the anatomy of cyber threat intelligence cti
play

THE ANATOMY OF CYBER THREAT INTELLIGENCE (CTI) Noureen Njoroge - PowerPoint PPT Presentation

Jan 29, 2023 •7 likes •197 views

THE ANATOMY OF CYBER THREAT INTELLIGENCE (CTI) Noureen Njoroge OVERVIEW Define Cyber Threat Intelligence (CTI) Define Cyber Intelligence (CI) Understand the importance of CTI to an organization Components of Threat Sources of

  1. THE ANATOMY OF CYBER THREAT INTELLIGENCE (CTI) Noureen Njoroge

  2. OVERVIEW • Define Cyber Threat Intelligence (CTI) • Define Cyber Intelligence (CI) • Understand the importance of CTI to an organization • Components of Threat • Sources of Cyber Threat Intelligence (CTI) • Categories of Cyber Threat Intelligence (CTI) • Benefits of Cyber Threat Intelligence (CTI) • Importance of real-time Cyber Threat Intelligence (CTI) Noureen Njoroge

  3. DEFINITION Cyber Threat Intelligence (CTI) Is the analysis of information related to adversaries who have the intent, opportunity and capability to do harm. Noureen Njoroge

  4. DEFINITION Cyber Intelligence (CI) Is the ability to gain knowledge about an enterprise and it’s existing conditions and capabilities. Noureen Njoroge

  5. COMPONENTS OF A SUCCESSFUL THREAT INTELLIGENCE STRATEGY Three Important components 1. Good Data Sources 2. Good Policies, Procedures and chain of command. 3. Good Threat Intelligence Analysts Noureen Njoroge

  6. CTI ON A CYBERSECURITY CHART

  7. Noureen Njoroge

  8. CTI IS INTELLIGENCE FOCUS Know the three components of threats: 1. Intent 2. Capability 3. Opportunity Noureen Njoroge

  9. CYBER THREAT INTELLIGENCE (CTI) SOURCES Past Incidents • Commercial Feeds • Govt & Non- Profit sharing programs • Threat Intel Reports • Noureen Njoroge

  10. CATEGORIES OF CYBER THREAT INTELLIGENCE Know the three categories of threats: 1. Tactical 2. Operational 3. Strategic Noureen Njoroge

  11. CATEGORIES OF CYBER THREAT INTELLIGENCE

  12. THE FIVE W ’ S & HOW Know threat and answer the 5 w ’s and How. WHEN WHERE WHY WHO WHAT HOW Noureen Njoroge

  13. CASE FOR CYBER THREAT INTELLIGENCE (CTI) Before Attack During an Attack After Attack Noureen Njoroge

  14. KEY BENEFITS OF CTI TO AN ORGANIZATION • It provides organizations a fighting chance to defeat ever-changing threats. • Provides a holistic view of the threat landscape and provide a posture to protect the organization from the multitude of threats they face ever day. Noureen Njoroge

  15. INTEGRITY OF CTI REPORTS “All organizations that share threat information to customers or the public through any channel should employ guidelines that help them ensure accuracy in their reporting. Even if all the facts aren’t clear, organizations can still communicate what they know—and avoid guessing. Being right is better than being first”. https://www.cisco.com/c/dam/m/hu_hu/campaigns/security-hub/pdf/acr-2018.pdf Noureen Njoroge

  16. BENEFITS OF REAL-TIME -- DYNAMIC CTI Provide visibility of threat landscape • Freshness of data • Collaboration • Threat context • Noureen Njoroge

  17. KEY TAKEAWAYS Detection • Context • Advance Persistent Threat (APT) • Community Defense • Noureen Njoroge

  18. FREE CTI RESOURCES https://www.mitre.org/capabilities/cybersecurity/cyber-threat-intelligence https://www.misp-project.org/feeds/ https://cymon.io https://www.us-cert.gov/ncas/alerts https://talosintelligence.com Noureen Njoroge

  19. CONTACT Noureen Njoroge cybersecmentorship@gmail.com or nnjoroge@cisco.com Linkedin @ Noureen Njoroge Thank you for your time Noureen Njoroge

Recommend

Agenda What is Cyber Threat Intelligence (CTI) Sandbox Malware analysis Debugger

Agenda What is Cyber Threat Intelligence (CTI) Sandbox Malware analysis Debugger

PUBLIC Agenda What is Cyber Threat Intelligence (CTI) Sandbox Malware analysis Debugger Malware analysis Static RE with IDA pro Arme suisse EPFL 2019 2 Base daide au commandement BAC Applied Cyber Threat Intelligence

765 views • 63 slides
European Framework for Threat Intelligence Based Ethical Redteaming (TIBER- EU) & Cyber

European Framework for Threat Intelligence Based Ethical Redteaming (TIBER- EU) & Cyber

European Framework for Threat Intelligence Based Ethical Redteaming (TIBER- EU) & Cyber Resilience Oversight Expectations (CROE) AMI-Pay 17 April 2018 Cyber Resilience Oversight Expectations (CROE) Rubric CROE why? Sets up a

415 views • 9 slides
The Cyber Threat: Securing Cyber Infrastructure Overview What are the FBIs Priorities?

The Cyber Threat: Securing Cyber Infrastructure Overview What are the FBIs Priorities?

The Cyber Threat: Securing Cyber Infrastructure Overview What are the FBIs Priorities? What is the FBIs Cyber Structure? HQ Division Dedicated Cyber squads in all 56 field offices, including satellite locations overseas.

1.54k views • 14 slides
Threat Intelligence Jeremy Batterman Global Leader Threat Intelligence GREM, EnCE, GCFA, MBA 3

Threat Intelligence Jeremy Batterman Global Leader Threat Intelligence GREM, EnCE, GCFA, MBA 3

Threat Intelligence Jeremy Batterman Global Leader Threat Intelligence GREM, EnCE, GCFA, MBA 3 October 2018 What is Intelligence Convincing evidence Probable cause, beyond a reasonable doubt, or preponderance of

646 views • 25 slides
The New Security Frontier: Threat Hunting, Augmented Intelligence, and Automated Response

The New Security Frontier: Threat Hunting, Augmented Intelligence, and Automated Response

The New Security Frontier: Threat Hunting, Augmented Intelligence, and Automated Response Michael Melore, CISSP IBM Cyber Security Advisor @MichaelMelore June 2018 May 2018 May 2018 Threat Hunting Workflow Cognitive Advanced Analytics

443 views • 15 slides
Cyber Security: The Current Threat T/Detective Chief Inspector Paul Peters Regional Cyber Crime

Cyber Security: The Current Threat T/Detective Chief Inspector Paul Peters Regional Cyber Crime

Cyber Security: The Current Threat T/Detective Chief Inspector Paul Peters Regional Cyber Crime Unit RCCU-Tarian@south-wales.pnn.police.uk The criminal landscape is changing OFFICIAL Why worry about Cybercrime? Reduce Threat

330 views • 30 slides
Trustworthy Host Platforms For Accelerated Research And Education: Strategic Cyber Threat

Trustworthy Host Platforms For Accelerated Research And Education: Strategic Cyber Threat

Trustworthy Host Platforms For Accelerated Research And Education: Strategic Cyber Threat Reduction Through International Research Cooperation John C. Mallery Computer Science & Artificial Intelligence Laboratory

599 views • 16 slides
Vajra Cyber Threat Mitigation Service (Vajra CTMS) A Military Grade Cyber Threat Mitigation

Vajra Cyber Threat Mitigation Service (Vajra CTMS) A Military Grade Cyber Threat Mitigation

Vajra Cyber Threat Mitigation Service (Vajra CTMS) A Military Grade Cyber Threat Mitigation Service for Businesses and Governments Cyber Security & Privacy Foundation Pte. Ltd., Singapore Cyber Security & Privacy Foundation (CSPF)

369 views • 21 slides
From 0 to Hero Actionable Threat Intelligence Raffaele Di Taranto Vito Lucatorto Our Journey

From 0 to Hero Actionable Threat Intelligence Raffaele Di Taranto Vito Lucatorto Our Journey

From 0 to Hero Actionable Threat Intelligence Raffaele Di Taranto Vito Lucatorto Our Journey in CTI : Problems & Solutions in Critical Infrastructure Vito Lucatorto Cyber Security Engineer @ FS Holding Experience in Banking

873 views • 42 slides
Data-Driven Threat Intelligence: Metrics on Indicator Dissemination and Sharing (#ddti)

Data-Driven Threat Intelligence: Metrics on Indicator Dissemination and Sharing (#ddti)

Data-Driven Threat Intelligence: Metrics on Indicator Dissemination and Sharing (#ddti) AlexandreSieira Alex Pinto CTO Chief Data Scientist Niddel MLSec Project @AlexandreSieira @alexcpsec @NiddelCorp @MLSecProject Agenda Cyber

585 views • 57 slides
MENA Information Security Conference 2017 On the Verge : Combating Cyber Threats leveraging Threat

MENA Information Security Conference 2017 On the Verge : Combating Cyber Threats leveraging Threat

MENA Information Security Conference 2017 On the Verge : Combating Cyber Threats leveraging Threat Intelligence, Faster Detection & Automated Response Adaptive Security Strategy for SOC Ramy AlDamati Principle CyberSecurity Solution

680 views • 31 slides
THE EVOLVING CYBER THREAT LANDSCAPE : Ensuring the Integrity and Value of Information Sean

THE EVOLVING CYBER THREAT LANDSCAPE : Ensuring the Integrity and Value of Information Sean

THE EVOLVING CYBER THREAT LANDSCAPE : Ensuring the Integrity and Value of Information Sean Kanuck Director of Cyber, Space and Future Conflict The International Institute for Strategic Studies NATO Parliamentary Assembly Warsaw, Poland 27

694 views • 10 slides
Cyber Catastrophe in the Movies: Realistic Threat or Hollywood Hokum? MODERATOR: PANELISTS:

Cyber Catastrophe in the Movies: Realistic Threat or Hollywood Hokum? MODERATOR: PANELISTS:

Cyber Catastrophe in the Movies: Realistic Threat or Hollywood Hokum? MODERATOR: PANELISTS: Larry Clinton Scott Borg US Cyber Consequences Unit Internet Security Alliance Paul Davis NJVC Tim McKnight Northrop Grumman Danny McPherson

661 views • 32 slides
CONFRONTING THE CYBER THREAT David J. Hickton SAC-PA Workshop Founding Director Pittsburgh,

CONFRONTING THE CYBER THREAT David J. Hickton SAC-PA Workshop Founding Director Pittsburgh,

CONFRONTING THE CYBER THREAT David J. Hickton SAC-PA Workshop Founding Director Pittsburgh, Pennsylvania University of Pittsburgh Institute for Cyber June 22, 2017 Law, Policy, and Security Chinese Economic Espionage First time the United

716 views • 13 slides
Advanced Cyber Risk Management Threat Modeling & Cyber Wargaming April 23, 2018 The

Advanced Cyber Risk Management Threat Modeling & Cyber Wargaming April 23, 2018 The

Advanced Cyber Risk Management Threat Modeling & Cyber Wargaming April 23, 2018 The Homeland Security Systems Engineering and Development Institute (HSSEDI) is a trademark of the U.S. Department of Homeland Security (DHS). The HSSEDI

149 views • 13 slides
Overview Introduction Legal framework Dynamics of the threat Nature of cyber

Overview Introduction Legal framework Dynamics of the threat Nature of cyber

BISC : Cyber Security What can the VSSE contribute? 1 BISC - 19/11/12 Overview Introduction Legal framework Dynamics of the threat Nature of cyber attacks Targeting Paradigm shifts Whos targeting what? Tools

340 views • 5 slides
Threat Modeling and S haring S ummary Proposal to kick off Threat Modeling proj ect

Threat Modeling and S haring S ummary Proposal to kick off Threat Modeling proj ect

Threat Modeling and S haring S ummary Proposal to kick off Threat Modeling proj ect Multi-phase approach Initially: create Cyber Domain PIM and S TIX PS M with UML Profile for NIEM Expand to other PS M, create Threat Meta

211 views • 10 slides
Offensive Threat Modeling for Attackers turning threat modeling on its head Rafal M. Los

Offensive Threat Modeling for Attackers turning threat modeling on its head Rafal M. Los

Offensive Threat Modeling for Attackers turning threat modeling on its head Rafal M. Los Chief Security Evangelist HP Software Shane MacDougall Principal Tactical Intelligence Modern threat modeling is a defensive response to

783 views • 52 slides
Telencephalon/Cerebral Cortex - Anatomy Cerebral Cortex Box 26D Brain Size and Intelligence

Telencephalon/Cerebral Cortex - Anatomy Cerebral Cortex Box 26D Brain Size and Intelligence

Telencephalon/Cerebral Cortex - Anatomy Cerebral Cortex Box 26D Brain Size and Intelligence 1.12 Gross anatomy of the forebrain. (Part 3) Haines, Fund. Neuro., Fig 16 10 Figure A21 The ventricular system of the human brain (Part 1) Box

589 views • 36 slides
What is Our Greatest Cyber-Security Threat? OT vulnerability explained and national conversation

What is Our Greatest Cyber-Security Threat? OT vulnerability explained and national conversation

What is Our Greatest Cyber-Security Threat? OT vulnerability explained and national conversation about security and privacy urged at ASU Biodesign presentation Where is the U.S. most vulnerable to cyber-security attack? And, what is the greatest

80 views • 4 slides
Development of Initiating Cyber Threat Scenarios and the Probabilities Based on Operating

Development of Initiating Cyber Threat Scenarios and the Probabilities Based on Operating

Transactions of the Korean Nuclear Society Virtual Spring Meeting July 9-10, 2020 Development of Initiating Cyber Threat Scenarios and the Probabilities Based on Operating Experience Analysis Sang Min Han a , Poong Hyun Seong a a Department

540 views • 4 slides
MRO Security Advisory Council (SAC) Webinar One Companys Path to Establishing Threat

MRO Security Advisory Council (SAC) Webinar One Companys Path to Establishing Threat

MRO Security Advisory Council (SAC) Webinar One Companys Path to Establishing Threat Intelligence and Hunting Jamie Buening, Manager, Threat Intelligence and Hunting, MISO August 21, 2019 MRO SAC Update Technical Training and Social

478 views • 45 slides
Threat Modeling in Cyber-Physical Systems May 16, 2017 By Emeka Eyisi Ph.D. Mark Moulin Ph.D.

Threat Modeling in Cyber-Physical Systems May 16, 2017 By Emeka Eyisi Ph.D. Mark Moulin Ph.D.

Threat Modeling in Cyber-Physical Systems May 16, 2017 By Emeka Eyisi Ph.D. Mark Moulin Ph.D. Devu Manikantan Shila Ph.D. Cyber-Physical Systems (CPS) Physical CPS Control Computa<on Communica<on This page contains no technical

323 views • 14 slides
How to protect yourself and your business from the threat of Cybercrime Presented by Laura

How to protect yourself and your business from the threat of Cybercrime Presented by Laura

How to protect yourself and your business from the threat of Cybercrime Presented by Laura Hodgson Cyber Protect Officer Cyber.safe@titan.pnn.police.uk Who are we? North West Regional Organised Crime Unit Cumbria Collaboration of 6 North

353 views • 20 slides

More recommend