Countering the Cyber Threat
-
Upload
ollie-whitehouse -
Category
Technology
-
view
214 -
download
2
description
Transcript of Countering the Cyber Threat
Countering the cyber threatOllie Whitehouse, Technical Director, NCC Group
Before we begin… What is NCC Group?
• £110 million revenue FTSE company• Cyber Security Assurance Practice• 180 UK technical assurance consultants
o applied research o technical security assessmentso cyber forensics incident responseo 50 UK risk/audit consultantso 90 US technical assurance consultants
• Escrow & Software Assurance = sister business units
Before we begin…
Offence v Defense
Offence: demonstrating exposure
Defense:defense in depth
Defense
Defense: Training
• Executive
• Risk & Security Teams
• Technical Teams
• General Staff Population
Defense: Governance
• Accountability
• Visibility
• Validation
All within the organisations Cyber & Information security framework
Defense: Risk Management
• Business
• Technology
• Compliance
Defense: Compliance
• Ethical
• Regulatory
• Legal
• Other…
Defense: Counter Measures & Controls
Defense: Monitoring & Incident Response
• It will happen
• Have processes & procedures in place
• Have ability to detect and investigate
• Have the skill sets and capability
• Perform fire drilling
Offence
Offense: Penetration Testing
• Reconnaissance
• Mapping
• Identity vulnerabilities (VA)
• Exploit (Penetrate)
• Trust relationships (Lateral)
Offense: Social Engineering
• Appear legitimate
• Goalso Gain somethingo Instruct or convince
• Examples:o Credentialso Building entry
Offence: Phishing Simulation• Example of social engineering
o Click this linko Click this link & supply credentialso Open this attachmento Supply this information
• Can be used too Gain informationo Exploit computer systems
Offence: Open Source Intelligence Profiling
• Company or people
• Direct information
• Information to facilitate other attacks
• Documents, technologies, hobbies, conferences, attendees
Offence: Red Teaming
• Blended attacks• Physical, Social & Cyber
• Emulates motivated external threat actor
• Does not emulate motivated internalemployee
Offence: APT Simulation• Blended attacks
• Social and Cyber
• Emulates organised crime & nation state threat actors• Inbound attacks & staff training• Lateral movement & exfiltration• Persistence
• Assess defences, detection & response
There is always more…
Standards
• Cyber Essentials
• Cyber Essentials+
• ISO:27001
• Etc…
More…
• Supply chain security
• Security Development Life-Cycle
• Home infection leading to corporate compromise
Summary..• Cyber security is a complex problem
• It’s a business, human & technology problem
• Visibility & understanding at the executive level has historically been weak
• It should always be proportional
Final thought
EuropeManchester - Head Office
Cheltenham
Edinburgh
Leatherhead
London
Milton Keynes
Amsterdam
Copenhagen
Munich
Zurich
North AmericaAtlanta
Austin
Chicago
Mountain View
New York
San Francisco
Seattle
AustraliaSydney
ThanksAny Questions?
Ollie [email protected]