threat landscape 2015
play

Threat Landscape 2015 2015 - PowerPoint PPT Presentation

Mar 30, 2024 •393 likes •549 views

Threat Landscape 2015 2015 Louis Marinos| NIS Expert 1 April 2015 European Union Agency For Network And Information Security Subject of the talk The motto of 5 th Infocom

  1. Threat Landscape 2015 “Το τοπίο των κυβερνοκινδύνων για το 2015″ Louis Marinos| NIS Expert 1 April 2015 European Union Agency For Network And Information Security

  2. Subject of the talk The motto of 5 th Infocom Security: Mind the Risk. Be proactive! Define protection needs Adapt your defences 2

  3. Risks, assets, threats, defences… Risk oriented Threat oriented Preventive - Patterns - Big data - Threat - Threat Agents - Triage - Weakness - Attack vectors - Actions - Impact - Kill chains - Controls - Acceptance levels - Trends - Controls Asset oriented Threat Operational Risk/Business Intelligence Intelligence Intelligence

  4. Cyber-Threats/Risks: Basic assumption TA2 TA3 Asset TA1 ETL Scope TA Threat Agent T Threat TA4 Vulnerability Measure Birth of Risks to assets: their exposure to threats

  5. ETL Scope: What are the parts? Threats TA2 TA3 Threat Agents Asset TA1 Attack methods (vectors) TA4 Assets (Mostly technical) Vulnerabilities Controls … and interconnections thereof Our internal Cyber Threat Intelligence! CAUTION: TI IS NOT REPLACEMENT OF RISK MANAGEMENT

  6. Threat Information vs. Intel.

  7. Information types of Threat Intel. • Strategic (S): the highest level information about threats . – Created by humans, consumed by humans – Lifespan months • Tactical (T): at this level, stakeholders obtain aggregated information about threats and their elements. – Created and consumed by humans and machines – Lifespan weeks, months • Operational (O): technical information about threats, incidents, etc. – Created by machines, consumed by machines/humans – Lifespan days, weeks

  8. Why do we need to know? The Pyramid of Pain Types of information Interface ISMS Strategic Tough TTPs Tools Challenging Tactical Network/ Annoying Host Artefacts Interface SIEM Domain Names Simple IP Addresses Operational Easy Hash Values Trivial http://detect-respond.blogspot.gr/2013/03/the-pyramid-of-pain.html

  9. From Threat Info to Intel… ENISA Threat Landscape Threat Find reliable sources Information Collection Isolate and relate similar Threat information Information Collation ENISA Thematic TL Evaluate findings and decide Threat Analysis what to take on board Find out practices, issues, Set Threat Context vulnerabilities, risks, etc. Information Dissemination

  10. How does ENISA do it? Flash Note Fast path..

  11. Top Threats and Trends

  12. Impressive facts: clear text Web is the most popular platform for malware distribution : “ Malicious URL is by far the first malicious object detected (72,9%) ” Ref : (Kaspersky IT Threat Evolution Q2 2014, findings overview: http://securelist.com/analysis/quarterly-malware-reports/65340/it-threat-evolution-q2-2014/) Mail is another important channel for malware distribution : “ Of the e-mail traffic, 13.7% contained malicious URL ” Ref: Symantec Intelligence Report May 2014, http://www.symantec.com/connect/blogs/symantec-intelligence-report- may-2014 Attacks become more effective and targeted : “ Mobile banking Trojans have increased by almost factor four over the year. Since July 2012 14,5 Times ” Ref: (Kaspersky IT Threat Evolution Q2 2014, findings overview: http://securelist.com/analysis/quarterly-malware-reports/65340/it-threat-evolution-q2-2014/) 2014 the year of data breach? “ 57% of the significant data loss over the past decade resulted from what could be termed sloppiness ” Ref : http://capgemini.ft.com/web-review/sloppiness-to-blame-for-more-data-losses-than-hacking- study-claims_a-41-648.html, relevant report http://cmds.ceu.hu/sites/cmcs.ceu.hu/files/attachment/article/663/databreachesineurope.pdf Efficiency of existing controls needs to be increased : “ 54% of malware goes undetected by Antivirus products ” Ref: NTT Global Threat Intelligence Report 2014 (http://www.nttcomsecurity.com/en/services/managed-security- services/threatintelligence/) Sophistication of malware and attacks increases: “ In 2013, 30% of malware samples used custom encryption to steal data. ”, Ref: WebSence Threat Report 2014, http://www.websense.com/content/websense-2014-threat-report.aspx

  13. Take aways … • Understand the scope of your assessments • Identify threat exposure and understand what you can afford • Build TI tool usage models according to points above • Increase agility of assessments and ISMS • Think that current state of TI is still initial BUT has a great potential

  14. Concluding… • Knowledge can be obtained by aggregating and correlating information (needs brain power) • Skill is an amount of knowledge on a certain subject matter (capability building) • A lot of skill is needed in the area of cyber threat intelligence (skill management) • Try to find the right mix (make or buy decisions) • Look for upcoming automation/tool developments • The area has great potential

  15. Thank you for your attention…. louis.marinos@enisa.europa.eu

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

What Does This Advanced Threat Landscape Look Like? Advanced Threat Landscape

What Does This Advanced Threat Landscape Look Like? Advanced Threat Landscape

DDoS & Modern Threat Motives Dan Holden Director, ASERT What Does This Advanced Threat Landscape Look Like? Advanced Threat Landscape Geo-poli:cal More defenses ? App/Content t a

1.13k views • 44 slides
FinTech: The Threat Landscape and Promising Initiatives Information Security Conference for the

FinTech: The Threat Landscape and Promising Initiatives Information Security Conference for the

FinTech: The Threat Landscape and Promising Initiatives Information Security Conference for the Financial Sector Doha, Qatar 5 November 2017 The FinTech landscape In the first nine months of 2016, global investment in FinTech reached 21

637 views • 17 slides
Security Everywhere Extended Jatinder Shetra Consulting Security Engineer Dynamic Threat

Security Everywhere Extended Jatinder Shetra Consulting Security Engineer Dynamic Threat

Security Everywhere Extended Jatinder Shetra Consulting Security Engineer Dynamic Threat Landscape Customers Biggest Security Challenges Changing Dynamic Complexity Business Models Threat Landscape and Fragmentation A

550 views • 13 slides
Identifying Changes in the Cybersecurity Threat Landscape using the LDA-Web Topic Modelling Data

Identifying Changes in the Cybersecurity Threat Landscape using the LDA-Web Topic Modelling Data

Identifying Changes in the Cybersecurity Threat Landscape using the LDA-Web Topic Modelling Data Search Engine Thursday 13 th July 2017 Multidisciplinary approaches to Cloud Crime HCII 2017, Vancouver Canada Noura Al Moubayed, David Wall, and

544 views • 9 slides
THE EVOLVING CYBER THREAT LANDSCAPE : Ensuring the Integrity and Value of Information Sean

THE EVOLVING CYBER THREAT LANDSCAPE : Ensuring the Integrity and Value of Information Sean

THE EVOLVING CYBER THREAT LANDSCAPE : Ensuring the Integrity and Value of Information Sean Kanuck Director of Cyber, Space and Future Conflict The International Institute for Strategic Studies NATO Parliamentary Assembly Warsaw, Poland 27

694 views • 10 slides
Cybersecurity: Governance and Best Practices in a Shifting Threat Landscape Presenter: Aravind

Cybersecurity: Governance and Best Practices in a Shifting Threat Landscape Presenter: Aravind

Cybersecurity: Governance and Best Practices in a Shifting Threat Landscape Presenter: Aravind Swaminathan Board of Administration Educational Day J ANUARY 2020 Global Cybersecurity Risk Last year also provided further evidence that cyber

231 views • 7 slides
GROW GREEN LANDSCAPE PROFESSIONAL TRAINING Austin tin's Wild ldfir fire T Threat

GROW GREEN LANDSCAPE PROFESSIONAL TRAINING Austin tin's Wild ldfir fire T Threat

GROW GREEN LANDSCAPE PROFESSIONAL TRAINING Austin tin's Wild ldfir fire T Threat Understanding the Threat Home Ignition Zone The Home Ignition Zone is a homes characteristics and immediate surroundings Assessment Approach 1. Overview of

563 views • 25 slides
Domain System Threat Landscape Pablo Rodriguez Nic.pr Janelle McAlister - MarkMonitor

Domain System Threat Landscape Pablo Rodriguez Nic.pr Janelle McAlister - MarkMonitor

Domain System Threat Landscape Pablo Rodriguez Nic.pr Janelle McAlister - MarkMonitor Agenda n History n Nic.PR Case Study q Registrar Perspective q Registry Perspective n Future solutions History n Over the past few years

643 views • 26 slides
Malwares in Cyber Space Threat landscape, Emerging trends, Solutions and Challenges Atul

Malwares in Cyber Space Threat landscape, Emerging trends, Solutions and Challenges Atul

Malwares in Cyber Space Threat landscape, Emerging trends, Solutions and Challenges Atul Kabra, Solutions Architect CyberSpace The good, the bad and the ugly Internet is an unsafe neighborhood right in your office space

257 views • 12 slides
Assessment What is Threat Assessment Threat assessment is the process of gathering

Assessment What is Threat Assessment Threat assessment is the process of gathering

Threat Assessment What is Threat Assessment Threat assessment is the process of gathering information to understand the threat of violence posed by a person. Threat management is the process of developing and executing plans to mitigate

332 views • 15 slides
Assessing the Biological Threat: A Delphi Study Crystal Boddie, MPH December 16, 2015 BWC MSP,

Assessing the Biological Threat: A Delphi Study Crystal Boddie, MPH December 16, 2015 BWC MSP,

Assessing the Biological Threat: A Delphi Study Crystal Boddie, MPH December 16, 2015 BWC MSP, Geneva Assessing the Bioweapons Threat In assessing the threat posed by biological weapons use we often rely on expert opinion There are few

441 views • 10 slides
Michael McCartney President, Avalon Cyber The Cyber Problem Data Breach Landscape

Michael McCartney President, Avalon Cyber The Cyber Problem Data Breach Landscape

Prentice Wealth Management Michael McCartney President, Avalon Cyber The Cyber Problem Data Breach Landscape Verizon VBIR 2015 Report Cyber Breach Trending Outsider v Insider Threat Personal Identity Protection

819 views • 12 slides
Phases of Disaster Despair Threat Threat Phase: Small events serve as a warning or threat to

Phases of Disaster Despair Threat Threat Phase: Small events serve as a warning or threat to

Honeymoon Threat Restoration Rescue Phases of Disaster Despair Threat Threat Phase: Small events serve as a warning or threat to normal living. A disaster has not yet oc- curred, but there is a sense of impending doom. Individual

604 views • 6 slides
Signature Synthesizer Jonas Zaddach Mariano Graziano @jzaddach @emd3l INTRODUCTION Mariano

Signature Synthesizer Jonas Zaddach Mariano Graziano @jzaddach @emd3l INTRODUCTION Mariano

BASS Automated Signature Synthesizer Jonas Zaddach Mariano Graziano @jzaddach @emd3l INTRODUCTION Mariano Graziano Jonas Zaddach Security Researchers in > > LETS TALK ABOUT THE THREAT LANDSCAPE THREAT LANDSCAPE 1.5 MILLION

689 views • 30 slides
Cyber Security: The Current Threat T/Detective Chief Inspector Paul Peters Regional Cyber Crime

Cyber Security: The Current Threat T/Detective Chief Inspector Paul Peters Regional Cyber Crime

Cyber Security: The Current Threat T/Detective Chief Inspector Paul Peters Regional Cyber Crime Unit RCCU-Tarian@south-wales.pnn.police.uk The criminal landscape is changing OFFICIAL Why worry about Cybercrime? Reduce Threat

330 views • 30 slides
HoneySAP Who really wants your money? M ARTIN G ALLO M ARCH 2015 P A G E AGENDA SAP SAP

HoneySAP Who really wants your money? M ARTIN G ALLO M ARCH 2015 P A G E AGENDA SAP SAP

HoneySAP Who really wants your money? M ARTIN G ALLO M ARCH 2015 P A G E AGENDA SAP SAP security Threat landscape Have Needs Honeypots HoneySAP Approach Goal Design Architecture Services Integration Example profiles Demo

748 views • 45 slides
IMPROVED PROFITABILITY IN CHALLENGING MARKET ENVIRONMENT Q2/2020 Samu Konttinen, President

IMPROVED PROFITABILITY IN CHALLENGING MARKET ENVIRONMENT Q2/2020 Samu Konttinen, President

IMPROVED PROFITABILITY IN CHALLENGING MARKET ENVIRONMENT Q2/2020 Samu Konttinen, President & CEO 1 KEY TAKEAWAYS FROM Q2-2020 Improved profitability in challenging market environment F-Secure working remotely and successfully keeping

349 views • 16 slides
TOWARDS PREDICTING CYBER ATTACKS USING INFORMATION EXCHANGE AND DATA MINING Tuesday 26 th June,

TOWARDS PREDICTING CYBER ATTACKS USING INFORMATION EXCHANGE AND DATA MINING Tuesday 26 th June,

TOWARDS PREDICTING CYBER ATTACKS USING INFORMATION EXCHANGE AND DATA MINING Tuesday 26 th June, 2018 Martin Husk Jaroslav Kapar Introduction Information Exchange From collaborative intrusion detection to sharing expertise Numerous alert

372 views • 12 slides
2D & 3D Scanner 2D & 3D Scanner 3D & 2D scanner HD The scanner C800 was specially

2D & 3D Scanner 2D & 3D Scanner 3D & 2D scanner HD The scanner C800 was specially

2D & 3D Scanner 2D & 3D Scanner 3D & 2D scanner HD The scanner C800 was specially developed to suit the wallpaper and dcor industry. The high precision table is equipped with linear motors which results in fast and precise scans.

102 views • 7 slides
Voting Systems in Texas Dorothy Kennedy Elections Administrator Lubbock County West Texas

Voting Systems in Texas Dorothy Kennedy Elections Administrator Lubbock County West Texas

Voting Systems in Texas Dorothy Kennedy Elections Administrator Lubbock County West Texas County Judge and County Commissioners Conference 25 April 2019 25 April 2019 1 Agenda Methods of Voting Accessibility Requirements

980 views • 29 slides
SCI Prague Report Wolf-Ulrich Knoben, SCI Chair 23 June 2012 Agenda items Deferral of

SCI Prague Report Wolf-Ulrich Knoben, SCI Chair 23 June 2012 Agenda items Deferral of

SCI Prague Report Wolf-Ulrich Knoben, SCI Chair 23 June 2012 Agenda items Deferral of motions Proxy Voting Procedure Consent agenda Update of GNSO Council Voting Results Table Voting Thresholds for Delaying a PDP

223 views • 10 slides
INVESTMENT STRATEGIES FOR AN EVER CHANGING MARKETPLACE. The SCI Group, LLC. 211 Francis St E

INVESTMENT STRATEGIES FOR AN EVER CHANGING MARKETPLACE. The SCI Group, LLC. 211 Francis St E

INVESTMENT STRATEGIES FOR AN EVER CHANGING MARKETPLACE. The SCI Group, LLC. 211 Francis St E Suite B Jacksonville, AL 36265 www.scig.us The information provided in this presentation pertaining to The SCI Group, LLC. ( SCIG" or

402 views • 10 slides
getting active after SCI Traditional Email Interaction: Traditional Email Interaction:

getting active after SCI Traditional Email Interaction: Traditional Email Interaction:

A comprehensive platform for getting active after SCI Traditional Email Interaction: Traditional Email Interaction: Traditional Email Interaction: Traditional Email Interaction (contd): Traditional Email Interaction (contd): Traditional

260 views • 11 slides
DHLs Supply Chain Integrator Vasu Rajagopalan DHL Business Units using OTM DP DHL DHL

DHLs Supply Chain Integrator Vasu Rajagopalan DHL Business Units using OTM DP DHL DHL

DHLs Supply Chain Integrator Vasu Rajagopalan DHL Business Units using OTM DP DHL DHL Mail Tracking in county mails, customer specific DHL Express Visibility and Event Management Alerting Data queues were developed for

2.04k views • 9 slides

More recommend