the anatomy of cyber threat intelligence cti
play

THE ANATOMY OF CYBER THREAT INTELLIGENCE (CTI) Noureen Njoroge - PowerPoint PPT Presentation

Jan 29, 2023 •7 likes •197 views

THE ANATOMY OF CYBER THREAT INTELLIGENCE (CTI) Noureen Njoroge OVERVIEW Define Cyber Threat Intelligence (CTI) Define Cyber Intelligence (CI) Understand the importance of CTI to an organization Components of Threat Sources of

  1. THE ANATOMY OF CYBER THREAT INTELLIGENCE (CTI) Noureen Njoroge

  2. OVERVIEW • Define Cyber Threat Intelligence (CTI) • Define Cyber Intelligence (CI) • Understand the importance of CTI to an organization • Components of Threat • Sources of Cyber Threat Intelligence (CTI) • Categories of Cyber Threat Intelligence (CTI) • Benefits of Cyber Threat Intelligence (CTI) • Importance of real-time Cyber Threat Intelligence (CTI) Noureen Njoroge

  3. DEFINITION Cyber Threat Intelligence (CTI) Is the analysis of information related to adversaries who have the intent, opportunity and capability to do harm. Noureen Njoroge

  4. DEFINITION Cyber Intelligence (CI) Is the ability to gain knowledge about an enterprise and it’s existing conditions and capabilities. Noureen Njoroge

  5. COMPONENTS OF A SUCCESSFUL THREAT INTELLIGENCE STRATEGY Three Important components 1. Good Data Sources 2. Good Policies, Procedures and chain of command. 3. Good Threat Intelligence Analysts Noureen Njoroge

  6. CTI ON A CYBERSECURITY CHART

  7. Noureen Njoroge

  8. CTI IS INTELLIGENCE FOCUS Know the three components of threats: 1. Intent 2. Capability 3. Opportunity Noureen Njoroge

  9. CYBER THREAT INTELLIGENCE (CTI) SOURCES Past Incidents • Commercial Feeds • Govt & Non- Profit sharing programs • Threat Intel Reports • Noureen Njoroge

  10. CATEGORIES OF CYBER THREAT INTELLIGENCE Know the three categories of threats: 1. Tactical 2. Operational 3. Strategic Noureen Njoroge

  11. CATEGORIES OF CYBER THREAT INTELLIGENCE

  12. THE FIVE W ’ S & HOW Know threat and answer the 5 w ’s and How. WHEN WHERE WHY WHO WHAT HOW Noureen Njoroge

  13. CASE FOR CYBER THREAT INTELLIGENCE (CTI) Before Attack During an Attack After Attack Noureen Njoroge

  14. KEY BENEFITS OF CTI TO AN ORGANIZATION • It provides organizations a fighting chance to defeat ever-changing threats. • Provides a holistic view of the threat landscape and provide a posture to protect the organization from the multitude of threats they face ever day. Noureen Njoroge

  15. INTEGRITY OF CTI REPORTS “All organizations that share threat information to customers or the public through any channel should employ guidelines that help them ensure accuracy in their reporting. Even if all the facts aren’t clear, organizations can still communicate what they know—and avoid guessing. Being right is better than being first”. https://www.cisco.com/c/dam/m/hu_hu/campaigns/security-hub/pdf/acr-2018.pdf Noureen Njoroge

  16. BENEFITS OF REAL-TIME -- DYNAMIC CTI Provide visibility of threat landscape • Freshness of data • Collaboration • Threat context • Noureen Njoroge

  17. KEY TAKEAWAYS Detection • Context • Advance Persistent Threat (APT) • Community Defense • Noureen Njoroge

  18. FREE CTI RESOURCES https://www.mitre.org/capabilities/cybersecurity/cyber-threat-intelligence https://www.misp-project.org/feeds/ https://cymon.io https://www.us-cert.gov/ncas/alerts https://talosintelligence.com Noureen Njoroge

  19. CONTACT Noureen Njoroge cybersecmentorship@gmail.com or nnjoroge@cisco.com Linkedin @ Noureen Njoroge Thank you for your time Noureen Njoroge

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Agenda What is Cyber Threat Intelligence (CTI) Sandbox Malware analysis Debugger

Agenda What is Cyber Threat Intelligence (CTI) Sandbox Malware analysis Debugger

PUBLIC Agenda What is Cyber Threat Intelligence (CTI) Sandbox Malware analysis Debugger Malware analysis Static RE with IDA pro Arme suisse EPFL 2019 2 Base daide au commandement BAC Applied Cyber Threat Intelligence

765 views • 63 slides
European Framework for Threat Intelligence Based Ethical Redteaming (TIBER- EU) & Cyber

European Framework for Threat Intelligence Based Ethical Redteaming (TIBER- EU) & Cyber

European Framework for Threat Intelligence Based Ethical Redteaming (TIBER- EU) & Cyber Resilience Oversight Expectations (CROE) AMI-Pay 17 April 2018 Cyber Resilience Oversight Expectations (CROE) Rubric CROE why? Sets up a

415 views • 9 slides
The Cyber Threat: Securing Cyber Infrastructure Overview What are the FBIs Priorities?

The Cyber Threat: Securing Cyber Infrastructure Overview What are the FBIs Priorities?

The Cyber Threat: Securing Cyber Infrastructure Overview What are the FBIs Priorities? What is the FBIs Cyber Structure? HQ Division Dedicated Cyber squads in all 56 field offices, including satellite locations overseas.

1.54k views • 14 slides
Threat Intelligence Jeremy Batterman Global Leader Threat Intelligence GREM, EnCE, GCFA, MBA 3

Threat Intelligence Jeremy Batterman Global Leader Threat Intelligence GREM, EnCE, GCFA, MBA 3

Threat Intelligence Jeremy Batterman Global Leader Threat Intelligence GREM, EnCE, GCFA, MBA 3 October 2018 What is Intelligence Convincing evidence Probable cause, beyond a reasonable doubt, or preponderance of

646 views • 25 slides
The New Security Frontier: Threat Hunting, Augmented Intelligence, and Automated Response

The New Security Frontier: Threat Hunting, Augmented Intelligence, and Automated Response

The New Security Frontier: Threat Hunting, Augmented Intelligence, and Automated Response Michael Melore, CISSP IBM Cyber Security Advisor @MichaelMelore June 2018 May 2018 May 2018 Threat Hunting Workflow Cognitive Advanced Analytics

443 views • 15 slides
Cyber Security: The Current Threat T/Detective Chief Inspector Paul Peters Regional Cyber Crime

Cyber Security: The Current Threat T/Detective Chief Inspector Paul Peters Regional Cyber Crime

Cyber Security: The Current Threat T/Detective Chief Inspector Paul Peters Regional Cyber Crime Unit RCCU-Tarian@south-wales.pnn.police.uk The criminal landscape is changing OFFICIAL Why worry about Cybercrime? Reduce Threat

330 views • 30 slides
Trustworthy Host Platforms For Accelerated Research And Education: Strategic Cyber Threat

Trustworthy Host Platforms For Accelerated Research And Education: Strategic Cyber Threat

Trustworthy Host Platforms For Accelerated Research And Education: Strategic Cyber Threat Reduction Through International Research Cooperation John C. Mallery Computer Science & Artificial Intelligence Laboratory

599 views • 16 slides
Vajra Cyber Threat Mitigation Service (Vajra CTMS) A Military Grade Cyber Threat Mitigation

Vajra Cyber Threat Mitigation Service (Vajra CTMS) A Military Grade Cyber Threat Mitigation

Vajra Cyber Threat Mitigation Service (Vajra CTMS) A Military Grade Cyber Threat Mitigation Service for Businesses and Governments Cyber Security & Privacy Foundation Pte. Ltd., Singapore Cyber Security & Privacy Foundation (CSPF)

369 views • 21 slides
From 0 to Hero Actionable Threat Intelligence Raffaele Di Taranto Vito Lucatorto Our Journey

From 0 to Hero Actionable Threat Intelligence Raffaele Di Taranto Vito Lucatorto Our Journey

From 0 to Hero Actionable Threat Intelligence Raffaele Di Taranto Vito Lucatorto Our Journey in CTI : Problems & Solutions in Critical Infrastructure Vito Lucatorto Cyber Security Engineer @ FS Holding Experience in Banking

873 views • 42 slides
Data-Driven Threat Intelligence: Metrics on Indicator Dissemination and Sharing (#ddti)

Data-Driven Threat Intelligence: Metrics on Indicator Dissemination and Sharing (#ddti)

Data-Driven Threat Intelligence: Metrics on Indicator Dissemination and Sharing (#ddti) AlexandreSieira Alex Pinto CTO Chief Data Scientist Niddel MLSec Project @AlexandreSieira @alexcpsec @NiddelCorp @MLSecProject Agenda Cyber

585 views • 57 slides
MENA Information Security Conference 2017 On the Verge : Combating Cyber Threats leveraging Threat

MENA Information Security Conference 2017 On the Verge : Combating Cyber Threats leveraging Threat

MENA Information Security Conference 2017 On the Verge : Combating Cyber Threats leveraging Threat Intelligence, Faster Detection & Automated Response Adaptive Security Strategy for SOC Ramy AlDamati Principle CyberSecurity Solution

680 views • 31 slides
THE EVOLVING CYBER THREAT LANDSCAPE : Ensuring the Integrity and Value of Information Sean

THE EVOLVING CYBER THREAT LANDSCAPE : Ensuring the Integrity and Value of Information Sean

THE EVOLVING CYBER THREAT LANDSCAPE : Ensuring the Integrity and Value of Information Sean Kanuck Director of Cyber, Space and Future Conflict The International Institute for Strategic Studies NATO Parliamentary Assembly Warsaw, Poland 27

694 views • 10 slides
Cyber Catastrophe in the Movies: Realistic Threat or Hollywood Hokum? MODERATOR: PANELISTS:

Cyber Catastrophe in the Movies: Realistic Threat or Hollywood Hokum? MODERATOR: PANELISTS:

Cyber Catastrophe in the Movies: Realistic Threat or Hollywood Hokum? MODERATOR: PANELISTS: Larry Clinton Scott Borg US Cyber Consequences Unit Internet Security Alliance Paul Davis NJVC Tim McKnight Northrop Grumman Danny McPherson

661 views • 32 slides
CONFRONTING THE CYBER THREAT David J. Hickton SAC-PA Workshop Founding Director Pittsburgh,

CONFRONTING THE CYBER THREAT David J. Hickton SAC-PA Workshop Founding Director Pittsburgh,

CONFRONTING THE CYBER THREAT David J. Hickton SAC-PA Workshop Founding Director Pittsburgh, Pennsylvania University of Pittsburgh Institute for Cyber June 22, 2017 Law, Policy, and Security Chinese Economic Espionage First time the United

716 views • 13 slides
Advanced Cyber Risk Management Threat Modeling & Cyber Wargaming April 23, 2018 The

Advanced Cyber Risk Management Threat Modeling & Cyber Wargaming April 23, 2018 The

Advanced Cyber Risk Management Threat Modeling & Cyber Wargaming April 23, 2018 The Homeland Security Systems Engineering and Development Institute (HSSEDI) is a trademark of the U.S. Department of Homeland Security (DHS). The HSSEDI

149 views • 13 slides
Overview Introduction Legal framework Dynamics of the threat Nature of cyber

Overview Introduction Legal framework Dynamics of the threat Nature of cyber

BISC : Cyber Security What can the VSSE contribute? 1 BISC - 19/11/12 Overview Introduction Legal framework Dynamics of the threat Nature of cyber attacks Targeting Paradigm shifts Whos targeting what? Tools

340 views • 5 slides
CTI New Coordinator Institute July 10, 2014 Rockdale Career Academy Dr. John D. Barge, State

CTI New Coordinator Institute July 10, 2014 Rockdale Career Academy Dr. John D. Barge, State

CTI New Coordinator Institute July 10, 2014 Rockdale Career Academy Dr. John D. Barge, State School Superintendent Making Education Work for All Georgians www.gadoe.org Dropout Rate Post Transition School Plans Outcomes

435 views • 31 slides
CTI & CAREER TECH What do I do? I have special education students in my class, The Georgia

CTI & CAREER TECH What do I do? I have special education students in my class, The Georgia

CTI & CAREER TECH What do I do? I have special education students in my class, The Georgia Career and Technical Instruction (CTI) support service is designed to support students with disabilities enrolled in Career, Technical and

481 views • 23 slides
Carmen de Andacollo April 2012 Forward Looking Information Both these slides and the

Carmen de Andacollo April 2012 Forward Looking Information Both these slides and the

Carmen de Andacollo April 2012 Forward Looking Information Both these slides and the accompanying oral presentation contain certain forward-looking statements within the meaning of the United States Private Securities Litigation Reform Act of

694 views • 35 slides
PRESIDENTIAL CAMPAIGNS & IMMUTABLE INFRASTRUCTURE Or, how we learned to stop worrying and

PRESIDENTIAL CAMPAIGNS & IMMUTABLE INFRASTRUCTURE Or, how we learned to stop worrying and

PRESIDENTIAL CAMPAIGNS & IMMUTABLE INFRASTRUCTURE Or, how we learned to stop worrying and love the cloud Michael E Fisher JUNE 28, 2017 F r a n k e n b u m p hello BUT FIRST, HOW DID WE GET HERE? MONTH DD, YYYY 6 feel:

660 views • 44 slides
The UNCAT and India: Perspectives on Ratification Webinar 24 June 2020 Organised by

The UNCAT and India: Perspectives on Ratification Webinar 24 June 2020 Organised by

The UNCAT and India: Perspectives on Ratification Webinar 24 June 2020 Organised by Commonwealth Human Rights Initiative and the Organisation Mondiale Contre la Torture Presentation by Dr. Alice Edwards, Head of the CTI Secretariat Check

394 views • 3 slides
support the development of quality of HEIs: the case of CTI Anne-Marie JOLLY, Teresa SANCHEZ

support the development of quality of HEIs: the case of CTI Anne-Marie JOLLY, Teresa SANCHEZ

Developing quality processes in accreditation agencies to support the development of quality of HEIs: the case of CTI Anne-Marie JOLLY, Teresa SANCHEZ Commission des Titres d Ingnieur ENAEE Conference 2013 KU Leuven, 16 th -17 th September

743 views • 20 slides
Final Outcomes APEC Conference ICT Energy Efficiency - Presentation Purpose: Information

Final Outcomes APEC Conference ICT Energy Efficiency - Presentation Purpose: Information

___________________________________________________________________________ 2011/SOM3/SCSC/050a Agenda Item: 6 Final Outcomes APEC Conference ICT Energy Efficiency - Presentation Purpose: Information Submitted by: United States Second

47 views • 3 slides
Bulk Transmission Cost Allocation ~~~~~~~~ History & Policy 1 CWSAA 12CP

Bulk Transmission Cost Allocation ~~~~~~~~ History & Policy 1 CWSAA 12CP

Bulk Transmission Cost Allocation ~~~~~~~~ History & Policy 1 CWSAA 12CP 2018-04-09 Why bulk transmission ? Because generation energy sources are distant from the load they serve HYDRO COAL & CONVERSION COGEN WIND &

279 views • 8 slides

More recommend