Cyber Crimes: The next five years.
12
CYBER CRIMES THE NEXT FIVE YEARS INTRODUCTION: GREGORY MCCARDLE IT SECURITY
-
Upload
gregory-mccardle -
Category
Technology
-
view
66 -
download
0
Transcript of Cyber Crimes: The next five years.
CYBER CRIMESTHE NEXT FIVE YEARS
INTRODUCTION:GREGORY MCCARDLEIT SECURITY
EXPERT ANALYSIS PREDICTIONS WITHIN 5 YEARS• The world’s cyber attacks vectors will grow at alarming
magnitude between 2016 to 2021
• Projects $1 Trillion will be spent globally on Cybersecurity.
• Cyber crimes predicted to cost the world $6 Trillion.
EMERGING TRENDS
Ransomware:• Encryption methodology exploits through vulnerabilities.• Gameover Zeus (GOZ) CryptoLocker
Advance Persistent Threats:• The challenging of firewalls and anti-malware being pass by targeting
employees through social engineering and Phishing technique.• Theft of data and proprietary information.
EMERGING TRENDS
Exploit Tools for hackers are easily ready and available to include online training. Example: Kali Linux
• Information Gathering-56• Wireless Attacks-33• Sniffing and Spoofing-32• Hardware Hacking tool-6• Forensic-23
KALI LINUX (AKA) BACKTRACKFriend and Foe
Kali Linux has a total of 13 tools listing with a total of 329 sub-tools embedded.
• Hackers can use Kali to measure and test the strength of your strength, gather information, exploit open vulnerable ports, etc.
• IT Security Professionals can take advantage of tools like Kali. Examples:• Use Kali Nmap to identify the risk to our open ports.• Use Kali reverse engineering tool to identify the source of an attacks.
MAIN MOTIVATION
HOW DO IT SECURITY PROFESSIONALS BECOME MORE RESILIENT?Ensuring It Security is is the essential forefront to all projects, processes, and lifecycle in our environment.
• Inventory Maintenance• Implementation of security controls• Testing Security Controls• Identify Risk levels (High, Moderate, Low)• Risk Mitigation• Continuous Monitoring• Plan of Action and Milestone (POAM)
A POWERFUL CRIME FIGHTING WEAPON
Training is an important factor:• Policy and Procedures (Top Down Approach).• Management Buy-In.• Acceptable User Policy (AUP).
SOLUTIONS
• Backup Data• Patch Cycle Tuesday, other scheduled patching as needed.• Understanding Anti-Virus Software, Update definitions.
SOLUTIONS
Password Protection• Password policy• Password frequency• Passphrase vs. Passwords
SOLUTIONS
Network Monitoring• SEIM Tools• Intrusion Detection and Prevention Systems• Demilitarized Zone (DMZ)
THANK YOU FOR YOUR TIME
