Embed Size (px)
DESCRIPTION
A presentation providing a high-level overview of the problems that organizations face with regards to cyber security and the available options to the,
Citation preview
Countering the cyber threatOllie Whitehouse, Technical Director, NCC Group
Before we begin… What is NCC Group?
• £110 million revenue FTSE company• Cyber Security Assurance Practice• 180 UK technical assurance consultants
o applied research o technical security assessmentso cyber forensics incident responseo 50 UK risk/audit consultantso 90 US technical assurance consultants
• Escrow & Software Assurance = sister business units
Before we begin…
Offence v Defense
Offence: demonstrating exposure
Defense:defense in depth
Defense
Defense: Training
• Executive
• Risk & Security Teams
• Technical Teams
• General Staff Population
Defense: Governance
• Accountability
• Visibility
• Validation
All within the organisations Cyber & Information security framework
Defense: Risk Management
• Business
• Technology
• Compliance
Defense: Compliance
• Ethical
• Regulatory
• Legal
• Other…
Defense: Counter Measures & Controls
Defense: Monitoring & Incident Response
• It will happen
• Have processes & procedures in place
• Have ability to detect and investigate
• Have the skill sets and capability
• Perform fire drilling
Offence
Offense: Penetration Testing
• Reconnaissance
• Mapping
• Identity vulnerabilities (VA)
• Exploit (Penetrate)
• Trust relationships (Lateral)
Offense: Social Engineering
• Appear legitimate
• Goalso Gain somethingo Instruct or convince
• Examples:o Credentialso Building entry
Offence: Phishing Simulation• Example of social engineering
o Click this linko Click this link & supply credentialso Open this attachmento Supply this information
• Can be used too Gain informationo Exploit computer systems
Offence: Open Source Intelligence Profiling
• Company or people
• Direct information
• Information to facilitate other attacks
• Documents, technologies, hobbies, conferences, attendees
Offence: Red Teaming
• Blended attacks• Physical, Social & Cyber
• Emulates motivated external threat actor
• Does not emulate motivated internalemployee
Offence: APT Simulation• Blended attacks
• Social and Cyber
• Emulates organised crime & nation state threat actors• Inbound attacks & staff training• Lateral movement & exfiltration• Persistence
• Assess defences, detection & response
There is always more…
Standards
• Cyber Essentials
• Cyber Essentials+
• ISO:27001
• Etc…
More…
• Supply chain security
• Security Development Life-Cycle
• Home infection leading to corporate compromise
Summary..• Cyber security is a complex problem
• It’s a business, human & technology problem
• Visibility & understanding at the executive level has historically been weak
• It should always be proportional
Final thought
EuropeManchester - Head Office
Cheltenham
Edinburgh
Leatherhead
London
Milton Keynes
Amsterdam
Copenhagen
Munich
Zurich
North AmericaAtlanta
Austin
Chicago
Mountain View
New York
San Francisco
Seattle
AustraliaSydney
ThanksAny Questions?
Ollie [email protected]
