Embed Size (px)
Citation preview
Gathering Intel from the Dark Web to Identify and Prioritize Critical Risks
Today’s Speakers
2
Tim LaytonChief Intelligence OfficerSurfWatch Labs
Adam MeyerChief Security StrategistSurfWatch Labs
Gaining Visibility of Your Cyber Risk is Critical to the Viability of Your Business
• Business executives and the Board can no longer keep their head in the sand
• Business leaders are struggling to align security strategies with real-world business strategies
- 14% of corporations report that the Board is actively involved in cybersecurity preparedness
- 52% report minimal involvement
3
4
• Cyber crime is a business - with a very high return taking little effort
• Criminals target businesses that are custodians of a commodity that can be monetized:- Identity information (Employee &
Consumer)- Financial Information (Payment,
Banking, Gift Card, Coupons, Entertainment accounts etc.)
Know Your Adversary
The Threat Balloon
Cybercriminals shift their tactics to hit
targets that are:“Attractive” and “Soft”
5
The Dark Web is a blind spot in your risk program
The Dark Web: Where Your Information is Actively Targeted and Sold
• Hacking for Hire
• PII/Identity Info/Credit Cards
• Cyber Exploits for Sale
• Vulnerabilities for Sale
• Stolen IP, Designs & Counterfeits
• Spam & Phishing Campaigns for Hire
• Doxxing & Investigation for Hire
• Hacktivist Targeting Forums
• Insider Threat for Hire
6
The Dark Web: Where Your Information is Actively Targeted and Sold
7
Emerging Dark Web Trends: What We Can Learn?
8
Compromised Accounts
9
Transactional Accounts
10
Carding
11
Reward Accounts
12
PII/Identities
13
0-Days
14
Traditional Cybersecurity Approaches Have Not Stopped the Bleeding
15
Shift to an Intelligence-Driven Defense• Gain visibility of specific threats to your
business that are on the horizon
• Understand attack execution methods based on cyber trends related to your business profile
• Prepare for attacks and tie your cyber risks to business impact
• Know what information is on the Dark Web
• Drive the most effective cyber defense tactics with strategic and operational intel
The CISO’s Tug of War
16
Source: EMC
Intelligence Operations (Tracking threats) vs. Network Defense (Stop the Bleeding)
How a CISO Can Leverage Dark Web Intelligence to Mitigate Risk• Intel from the Dark Web provides critical
insights on ACTIVE threats to your business• Dark Web intelligence can be applied to
different areas of the business- Threat intelligence teams – know threat actors
and their motivations to improve your defenses- Fraud teams – understand what commodities are
being monetized so you can minimize fraud- Partners and Suppliers – understand the
“presence” your vendors have to complement supply chain risk management
- Breach Response – instead of waiting to “get the call” from law enforcement, get ahead of the curve
17
Mitigating Risk with a Practical Intelligence Operation
• Outsource Your Dark Web Intel –Complement your intel and facilitate faster, more effective risk management decisions
• Focus on Analysis – It’s less about getting more data and more about enabling sound analysis
• Link Intel to Business Impact – Avoid alert fatigue by worrying about threats specific to your business
• People, Process, Technology – Good intelligence leverages automation, expert human analysis and a process for using the intel
18
Using the Dark Web: Legal and Moral Dilemma
19
• The TOR network was designed for anonymity - with that comes people in the business of conducting unethical and illegal activities
• It takes little effort to go from observing illegal activity to participating in illegal activity
• Due to law enforcement activities, more sites are beginning to deploy counter-intelligence, thus monitoring YOU
• More Dark Web markets are invite-only sites, requiring you to have measurable “street cred” to be vetted by site owners
What’s at Stake and Why You Should Care
• Brand and Reputation
• Customer Loyalty
• Intellectual Property
• Legal Defenses
• Sales
• IT Baselines
• Cybersecurity Strategy
Direct Impact on Your Business and Bottom Line!
20
Q&A and Additional SurfWatch Labs Resources
SurfWatch Cyber Advisor:https://www.surfwatchlabs.com/cyber-advisor
Dark Web Surveillance: www.surfwatchlabs.com/dark-web-intelligence
Sample Dark Web Intelligence Report:info.surfwatchlabs.com/dark-web-report
Personal SurfWatch Consultation:info.surfwatchlabs.com/dark-web-service-consultation
Shine a Light on Your Dark Web Risks
21
Thank You!
www.surfwatchlabs.comFollow us at:
