Upload
vunga
View
216
Download
0
Embed Size (px)
Citation preview
The subject matter of this presentation is provided for educational purposes only and relates to security events, technologies, and philosophies. This landscape is constantly changing; however, the content is presented in good faith and is currently accurate to the best knowledge of the presenters.
The views and opinions expressed in this presentation are those of the presenters and do not necessarily reflect those of Delta Air Lines.
Disclaimer .
Joshua C. Sorenson, CISA, CISM
Security Advisor, Delta Air Lines
CyberThreat
Security Strategy
KineticThreat
Previously Coca-Cola, John Deere, & Kimberly-Clark
IT Audit, DBA, Developer, & Finance
BBA Finance & Management Information Systems, 2004 & 2005
JR Henderson Manager – CyberThreat Unit (CTU), Delta
Air Lines
PenTesting
CyberThreat Intelligence
Forensics & Investigations
SOC & SIEM
Incident Response
25 Years at Delta Air Lines
11 Years in CyberSecurity
20 Years in Martial Arts
Speaker Bio .
Today’s CyberThreats Global Threat Actor Profiles
Ideological - Anonymous
- LulzSec
- ISIS
- Team Poison
Financial - FIN4
- Lizard Squad
- Organized Crime
GeoPolitical - China
- Iran
- North Korea
- Russia
Today’s CyberThreats Global Threat Actor Tactics
Ideological - DDoS
- DOXing
- Defacement
Financial - DDoS
- Data Theft
- Ransomware
GeoPolitical - DDoS
- APT
- Kinetic Hacking
Today’s CyberThreats Case Studies
Ideological - Sony
Financial - CryptoLocker
GeoPolitical - StuxNet
CyberThreat Landscape Industry Threat Trends
Estimated financial impact of an enterprise
data breach Days to detect a breach % of breaches
discovered by outside entities
229 Days (2013)
205 Days (2014)
69% (2014)
67% (2013)
63% (2012)
$798,000 (2014)
$700,000 (2013)
14%ꜛ
Source Verizon Data Breach Investigations Report 2014 & 2015 & Mandiant M-Trents Report 2015
CyberThreat Landscape 2015 Year In Review
January
• New York Post
• XBox Live
• WingStop
• American Airlines
February
• Anthem
• XBox Live
• ISIS
March
• Primerica Blue Cross
• Air France
• White House
• British Airways
Source HackMageddon.Com
CyberThreat Landscape 2015 Year In Review
April
• Israel
• Lufthansa
• Vatican
• Ryan Air
May
• Baltimore Police
• Starbucks
• CareFirst BlueCross
• IRS
June
• OPM
• Kaspersky
• LastPass
• LOT Polish Airlines
Source HackMageddon.Com