Building a response to cyber crime
|
|
- Shauna Richard
- 7 years ago
- Views:
Transcription
1 Building a response to cyber crime Oliver Gower Head of Strategy & Partnerships, National Cyber Crime Unit, NCA. April 2016 Leading the UK's fight to cut serious and organised crime
2 Building a response to cyber crime 1. The NCA s National Cyber Crime Unit Who we are & what we do. 2. Snapshot: The current cyber crime threat and our response 3. Rewind Where have we come from? 4. Key principles of an effective public/private response to cyber crime: i. Strategy: A holistic response seeking long term impact. ii. Technology and data: Delivering at scale. iii. People and Skills: Recruitment, retention & development. iv. Partnerships: Industry & Academia; Intelligence Agencies; Domestic & International Law Enforcement. 5. Operational Case Studies 6. Conclusion: This is not inevitable, if we innovate and work together.
3 1. The NCA s National Cyber Crime Unit Who we are & what we do.
4 SECURITY CLASSIFICATION The National Crime Agency Five Commands: Cyber, Child Exploitation, Economic Crime, Border Policing and Organised Crime. Operational resource working against the highest priority serious and organised criminals National Intelligence Hub & Intelligence Led National Coordination & Tasking Strong international presence SECURITY CLASSIFICATION
5 SECURITY CLASSIFICATION The NCCU: three core functions NCCU sits at the heart of the NCA and has three core functions: 1. Lead & Coordinate the UK s fight to cut cyber crime: Provide a specialist investigative response Work proactively to eliminate criminal opportunities and create a hostile environment for cyber criminals Coordinate the UK s effort against cyber-dependent crime. 2. Support wider law enforcement to tackle cyber crime: Provide specialist operational support & advice, to deliver results and simultaneously mainstream new capabilities. 3. Drive transformation of capabilities across UK to tackle cyber crime: infrastructure, technical capabilities & skills. SECURITY CLASSIFICATION
6 OFFICIAL Director - Jamie Saunders Deputy Director - Sarah Goodall OBE Mike Hulett Paul Edmunds Oliver Gower G1 Operations Prevent and Protect Technical Transformation Strategy and Intelligence G2 Operations (inc FIs) Investigation Development Team Ops Support Covert Support Unit Tactical Coordination ILOs Internet & Infrastructure Prevent Protect Technical Development Technical Discovery Strategic Relationships International Strategy Projects People Strategy BITSU / Operational Intelligence T D&D Picture of Threat Desk G3 G4 G5 G6 OFFICIAL
7 UK Cyber Crime Law Enforcement Landscape National Cyber Security Centre (launching 2016), including CERT UK National Crime Agency Lead, support & coordinate the UK s response to serious organised crime. Action Fraud Cyber crime and fraud reporting Regional Organised Crime Units Local Police Forces
8 OFFICIAL Snapshot: The current cyber crime threat and our response OFFICIAL
9 Threat Overview Elite cyber criminals mostly overseas Responsible for the most sophisticated and damaging financial trojans 16 major operations against them since the NCA went live: 2 ongoing High profile attacks impacting on UK individuals & businesses TalkTalk Data theft and extortion Ashley Madison Data theft and extortion DDoS against banks & retail Carphone Warehouse, British Gas Data theft VTech Data theft 130+ other significant incidents 2.5 million cyber crimes (Office for National Statistics ) Almost certainly an underestimate - under-reporting
10 Cyber crime marketplace Elements of the cyber crime marketplace
11 Financial Trojan Business Model
12 Financial Trojans: key services CRIMINAL VICTIM CRIMINAL VICTIM Development Armouring Delivery Execution Management Monetisation $ Malware Developer Cryptors Packers Traffic Sellers Spammers Exploit Kit developers Web Inject Coders System Administrators Botnet Operators Drop Organisers Mule Herders Mules Stuffers Malware CAVs Spambots Exploit Kits Loaders Remote Access Tools C2 Servers Proxy Layers Call Centres Recruitment Sites Compromised Accounts Development Tools / Software Bullet Proof Hosting Secure Communication Platforms
13 Threat direction 2016 International Organised Crime Groups increasingly professional and agile. Sophisticated business models. Denial of Service attacks increasingly easy to organise and potentially damaging. Likely increase in data breaches and the exploitation of stolen data for fraud and extortion. To watch the Internet of Things creating new opportunities for criminal. The as-a-service model and criminal marketplace will continue to lower the barrier of entry into cyber crime.
14 What has NCA achieved so far? Major disruptions against the most serious cyber threats, in partnership with global law enforcement & industry, e.g. Shylock and GameOverZeus Criminal internet infrastructure disrupted Key criminals apprehended Dynamic response to crimes-in-action Thousands of victims protected, thousands more remediated Millions of pounds safeguarded Potential criminals deterred A vastly improved domestic and global network of capability Now focussed on reducing reward / raising risk in long term But how did we get here?
15 3. Rewind Where have we come from?
16 The creation of NCA s National Cyber Crime Unit National Cyber Security Strategy, 2011, led to launch of National Cyber Security Programme ( 860m) Strong ministerial interest and backing for tackling cyber crime Saw the need to rationalise the UK law enforcement landscape, with merger of Metropolitan Police s Central e-crime Unit and SOCA s cyber unit: bringing together tactical and strategic expertise within a single law enforcement lead. February 2012 to October 2013, the design and build of the National Cyber Crime Unit, launched on 6 October 2013 Key programme streams: 1. Stocktake, consultation, gap analysis 2. Design document and delivery plan 3. Staffing, technology, infrastructure & funding requirements agreed 4. Delivery: Transition and Transformation, with Shadow NCCU live by April 2013 and Unit launching ahead of 6 October 2013 deadline.
17 4. Principles of building a successful public/private response to cyber crime Despite our successes, we have much more to do. We have learnt many lessons since October 2013 about the ingredients for an effective public/private response to cyber crime in any jurisdiction worldwide: i. Strategy: A holistic response. ii. Technology and data: Delivering at scale. iii. People and Skills: Recruitment, retention & development. iv. Partnerships: Industry & Academia; Intelligence Agencies; Domestic & International Law Enforcement.
18 Strategy: A holistic response. Protect the UK public from cyber attacks Stop cyber criminals in the UK Disrupt serious organised cyber criminals worldwide Increase the cost of criminality and reduce access to services UNCLASSIFIED
19 OFFICIAL Tackling Cyber crime - Our Toolkit PURSUE: Criminal investigations and disruption activity targeting the top tier cyber threats and supporting the response to the medium/lower level threats. PREVENT: Stopping individuals becoming involved in cyber crime at home and overseas Awareness, Intervention, undermining confidence online or real-world. PROTECT: Helping businesses/the public to avoid becoming victims Primary PROTECT to improve security practices; Secondary PROTECT to mitigate compromises at scale; Tertiary PROTECT to design out weaknesses in new systems or products. PREPARE: Responding effectively to major cyber attacks and mitigating their impact; building capability to deliver a 4P response at home and overseas. OFFICIAL
20 The Strategic Response Protect the UK public from cyber attacks Stop cyber criminals in the UK Disrupt serious organised cyber criminals worldwide Increase the cost of criminality and reduce access to services
21 The Strategic Response Protect the UK public from cyber attacks Stop cyber criminals in the UK Disrupt serious organised cyber criminals worldwide Increase the cost of criminality and reduce access to services
22 OFFICIAL Technology and Data OFFICIAL
23 Technology and Data - Ingest and analysis of bulk data to build the intelligence picture & build networks. - Mitigation of threats and vulnerabilities at pace and scale. - Developing in-house technical solutions: keeping pace with the criminals, e.g. dark net, e.g. mobile forensics. - Create an in-house Technical Development team to innovate solutions and drive change.
24 People & Skills: Recruitment, retention & development 1. A diverse workforce is your biggest strength: - Traditional Investigators - Technical expertise, e.g. programmers, engineers - Partnerships specialists - Financial investigators - Data Analysts - Behavioural experts 2. Be innovative in attracting officers, and invest in their development: - Career pathways for cyber officers - Qualifications and Masters courses - Secondments and exchanges 3. Accept staff turnover will increase, but make a virtue of it: - Industry network, symbiotic - Specials 4. Invest in a dedicated resource to manage your cyber expertise.
25 Partnerships: Industry & Academia; Intelligence Agencies; Domestic & International Law Enforcement.
26 NCA/Private sector integration
27 Industry partnerships Information and intelligence sharing to pursue criminals Reporting through Action Fraud Live-time sharing through CISP (CERT-UK) Sharing sensitive intelligence with the NCA via Section 7 Crime and Courts Act 2013 Integrated operational response Involving industry in operational prioritisation, planning and delivery Capability development Developing new tools and techniques in partnership, not in isolation.
28 International law enforcement Cyber crime is inherently international we need to work together to understand the threat, prioritise the response, deconflict and deliver joint operations. International mechanisms for cooperation are critical to our success Europol s EC3 and JCAT delivers joint operations INTERPOL s IGCI builds capacity worldwide NCFTA & IC4 in the US coordinate operations and international relationships We must support each other to build capacity and build emerging cyber crime capabilities worldwide
29 5. Operational Case Studies
30 Case Study 1: Trend Micro
31 Case Study 2: Microsoft and Symantec - RAMNIT Botnet
32 Case Study 3: Dridex International action involving FBI, Europol, Shadowserver amongst others Developed by criminals in Eastern Europe to harvest online banking details. A number of global financial institutions with varying payment systems have been targeted; total global losses currently stand over 100 million & UK losses at 20 million (much higher amounts safeguarded). Last year, the operation developed and deployed a sophisticated technical solution to disrupt Dridex, significantly reduced harm caused by the botnet. In parallel, judicial activity apprehended a key nominal. Existing infections contained. Meanwhile, NCA have worked with press and industry to signpost internet users to specific websites, where industrydesigned clean-up tools & security advice are available. Successful, but the criminals are resilient! This is an on-going operation involving partners from both law enforcement and industry at a global level. Now targeting other vulnerable aspects of the business model.
33
34 6. Conclusion We believe This level of threat is unacceptable & NOT inevitable. Protective security is vital but, alone, is insufficient we must disrupt the criminals: reducing the rewards, & raising the risk. Law enforcement and industry must do more to work together, to deliver a joined-up, synchronised response. We must share more intelligence on the most significant cyber attacks and the most serious cyber criminals. We must use these relationships and technology/data analysis to scale up the response, to deliver 4P outcomes at scale and at pace with an ever-evolving threat.
35 Oliver Gower Head of Strategy and Partnerships NCA s National Cyber Crime Unit. oliver.gower@nca.x.gsi.gov.uk +44 (0)
Need for a stronger law enforcement and business partnership to fight cyber crime
NCA Strategic Cyber Industry Group Cyber Crime Assessment 2016 Need for a stronger law enforcement and business partnership to fight cyber crime 7 July 2016 Version 1.2 Overview This assessment has been
More informationTackling Cyber Crime in the UK. Andy Archibald Deputy Director National Cyber Crime Unit
Tackling Cyber Crime in the UK Andy Archibald Deputy Director National Cyber Crime Unit Cybercrime Facts Cost of Cybercrime Reports of cyber crime to Action Fraud increase d by 30% 229 median number of
More informationNational Cyber Crime Unit
National Cyber Crime Unit Kevin Williams Partnership Engagement & National Cyber Capabilities Programme Kevin.Williams@nca.x.gsi.gov.uk Official Problem or opportunity Office for National Statistics In
More informationHow do we Police Cyber Crime?
How do we Police Cyber Crime? Thursday 4 th June 2015 Craig Jones, SEROCU Presentation Content UK policing cyber crime programme Cyber threat landscape and impact Cyber business resilience Future Challenges
More information------------------------------------------------------------------------------------------------------------------------
WRITTEN MINISTERIAL STATEMENT CABINET OFFICE 3 RD DECEMBER 2012 Minister for the Cabinet Office and Paymaster General: Progress on the UK Cyber Security Strategy: Protecting and Promoting the UK in a Digital
More informationCyber Crime ACC Crime
AGENDA ITEM 10 STRATEGIC POLICING AND CRIME BOARD 3 rd December 2013 Cyber Crime ACC Crime PURPOSE OF REPORT 1. The purpose of this report is to provide members of the Strategic Police and Crime Board
More informationBusiness Plan 2012/13
Business Plan 2012/13 Contents Introduction 3 About the NFA..4 Priorities for 2012/13 4 Resources.6 Reporting Arrangements.6 Objective 1 7 To raise the profile and awareness of fraud among individuals,
More informationENISA s Study on the Evolving Threat Landscape. European Network and Information Security Agency
ENISA s Study on the Evolving Threat Landscape European Network and Information Security Agency Agenda Introduction to ENISA Preliminary remarks The ENISA report Major findings Conclusions 2 ENISA The
More informationService and anonymisation.
THE INTERNET ORGANISED CRIME THREAT ASSESSMENT (IOCTA) 2014 9 EXECUTIVE SUMMARY The Internet Organised Crime Threat Assessment (iocta) informs decision makers at strategic, policy and tactical levels about
More informationCyber Security. CYBER SECURITY presents a major challenge for businesses of all shapes and sizes. Leaders ignore it at their peril.
Cyber Security Personal and commercial information is the new commodity of choice for the virtual thief, argues Adrian Leppard, Commissioner for City of London Police, as he sets out the challenges facing
More informationPol 24/15 Appendix 2. National Policing Fraud Protect Strategy
National Policing Fraud Protect Strategy Draft prepared by the National Police Coordinator for Economic Crime V2.1 February 2015 1 PROTECTING THE COMMUNITY FROM FRAUD Introduction: This is the draft National
More informationMicrosoft s cybersecurity commitment
Microsoft s cybersecurity commitment Published January 2015 At Microsoft, we take the security and privacy of our customers data seriously. This focus has been core to our culture for more than a decade
More informationCouncil of Europe Project on Cybercrime in Georgia Report by Virgil Spiridon and Nigel Jones. Tbilisi 28-29, September 2009
Council of Europe Project on Cybercrime in Georgia Report by Virgil Spiridon and Nigel Jones Tbilisi 28-29, September 2009 Presentation Contents An assessment of the Georgian view of cybercrime and current
More informationKeynote. Professor Russ Davis Chairperson IC4MF & Work Shop Coordinator for Coordinator for Technology, Innovation and Exploitation.
Keynote Professor Russ Davis Chairperson IC4MF & Work Shop Coordinator for Coordinator for Technology, Innovation and Exploitation 6 & 7 Nov 2013 So many of us now don t just work online but live part
More informationCorporate Security in 2016.
Corporate Security in 2016. A QA Report Study Highlights According to ThreatMetrix, businesses in the UK are at greater risk of cybercrime than any other country in the world. In a recent survey carried
More information1. This report outlines the Force s current position in relation to the Policing of Cyber Crime.
Agenda Item No. 5 COMMUNITY OUTCOMES MEETING SUBJECT: CYBER CRIME 4 August 2015 Report of the Chief Constable PURPOSE OF THE REPORT 1. This report outlines the Force s current position in relation to the
More informationCEOP Relationship Management Strategy
Making every child child matter matter... everywhere... everywhere CEOP Relationship Management Strategy Breaking down the barriers to understanding child sexual exploitation Child Exploitation and Online
More informationIMPLEMENTING A SECURITY ANALYTICS ARCHITECTURE
IMPLEMENTING A SECURITY ANALYTICS ARCHITECTURE Solution Brief SUMMARY New security threats demand a new approach to security management. Security teams need a security analytics architecture that can handle
More informationSENATE STANDING COMMITTEE ON LEGAL AND CONSTITUTIONAL AFFAIRS AUSTRALIAN FEDERAL POLICE. Question No. 100
SENATE STANDING COMMITTEE ON LEGAL AND CONSTITUTIONAL AFFAIRS AUSTRALIAN FEDERAL POLICE Question No. 100 Senator McKenzie asked the following question at the hearing on 24 May 2012: a) How do you define
More informationNew challenges in Data privacy.
New challenges in Data privacy. Zdravko Stoychev, CISM CRISC Information Security Officer Alpha Bank Bulgaria branch South East European Regional Forum on Cybersecurity and Cybercrime, 2013 11-13 Nov 2013
More informationNEW ZEALAND S CYBER SECURITY STRATEGY
Appendix 1 NEW ZEALAND S CYBER SECURITY STRATEGY June 2011 New Zealand Government 7 June 2011 ISBN: 978-0-478-38200-6 www.med.govt.nz/cyberstrategy MED11 Foreword from the Minister The Internet and digital
More informationTHE STRATEGIC POLICING REQUIREMENT. July 2012
THE STRATEGIC POLICING REQUIREMENT July 2012 Contents Foreward by the Home Secretary...3 1. Introduction...5 2. National Threats...8 3. Capacity and contribution...9 4. Capability...11 5. Consistency...12
More informationCyber Security Strategy
NEW ZEALAND S Cyber Security Strategy 2015 A secure, resilient and prosperous online New Zealand Ministerial Foreword The internet and technology have become a fundamental element in our lives. We use
More informationThe UK Cyber Security Strategy. Report on progress December 2012. Forward Plans
The UK Cyber Security Strategy Report on progress December 2012 Forward Plans We are at the end of the first year of meeting the objectives outlined in the National Cyber Security Strategy. A great deal
More informationCyber Security & Cyber Criminality: ~ The Facts ~ - Sgt Phil Cobley
Cyber Security & Cyber Criminality: ~ The Facts ~ - Sgt Phil Cobley Firstly, an apology + + = What shall we discuss What is Cyber Crime? What are the current threats? What is the capability of local and
More informationMOPAC C:? Programme for 2014/15 for the re-building of the MPS cyber capability to deliver a transformational
Title: Funding Application 2014/15 Cyber Crime Unit JEQUE5T FOR DMPC DECISION - DMPCD 2014 41 DMPCDv3 June 2012 1 F / Signature Date The aboyçjçest has my approval. Authority. Any such interests are recorded
More informationwww.pwc.co.uk Cyber security Building confidence in your digital future
www.pwc.co.uk Cyber security Building confidence in your digital future November 2013 Contents 1 Confidence in your digital future 2 Our point of view 3 Building confidence 4 Our services Confidence in
More informationNOT PROTECTIVELY MARKED Agenda Item: 8
NOT PROTECTIVELY MARKED Agenda Item: 8 TO: FROM: Business Co-ordination Board Chief Constable DATE: 22 May 2013 THE NATIONAL POLICING REQUIREMENT 1. Purpose of Paper This paper provides an overview of
More informationA Cyber Security Integrator s perspective and approach
A Cyber Security Integrator s perspective and approach Presentation to Saudi Arabian Monetary Agency March 2014 What is a Cyber Integrator? Security system requirements - Finance Building a specific response
More informationNational Plan to Address Cybercrime
National Plan to Address Cybercrime 2015 Improving our ability to prevent, investigate and respond to cybercrime Contents INTRODUCTION 3 Purpose of the Plan 3 What is cybercrime? 4 The nature of the cybercrime
More informationSecurity Risk Management Strategy in a Mobile and Consumerised World
Security Risk Management Strategy in a Mobile and Consumerised World RYAN RUBIN (Msc, CISSP, CISM, QSA, CHFI) PROTIVITI Session ID: GRC-308 Session Classification: Intermediate AGENDA Current State Key
More informationMiddle Class Economics: Cybersecurity Updated August 7, 2015
Middle Class Economics: Cybersecurity Updated August 7, 2015 The President's 2016 Budget is designed to bring middle class economics into the 21st Century. This Budget shows what we can do if we invest
More informationCyber Security Trends 2016. Market trends from leading security analysts and consultants at TÜV Rheinland, OpenSky, and OpenSky UK
Cyber Security Trends 2016 Market trends from leading security analysts and consultants at TÜV Rheinland, OpenSky, and OpenSky UK December, 2015 Cyber security Trends 2016 What do new technologies and
More informationPlaying Our Part in Responding to National Threats
Agenda Item 7 Report of: The Secretary of the Police and Crime Panel Date: 1 February 2016 1. Purpose of Report Playing Our Part in Responding to National Threats 1.1 This report provides Members with
More informationCrime and Policing newsletter: March 2013
Page 1 of 5 Home Office Part of: Crime and Policing newsletter: March 2013 Crime and Policing newsletter: March 2013 Published 2 April 2013 The March edition of the newsletter. HMIC review On 12 March
More information2 Gabi Siboni, 1 Senior Research Fellow and Director,
Cyber Security Build-up of India s National Force 2 Gabi Siboni, 1 Senior Research Fellow and Director, Military and Strategic Affairs and Cyber Security Programs, Institute for National Security Studies,
More informationEmergency Response Service. 2013 IBM Corporation
Emergency Response Service Who is our team The Cyber Security Intelligence and Response team is staffed with: Highly skilled forensic analysts and consultants dedicated to incident response. Resident malware
More informationSTATEMENT OF JOSEPH DEMAREST ASSISTANT DIRECTOR CYBER DIVISION FEDERAL BUREAU OF INVESTIGATION BEFORE THE
STATEMENT OF JOSEPH DEMAREST ASSISTANT DIRECTOR CYBER DIVISION FEDERAL BUREAU OF INVESTIGATION BEFORE THE HOMELAND SECURITY COMMITTEE SUBCOMMITTEE ON COUNTERTERRORISM AND INTELLIGENCE AND SUBCOMITTEE ON
More informationA NEW APPROACH TO CYBER SECURITY
A NEW APPROACH TO CYBER SECURITY We believe cyber security should be about what you can do not what you can t. DRIVEN BY BUSINESS ASPIRATIONS We work with you to move your business forward. Positively
More informationBT Assure Threat Intelligence
BT Assure Threat Intelligence Providing you with the intelligence to help keep your organisation safe BT Assure. Security that matters At all times, organisations are vulnerable to all kinds of cyber attacks
More informationFinancial Services and Technology Forum 10 July 2013. TOPIC: Cyber Security
Financial Services and Technology Forum 10 July 2013 Panellists: TOPIC: Cyber Security MEP Christian Engström (Greens, Sweden) Emmanuel Cabau, DG CONNECT, European Commission Cathrin Bauer-Bulst, DG HOME,
More informationThe Strategic Policing Requirement. March 2015
The Strategic Policing Requirement March 2015 Contents Foreword by the Home Secretary 3 1. Introduction 4 2. National threats 7 3. Policing response: 5Cs 9-14 4. Capacity and contribution 9 5. Capability
More informationThe Strategic Policing Requirement
The Strategic Policing Requirement An inspection of how police forces in England and Wales deal with threats of a large-scale cyber incident (including criminal attack) HMIC 2014 ISBN: 978-1-78246-402-0
More informationASSUMING A STATE OF COMPROMISE: EFFECTIVE DETECTION OF SECURITY BREACHES
ASSUMING A STATE OF COMPROMISE: EFFECTIVE DETECTION OF SECURITY BREACHES Leonard Levy PricewaterhouseCoopers LLP Session ID: SEC-W03 Session Classification: Intermediate Agenda The opportunity Assuming
More informationSTATEMENT OF JOSEPH M. DEMAREST, JR. ASSISTANT DIRECTOR CYBER DIVISION FEDERAL BUREAU OF INVESTIGATION
STATEMENT OF JOSEPH M. DEMAREST, JR. ASSISTANT DIRECTOR CYBER DIVISION FEDERAL BUREAU OF INVESTIGATION BEFORE THE SUBCOMMITTEE ON CRIME AND TERRORISM COMMITTEE ON JUDICIARY UNITED STATES SENATE ENTITLED:
More informationThe Cancer Running Through IT Cybercrime and Information Security
WHITE PAPER The Cancer Running Through IT Prepared by: Richard Brown, Senior Service Management Consultant Steve Ingall, Head of Consultancy 60 Lombard Street London EC3V 9EA T: +44 (0)207 464 8883 E:
More informationwww.pwc.nl/cybersecurity Cyber security Building confidence in your digital future
www.pwc.nl/cybersecurity Cyber security Building confidence in your digital future 2015 Contents 1 Confidence in your digital future 2 Our point of view 3 Building confidence 4 Our services Confidence
More informationAdvanced Threat Protection with Dell SecureWorks Security Services
Advanced Threat Protection with Dell SecureWorks Security Services Table of Contents Summary... 2 What are Advanced Threats?... 3 How do advanced threat actors operate?... 3 Addressing the Threat... 5
More informationMicrosoft Security Response Center (MSRC) Microsoft Malware Protection Center (MMPC)
Security@Microsoft Trustworthy Computing (TwC) Programs supporting security outreach and engagement Microsoft Active Protections Program (MAPP), Government Security Program (GSP) (was SCP) Microsoft Security
More informationCYBER SECURITY TRAINING SAFE AND SECURE
CYBER SECURITY TRAINING KEEPING YOU SAFE AND SECURE Experts in Cyber Security training. Hardly a day goes by without a cyber attack being reported. With this ever-increasing threat there is a growing need
More informationKASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES. www.kaspersky.com
KASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES www.kaspersky.com EXPERT SERVICES Expert Services from Kaspersky Lab are exactly that the services of our in-house experts, many of them global
More informationASEAN Regional Forum Cyber Incident Response Workshop Republic of Singapore 6-7 September 2012. Co-Chair s Summary Report
ASEAN Regional Forum Cyber Incident Response Workshop Republic of Singapore 6-7 September 2012 Co-Chair s Summary Report 1. Pursuant to the 18 th ASEAN Regional Forum (ARF) Ministerial meeting in Bali,
More informationKeynote: FBI Wednesday, February 4 noon 1:10 p.m.
Keynote: FBI Wednesday, February 4 noon 1:10 p.m. Speaker: Leo Taddeo Special Agent in Change, Cyber/Special Operations Division Federal Bureau of Investigation Biography: Leo Taddeo Leo Taddeo is the
More informationClose the security gap with a unified approach. Detect, block and remediate risks faster with end-to-end visibility of the security cycle
Close the security gap with a unified approach Detect, block and remediate risks faster with end-to-end visibility of the security cycle Events are not correlated. Tools are not integrated. Teams are not
More informationAddressing Cyber Risk Building robust cyber governance
Addressing Cyber Risk Building robust cyber governance Mike Maddison Partner Head of Cyber Risk Services The future of security The business environment is changing The IT environment is changing The cyber
More informationCybercrime: Improving international cooperation
The Hague, 12/06/2015 Cybercrime: Improving international cooperation GCCS2015 Parallel session 4 Document Reference [765004] Version [2] Discussion paper Europol Public Information 1 Introduction In preparation
More informationInto the cybersecurity breach
Into the cybersecurity breach Tim Sanouvong State Sector Cyber Risk Services Deloitte & Touche LLP April 3, 2015 Agenda Setting the stage Cyber risks in state governments Cyber attack vectors Preparing
More informationWHITE PAPER. Managed Security. Five Reasons to Adopt a Managed Security Service
WHITE PAPER Managed Security Five Reasons to Adopt a Managed Security Service Introduction Cyber security presents many organizations with a painful dilemma. On the one hand, they re increasingly vulnerable
More informationHow To Create An Insight Analysis For Cyber Security
IBM i2 Enterprise Insight Analysis for Cyber Analysis Protect your organization with cyber intelligence Highlights Quickly identify threats, threat actors and hidden connections with multidimensional analytics
More informationCyber security the facts
Cyber security the facts By Dr Carolyn Patteson, Executive Manager, CERT Australia The cyber threat is real and ever present and every business is at risk. Australia s security and intelligence agencies
More informationDevelopments in cybercrime and cybersecurity
Developments in cybercrime and cybersecurity Developments in cybercrime and cybersecurity As customers and clients increasingly go online to do their banking with convenience, privacy and security their
More informationCyber Security and Privacy Services. Working in partnership with you to protect your organisation from cyber security threats and data theft
Cyber Security and Privacy Services Working in partnership with you to protect your organisation from cyber security threats and data theft 2 Cyber Security and Privacy Services What drives your security
More informationCyber Security. John Leek Chief Strategist
Cyber Security John Leek Chief Strategist AGENDA The Changing Business Landscape Acknowledge cybersecurity as an enterprise-wide risk management issue not just an IT issue How to develop a cybersecurity
More informationNational Cyber Security Policy -2013
National Cyber Security Policy -2013 Preamble 1. Cyberspace 1 is a complex environment consisting of interactions between people, software and services, supported by worldwide distribution of information
More informationCYBER4SIGHT TM THREAT INTELLIGENCE SERVICES ANTICIPATORY AND ACTIONABLE INTELLIGENCE TO FIGHT ADVANCED CYBER THREATS
CYBER4SIGHT TM THREAT INTELLIGENCE SERVICES ANTICIPATORY AND ACTIONABLE INTELLIGENCE TO FIGHT ADVANCED CYBER THREATS PREPARING FOR ADVANCED CYBER THREATS Cyber attacks are evolving faster than organizations
More informationCyber Threat Intelligence Move to an intelligencedriven cybersecurity model
Cyber Threat Intelligence Move to an intelligencedriven cybersecurity model Stéphane Hurtaud Partner Governance Risk & Compliance Deloitte Laurent De La Vaissière Director Governance Risk & Compliance
More informationCyber Security Evolved
Cyber Security Evolved Aware Cyber threats are many, varied and always evolving Being aware is knowing what is going on so you can figure out what to do. The challenge is to know which cyber threats are
More informationPCL2\13991300\1 CYBER RISKS: RISK MANAGEMENT STRATEGIES
PCL2\13991300\1 CYBER RISKS: RISK MANAGEMENT STRATEGIES Cyber Attacks: How prepared are you? With barely a day passing without a reported breach of corporate information security, the threat to financial
More informationWAN security threat landscape and best mitigation practices. Rex Stover Vice President, Americas, Enterprise & ICP Sales
WAN security threat landscape and best mitigation practices. Rex Stover Vice President, Americas, Enterprise & ICP Sales The Cost of Cybercrime Sony $171m PlayStation 3 data breach (April 2011) $3 trillion
More informationA global infrastructure to safeguard your business_
Global Security Services A global infrastructure to safeguard your business_ Global Solutions More than just peace of mind: increase confidence and reduce risk across your entire organisation_ How do you
More informationEvolving Threats and Attacks: A Cloud Service Provider s viewpoint. John Howie Senior Director Online Services Security and Compliance
Evolving Threats and Attacks: A Cloud Service Provider s viewpoint John Howie Senior Director Online Services Security and Compliance Introduction Microsoft s Cloud Infrastructure Evolution of Threats
More informationCyber Security. A professional qualification awarded in association with University of Manchester Business School
ICA Advanced Certificate in Cyber Security A professional qualification awarded in association with University of Manchester Business School An Introduction to the ICA Advanced Certificate In Cyber Security
More informationWho s Doing the Hacking?
Who s Doing the Hacking? 1 HACKTIVISTS Although the term hacktivist refers to cyber attacks conducted in the name of political activism, this segment of the cyber threat spectrum covers everything from
More informationInternet Safety and Security: Strategies for Building an Internet Safety Wall
Internet Safety and Security: Strategies for Building an Internet Safety Wall Sylvanus A. EHIKIOYA, PhD Director, New Media & Information Security Nigerian Communications Commission Abuja, NIGERIA Internet
More informationFBI: Taking down Botnets - Testimony
FBI: Taking down Botnets - Testimony Joseph Demarest Assistant Director, Cyber Division Federal Bureau of Investigation Statement Before the Senate Judiciary Committee, Subcommittee on Crime and Terrorism
More informationCYBER SECURITY Audit, Test & Compliance
www.thalescyberassurance.com CYBER SECURITY Audit, Test & Compliance 02 The Threat 03 About Thales 03 Our Approach 04 Cyber Consulting 05 Vulnerability Assessment 06 Penetration Testing 07 Holistic Audit
More informationCyber Security for audit committees
AUDIT COMMITTEE INSTITUTE Cyber Security for audit committees An introduction kpmg.com/globalaci 2 Audit Committee Institute An introduction to cyber security for audit committees Audit committees have
More informationREPORT. Next steps in cyber security
REPORT March 2015 Contents Executive summary...3 The Deloitte and Efma questionnaire...5 Level of awareness...5 Level of significance...8 Level of implementation...11 Gap identification and concerns...15
More informationNATIONAL CYBERSECURITY STRATEGIES: AUSTRALIA AND CANADA
NATIONAL CYBERSECURITY STRATEGIES: AUSTRALIA AND CANADA JOÃO MANUEL ASSIS BARBAS Coronel de Artilharia. Assessor de Estudos do IDN INTRODUCTION Globalization and information and communication technologies
More informationYOUR TRUSTED PARTNER IN A DIGITAL AGE. A guide to Hiscox Cyber and Data Insurance
YOUR TRUSTED PARTNER IN A DIGITAL AGE A guide to Hiscox Cyber and Data Insurance 2 THE CYBER AND DATA RISK TO YOUR BUSINESS This digital guide will help you find out more about the potential cyber and
More informationCyber intelligence exchange in business environment : a battle for trust and data
Cyber intelligence exchange in business environment : a battle for trust and data Experiences of a cyber threat information exchange research project and the need for public private collaboration Building
More informationEuropol Cybercrime Centre. The perspective of Europol on Cybercrime. Courmayeur Mont Blanc, Italy, 2-4 December 2011
Europol Cybercrime Centre The perspective of Europol on Cybercrime Courmayeur Mont Blanc, Italy, 2-4 December 2011 The Threat The threat from cybercrime is multi-dimensional, targeting citizens, businesses,
More informationPublic-Private Partnerships against cybercrime. Jean-Christophe Le Toquin Director Internet Safety Microsoft EMEA
Public-Private Partnerships against cybercrime Jean-Christophe Le Toquin Director Internet Safety Microsoft EMEA The need for Public Private Partnerships to fight cybercrime Evidence needed by police to
More informationRoyal Canadian Mounted Police Cybercrime Strategy
Royal Canadian Mounted Police Cybercrime Strategy 2015 HER MAJESTY THE QUEEN IN RIGHT OF CANADA as represented by the Royal Canadian Mounted Police. Cat. no.: PS64-128/2015E-PDF ISBN: 978-0-660-03030-2
More informationAND RESPONSE. Continuity Insights Conference Chicago June 18-19, 2013. Unclassified
CYBER THREATS AND RESPONSE Continuity Insights Conference Chicago June 18-19, 2013 Unclassified OBJECTIVES Why it is important Threats, players, and response FBI s Next Generation Cyber Government and
More informationCatch Me If You Can. How to Prevent More of the Same Attacks to the Retail Sector. Abstract. Common Attack Characteristics RETAIL WHITE PAPER
RETAIL WHITE PAPER Catch Me If You Can How to Prevent More of the Same Attacks to the Retail Sector Abstract The retail sector has been hit by a series of cyber-attacks in the past few years, and even
More informationCybersecurity in SMEs: Evaluating the Risks and Possible Solutions. BANCHE E SICUREZZA 2015 Rome, Italy 5 June 2015 Arthur Brocato, UNICRI
Cybersecurity in SMEs: Evaluating the Risks and Possible Solutions BANCHE E SICUREZZA 2015 Rome, Italy 5 June 2015 Arthur Brocato, UNICRI UNICRI s Main Goals The United Nations Interregional Crime and
More informationThe European Response to the rising Cyber Threat
SPEECH/12/315 Cecilia Malmström European Commissioner responsible for Home Affairs The European Response to the rising Cyber Threat Transatlantic Cyber Conference organised by the Center for Strategic
More informationPreparing for a Cyber Attack PROTECT YOUR PEOPLE AND INFORMATION WITH SYMANTEC SECURITY SOLUTIONS
Preparing for a Cyber Attack PROTECT YOUR PEOPLE AND INFORMATION WITH SYMANTEC SECURITY SOLUTIONS CONTENTS PAGE RECONNAISSANCE STAGE 4 INCURSION STAGE 5 DISCOVERY STAGE 6 CAPTURE STAGE 7 EXFILTRATION STAGE
More informationCyber4sight TM Threat. Anticipatory and Actionable Intelligence to Fight Advanced Cyber Threats
Cyber4sight TM Threat Intelligence Services Anticipatory and Actionable Intelligence to Fight Advanced Cyber Threats Preparing for Advanced Cyber Threats Cyber attacks are evolving faster than organizations
More informationBOTNETS. Douwe Leguit, Manager Knowledge Center GOVCERT.NL
BOTNETS Douwe Leguit, Manager Knowledge Center GOVCERT.NL Agenda Bots: what is it What is its habitat How does it spread What are its habits Dutch cases Ongoing developments Visibility of malware vs malicious
More informationEffective Methods to Detect Current Security Threats
terreactive AG. Swiss Cyber Storm 2015. Effective Methods to Detect Current Security Threats Taking your IT security to the next level, you have to consider a paradigm shift. In the past companies mostly
More informationTLP WHITE. Denial of service attacks: what you need to know
Denial of service attacks: what you need to know Contents Introduction... 2 What is DOS and how does it work?... 2 DDOS... 4 Why are they used?... 5 Take action... 6 Firewalls, antivirus and updates...
More informationCybersecurity Kill Chain. William F. Crowe, CISA, CISM, CRISC, CRMA September 2015 ISACA Jacksonville Chapter Meeting August 13, 2015
Cybersecurity Kill Chain William F. Crowe, CISA, CISM, CRISC, CRMA September 2015 ISACA Jacksonville Chapter Meeting August 13, 2015 Who Am I? Over 20 years experience with 17 years in the financial industry
More informationCYBER SECURITY THREATS AND RESPONSES
CYBER SECURITY THREATS AND RESPONSES AT GLOBAL, NATION-STATE, INDUSTRY AND INDIVIDUAL LEVELS Heli Tiirmaa-Klaar* Although cyber security has accompanied the ICT sector since the first computer systems
More informationTop 5 Global Bank Selects Resolution1 for Cyber Incident Response.
MAJOR FINANCIAL SERVICES LEADER Top 5 Global Bank Selects Resolution1 for Cyber Incident Response. Automation and remote endpoint remediation reduce incident response (IR) times from 10 days to 5 hours.
More informationTHE NEW REALITY OF RISK CYBER RISK: TRENDS AND SOLUTIONS
THE NEW REALITY OF RISK CYBER RISK: TRENDS AND SOLUTIONS Read the Marsh Risk Management Research Briefing: Cyber Risks Extend Beyond Data and Privacy Exposures To access the report, visit www.marsh.com.
More informationScotland s National Action Plan to tackle Child Sexual Exploitation
Scotland s National Action Plan to tackle Child Sexual Exploitation Ministerial Foreword Aileen Campbell The safety and wellbeing of all children and young people is a key priority for the Scottish Government.
More informationGUERNSEY CYBER SECURITY REVIEW
GUERNSEY CYBER SECURITY REVIEW EXECUTIVE SUMMARY FOREWORD I am delighted that the States of Guernsey has completed a detailed cyber-security review which looks at government, businesses and individuals.
More information