cyber security the current threat
play

Cyber Security: The Current Threat T/Detective Chief Inspector Paul - PowerPoint PPT Presentation

May 20, 2023 •30 likes •330 views

Cyber Security: The Current Threat T/Detective Chief Inspector Paul Peters Regional Cyber Crime Unit RCCU-Tarian@south-wales.pnn.police.uk The criminal landscape is changing OFFICIAL Why worry about Cybercrime? Reduce Threat

  1. Cyber Security: The Current Threat T/Detective Chief Inspector Paul Peters Regional Cyber Crime Unit RCCU-Tarian@south-wales.pnn.police.uk §

  2. The criminal landscape is changing……

  3. OFFICIAL Why worry about Cybercrime? Reduce Threat Reduce Vulnerability OFFICIAL

  4. Threats Social engineering • • Phishing • Data Breach Ransomware • • DDOS GDPR •

  5. Social engineering

  6. Interview with a Hacker

  7. Phishing

  8. Phishing

  9. Data Breach Data Breaches are becoming more commonplace and cost is measured in financial terms and loss of reputation.

  10. Ransomware

  11. www.nomoreransom.org

  12. Denial of Service Attacks For Sale

  13. OFFICIAL General Data Protection Regulations OFFICIAL

  14. OFFICIAL GDPR • All organisations holding or processing personal information will be affected (personal information can be as granular as an IP address) • The Regulation will come into existence on 25 th May 2018 • If there is a data breach (yet to be fully classified) the data handler/processor MUST inform the ICO • If there is a data breach (yet to be fully classified) the data handler/processor MUST inform ALL customers affected URL = https://ico.org.uk/for-organisations/data-protection-reform/overview-of-the-gdpr/ OFFICIAL

  15. OFFICIAL General data Protection Regulations The maximum fine to be imposed will increase from £500,000 to 4% of global annual turnover for the preceding financial year or € 20m whichever is the greater. As an example Talk Talk were fined £400,000 by the ICO. When the new regulation is in place that could increase to: £70,000,000 !! OFFICIAL

  16. OFFICIAL Case Study: Operation Purple Obsidian OFFICIAL

  17. OFFICIAL Operation Purple Obsidian • DDoS attacks against Coleg Sir Gar between September 2013 – August 2014. • Part of the Public Sector Broadband Aggregation Network (PSBA). • DDoS attacks were impacting other public sector organisations E.g: transfer of patient data between hospitals. • PSBA part of Joint Academic Network (JANET) who were required to purchase / install a Corero SmartWall - £400k. OFFICIAL

  18. OFFICIAL Daniel Kelly Pleaded guilty to 11 counts including hacking, blackmail, fraud and money laundering. OFFICIAL

  19. OFFICIAL The Law Enforcement Response. OFFICIAL

  20. OFFICIAL National Cyber Security Strategy OFFICIAL

  21. OFFICIAL National Cyber Security Strategy DEFEND To respond effectively to incidents, and to ensure UK networks, data and systems are protected and resilient. Citizens, businesses and the public sector have the knowledge and ability to defend themselves. DETER We detect, understand, investigate and disrupt hostile action taken against us, pursuing and prosecuting offenders. DEVELOP We have an innovative, growing cyber security industry, underpinned by world leading scientific research and development. We have a self-sustaining pipeline of talent providing the skills to meet our national needs across the public and private sectors. OFFICIAL

  22. OFFICIAL The CONTEST Strategy Pursue: Prosecute and disrupt those engaged in Cyber Crime Reduce Threat Prevent: Prevent people from engaging in Cyber Reduce Crime & people becoming victims Level of Cyber Crime Protect: Protect vulnerable groups, working in partnership to reduce risk Reduce Vulnerability Prepare: Reduce the impact of Cyber Crime OFFICIAL

  23. National Cyber Security Strategy 2016-2021 Cyber-security Information Sharing Partnership • National CiSP launched March 2013. • CiSP is an online social networking tool to exchange information on threats and vulnerabilities. • Engagement with industry and government counterparts in a secure environment - Ability to learn from experiences, mistakes and successes of others and seek advice • Early warning of cyber threats

  24. OFFICIAL CiSP OFFICIAL

  25. Cyber Essentials

  26. Cyber Essentials Cyber Essentials concentrates on five key controls: 1. Boundary firewalls and internet gateways - these are devices designed to prevent unauthorised access to or from private networks, but good setup of these devices either in hardware or software form is important for them to be fully effective. 2. Secure configuration – ensuring that systems are configured in the most secure way for the needs of the organisation. 3. Access control – Ensuring only those who should have access to systems to have access and at the appropriate level. 4. Malware protection – ensuring that virus and malware protection is installed and is up to date. 5. Patch management – ensuring the latest supported version of applications is used and all the necessary patches supplied by the vendor been applied.

  27. 10 Steps to Cyber Security

  28. OFFICIAL Report Cybercrime OFFICIAL

  29. OFFICIAL Question: Do you have an incident response plan? • RCCU can provide Cybercrime templates ✴ Website defacement ✴ Ransomware ✴ Hacking ✴ DDoS ✴ Banking malware • Guide on evidential standards OFFICIAL

  30. OFFICIAL Questions? OFFICIAL

Recommend

Cyber security Current challenges Ludovic M, septembre 2019 Cyber security ? Three triptychs !

Cyber security Current challenges Ludovic M, septembre 2019 Cyber security ? Three triptychs !

Cyber security Current challenges Ludovic M, septembre 2019 Cyber security ? Three triptychs ! 3 properties ... Confidentiality (including personal data) Integrity Availability 2 -Sminaire LIRIMA: Cyber security: current

876 views • 64 slides
Cyber Security Risk Using the Cyber Security Measurement Framework Cyber Security Framework

Cyber Security Risk Using the Cyber Security Measurement Framework Cyber Security Framework

Cyber Security Risk Using the Cyber Security Measurement Framework Cyber Security Framework Reporting Objectives Executive Summary Information Assess Current Cyber Security Posture Measure Progress Toward Improvement Assess

634 views • 5 slides
CYBER ATTACK ON YOUR UMBILICALS SUT YES CYBER SECURITY EVENT Andrea Kesterson | Change Manager

CYBER ATTACK ON YOUR UMBILICALS SUT YES CYBER SECURITY EVENT Andrea Kesterson | Change Manager

CYBER ATTACK ON YOUR UMBILICALS SUT YES CYBER SECURITY EVENT Andrea Kesterson | Change Manager Loai Khalayli | Operational Technology Engineer 25 May 2017 Disclaimer and important notice Outline Current, real and ever increasing threat

152 views • 11 slides
Vajra Cyber Threat Mitigation Service (Vajra CTMS) A Military Grade Cyber Threat Mitigation

Vajra Cyber Threat Mitigation Service (Vajra CTMS) A Military Grade Cyber Threat Mitigation

Vajra Cyber Threat Mitigation Service (Vajra CTMS) A Military Grade Cyber Threat Mitigation Service for Businesses and Governments Cyber Security & Privacy Foundation Pte. Ltd., Singapore Cyber Security & Privacy Foundation (CSPF)

369 views • 21 slides
What is Our Greatest Cyber-Security Threat? OT vulnerability explained and national conversation

What is Our Greatest Cyber-Security Threat? OT vulnerability explained and national conversation

What is Our Greatest Cyber-Security Threat? OT vulnerability explained and national conversation about security and privacy urged at ASU Biodesign presentation Where is the U.S. most vulnerable to cyber-security attack? And, what is the greatest

80 views • 4 slides
Response to Cyber Security Threat NIEs Approach to Information Security Background

Response to Cyber Security Threat NIEs Approach to Information Security Background

Response to Cyber Security Threat NIEs Approach to Information Security Background NTU / NIE is corporatized in April 2006 (Not requires to comply with IM8) Mission - To provide effective ICT resources, services and

841 views • 6 slides
Advanced Cyber Risk Management Threat Modeling & Cyber Wargaming April 23, 2018 The

Advanced Cyber Risk Management Threat Modeling & Cyber Wargaming April 23, 2018 The

Advanced Cyber Risk Management Threat Modeling & Cyber Wargaming April 23, 2018 The Homeland Security Systems Engineering and Development Institute (HSSEDI) is a trademark of the U.S. Department of Homeland Security (DHS). The HSSEDI

149 views • 13 slides
The Evolving Threat Todays cyber security challenges and solutions Are Water Lines At Risk?

The Evolving Threat Todays cyber security challenges and solutions Are Water Lines At Risk?

The Evolving Threat Todays cyber security challenges and solutions Are Water Lines At Risk? n Security lacking in networks controlling critical infrastructure n Hackers, terrorists could find way into controls of nuclear power

319 views • 30 slides
MENA Information Security Conference 2017 On the Verge : Combating Cyber Threats leveraging Threat

MENA Information Security Conference 2017 On the Verge : Combating Cyber Threats leveraging Threat

MENA Information Security Conference 2017 On the Verge : Combating Cyber Threats leveraging Threat Intelligence, Faster Detection & Automated Response Adaptive Security Strategy for SOC Ramy AlDamati Principle CyberSecurity Solution

680 views • 31 slides
THE ANATOMY OF CYBER THREAT INTELLIGENCE (CTI) Noureen Njoroge OVERVIEW Define Cyber Threat

THE ANATOMY OF CYBER THREAT INTELLIGENCE (CTI) Noureen Njoroge OVERVIEW Define Cyber Threat

THE ANATOMY OF CYBER THREAT INTELLIGENCE (CTI) Noureen Njoroge OVERVIEW Define Cyber Threat Intelligence (CTI) Define Cyber Intelligence (CI) Understand the importance of CTI to an organization Components of Threat Sources of

197 views • 19 slides
Current Trends in Cyber Security Course on Cyber Attack Detection & Mitigation Techniques

Current Trends in Cyber Security Course on Cyber Attack Detection & Mitigation Techniques

Current Trends in Cyber Security Course on Cyber Attack Detection & Mitigation Techniques (NIT-K) S. K. Pal Defence Research & Development Organization (DRDO) SAG, Metcalfe House, Delhi 27-Jul-2020 1 What is Cyberspace? Refers to

766 views • 17 slides
Cyber Catastrophe in the Movies: Realistic Threat or Hollywood Hokum? MODERATOR: PANELISTS:

Cyber Catastrophe in the Movies: Realistic Threat or Hollywood Hokum? MODERATOR: PANELISTS:

Cyber Catastrophe in the Movies: Realistic Threat or Hollywood Hokum? MODERATOR: PANELISTS: Larry Clinton Scott Borg US Cyber Consequences Unit Internet Security Alliance Paul Davis NJVC Tim McKnight Northrop Grumman Danny McPherson

661 views • 32 slides
The Cyber Threat: Securing Cyber Infrastructure Overview What are the FBIs Priorities?

The Cyber Threat: Securing Cyber Infrastructure Overview What are the FBIs Priorities?

The Cyber Threat: Securing Cyber Infrastructure Overview What are the FBIs Priorities? What is the FBIs Cyber Structure? HQ Division Dedicated Cyber squads in all 56 field offices, including satellite locations overseas.

1.54k views • 14 slides
CONFRONTING THE CYBER THREAT David J. Hickton SAC-PA Workshop Founding Director Pittsburgh,

CONFRONTING THE CYBER THREAT David J. Hickton SAC-PA Workshop Founding Director Pittsburgh,

CONFRONTING THE CYBER THREAT David J. Hickton SAC-PA Workshop Founding Director Pittsburgh, Pennsylvania University of Pittsburgh Institute for Cyber June 22, 2017 Law, Policy, and Security Chinese Economic Espionage First time the United

716 views • 13 slides
The New Security Frontier: Threat Hunting, Augmented Intelligence, and Automated Response

The New Security Frontier: Threat Hunting, Augmented Intelligence, and Automated Response

The New Security Frontier: Threat Hunting, Augmented Intelligence, and Automated Response Michael Melore, CISSP IBM Cyber Security Advisor @MichaelMelore June 2018 May 2018 May 2018 Threat Hunting Workflow Cognitive Advanced Analytics

443 views • 15 slides
Overview Introduction Legal framework Dynamics of the threat Nature of cyber

Overview Introduction Legal framework Dynamics of the threat Nature of cyber

BISC : Cyber Security What can the VSSE contribute? 1 BISC - 19/11/12 Overview Introduction Legal framework Dynamics of the threat Nature of cyber attacks Targeting Paradigm shifts Whos targeting what? Tools

340 views • 5 slides
Adversarial AI in Cyber Security WHO AM I

Adversarial AI in Cyber Security WHO AM I

Adversarial AI in Cyber Security WHO AM I Join Trend Micro on 2009 Infra Developer Threat Researcher Machine Learning Researcher Join XGen ML project on 2015 Now leading

686 views • 35 slides
FEMA Region III Cyber Security Program Maryland Cyber Security Workshop (January 16, 2019)

FEMA Region III Cyber Security Program Maryland Cyber Security Workshop (January 16, 2019)

FEMA Region III Cyber Security Program Maryland Cyber Security Workshop (January 16, 2019) (Presented again at the October 16, 2018, meeting of the Maryland Cybersecurity Council and published with permission.) Overview Current Landscape

560 views • 23 slides
Cyber Kill Chain Jay Chen, Ruben Ocana, Senna Alsadam, Andrew Shi Modern Security Threats

Cyber Kill Chain Jay Chen, Ruben Ocana, Senna Alsadam, Andrew Shi Modern Security Threats

Cyber Kill Chain Jay Chen, Ruben Ocana, Senna Alsadam, Andrew Shi Modern Security Threats New class of threat actors called Advanced Persistent Threat (APT) Data compromised for economic or military advancement Conventional

701 views • 32 slides
Cyber Security in Mining Automation Ragnar Schierholz, Head of Cyber Security, Industrial

Cyber Security in Mining Automation Ragnar Schierholz, Head of Cyber Security, Industrial

ABB MINING USER CONFERENCE, MAY 02-05, 2017 Cyber Security in Mining Automation Ragnar Schierholz, Head of Cyber Security, Industrial Automation Division Agenda Why worry about cyber security? ABBs approach to cyber security Cyber security

1.07k views • 39 slides
Healthcare: Is the Cyber Threat Real? President Obama has identified cybersecurity as one of the

Healthcare: Is the Cyber Threat Real? President Obama has identified cybersecurity as one of the

Healthcare: Is the Cyber Threat Real? President Obama has identified cybersecurity as one of the most serious economic and national security challenges we face as a nation..!Whitehouse.gov Dr. Emma Garrison-Alexander Vice Dean, Cybersecurity

355 views • 8 slides
ACCELERATING CYBER THREAT DETECTION WITH GPU Joshua Patterson | Director of Applied Solutions

ACCELERATING CYBER THREAT DETECTION WITH GPU Joshua Patterson | Director of Applied Solutions

ACCELERATING CYBER THREAT DETECTION WITH GPU Joshua Patterson | Director of Applied Solutions Engineering | GTC Israel 2017 @datametrician RULES & PEOPLE DONT SCALE Current methods are too slow Right now, financial services reports it

685 views • 57 slides
Cyber security progress report Grahame Coles, Chief Enterprise Solutions Officer Department of

Cyber security progress report Grahame Coles, Chief Enterprise Solutions Officer Department of

Cyber security progress report Grahame Coles, Chief Enterprise Solutions Officer Department of Premier and Cabinet Public The cyber threat to Australian organisations is undeniable, unrelenting and continues to grow. Australian Cyber

365 views • 12 slides
The Organized Mess & Business Ethics of Cyber Threat Intel Ron Schlecht Introduction

The Organized Mess & Business Ethics of Cyber Threat Intel Ron Schlecht Introduction

The Organized Mess & Business Ethics of Cyber Threat Intel Ron Schlecht Introduction Ron Schlecht , Managing Partner 18 years of Information Security experience G Contracting, Law Enforcement, Consulting, CISO Founded BTB

290 views • 16 slides

More recommend