1 / 7

Anatomy of an Attack

Anatomy of an Attack. The “Community’ of Attackers. Organized, sophisticated supply chains (PII, financial services, retail). Criminals. Unsophisticated. Anti-establishment vigilantes. Terrorists. Nation state actors. PII, government, defense industrial base, IP rich organizations.

julie
Download Presentation

Anatomy of an Attack

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Anatomy of an Attack

  2. The “Community’ of Attackers Organized, sophisticated supply chains (PII, financial services, retail) Criminals Unsophisticated Anti-establishment vigilantes Terrorists Nation state actors PII, government, defense industrial base, IP rich organizations Organized crime Petty criminals Non-state actors “Hacktivists”Targets of opportunity PII, Government, critical infrastructure

  3. Advanced Threats 1.0 Advanced Threats 2.0 Clear-text & custom protocol abc.com abc.com C2 Traffic C2 Traffic (port 80/443) SSL or other standards based encryption. Custom malware w/ no signature. Clear-text & normal protocol def.com def.com 1.2.3.4 1.2.3.4 3.7.9.1 8.2.3.3 Custom encryption def.com Content Inspection Protocol Anomalies Network Traffic Anomalies Known Bad Endpoints

  4. Executive Checklist • Is your IT security organization functionally aligned with the greater IT infrastructure? • Outsourcer > Insourced Capabilities > SOC > etc. • Do you monitor the crown jewels of your organization and know where your most high value programs and assets are? • Does your organization have & practice a breach readiness plan, incident response, discovery & remediation process/procedures? • In addition to perimeter defenses (ingress), does there exist an egress defense strategy and approach to mitigate data exfiltration? • Is there a consistent 360 degree governance, risk and compliance practice in your organization? • Compliance, Regulatory, Legal, Corporate Policy, Communications & HR

  5. Security Practices – Critical Checklist

More Related