Building capabilities to disrupt the adversaryyourself, you need not fear the result of a hundred...

18
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Building capabilities to disrupt the adversary Colin Gray CISSP, Sales Engineer HP Enterprise Security Products

Transcript of Building capabilities to disrupt the adversaryyourself, you need not fear the result of a hundred...

Page 1: Building capabilities to disrupt the adversaryyourself, you need not fear the result of a hundred battles.” —Sun Tzu, The Art of War ... Organize our capability to disrupt the

© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.

Building capabilities to disrupt the adversary

Colin Gray CISSP, Sales Engineer

HP Enterprise Security Products

Page 2: Building capabilities to disrupt the adversaryyourself, you need not fear the result of a hundred battles.” —Sun Tzu, The Art of War ... Organize our capability to disrupt the

© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 2

Research

Page 3: Building capabilities to disrupt the adversaryyourself, you need not fear the result of a hundred battles.” —Sun Tzu, The Art of War ... Organize our capability to disrupt the

© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 3

APT - Definition

Asset

Well-funded and skilled attacker (teams) with profound knowledge about the target and a long-term infiltration strategy. Once the target is infiltrated the highest priority is to stay covert and exfiltrate as much sensible and valuable data as possible or to damage the target (organization) effectively and sustained. Due to the high stakes the attacker(s) will keep on trying until success.

Advanced Persistent Threat (APT)

Page 4: Building capabilities to disrupt the adversaryyourself, you need not fear the result of a hundred battles.” —Sun Tzu, The Art of War ... Organize our capability to disrupt the

© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 4

Bank Hack Results in Stunning $45 Million ATM Heist

Experts Marvel At How Cyberthieves Stole $45 Million

Global Network of Hackers Steal $45 Million From ATMs

In Hours, Thieves Took $45 Million in A.T.M. Scheme

The Circuit: Hackers took $45 million in ATM heist

Page 5: Building capabilities to disrupt the adversaryyourself, you need not fear the result of a hundred battles.” —Sun Tzu, The Art of War ... Organize our capability to disrupt the

© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.

“If you know the enemy and know yourself, you need not fear the result of a hundred battles.”

—Sun Tzu, The Art of War

Page 6: Building capabilities to disrupt the adversaryyourself, you need not fear the result of a hundred battles.” —Sun Tzu, The Art of War ... Organize our capability to disrupt the

© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.

Big data Mobile Cloud

Page 7: Building capabilities to disrupt the adversaryyourself, you need not fear the result of a hundred battles.” —Sun Tzu, The Art of War ... Organize our capability to disrupt the

© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 7

I follow ISO, PCI and other security standards

Our predictability is well known

I stitch technology together across functions

Page 8: Building capabilities to disrupt the adversaryyourself, you need not fear the result of a hundred battles.” —Sun Tzu, The Art of War ... Organize our capability to disrupt the

© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 8

Market with distinct process

Actors organize and specialize

Intelligence is bought and sold

Defining the adversary

Cybercrime

Economic Espionage

Hacktivist

The

adversary

Page 9: Building capabilities to disrupt the adversaryyourself, you need not fear the result of a hundred battles.” —Sun Tzu, The Art of War ... Organize our capability to disrupt the

© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 9

Discovery

Organize our capability to disrupt the market

Research

Our enterprise

Their ecosystem

Infiltration

Capture

Exfiltration

Page 10: Building capabilities to disrupt the adversaryyourself, you need not fear the result of a hundred battles.” —Sun Tzu, The Art of War ... Organize our capability to disrupt the

© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 10

Discovery

Organize our capability to disrupt the market

Research

Our enterprise

Their ecosystem

Infiltration

Capture

Exfiltration

Educating users Counter intel

Blocking access

Page 11: Building capabilities to disrupt the adversaryyourself, you need not fear the result of a hundred battles.” —Sun Tzu, The Art of War ... Organize our capability to disrupt the

© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 11

84% of breaches occur at the application layer

68% increase in mobile application vulnerability disclosures

Page 12: Building capabilities to disrupt the adversaryyourself, you need not fear the result of a hundred battles.” —Sun Tzu, The Art of War ... Organize our capability to disrupt the

© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 12

Discovery

Rethink our capability investments

Research

Our enterprise

Their ecosystem

Exfiltration

Capture

5X 1X

Infiltration

Page 13: Building capabilities to disrupt the adversaryyourself, you need not fear the result of a hundred battles.” —Sun Tzu, The Art of War ... Organize our capability to disrupt the

© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 13

Discovery

Organize our capability to disrupt the market

Research

Our enterprise

Their ecosystem

Infiltration

Capture

Exfiltration

Finding them

Educating users Counter intel

Blocking access

Page 14: Building capabilities to disrupt the adversaryyourself, you need not fear the result of a hundred battles.” —Sun Tzu, The Art of War ... Organize our capability to disrupt the

© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 14

average time to detect breach 416 days

2012 January February March April May June July August September October November December 2013 January February March April

Page 15: Building capabilities to disrupt the adversaryyourself, you need not fear the result of a hundred battles.” —Sun Tzu, The Art of War ... Organize our capability to disrupt the

© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 15

Discovery

Organize our capability to disrupt the market

Research

Our enterprise

Their ecosystem

Infiltration

Capture

Exfiltration Planning damage mitigation

Protecting the target asset

Finding them

Educating users Counter intel

Blocking access

Page 16: Building capabilities to disrupt the adversaryyourself, you need not fear the result of a hundred battles.” —Sun Tzu, The Art of War ... Organize our capability to disrupt the

© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 16

of breaches are reported by a 3rd party 94%

Page 17: Building capabilities to disrupt the adversaryyourself, you need not fear the result of a hundred battles.” —Sun Tzu, The Art of War ... Organize our capability to disrupt the

© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 17

We are here to help

1. SOC Consulting Services

2. Security Information and Event Management a. ArcSight

3. Application vulnerability protection a. TippingPoint IPS / NGFW

b. Fortify Application Assurance

Page 18: Building capabilities to disrupt the adversaryyourself, you need not fear the result of a hundred battles.” —Sun Tzu, The Art of War ... Organize our capability to disrupt the

© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.

Make it matter.

Thank you


Disrupt Poverty

Disrupt Poverty

Buddhist Tzu-Chi Medical Center. established in Hualien in 1986 Tzu-Chi General Hospital.

Buddhist Tzu-Chi Medical Center. established in Hualien in 1986 Tzu-Chi General Hospital.

Buletin_38 Tzu Chi

Buletin_38 Tzu Chi

Fukunaga - Chuang Tzu

Fukunaga - Chuang Tzu

DISRUPT & DISPLACE

DISRUPT & DISPLACE

Sun Tzu - Vol4_Probability

Sun Tzu - Vol4_Probability

PRINCIPLES OF WAR FOR CYBERSPACE · Sun Tzu Cyberthink . Sun Tzu said, “For one to win one hundred victories in one hundred battles is not the acme of skill. To subdue the enemy

PRINCIPLES OF WAR FOR CYBERSPACE · Sun Tzu Cyberthink . Sun Tzu said, “For one to win one hundred victories in one hundred battles is not the acme of skill. To subdue the enemy

To disrupt or be disrupted world disrupt forum aug 2016 - ambition

To disrupt or be disrupted world disrupt forum aug 2016 - ambition

sun tzu notes.doc

sun tzu notes.doc

Sun Tzu Strategy Card Deck - Understanding Sun Tzu on the Art of

Sun Tzu Strategy Card Deck - Understanding Sun Tzu on the Art of

Sun tzu presentation

Sun tzu presentation

DISRUPT INC.

DISRUPT INC.

Disrupt yourself

Disrupt yourself

Chiang, Chang-Tzu

Chiang, Chang-Tzu

The Battle of Cowpens “If you know your enemy and know yourself, you need not fear the result of a hundred battles.” Sun Tzu, The Art of War.

The Battle of Cowpens “If you know your enemy and know yourself, you need not fear the result of a hundred battles.” Sun Tzu, The Art of War.

Understanding Sun Tzu

Understanding Sun Tzu

Basic Writings of MO TZU, HSUN TZU, · 2018. 8. 22. · Basic Writings of MO TZU, HSUN TZU, and HAN FEI TZU . Prepared for the Columbia College Program of Translations from the Asian

Basic Writings of MO TZU, HSUN TZU, · 2018. 8. 22. · Basic Writings of MO TZU, HSUN TZU, and HAN FEI TZU . Prepared for the Columbia College Program of Translations from the Asian

Logistics and Security Tom Rendall “If you know the enemy and know yourself you need not fear the results of a hundred battles.” - Sun Tzu 450 BC. “Everything.

Logistics and Security Tom Rendall “If you know the enemy and know yourself you need not fear the results of a hundred battles.” - Sun Tzu 450 BC. “Everything.

New Beginnings Shih Tzu & Shih Tzu Mix Rescue

New Beginnings Shih Tzu & Shih Tzu Mix Rescue

Disrupt 14

Disrupt 14