Darkest Just Before The Dawn The State of CyberSecurity

Joshua C. Sorenson

JR Henderson

The subject matter of this presentation is provided for educational purposes only and relates to security events, technologies, and philosophies. This landscape is constantly changing; however, the content is presented in good faith and is currently accurate to the best knowledge of the presenters.

The views and opinions expressed in this presentation are those of the presenters and do not necessarily reflect those of Delta Air Lines.

Disclaimer .

Speaker Bio

Today’s CyberThreats

CyberThreat Landscape

The Dawn

Questions

Agenda .

Joshua C. Sorenson, CISA, CISM

Security Advisor, Delta Air Lines

CyberThreat

Security Strategy

KineticThreat

Previously Coca-Cola, John Deere, & Kimberly-Clark

IT Audit, DBA, Developer, & Finance

BBA Finance & Management Information Systems, 2004 & 2005

JoshuaCSorenson@Gmail.Com

JR Henderson Manager – CyberThreat Unit (CTU), Delta

Air Lines

PenTesting

CyberThreat Intelligence

Forensics & Investigations

SOC & SIEM

Incident Response

25 Years at Delta Air Lines

11 Years in CyberSecurity

20 Years in Martial Arts

RUCreative@Live.Com

Speaker Bio .

Today’s CyberThreats Global Threat Actor Profiles

Ideological - Anonymous

- LulzSec

- ISIS

- Team Poison

Financial - FIN4

- Lizard Squad

- Organized Crime

GeoPolitical - China

- Iran

- North Korea

- Russia

Today’s CyberThreats Global Threat Actor Tactics

Ideological - DDoS

- DOXing

- Defacement

Financial - DDoS

- Data Theft

- Ransomware

GeoPolitical - DDoS

- APT

- Kinetic Hacking

Today’s CyberThreats Case Studies

Ideological - Sony

Financial - CryptoLocker

GeoPolitical - StuxNet

CyberThreat Landscape Industry Threat Trends

Estimated financial impact of an enterprise

data breach Days to detect a breach % of breaches

discovered by outside entities

229 Days (2013)

205 Days (2014)

69% (2014)

67% (2013)

63% (2012)

$798,000 (2014)

$700,000 (2013)

14%ꜛ

Source Verizon Data Breach Investigations Report 2014 & 2015 & Mandiant M-Trents Report 2015

CyberThreat Landscape 2015 Year In Review

January

• New York Post

• XBox Live

• WingStop

• American Airlines

February

• Anthem

• XBox Live

• ISIS

March

• Primerica Blue Cross

• Air France

• White House

• British Airways

Source HackMageddon.Com

CyberThreat Landscape 2015 Year In Review

April

• Israel

• Lufthansa

• Vatican

• Ryan Air

May

• Baltimore Police

• Starbucks

• CareFirst BlueCross

• IRS

June

• OPM

• Kaspersky

• LastPass

• LOT Polish Airlines

Source HackMageddon.Com

The Dawn A Philosophical Shift

The Dawn A Philosophical Shift

The Dawn A Philosophical Shift

Prevention

Detection

Recovery & Response

The Dawn Technologies

Questions?