Top 5 Data Breaches in 2014 Retrieved on 24 February from http://www.cnbc.com/id/102420088

CNBC Calls it the year of the hack

Counter Productive and Non-Collaborative Behavior

• Vulnerabilities Announced Before Patches Are Ready Google gave Microsoft 90 days to fix a flaw. MS asked Google. Google instead published code that could assist malicious hackers

• Sony, U.S. Agencies Fumbled After Cyberattack The Wall Street Journal

• Target Breach

• Home Depot Breach

Danger from the Net retrieved on 24 February, 2015 from http://www.cnbc.com/id/102420088

Entry Into The Internet – Internet Retrieved on 22 February, 2015 from http://techhive.com

The Internet Connecting The World Retrieved on 22 February, 2015 from

http://www.bing.com/images/search?q=internet%2c+images&id=58751FC350A8B8FBE9C151591F038FB792611E18&FORM=IQFRBA#view=detail&id=58751FC350A8B8FBE9C151591F038FB792611E18&selectedIndex=0

Your PC Retrieved on 22 February, 2015 from http://yourpcparamedic.com/internet.html

Can a creative mind defeat a criminal mind in Cyber Warfare?

• The answer depends on our position, our perspective and ultimately our

agenda

• Focus our attention on the process and the resources required

• Security professionals need assistance from experts in other fields, such

as psychology, sociology, law, and human resources

21st Century Challenges and Changes

• Internet complexity and interconnectedness

• Always On technology and culture

• Mobile technology challenges and shortcomings

• BYOx

• Communication – Not speaking the same language

• Arrogance – from executives and from techies

• Fear – No trust

• Silo mentality

21st Century Challenges and Changes

• Think out-of-the-box and come up with a solution not considered before

• Security professionals must out think and out maneuver cyber attackers

• Not “criminally inclined,” professionals vs. criminal minds

• Catch 22 - understand the criminal mind,

• Security professionals should not face alone

• Enlist the assistance of psychologists and sociologists

• Design incentives that would not produce counterproductive results

21st Century Challenges and Changes

• Zero-day attacks, Trojan horses, and persistent threats,

• Security environment moves faster than the computer environment

• Organizations face many threats, including internal and external

• A zero day attack leaves organizations with mere hours to respond

• Every day we are bombarded with countless stories of malware, virus, …

Scope Definition - Simplification

• How we keep the bad guys away from our information assets?

• How do we keep our information assets away from the bad guys?

Identify

Locate

Read the signs

Remove the noise

Careful of consequences

Scope Definition

• Who are the bad guys?

• Where are the bad guys?

• How can they attack us?

• Are our defenses adequate?

• Are we asking the right questions?

Scope Definition

• Although information and security professionals contribute tremendous

value, the field as a whole is not strongly based in theory and research.

(Weaver, R., Weaver, D, & Farwood, D., 2012)

• Security and information technology overlap in so many ways

• Behaviors and attitudes of those involved

• Attitude, or arrogance

Scope Definition

• The focus is on the individuals involved in computer and security

operations as well as the actors orchestrating and deploying the threats.

“Only by understanding an individual’s motivation’s that a better approach

can be created to identify, counter and preempt future threats.”

(Salguero, J., 2014).

The Other Part of the Question

• In War – Collateral damage

“Cyber warfare will almost certainly have very real consequences.” (Shimeall,

2001).

Everything is Interconnected

• “ As computer technology has become increasingly integrated into

modern military organizations, military planners have come to see it as

both a target and a weapon, exactly like other components and forces.”

(Shimeall, 2001).

• “Countries that are not as dependent on high technology, within their

military establishment consider such dependence a potential ‘Achilles

heel’ for their enemies.” (Shimeall, 2001).

Motivations From a Civilian Standpoint

• External/internal

• International/domestic

• Part of a nation state

• Part of an organized effort

• Students experimenting with their new found knowledge

• Part of commercial espionage

Motivations From a Military Standpoint Levels of Cyber War:

• Cyber war as an adjunct to military operations

• Limited cyber war

• Unrestricted cyber war

Motivations from a Civilian Standpoint

Types of Hackers (Actors)

• White Hat Hackers

• Black Hat Hackers

• Hacktivists

• State Sponsored Hackers

• Spy Hackers

• Cyber Terrorists

Organized criminal groups in the cyber space

“While many types of cyber crime require a high degree of organization and

specialization, there is insufficient empirical evidence to ascertain if cyber

crime is now dominated by organized crime groups and what form or

structure such groups may take. (Lusthaus, 2013).

“Digital technology has empowered individuals as never before. Teenagers

acting alone have succeeded in disabling air traffic control systems, shutting

down major e-retailers, and manipulating trades on the NASDAQ stock

exchange (US Securities and Exchange Commission, 2000).”

Examples of Cyber Crimes and Cyber Offenders

1. Ryan Cleary: DDoS on SOCA

2. Andrew Auernheimer: Apple iPad Snoop

3. Aaron Swartz: Content Downloader

4. Christopher Chaney: Celebrity Hackerazzi

5. Sam Yin: Gucci Hacker

6. Edward Pearson: Identity Theft

Examples of Groups Involved in Cyber Crime

1. LulzSec and Sony Hackers

2. Dreamboard

3. DrinkOrDie

4. DarkMarket

5. DNS Changer

6. Carberp

7. Unlimited Operation

8. Koobface

Psychological Motivating Factors

• Only when we understand the individual can we start to make

assumptions

• Make predictions as the criminal profilers do

• Uncover the methodology of the attacker

• Psychological factors that make up an individual’s personality

It is essential to understand the psychology of the attacker if effective

controls are to be developed and deployed.” (Wright, C.S. 2011).

The Manager’s Role

• Understand and to motivate the individual

• performance appraisal

• professional and personal plan

• A manager has a responsibility to his/her employees

• providing their team members with the right tools and training

Identifying the Personality Profiles of Team Members

• The Myers and Briggs personality inventory

• categorize people into 16 different personality types

• result from the interaction based on people preferences

• the behavior is actually quite orderly and consistent

“There are no right or wrong preferences. Reading is not better than

watching movies; each has its strengths and its problems. Most people have

the ability to do both, even if they don’t like one or the other. Personality

preferences, sometimes called psychological preference, are like many other

preferences.” (The Myers and Briggs Foundation, 2014).

Right Brain or Left Brain Dominance

• a left-brain dominant person prefers things to be in a logical order and

likes identifying details instead of concepts

• Analytical

• Right brain dominant people are considered artists, musicians, and

dreamers

• type of profession a person chooses and the types of decisions a person

makes

Incentives and Motivation

• what types of incentives work the best

• not everyone is motivated by money

• Mentoring and coaching are qualities of a good leader

• Good leadership motivates some people

• Respect and loyalty are earned and a leader is better at achieving both

Recommendations

• Cyber Security Risk Management

• Cyber Security Incident & Insider Threat Management

• Cyber Security Leadership Best Practices

• Formalize and Communicate Enterprise Security Organizational Policy

• Train, Mentor, Coach everyone in the organization about the potential

threats

• Security solution must have a holistic/enterprise wide approach to be

successful

• Scope Definition and Scope Management

• Relationships, Relationships, Relationships

Questions???