinessandpersonal activities. Utilities From April toAugust,the unidentifiedhackershave targetedatleast17.Thetallyjumpedfromthe three utilitiesthe companyreportedon in Augustaftera freshbatchofphishing emails wasfound. Education Valuableintellectual propertyfromcampusresearch • Studentandemployeepersonalinformation • Computerprocessing powerusedforBitcoin mining Banking / Finance In a2018survey, 78%offinancialinstitutionswere confidentin theircybersecuritystrategies, yet1 ofevery 3 is successfullyattackedresulting in a72%increasein monetaryloss. Government Government andmilitarysecuritybreachestendtobehigh- profile.This sectoris targetedby: • Foreign powerstryingtospyornegatively impacta global competitor • Hacktivistslooking tomakea politicalstatement • Cybercriminalsseeking tomonetizetheabundant personalinformationin federal,state,andlocal databases
  • 7. © 2018 Sparity Inc | For Webinar Use Only | Do Not Redistribute HIGH
  • 8. © 2019 Sparity Inc | For Webinar Use Only | Do Not Redistribute Russia STONTIUM Operating since 2004 they launched a new campaign against the embassies and Ministry of Foreign Affairs in Eastern Europe and Central Asian countries. Sandworm Only one Russian hacker group has actually caused real-world blackouts: Cybersecurity analysts widely believe the hacker team called Sandworm, also known as Voodoo Bear and Telebots, carried out attacks on Ukrainian electric utilities in 2015 and 2016 that cut off power to hundreds of thousands of people. Palmetto Fusion The hackers behind the fresh series of attempted intrusions of US energy utilities remain far more mysterious than Energetic Bear or Sandworm. The group has hit energy utilities with "watering hole" and phishing attacks since 2015, with targets as far- flung as Ireland and Turkey in addition to the recently reported American COZY BEAR - Advanced Persistent Threat 28 and related threat actors sponsored by the General Staff of the Armed Forces of the Russian Federation (GRC) and the Federal Security Service FSB (ФСБ)
  • 9. © 2019 Sparity Inc | For Webinar Use Only | Do Not Redistribute China Gothic Panda is the first threat actor group attributed with a high degree of confidence directly to the Chinese Ministry of State Security (MSS). They are associated with Boyusec. • China Information Technology Evaluation Center (CNITSEC) is associated with ITSEC • CNITSEC’s Director, Wu Shizhong – has a corporate association with Huawei which is the largest cellphone maker in Asia Gothic Panda (Advanced Persistent Threat 3)
  • 10. © 2019 Sparity Inc | For Webinar Use Only | Do Not Redistribute China TICK (REDBALDKNIGHT) Cyber espionage group that first became notice in 2008 and recently launched a malware development campaign that targeted Government, Defense. While the main focus of the attack was in Asia, it is interesting to note that they have become active again. WINNTI formerly WICKED PANDA (APT 17) Cyber espionage group linked to the People’s Liberation Army (PLA) that first became noticed in 2009 and recently launched attacks against shortening common service such as Gmail to goo.gl It is believed they are not sharing information with other Chinese based groups and are not referred to Winnti Umbrella. Targets are often software organizations in the United States, Japan and China.
  • 11. © 2019 Sparity Inc | For Webinar Use Only | Do Not Redistribute TA407 (Silent Librarian associated with Iran) Silent Librarian is a prolific financially motivated actor operating out of Iran. The group was cited for “obtaining unauthorized access to computer systems, stealing proprietary data from those systems, and selling stolen data to Iranian customers, including the Iranian government and Iranian universities.” TA407’s activities resulted in the following damages: • Approximately $3.4 billion worth of intellectual property loss due to unauthorized access • 31.5 terabytes of academic data and IP theft from compromised universities • 7998 university accounts were successfully compromised worldwide • 3768 accounts compromised that belonged to professors at US-based universities Victims of the scheme included: • Approximately 144 universities in the United States • 176 foreign universities in 21 countries • Five federal and state government agencies in the United States • 36 private companies in the United States • 11 foreign private companies • Two international non-governmental organizations
  • 12. © 2019 Sparity Inc | For Webinar Use Only | Do Not Redistribute About Sparity INTELLIGENCE DRIVEN TARGETING PROCESS
  • 13. © 2019 Sparity Inc | For Webinar Use Only | Do Not Redistribute Data Aggregation - Use of related information to develop target profiles - High level executives - Management - Military Officers - Civilian Employees - Family - Friends - Memberships Attacks have become target specific based upon passed success and desired information. 1 – 2 Relationships - Customer data - Financial transactions - Partner data - International banks and corporations face regulations in each Country of operation. 3 - 4 Finance - Manipulation of components - Compromise of vendors - IoT attacks 5 - 6 Supply Chain - Banking and Finance - Health Care - Utilities - Government - Education 7 Industry 1 2 3 45 6 7 Data Reposito ry
  • 14. © 2019 Sparity Inc | For Webinar Use Only | Do Not Redistribute Data Aggregation and the Targeting Process InformationCollection Data Linkage Corporate Knowledge System Design Part Diagram Attack Method decided by what the target is and what may have worked in the past. If it is custom, then usually pass to a different division orcodeis paid for on the Dark WebTarget Analysis Social Media Corporate Directory News Who might nowabout the target Result Evaluation Relevant data acquired? Y or N The Hunt Begins Data Collection
  • 15. © 2018 Sparity Inc | For Webinar Use Only | Do Not Redistribute As the number of cyberattacks increase, and take more time to resolve, the cost of cybercrime continues to rise. In the last year, we have observed many stealthy, sophisticated and targeted cyberattacks against public and private sector organizations. Combined with the expanding threat landscape, organizations are seeing a steady rise in the number of security breaches—from 130 in 2017 to 145 in 2018 (see Figure 1). The impact of these cyberattacks to organizations, industries and society is substantial. Alongside the growing number of security breaches, the total cost of cybercrime for each company increased from US$11.7 million in 2017 to a new 2018 high of US$13.0 million—a rise of 12 percent (see Figure 2). The Cost to US Business
  • 16. © 2019 Sparity Inc | For Webinar Use Only | Do Not Redistribute About Sparity INTELLIGENCE DRIVEN TARGETING PROCESS SPARITY SOLUTIONS FOR YOUR SECURITY PROGRAM
  • 17. © 2019 Sparity Inc | For Webinar Use Only | Do Not Redistribute Our comprehensive portfolio under Vulnerability Management is focused on ensuring whether your enterprise can Identify, Manage and Mitigate Vulnerabilities. Threat and Vulnerability Assessment
  • 18. © 2019 Sparity Inc | For Webinar Use Only | Do Not Redistribute Cyber Analytics Cyber Analytics is an approach to cybersecurity focused on the analysis of data to produce proactive security measures. For example, monitored network traffic could be used to identify indicators of compromise before an actual threat occurs. Cyber analytics can analyse security events and it is possible to detect a threat before it has a chance to impact your infrastructure and bottom line.
  • 19. © 2019 Sparity Inc | For Webinar Use Only | Do Not Redistribute Implementation of our cyber framework, set of measured rules and practises, helps your organization to better manage and reduce cybersecurity risk. Our strategy and framework are intended to cultivate communications between both inner and outer authoritative partners. Our Framework • Asset Management • Business Environment Governance • Risk Assessment • Risk Management Strategy • Access Control • Awareness & Training • Data Security • Info protection & Procedures • Maintenance • Protective Tech • Anomalies & Events • Security Continuous Monitoring • Detection Process • Response Planning • Communications • Analysis • Mitigation • Improvements • Recovery Planning • Improvements • Communication • Mitigation • Improvements
  • 20. © 2019 Sparity Inc | For Webinar Use Only | Do Not Redistribute Implementation: • Confirm that all necessary components are well defined and link together • Ensure that internal control frameworks, policies, and procedures are appropriate • Clearly define and communicate roles and responsibilities • Use technology to facilitate implementation • Address stakeholder expectations with confidence Enterprise Risk Management
  • 21. © 2019 Sparity Inc | For Webinar Use Only | Do Not Redistribute This made it past my SPAM filter last night!
  • 22. © 2019 Sparity Inc | For Webinar Use Only | Do Not Redistribute Q & A
  • 23. © 2019 Sparity Inc | For Webinar Use Only | Do Not Redistribute