Bot-Trek Cyber Intelligence (CI)
|
|
- Elizabeth Barrett
- 8 years ago
- Views:
Transcription
1 (CI) a platform which allows customers the ability to monitor, analyze and predict potential threats to information security relevant to the company, its partners and customers
2 Examples of Incidents Home Depot's 56 Million Card Breach Bigger Than Target's Chinese Hackers Target srael s Iron Dome Massive Sony breach sheds light on murky hacker universe Home Depot Inc. said 56 million cards may have been compromised in a five-month attack on its payment terminals, making the breach much bigger than the holiday attack at Target Corp. Three Israeli defense contractors responsible for building the Iron Dome missile shield currently protecting Israel from a barrage of rocket attacks were compromised by hackers and robbed of huge quantities of sensitive documents pertaining to the shield technology. Last week Sony admitted to having suffered a major cybersecurity breach; hackers not only erased data from its systems, but also stole, and released to the public, pre-release movies, people s private information, and sensitive documents. Data Breach at Health Insurer Anthem Could Impact Millions, Banks: Card Thieves Hit White Lodging Again, FBI: Businesses Lost $215M to Scams, Home Depot: 56M Cards Impacted, Malware Contained, Medical Records For Sale in Underground Stolen From Texas Life Insurance Firm, Sony Breach May Have Exposed Employee Healthcare, Salary Data, Malware Based Credit Card Breach at Kmart, Dairy Queen Confirms Breach at 395 Stores, Huge Data Leak at Largest U.S. Bond Insurer, Hackers Plundered Israeli Defense Firms that Built Iron Dome Missile Defense System, ebay Urges Password Changes After Breach, Target: Names, s, Phone Numbers on Up To 70 Million Customers Stolen 2
3 Targeted Attacks in 2014 Anunak Hacking of more than 50 Russian banks, 5 payment systems, and 16 retail companies. Access to isolated banking systems, ATMs, , and payment gateways. Regin Hacking of telecom operators, state-owned companies, research institutions, and political organizations. Access to confidential information, tracking of GSM networks. Energetic Bear Hacking of energy, pharmaceutical, construction and educational institutions. Careto Hacking of government, diplomatic, energy, oil, investment companies and research institutes. 3
4 Data on Damage (HP, PWC, Group-IB) Reacting to the incident after it has already occurred is very expensive in terms of both the management of consequences and the eradication of attacker from the internal infrastructure $ 40 mln is earned by one criminal group by stealing in Internet banking information Damage amount, 2013 Damage amount, 2014 Large organizations Income: over $ 1 bln $ 3.9 mln $ 5.9 mln * Group-IB data Medium-sized organizations Income: over $ 100 mln to $ 1 bln $ 1 mln $ 1.3 mln Small organizations Income: less than $ 100 mln $ 0.65 mln $ 0.41 mln $ 1.5 mln is direct damage caused by the targeted attack < $ 1.2 mln is сamount of direct steals we prevent per year Incidents cause great damage to large organizations The average amount of financial losses due to information security incidents, * PWC data Average damage due to cyber attacks per $ 12.7 mln In Russia, $ 3.3 mln *HP, Ponemon data 4
5 Incident Development Time Seconds Minutes Hours Days Weeks Months Years From attack to discredit 10% 75% 12% 2% 0% 1% 1% Hacking takes minutes From discredit to leakage 10% 38% 14% 25% 8% 8% 0% From leakage to detection 0% 0% 2% 13% 29% 54% 2% Detection and elimination take weeks and months From detection to localization and elimination 0% 1% % 17% 4% Time scale of events in % of the total number of hackings * Source: 2012 Verizon Data Breach Investigations 5
6 Why do Incidents Happen? Means of protection do not provide information on attackers, used tools and attack tactics Accidentally intercepted password can be the beginning of the targeted attack It is not possible to distinguish among thousands of events those that are really important The event importance can not be adequately estimated without the knowledge of the hacking target No indicators to identify interesting incidents 6
7 Be Proactive Forecast possible attacks Identify attacks in preparation Preparation 1. Exploration Collection of s, confidential information, etc. 2. Arming Collection exploits and backdoors Hours-months Study attack tactics based on other incidents Be prepared to resist threats in advance Hacking 5. Installation of malicious programs in victim s devices 4. Exploitation of vulnerabilities by using malicious programs in victim s devices 3. Delivery of arms to the victim via , Web, USB, etc. Seconds Suppress attack at the very beginning Data leakage 6. Management Sending commands for remote control of victim s device 7. Impact on the facilities, access to needed data Months 7
8 What is Needed for Proactive Protection? Cyber Intelligence makes it possible to prevent the incident at the preparation stage and to become proactive Be constantly involved in the analysis of various incidents Track data leakage outside the protection perimeter Identify hacked accounts in botnets and phishing pages Be provided with the infrastructure for data processing and receive information on new threats Track attack on partners and customers Study data on new threats Analyze connections between events 8
9 Bot-Trek Сyber Intelligence a platform enabling the customer to monitor, analyze and predict potential threats to information security that are relevant to the company, its partners and customers SaaS-solution: no installation required Integration with antifraud systems and IDS/IPS/SIEM Stix/Taxii support 9
10 CI Operation Initial data Intelligence Bank cards Analysis and trends Compatible with Stix/Taxii Botnets Investigations Sandboxes Correlation Analysis and check Risk notifications Cracked passwords, databases, etc. API for Enterprise security Deep Web Hacktivism analysis SPAM traps CERT Intelligence exchange Additional data c ollection DDoS, Deface, Phishing, Malvertising feeds Dashboard Malware Suspect IP Social networks Forensic Relation to regions and business areas Дропы/Mules 10
11 The Data We Provide Strategic data: Analysis of the actions of criminal groups Assessment of attacks in various countries/ business segments Forecasting new threats Information on the most relevant threats Tactical/operational data: Information on threats and analysis Information on current attacks Information on criminal groups/their tools/tactics Technical indicators: IP and URL addresses Names of malicious attachments Themes of letters with targeted attacks Hacked legitimate web-sites spreading malware CChanges in the operating system Abnormal signs Information on logins/passwords of the company, its partners and customers 11
12 Who Can Use the Data As the Security/Risk Manager You can: As the Marketing Director You can: Prevent accidents and fraud Correctly assess risks to the company Develop tactical and strategic security plans Track trends, global and local threats Assess the effectiveness of military protection processes Improve the effectiveness of the marketing tools you use Always be aware of the threats your company could be exposed to and have the tools for rapid counteraction. If necessary, add new channels to interact with potential customers of your company Respond effectively to current challenges As the Director of Human Resources (HR) You can: Track unlawful activity of your employees Adjust the policy of the Company depending on the identified threats As the Chief Executive Office (CEO) You can: Always be aware of the most dangerous threats your company could be exposed to Assess the effectiveness of protected investments Be aware of potential financial losses 12
13 How to Manage the Large Amounts of Data? API for integration with your SIEM, IPS, and Firewall Individual notifications of targeted attacks on you for you, your partners, and clients Tactic information can be filtered for countries and business areas We support the STIX format upon submission of threat data 24x7 support 13
14 Data Sources and Information Storage Security Confidential data is available only to those companies which they belong to We process data in 11 languages Data on different countries are stored on servers in those countries: storage devices are currently deployed in the USA, Germany, Russia, the Netherlands, and Great Britain 14
15 Analytics and Trends Data flow Content Possibilities Analysis of hacking companies Company Damage evaluation Analytics and trends Quarterly digests Statistical data Invest expediently Adjust the risk map Identify your enemy Forecasting of threats Prioritize threats 15
16 Discredited Data Data flow Content Possibilities Logins/passwords Company IMEI / IMSI Discredited data Card data Files: SMS, screen images, logs Ensure against corporate leakage Ensure against fraud of customers Stop targeted attacks Drops (Mules) Get confirmation of hacking Identify the hacking source 16
17 Threats Data flow Content Possibilities Hacking tools Company Tactics Threats Data leakage Hiring of insiders Correlate with your incidents Forecast the risks Identify an insider Warn the personnel and directorate Adapt the response plan 17
18 Daily Attacks Data flow Content Possibilities DDoS Company Deface Attacks Phishing Malvertising Trace the bursts Forecast Identify the infections Estimate the risks 18
19 Hacktivists and Cyberterrorists Data flow Content Possibilities Operations Company Groups Hacktivists Interrelations Experience Trace the leakages Study the attack tactics Estimate the risks Tools Eliminate the attack consequences Forecast 19
20 Targeted attacks Data flow Content Possibilities Tactics Company Tools Targeted attacks Indicators Identify the attack Adjust the protection tools Estimate the risks Protect the partners 20
21 Suspect IP Addresses Data flow Content Possibilities TOR nodes Company Open proxy IP addresses Private SOCKS proxy Compromised servers Identify the attacks Integrate with antifraud systems 21
22 Quick Start 1. Convenient WEB-interface for data search and analysis 2. Simple and quick connection process 3. API for integration with existing protection systems 22
23 Russia is the Source of the Most Interesting Threats Bank trojans Zeus SpyEye Carberp Tinba Dyre/Dyreza DDoS trojans Black Energy Optima Darkness Dirt Jumper Drive Revolution Rovnix Gozi/ISFB Targeted attacks Red October Energetic bear Anunak Exploit Kits BlackHole Angler Rig Nuclear Neutrino Styx 23
24 Group-IB in Russia CERT-GIB is the first day-and-night accredited center for monitoring and detecting cyber threats Group-IB has the largest computer forensics lab in Eastern Europe Customers with daily existing incidents Competent in operation with domains such as RU, RF, SU, ТАТАР, ДЕТИ Infrastructure of analysis of network traffic Virus analysts, criminal experts, response team, own R&D 24
25 Why Group-IB? Group-IB is one of 7 most influential information security companies One of 7 companies included in the Gartner report in Cyber Intelligence section 80% of all huge legal cases in a field of cybercrime involve Group-IB s expertise and research 12 YEARS of experience in a field of computer forensics cyber crime prevention and brand protection Europol signed an agreement with Group-IB to cooperate in combating cybercrime on a global scale Group-IB s experts release detailed report on cyber crime trends every year Rostec has chosen Bot-Trek as one of the main solutions that help create corporate security system 25
26 Participation of Group-IB in Notable Investigations Arrest of the author of Blackhole exploits: 40% of infections in the world occurred with the use of his exploits Arrest of Leonid Kuvaev: According to SPAMHOUSE, he is one of three most dangerous spammers of the world Anunak/Carbanak Attacks: successfully hacked over 50 banks Arrest of the Carberp group: botnet of more than 6 million computers, hundreds of millions of dollars stolen Arrest of the owner of the first bank mobile botnet 26
27 Ask about all possibilities of Manager Alexander Tushkanov Head, International Sales Group-IB ext. 575 (Moscow landline) +44 (0) (UK mobile)
RETHINKING CYBER SECURITY Changing the Business Conversation
RETHINKING CYBER SECURITY Changing the Business Conversation October 2015 Introduction: Diane Smith Michigan Delegate Higher Education Conference Speaker Board Member 2 1 1. Historical Review Agenda 2.
More informationSecurity Intelligence Services. www.kaspersky.com
Kaspersky Security Intelligence Services. Threat Intelligence Services www.kaspersky.com THREAT INTELLIGENCE SERVICES Tracking, analyzing, interpreting and mitigating constantly evolving IT security threats
More informationEMERGING THREATS & STRATEGIES FOR DEFENSE. Stephen Coty Chief Security Evangelist @StephenCoty
EMERGING THREATS & STRATEGIES FOR DEFENSE Stephen Coty Chief Security Evangelist @StephenCoty Industry Analysis 2014 Data Breaches - Ponemon Ponemon 2014 Data Breach Report *Statistics from 2013 Verizon
More informationCloud and Security (Cloud hacked via Cloud) Lukas Grunwald
Cloud and Security (Cloud hacked via Cloud) Lukas Grunwald About DN-Systems Global Consulting and Technology Services Planning Evaluation Auditing Operates own Security Lab Project Management Integral
More informationInternet threats: steps to security for your small business
Internet threats: 7 steps to security for your small business Proactive solutions for small businesses A restaurant offers free WiFi to its patrons. The controller of an accounting firm receives a confidential
More informationWHITE PAPER Cloud-Based, Automated Breach Detection. The Seculert Platform
WHITE PAPER Cloud-Based, Automated Breach Detection The Seculert Platform Table of Contents Introduction 3 Automatic Traffic Log Analysis 4 Elastic Sandbox 5 Botnet Interception 7 Speed and Precision 9
More informationI ve been breached! Now what?
I ve been breached! Now what? THE AFTERMATH OF A BREACH & STEPS TO REDUCE RISK The number of data breaches in the United States in 2014 hit a record high. And 2015 is not looking any better. There have
More informationVisualizing Threats: Improved Cyber Security Through Network Visualization
Visualizing Threats: Improved Cyber Security Through Network Visualization Intended audience This white paper has been written for anyone interested in enhancing an organizational cyber security regime
More informationChristos Douligeris cdoulig at unipi dot gr. Department of Informatics University of Piraeus
cdoulig at unipi dot gr Department of Informatics University of Piraeus Safety & Security in Cyber Space: Building up Trust in the EU Athens, 6-7 March 2014 Cybersecurity: where do we stand? Major Trends
More informationSecurity strategies to stay off the Børsen front page
Security strategies to stay off the Børsen front page Steve Durkin, Channel Director for Europe, Q1 Labs, an IBM Company 1 2012 IBM Corporation Given the dynamic nature of the challenge, measuring the
More informationWho s Doing the Hacking?
Who s Doing the Hacking? 1 HACKTIVISTS Although the term hacktivist refers to cyber attacks conducted in the name of political activism, this segment of the cyber threat spectrum covers everything from
More informationIT SECURITY RISKS SURVEY 2014: A BUSINESS APPROACH TO MANAGING DATA SECURITY THREATS
IT SECURITY RISKS SURVEY 2014: A BUSINESS APPROACH TO MANAGING DATA SECURITY THREATS Contents Introduction... 2 Key figures... 3 Methodology... 4 Concerns and priorities of IT managers: data comes first...
More informationCollateral Effects of Cyberwar
Your texte here. Collateral Effects of Cyberwar by Ilia Kolochenko for Geneva Information Security Day 9 th of October 2015 Quick Facts and Numbers About Cybersecurity In 2014 the annual cost of global
More information1. For each of the 25 questions, multiply each question response risk value (1-5) by the number of times it was chosen by the survey takers.
Employee Security Awareness Survey Trenton Bond trent.bond@gmail.com Admin - Version 1.3 Security Awareness One of the most significant security risks that organizations and corporations face today is
More informationApplying the 80/20 approach for Operational Excellence. How to combat new age threats, optimize investments and increase security.
Applying the 80/20 approach for Operational Excellence How to combat new age threats, optimize investments and increase security Vinod Vasudevan Agenda Current Threat Landscape The 80/20 Approach Achieving
More informationGroup-IB. Stages of Sustainable Solid Development. Acquisition by Leta Group. Creation of CERT-GIB. International Expansion. Group-IB is founded
Group-IB Group-IB is founded Acquisition by Leta Group International Expansion Creation of CERT-GIB Dedicated Certified Professionals 60+ employees 2012 2003 2010 2011 2011 Stages of Sustainable Solid
More informationWho Drives Cybersecurity in Your Business? Milan Patel, K2 Intelligence. AIBA Quarterly Meeting September 10, 2015
Who Drives Cybersecurity in Your Business? Milan Patel, K2 Intelligence AIBA Quarterly Meeting September 10, 2015 The Answer 2 Everyone The relationship between the board, C-suite, IT, and compliance leaders
More informationThe Impact of Cybercrime on Business
The Impact of Cybercrime on Business Studies of IT practitioners in the United States, United Kingdom, Germany, Hong Kong and Brazil Sponsored by Check Point Software Technologies Independently conducted
More informationInformation Security Addressing Your Advanced Threats
Information Security Addressing Your Advanced Threats Where We are Going Information Security Landscape The Threats You Face How To Protect Yourself This Will Not Be Boring What Is Information Security?
More informationCyber/IT Risk: Threat Intelligence Countering Advanced Adversaries Jeff Lunglhofer, Principal, Booz Allen. 14th Annual Risk Management Convention
Cyber/IT Risk: Threat Intelligence Countering Advanced Adversaries Jeff Lunglhofer, Principal, Booz Allen 14th Annual Risk Management Convention New York, New York March 13, 2013 Today s Presentation 1)
More informationAttackers are highly skilled, persistent, and very motivated at finding and exploiting new vectors. Microsoft Confidential for internal use only
Attackers are highly skilled, persistent, and very motivated at finding and exploiting new vectors Microsoft Confidential for internal use only Wall Street Journal, JP Morgan, Lockheed, Bushehr nuclear
More informationWhen less is more (Spear-Phishing and Other Methods to Steal Data) Alexander Raczyński
When less is more (Spear-Phishing and Other Methods to Steal Data) Alexander Raczyński 1 Agenda Spear-Fishing the new CEO Fear How to Fight Spear-Fishing It s All About the Data Evolution of the bad guys
More informationSecurity A to Z the most important terms
Security A to Z the most important terms Part 1: A to D UNDERSTAND THE OFFICIAL TERMINOLOGY. This is F-Secure Labs. Learn more about the most important security terms with our official explanations from
More informationSecurity Challenges and Solutions for Higher Education. May 2011
Security Challenges and Solutions for Higher Education May 2011 Discussion Topics Security Threats and Challenges Education Risks and Trends ACH and Wire Fraud Malware and Phishing Techniques Prevention
More informationHong Kong Information Security Outlook 2015 香 港 資 訊 保 安 展 望
Hong Kong Information Security Outlook 2015 香 港 資 訊 保 安 展 望 Agenda Information Security Trends Year 2014 in Review Outlook for 2015 Advice to the Public Hong Kong Computer Emergency Response Team Coordination
More informationCombating a new generation of cybercriminal with in-depth security monitoring. 1 st Advanced Data Analysis Security Operation Center
Combating a new generation of cybercriminal with in-depth security monitoring 1 st Advanced Data Analysis Security Operation Center The Challenge Don t leave your systems unmonitored. It takes an average
More informationMalware, Phishing, and Cybercrime Dangerous Threats Facing the SMB State of Cybercrime
How to Protect Your Business from Malware, Phishing, and Cybercrime The SMB Security Series Malware, Phishing, and Cybercrime Dangerous Threats Facing the SMB State of Cybercrime sponsored by Introduction
More informationTrends in Malware DRAFT OUTLINE. Wednesday, October 10, 12
Trends in Malware DRAFT OUTLINE Presentation Synopsis Security is often a game of cat and mouse as security professionals and attackers each vie to stay one step ahead of the other. In this race for dominance,
More informationCombating a new generation of cybercriminal with in-depth security monitoring
Cybersecurity Services Combating a new generation of cybercriminal with in-depth security monitoring 1 st Advanced Data Analysis Security Operation Center The Challenge Don t leave your systems unmonitored.
More informationPractical Threat Intelligence. with Bromium LAVA
Practical Threat Intelligence with Bromium LAVA Practical Threat Intelligence Executive Summary Threat intelligence today is costly and time consuming and does not always result in a reduction of successful
More information2012 Bit9 Cyber Security Research Report
2012 Bit9 Cyber Security Research Report Table of Contents Executive Summary Survey Participants Conclusion Appendix 3 4 10 11 Executive Summary According to the results of a recent survey conducted by
More informationUnknown threats in Sweden. Study publication August 27, 2014
Unknown threats in Sweden Study publication August 27, 2014 Executive summary To many international organisations today, cyber attacks are no longer a matter of if but when. Recent cyber breaches at large
More informationTop tips for improved network security
Top tips for improved network security Network security is beleaguered by malware, spam and security breaches. Some criminal, some malicious, some just annoying but all impeding the smooth running of a
More informationDissecting the Recent Cyber Security Breaches. Yu Cai School of Technology Michigan Technological University
Dissecting the Recent Cyber Security Breaches Yu Cai School of Technology Michigan Technological University Disclaimers Most information in this presentation was collected from various sources on the Internet.
More informationThe Cost of Phishing. Understanding the True Cost Dynamics Behind Phishing Attacks A CYVEILLANCE WHITE PAPER MAY 2015
The Cost of Phishing Understanding the True Cost Dynamics Behind Phishing Attacks A CYVEILLANCE WHITE PAPER MAY 2015 Executive Summary.... 3 The Costs... 4 How To Estimate the Cost of an Attack.... 5 Table
More informationU. S. Attorney Office Northern District of Texas March 2013
U. S. Attorney Office Northern District of Texas March 2013 What Is Cybercrime? Hacking DDOS attacks Domain name hijacking Malware Other computer related offenses, i.e. computer and internet used to facilitate
More informationMarble & MobileIron Mobile App Risk Mitigation
Marble & MobileIron Mobile App Risk Mitigation SOLUTION GUIDE Enterprise users routinely expose their employers data and threaten network security by unknowingly installing malicious mobile apps onto their
More informationWHAT EVERY CEO, CIO AND CFO NEEDS TO KNOW ABOUT CYBER SECURITY.
WHAT EVERY CEO, CIO AND CFO NEEDS TO KNOW ABOUT CYBER SECURITY. A guide for IT security from BIOS The Problem SME s, Enterprises and government agencies are under virtually constant attack today. There
More informationQUARTERLY REPORT 2015 INFOBLOX DNS THREAT INDEX POWERED BY
QUARTERLY REPORT 2015 INFOBLOX DNS THREAT INDEX POWERED BY EXPLOIT KITS UP 75 PERCENT The Infoblox DNS Threat Index, powered by IID, stood at 122 in the third quarter of 2015, with exploit kits up 75 percent
More informationCYBERSECURITY HOT TOPICS
1 CYBERSECURITY HOT TOPICS Secure Banking Solutions 2 Presenter Chad Knutson VP SBS Institute Senior Information Security Consultant Masters in Information Assurance CISSP, CISA, CRISC www.protectmybank.com
More informationAddressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst
ESG Brief Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst Abstract: APTs first came on the scene in 2010, creating a wave
More informationDefending Against. Phishing Attacks
Defending Against Today s Targeted Phishing Attacks DeFending Against today s targeted phishing attacks 2 Introduction Is this email a phish or is it legitimate? That s the question that employees and
More informationInformation Security Threat Trends
Talk @ Microsoft Security Day Sep 2005 Information Security Threat Trends Mr. S.C. Leung 梁 兆 昌 Senior Consultant 高 級 顧 問 CISSP CISA CBCP M@PISA Email: scleung@hkcert.org 香 港 電 腦 保 安 事 故 協 調 中 心 Introducing
More informationTHREAT VISIBILITY & VULNERABILITY ASSESSMENT
THREAT VISIBILITY & VULNERABILITY ASSESSMENT Date: April 15, 2015 IKANOW Analysts: Casey Pence IKANOW Platform Build: 1.34 11921 Freedom Drive, Reston, VA 20190 IKANOW.com TABLE OF CONTENTS 1 Key Findings
More informationBOTNETS. Douwe Leguit, Manager Knowledge Center GOVCERT.NL
BOTNETS Douwe Leguit, Manager Knowledge Center GOVCERT.NL Agenda Bots: what is it What is its habitat How does it spread What are its habits Dutch cases Ongoing developments Visibility of malware vs malicious
More informationEight Essential Elements for Effective Threat Intelligence Management May 2015
INTRODUCTION The most disruptive change to the IT security industry was ignited February 18, 2013 when a breach response company published the first research that pinned responsibility for Advanced Persistent
More informationCountering Insider Threats Jeremy Ho
Countering Insider Threats Jeremy Ho Strategic Sales Group (ASEAN) 1 CONFIDENTIAL Key Challenges Impacting Organization Today REGULATORY COMPLIANCE Rising Data Volumes Changing Requirements Prioritization
More informationWhite paper. Phishing, Vishing and Smishing: Old Threats Present New Risks
White paper Phishing, Vishing and Smishing: Old Threats Present New Risks How much do you really know about phishing, vishing and smishing? Phishing, vishing, and smishing are not new threats. They have
More informationProtection against DDoS and WEB attacks. Michael Soukonnik Radware Ltd michaels@radware.com
Protection against DDoS and WEB attacks Michael Soukonnik Radware Ltd michaels@radware.com Landscape Ponemon Research 2012: Cyber security threats Cyber security threats according to risk mitigation priority
More informationCompromises in Healthcare Privacy due to Data Breaches
Compromises in Healthcare Privacy due to Data Breaches S. Srinivasan, PhD Distinguished Professor of Information Systems Jesse H. Jones School of Business Texas Southern University, Houston, Texas, USA
More informationSymantec Cyber Threat Analysis Program Program Overview. Symantec Cyber Threat Analysis Program Team
Symantec Cyber Threat Analysis Program Symantec Cyber Threat Analysis Program Team White Paper: Symantec Security Intelligence Services Symantec Cyber Threat Analysis Program Contents Overview...............................................................................................
More informationAPPLICATION PROGRAMMING INTERFACE
DATA SHEET Advanced Threat Protection INTRODUCTION Customers can use Seculert s Application Programming Interface (API) to integrate their existing security devices and applications with Seculert. With
More informationProtecting Your Mid-Size Business from Today s Security Threats
Protecting Your Mid-Size Business from Today s Security Threats In this issue: Think You re Too Small to Get Hacked? Think Again Security and Compliance: Similar but not the same How Do You Know When You
More informationUsing big data analytics to identify malicious content: a case study on spam emails
Using big data analytics to identify malicious content: a case study on spam emails Mamoun Alazab & Roderic Broadhurst Mamoun.alazab@anu.edu.au http://cybercrime.anu.edu.au 2 Outline Background Cybercrime
More informationBotnets: The Advanced Malware Threat in Kenya's Cyberspace
Botnets: The Advanced Malware Threat in Kenya's Cyberspace AfricaHackon 28 th February 2014 Who we Are! Paula Musuva-Kigen Research Associate Director, Centre for Informatics Research and Innovation (CIRI)
More informationSecurity and Privacy
Security and Privacy Matthew McCormack, CISSP, CSSLP CTO, Global Public Sector, RSA The Security Division of EMC 1 BILLIONS OF USERS MILLIONS/BILLIONS OF APPS 2010 Cloud Big Data Social Mobile Devices
More informationCybercrime myths, challenges and how to protect our business. Vladimir Kantchev Managing Partner Service Centrix
Cybercrime myths, challenges and how to protect our business Vladimir Kantchev Managing Partner Service Centrix Agenda Cybercrime today Sources and destinations of the attacks Breach techniques How to
More informationA Case for Managed Security
A Case for Managed Security By Christopher Harper Managing Director, Security Superior Managed IT & Security Services 1. INTRODUCTION Most firms believe security breaches happen because of one key malfunction
More informationAnatomy of Cyber Threats, Vulnerabilities, and Attacks
Anatomy of Cyber Threats, Vulnerabilities, and Attacks ACTIONABLE THREAT INTELLIGENCE FROM ONTOLOGY-BASED ANALYTICS 1 Anatomy of Cyber Threats, Vulnerabilities, and Attacks Copyright 2015 Recorded Future,
More informationLooking Behind the Attacks - Top 3 Attack Vectors to Understand in 2015
WHITEPAPER Looking Behind the Attacks - Top 3 Attack Vectors to Understand in 2015 Malcolm Orekoya Network & Security Specialist 30 th January 2015 Table of Contents Introduction... 2 Identity Defines
More informationEndpoint & Server Protection. Brent Biernat First Vice President Network Services May 13, 2014
Endpoint & Server Protection Brent Biernat First Vice President Network Services May 13, 2014 The Evolution of Cyber Crime 1878 Bell Telephone Teenage Switchboard Operator Disconnected calls, eavesdropped,
More informationAnti-exploit tools: The next wave of enterprise security
Anti-exploit tools: The next wave of enterprise security Intro From malware and ransomware to increasingly common state-sponsored attacks, organizations across industries are struggling to stay ahead of
More informationWhat s Wrong with Information Security Today? You are looking in the wrong places for the wrong things.
What s Wrong with Information Security Today? You are looking in the wrong places for the wrong things. AGENDA Current State of Information Security Data Breach Statics Data Breach Case Studies Why current
More information7 Things All CFOs Should Know About Cyber Security
Insero & Company s Accounting & Finance Education Series Presents 7 Things All CFOs Should Know About Cyber Security September 23, 2014 Michael Montagliano Chief Technologist, IV4. Inc. CERTIFIED PUBLIC
More informationTHE CHANGING FACE OF CYBERCRIME AND WHAT IT MEANS FOR BANKS
THE CHANGING FACE OF CYBERCRIME AND WHAT IT MEANS FOR BANKS David Glockner, Managing Director strozfriedberg.com Overview The big picture: what does cybercrime look like today and how is it evolving? What
More informationPractice Good Enterprise Security Management. Presented by Laurence CHAN, MTR Corporation Limited
Practice Good Enterprise Security Management Presented by Laurence CHAN, MTR Corporation Limited About Me Manager Information Security o o o o Policy formulation and governance Incident response Incident
More informationTMCEC CYBER SECURITY TRAINING
1 TMCEC CYBER SECURITY TRAINING Agenda What is cyber-security? Why is cyber-security important? The essential role you play. Overview cyber security threats. Best practices in dealing with those threats.
More informationCyber Security in Taiwan's Government Institutions: From APT To. Investigation Policies
Cyber Security in Taiwan's Government Institutions: From APT To Investigation Policies Ching-Yu, Hung Investigation Bureau, Ministry of Justice, Taiwan, R.O.C. Abstract In this article, we introduce some
More informationThe Growing Need for Real-time and Actionable Security Intelligence Date: February 2014 Author: Jon Oltsik, Senior Principal Analyst
ESG Brief The Growing Need for Real-time and Actionable Security Intelligence Date: February 2014 Author: Jon Oltsik, Senior Principal Analyst Abstract: ESG data indicates that many enterprise organizations
More informationRSA Security Analytics
RSA Security Analytics This is what SIEM was Meant to Be 1 The Original Intent of SIEM Single compliance & security interface Compliance yes, but security? Analyze & prioritize alerts across various sources
More informationPerspectives on Cyber Security Strategies & Tactics
Perspectives on Cyber Security Strategies & Tactics Joshua Schmookler, Passaic County NJ MIS Department Security Administrator Micah Hassinger, Bergen County NJ Communications Director of Information Technology
More informationManaging Web Security in an Increasingly Challenging Threat Landscape
Managing Web Security in an Increasingly Challenging Threat Landscape Cybercriminals have increasingly turned their attention to the web, which has become by far the predominant area of attack. Small wonder.
More informationOverview. Common Internet Threats. Spear Phishing / Whaling. Phishing Sites. Virus: Pentagon Attack. Viruses & Worms
Overview Common Internet Threats Tom Chothia Computer Security, Lecture 19 Phishing Sites Trojans, Worms, Viruses, Drive-bydownloads Net Fast Flux Domain Flux Infiltration of a Net Underground economy.
More informationContents. 1 Kaspersky Lab
RUSSIAN FINANCIAL CYBERCRIME: HOW IT WORKS. Ruslan Stoyanov, Head of Computer Incidents Investigation Contents Introduction... 2 Situation overview... 2 The structure of the Russian-language cybercriminal
More informationCYBER4SIGHT TM THREAT INTELLIGENCE SERVICES ANTICIPATORY AND ACTIONABLE INTELLIGENCE TO FIGHT ADVANCED CYBER THREATS
CYBER4SIGHT TM THREAT INTELLIGENCE SERVICES ANTICIPATORY AND ACTIONABLE INTELLIGENCE TO FIGHT ADVANCED CYBER THREATS PREPARING FOR ADVANCED CYBER THREATS Cyber attacks are evolving faster than organizations
More informationData Center security trends
Data Center security trends Tomislav Tucibat Major accounts Manager, Adriatic Copyright Fortinet Inc. All rights reserved. IT Security evolution How did threat market change over the recent years? Problem:
More informationITAR Compliance Best Practices Guide
ITAR Compliance Best Practices Guide 1 Table of Contents Executive Summary & Overview 3 Data Security Best Practices 4 About Aurora 10 2 Executive Summary & Overview: International Traffic in Arms Regulations
More informationThe Cloud App Visibility Blindspot
The Cloud App Visibility Blindspot Understanding the Risks of Sanctioned and Unsanctioned Cloud Apps and How to Take Back Control Introduction Today, enterprise assets are more at risk than ever before
More informationSIZE DOESN T MATTER IN CYBERSECURITY
SIZE DOESN T MATTER IN CYBERSECURITY WE SECURE THE FUTURE SIZE DOESN T MATTER IN CYBERSECURITY WE SECURE THE FUTURE TABLE OF CONTENTS SIZE DOESN T MATTER IN CYBERSPACE 03 SUMMARY 05 TOP REASONS WHY SMBS
More informationPrivacy Liability & Data Breach Management Nikos Georgopoulos Cyber Risks Advisor cyrm October 2014
Privacy Liability & Data Breach Management Nikos Georgopoulos Cyber Risks Advisor cyrm October 2014 Nikos Georgopoulos Privacy Liability & Data Breach Management wwww.privacyrisksadvisors.com October 2014
More informationNetwork that Know. Rasmus Andersen Lead Security Sales Specialist North & RESE
Network that Know Rasmus Andersen Lead Security Sales Specialist North & RESE Email Gateway vendor CERT AV vendor Law enforcement Web Security Vendor Network security appliance vendor IT Department App
More informationITU WSIS Thematic Meeting on Countering Spam: The Scope of the problem. Mark Sunner, Chief Technical Officer MessageLabs
ITU WSIS Thematic Meeting on Countering Spam: The Scope of the problem Mark Sunner, Chief Technical Officer MessageLabs 6 th July 2004 MessageLabs MessageLabs protects businesses worldwide against email
More informationWhy a Network-based Security Solution is Better than Using Point Solutions Architectures
Why a Network-based Security Solution is Better than Using Point Solutions Architectures In This Paper Many threats today rely on newly discovered vulnerabilities or exploits CPE-based solutions alone
More informationUnified Security Management and Open Threat Exchange
13/09/2014 Unified Security Management and Open Threat Exchange RICHARD KIRK SENIOR VICE PRESIDENT 11 SEPTEMBER 2014 Agenda! A quick intro to AlienVault Unified Security Management (USM)! Overview of the
More information2014 Entry Form (Complete one for each entry.) Fill out the entry name exactly as you want it listed in the program.
2014 Entry Form (Complete one for each entry.) Fill out the entry name exactly as you want it listed in the program. Entry Name HFA Submission Contact Phone Email Qualified Entries must be received by
More informationWAN security threat landscape and best mitigation practices. Rex Stover Vice President, Americas, Enterprise & ICP Sales
WAN security threat landscape and best mitigation practices. Rex Stover Vice President, Americas, Enterprise & ICP Sales The Cost of Cybercrime Sony $171m PlayStation 3 data breach (April 2011) $3 trillion
More informationJUNIPER NETWORKS SPOTLIGHT SECURE THREAT INTELLIGENCE PLATFORM
JUNIPER NETWORKS SPOTLIGHT SECURE THREAT INTELLIGENCE PLATFORM May 2015 Nguyễn Tiến Đức ASEAN Security Specialist Agenda Modern Malware: State of the Industry Dynamic Threat Intelligence on the Firewall
More informationProtect Your Business and Customers from Online Fraud
DATASHEET Protect Your Business and Customers from Online Fraud What s Inside 2 WebSafe 5 F5 Global Services 5 More Information Online services allow your company to have a global presence and to conveniently
More informationWEB ATTACKS AND COUNTERMEASURES
WEB ATTACKS AND COUNTERMEASURES February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in
More informationES ET DE LA VIE PRIVÉE E 29 th INTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY COMMISSIONERS
ES ET DE LA VIE PRIVÉE E 29 th INTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY COMMISS The Internet Threat Landscape Symantec TM Dean Turner Director Global Intelligence Network Symantec Security
More informationFighting Cyber Crime in the Telecommunications Industry. Sachi Chakrabarty
Fighting Cyber Crime in the Telecommunications Industry Sachi Chakrabarty Agenda Cyber Crime What s all the fuss about CyberCrime? DoS Attacks Telco Solutions Cybercrime? Cybercrime Definition All criminal
More informationKnowing Your Enemy How Your Business is Attacked. Andrew Rogoyski June 2014
Knowing Your Enemy How Your Business is Attacked Andrew Rogoyski June 2014 Why Cyber is the New Security 1986: Lawrence Berkeley NL discovers attempt to copy US Government Information on Arpanet 1988:
More informationDigital Evidence and Threat Intelligence
Digital Evidence and Threat Intelligence 09 November 2015 Mark Clancy CEO www.soltra.com @soltraedge External Threats Growing 117,339 incoming attacks every day The total number of security incidents detected
More informationIBM Security Strategy
IBM Security Strategy Intelligence, Integration and Expertise Kate Scarcella CISSP Security Tiger Team Executive M.S. Information Security IBM Security Systems IBM Security: Delivering intelligence, integration
More informationChallenges in Industrial IT-Security Dr. Rolf Reinema, Head of Technology Field IT-Security, Siemens AG Siemens AG 2015. All rights reserved
Siemens AG - Corporate Technology - IT Security Challenges in Industrial IT-Security Dr. Rolf Reinema, Head of Technology Field IT-Security, Siemens AG Siemens AG 2015. All rights reserved Not a single
More informationCommissioned Study. SURVEY: Web Threats Expose Businesses to Data Loss
Commissioned Study SURVEY: Web Threats Expose Businesses to Data Loss Introduction Web-borne attacks are on the rise as cybercriminals and others who do harm to computer systems for profit or malice prey
More informationINDUSTRY OVERVIEW: RETAIL
ii IBM MSS INDUSTRY OVERVIEW: RETAIL RESEARCH AND INTELLIGENCE REPORT RELEASE DATE: JANUARY 5, 215 BY: DAVID MCMILLEN, SENIOR THREAT RESEARCHER Copyright IBM Corporation 214. All rights reserved. IBM and
More informationWhat s Lurking in Your Network & The Business Impact of Data Breaches. Colby Clark Director of Incident Management FishNet Security
What s Lurking in Your Network & The Business Impact of Data Breaches Colby Clark Director of Incident Management FishNet Security Who am I? Colby Clark is the Director of Incident Management at Fishnet
More informationKEY STEPS FOLLOWING A DATA BREACH
KEY STEPS FOLLOWING A DATA BREACH Introduction This document provides key recommended steps to be taken following the discovery of a data breach. The document does not constitute an exhaustive guideline,
More informationManaging Your Cyber & Data Risk 2010 NTA Convention Montreal, Quebec
Managing Your Cyber & Data Risk 2010 NTA Convention Montreal, Quebec Jeremy Ong Divisional Vice-President Great American Insurance Company November 13, 2010 1 Agenda Overview of data breach statistics
More information