Information Security and Cyber Threats

Uploaded by

Anjum Nazir

0% found this document useful (0 votes)

61 views14 pages

Copyright

Available Formats

PPTX, PDF, TXT or read online from Scribd

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Report this Document

Information Security and Cyber Threats

Copyright:

Available Formats

Download as PPTX, PDF, TXT or read online from Scribd

Flag for inappropriate content

0% found this document useful (0 votes)

61 views14 pages

Information Security and Cyber Threats

Uploaded by

Anjum Nazir

Information Security and Cyber Threats

Copyright:

Available Formats

Download as PPTX, PDF, TXT or read online from Scribd

Flag for inappropriate content

Jump to Page

You are on page 1of 14

Search inside document

Cyber Security Threats and

Countermeasures
Landscape
Presented by: Anjum Nazir
Sr. Network Security Analyst (UBL)
Security Consultant / Trainer (Geeks Hub)
Presentation Overview
• Key Terminologies
• Traditional Threat Vectors
• Modern Threats - Advance Persistent Threats
(APT)
• Conventional / Advance Security Approach
• Countermeasures
• Key Components of an Effective Security Program
• Questions?
Key Terminologies
• Vulnerability
– Software flaws, bugs, weaknesses, logic design or
implementation errors that could lead to un-expected and
undesirable results
• Exploit
– A piece of code or software that can take advantage of a
bug, vulnerability or weakness of the system leading to un-
authorized access, privilege escalation or denial of service
Key Terminologies (2)
• Attack
– An attack occurs when a system is being
compromised due to vulnerability.
– Many attacks are perpetuated via an exploit.
• Threat
– An environment or situation that could lead to a
potential security breach.
Traditional Threat Vectors
“stealth” / advanced Tools
scanning techniques

High packet spoofing denial of service

DDOS
sniffers
Intruder attacks
Knowledge www
sweepers
attacks
automated probes/scans
GUI
back doors
disabling audits network mgmt. diagnostics
hijacking
Attack burglaries sessions
Sophistication exploiting known vulnerabilities
password cracking
self-replicating code
password guessing Attackers
Low
1980 1985 1990 1995 2000
Source: Carnegie Mellon
Software Engineering Institute
Advanced Persistent Threats
• Advanced
– Attacker adapts to defenders’ efforts
– Can develop or buy Zero-Day exploits
– Higher level of sophistication
• Persistent
– Attacks are objective and specific
– Will continue until goal is reached
– Intent to maintain long term connectivity
• Threats
– Entity/s behind the attack
– Not the malware/exploit/attack alone
Typical Attack
Step • Reconnaissance
1

Step • Initial Intrusion into the Network

Step • Establish a Backdoor into the Network

Step • Obtain User Credentials

Step • Install Various Utilities

Step • Privilege Escalation / Lateral Movement / Data Exfiltration

Step • Maintain Persistence

7
Observations ..
Countermeasures
Programmatic Building Blocks
Key Components of an Effective Security
Program
Incident Disaster Business
RESPOND Response Recovery Continuity
Intrusion Auditing and
DETECT Reviews Compliance Monitoring
Detection Event Logging
Technical Controls Non-Technical Controls
Physical
PROTECT Controls Net OS DB App
Elec
Personnel
Verbal/
Procedures
Build Up

Comm written
Awareness
EDUCATE Programs
General Training Specialized Training

Asset ID and
DOCUMENT Policies Standards Procedures
Classification
Dedicated Roles and Security Asset Risk Management
MANAGE ISO Responsibilities Skills (Life Cycle Approach)
Strategic Cross-Functional
Charter Funding
PROGRAM Planning Security Oversight
Executive Commitment
Questions?

Study Unit 5: Key Risk Indicators Key Performance Indicators
Document23 pages
Study Unit 5: Key Risk Indicators Key Performance Indicators
Thato Sechoaro
No ratings yet
OWASP Top 10 - Threats and Mitigations
Document54 pages
OWASP Top 10 - Threats and Mitigations
Swathi Patibandla
No ratings yet
Lecture - 02a - Basic Static Analysis
Document22 pages
Lecture - 02a - Basic Static Analysis
Elena Damon
No ratings yet
Cyber Threats and Security
Document17 pages
Cyber Threats and Security
no One
No ratings yet
Checking Microsoft Windows Systems For Signs of Compromise
Document13 pages
Checking Microsoft Windows Systems For Signs of Compromise
Daniel Checchia
No ratings yet
Rebar Checklist
Document2 pages
Rebar Checklist
Muhammad sheryar
100% (3)
CYBER SECURITY HANDBOOK Part-2: Lock, Stock, and Cyber: A Comprehensive Security Handbook
From Everand
CYBER SECURITY HANDBOOK Part-2: Lock, Stock, and Cyber: A Comprehensive Security Handbook
Poonam Devi
No ratings yet
Comptia Security+ Certification Support Skills: 1.2 Threats and Attacks
Document19 pages
Comptia Security+ Certification Support Skills: 1.2 Threats and Attacks
Fadhli Aulia S
No ratings yet
Cisco Security Ebc Presentation
Document26 pages
Cisco Security Ebc Presentation
tester
No ratings yet
CHAP 3.2 Protection Against Malicious Software
Document22 pages
CHAP 3.2 Protection Against Malicious Software
Firdaus
No ratings yet
What Is The Difference Between A Virus and A Worm
Document3 pages
What Is The Difference Between A Virus and A Worm
Petr Ikhwan
No ratings yet
E-Business Suite Applications - WebCast Part3
Document109 pages
E-Business Suite Applications - WebCast Part3
mouse.lenova mouse
No ratings yet
Cyber Attack On Sepa: - Presented By: - Aminah Shahzad
Document10 pages
Cyber Attack On Sepa: - Presented By: - Aminah Shahzad
Aminah Shahzad
No ratings yet
Social Aspects of Engineering
Document16 pages
Social Aspects of Engineering
Yaman
No ratings yet
Christmas Letter 96
Document3 pages
Christmas Letter 96
Miljenko Horvat
No ratings yet
Cyber Security
Document48 pages
Cyber Security
Suraj Das
No ratings yet
Social Engineering
Document4 pages
Social Engineering
Asad Hashmi
No ratings yet
Malware Analysis
Document5 pages
Malware Analysis
Ravi Kumar
No ratings yet
CSIC Cyber Security
Document52 pages
CSIC Cyber Security
Mahendra Mandalapu
100% (1)
Section 1: Basic Introduction To Cyber Security and Information Security
Document5 pages
Section 1: Basic Introduction To Cyber Security and Information Security
nada
No ratings yet
Aged Care Migrants Guide 0
Document67 pages
Aged Care Migrants Guide 0
Marial Perlop
No ratings yet
2-Cyber Attacks-04!08!2021 (04-Aug-2021) Material I 04-Aug-2021 02 Cyber Attacks
Document27 pages
2-Cyber Attacks-04!08!2021 (04-Aug-2021) Material I 04-Aug-2021 02 Cyber Attacks
PIYUSH RAJ GUPTA
No ratings yet
IPD - Malware Response
Document28 pages
IPD - Malware Response
shuvo
No ratings yet
Malware Removal Checklist
Document1 page
Malware Removal Checklist
SaileshResume
No ratings yet
CYBERSECURITY
Document22 pages
CYBERSECURITY
michellebulgar0
No ratings yet
Cyber Awareness 2 0 2 1: BY Ayokunle Olaniyi
Document31 pages
Cyber Awareness 2 0 2 1: BY Ayokunle Olaniyi
Oludare Ogunkoya
No ratings yet
Top Web App Attack Methods and How To Combat Them: Dennis Hurst, SPI Dynamics
Document74 pages
Top Web App Attack Methods and How To Combat Them: Dennis Hurst, SPI Dynamics
Sridhar Krishnamurthi
No ratings yet
A N Tcybersecurity Awareness Jul 23
Document19 pages
A N Tcybersecurity Awareness Jul 23
Subramanian Ramakrishnan
No ratings yet
NASSCOM-DSCI Cyber Security Advisory Group (CSAG) Report
Document78 pages
NASSCOM-DSCI Cyber Security Advisory Group (CSAG) Report
rajesh
No ratings yet
Phishing and Anti-Phishing
Document20 pages
Phishing and Anti-Phishing
raed messaoudi
No ratings yet
Unit 38 DatabaseManagementSyst
Document27 pages
Unit 38 DatabaseManagementSyst
momin nadeem
No ratings yet
Cyber Forensic Article
Document6 pages
Cyber Forensic Article
Deepika Bansal
No ratings yet
Navigating The Maze of Cyber Security Intelligence and Analytics - Anything Connected
Document23 pages
Navigating The Maze of Cyber Security Intelligence and Analytics - Anything Connected
Bhu
No ratings yet
Application, Data and Host Security
Document24 pages
Application, Data and Host Security
Kari Alfaro
No ratings yet
What Is A Malware Attack?
Document4 pages
What Is A Malware Attack?
aariya goel
No ratings yet
The Insider Threat Benchmark Report: Strategies For Data Protection
Document27 pages
The Insider Threat Benchmark Report: Strategies For Data Protection
Jaisri Chety
No ratings yet
Computer Security
Document8 pages
Computer Security
Trixia Mortiz
No ratings yet
VPN Security Mechanisms
Document11 pages
VPN Security Mechanisms
Baronremora
No ratings yet
Design and Implementation of A Real-Time Honeypot System For The
Document129 pages
Design and Implementation of A Real-Time Honeypot System For The
Mamed Aliyev
No ratings yet
Cyber Security
Document8 pages
Cyber Security
Mark Gonzales
No ratings yet
DDOS Research Paper
Document14 pages
DDOS Research Paper
Caue Koisumi Cintra
No ratings yet
Cyber+Capability+Toolkit+ +Cyber+Incident+Response+ +Phishing+Playbook+v2.3
Document23 pages
Cyber+Capability+Toolkit+ +Cyber+Incident+Response+ +Phishing+Playbook+v2.3
Tobiloba Asaolu
No ratings yet
Defense Science Board: Resilient Military Systems & Cyber Threats
Document146 pages
Defense Science Board: Resilient Military Systems & Cyber Threats
John André
No ratings yet
Real-Time Detection Tracking and Monitoring of Automatically Discovered Events in Social Media 2
Document7 pages
Real-Time Detection Tracking and Monitoring of Automatically Discovered Events in Social Media 2
Kabir J Abubakar
No ratings yet
DIY CyberArk Blueprint Roadmap Template
Document9 pages
DIY CyberArk Blueprint Roadmap Template
cis7all
No ratings yet
Unit-5 Cybersecurity: Organizational Implications: IV-II SEM CSE, Cyber Security Unit - V
Document13 pages
Unit-5 Cybersecurity: Organizational Implications: IV-II SEM CSE, Cyber Security Unit - V
Lakshmi Narayana Reddy
No ratings yet
Security+ Guide To Network Security Fundamentals, Third Edition
Document51 pages
Security+ Guide To Network Security Fundamentals, Third Edition
Robin Rohit
No ratings yet
Cyber-Attacks and Cybersecurity The Pressing Need For The Latter
Document4 pages
Cyber-Attacks and Cybersecurity The Pressing Need For The Latter
International Journal of Innovative Science and Research Technology
No ratings yet
IT Security Management and Risk Assessment
Document53 pages
IT Security Management and Risk Assessment
OMAR QARKASH
100% (2)
ACS Cybersecurity Guide PDF
Document72 pages
ACS Cybersecurity Guide PDF
Muhammad Azhar
100% (1)
CISO Proposal 23dec2015
Document7 pages
CISO Proposal 23dec2015
Deepak Dahiya
No ratings yet
Solution Forensic
Document15 pages
Solution Forensic
Avdhesh Gupta
No ratings yet
Network Intrusion
Document4 pages
Network Intrusion
Raul Gonzalez
No ratings yet
M.tech Cyber Security & Incident Response
Document11 pages
M.tech Cyber Security & Incident Response
Abhishek Dave
No ratings yet
Data Leakage and Prevention
Document27 pages
Data Leakage and Prevention
Eco Frnd Nikhil Ch
No ratings yet
CIBOK Sample PDF
Document43 pages
CIBOK Sample PDF
Arham Khan
No ratings yet
Cyber Security: Action Against Cyber Crime
Document11 pages
Cyber Security: Action Against Cyber Crime
Education Tech Pool
No ratings yet
2018 AEP Vulnerabilities of Healthcare IT Systems
Document28 pages
2018 AEP Vulnerabilities of Healthcare IT Systems
Salman Ahmed
No ratings yet
Pear Hishing Ttack: How The Attack Works?
Document15 pages
Pear Hishing Ttack: How The Attack Works?
Ranjith Kumar
No ratings yet
Cyber Threat Intelligence 101 by Gary Ruddell
Document36 pages
Cyber Threat Intelligence 101 by Gary Ruddell
marcosorio1234
No ratings yet
Cyber Security in Africa
Document5 pages
Cyber Security in Africa
Black Hat Hacker
No ratings yet
Unit-2 Linear Data Structure-Array
Document27 pages
Unit-2 Linear Data Structure-Array
Sanskruti Dhanani
No ratings yet
Robotic Surgery: A Seminar Report On
Document16 pages
Robotic Surgery: A Seminar Report On
Wendy Cannon
No ratings yet
STS Module 3
Document28 pages
STS Module 3
Arlo Gutay
No ratings yet
Mac Mini: User's Guide
Document106 pages
Mac Mini: User's Guide
Louis Williams
No ratings yet
Course Outline - 975676461building Material and Construction IV
Document2 pages
Course Outline - 975676461building Material and Construction IV
Endalkchew Fentahun
No ratings yet
LIENSON Company Profile
Document8 pages
LIENSON Company Profile
Shino Ping Poong
No ratings yet
BTF PDF
Document4 pages
BTF PDF
Arif Puji
No ratings yet
User S Manual: FP0H Control Unit
Document222 pages
User S Manual: FP0H Control Unit
Cinthia Lopez
No ratings yet
PUMP MMTV Vertical Mixed Flow Multistage Pump With Canister
Document3 pages
PUMP MMTV Vertical Mixed Flow Multistage Pump With Canister
arondaniel ocampo
No ratings yet
Las Activities q2
Document3 pages
Las Activities q2
Anna Jane Adan
No ratings yet
Pub ICTs For Higher Education Unesco July2005 PDF
Document42 pages
Pub ICTs For Higher Education Unesco July2005 PDF
janice raj
No ratings yet
@ WJC) 8@ $hack Instagram Account$ #2021# # (Hack Insta
Document4 pages
@ WJC) 8@ $hack Instagram Account$ #2021# # (Hack Insta
Mohamad Zazili
No ratings yet
Installation Licensing and Activation
Document46 pages
Installation Licensing and Activation
neritto
No ratings yet
Project Report: Online Banking
Document38 pages
Project Report: Online Banking
Roshan Shaw
No ratings yet
Artist II Preamp
Document1 page
Artist II Preamp
Steve Mashiter
No ratings yet
Gateway Group of Companies
Document22 pages
Gateway Group of Companies
SUCHENDRA REDDY NAGARURU
No ratings yet
Rahman Heritage Tower, Tangail
Document4 pages
Rahman Heritage Tower, Tangail
Hunter gaming
No ratings yet
Cybot Baseboard LCD Schematic
Document6 pages
Cybot Baseboard LCD Schematic
api-584352705
No ratings yet
Supply Chain Integration
Document9 pages
Supply Chain Integration
John Sujith
No ratings yet
Ad Notam Display Frame Unit: Product Highlights
Document5 pages
Ad Notam Display Frame Unit: Product Highlights
Vishal Suryawani
No ratings yet
Anthropometrics
Document5 pages
Anthropometrics
Noel Dela Cruz
No ratings yet
Strength Under Fire: Cat Fire Pump Engines
Document4 pages
Strength Under Fire: Cat Fire Pump Engines
Argenis Jimenez
No ratings yet
Who Invented The Computer?: Charles Babbage and The Analytical Engine
Document3 pages
Who Invented The Computer?: Charles Babbage and The Analytical Engine
Motivator Singh
No ratings yet
HeroLab Manual
Document55 pages
HeroLab Manual
Colin Braddock
No ratings yet
RBS 6000 Commissioning Procedure - PA1
Document17 pages
RBS 6000 Commissioning Procedure - PA1
He Ro
90% (10)
Hl-Dv7W HL-DV5: One-Piece Digital Camera/Recorder With DVCAM Format
Document8 pages
Hl-Dv7W HL-DV5: One-Piece Digital Camera/Recorder With DVCAM Format
Muhammad Akhfash Raffay
No ratings yet
CWCT
Document5 pages
CWCT
troyel99
No ratings yet
Sam Carlton CV
Document1 page
Sam Carlton CV
sam_carlton_4
No ratings yet
Extreme Switching Lab Guide v1.8 (Ebook)
Document95 pages
Extreme Switching Lab Guide v1.8 (Ebook)
Hrvoje Silov
No ratings yet