Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of...
Transcript of Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of...
![Page 1: Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032](https://reader033.fdocuments.us/reader033/viewer/2022060317/5f0c380c7e708231d43452df/html5/thumbnails/1.jpg)
Lex-
InformaticaCybercrime
Manuel Corregedor
1
![Page 2: Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032](https://reader033.fdocuments.us/reader033/viewer/2022060317/5f0c380c7e708231d43452df/html5/thumbnails/2.jpg)
2
WHY THE NAME WOLFPACK?
![Page 3: Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032](https://reader033.fdocuments.us/reader033/viewer/2022060317/5f0c380c7e708231d43452df/html5/thumbnails/3.jpg)
3
WHY THE NAME WOLFPACK?
![Page 4: Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032](https://reader033.fdocuments.us/reader033/viewer/2022060317/5f0c380c7e708231d43452df/html5/thumbnails/4.jpg)
Cyber Security Guidance for local organisations
Opportunities for Collaboration
4
3
2
1 Cyber Threat Landscape1
![Page 5: Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032](https://reader033.fdocuments.us/reader033/viewer/2022060317/5f0c380c7e708231d43452df/html5/thumbnails/5.jpg)
5
![Page 6: Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032](https://reader033.fdocuments.us/reader033/viewer/2022060317/5f0c380c7e708231d43452df/html5/thumbnails/6.jpg)
THE EVOLVING CYBER THREAT LANDSCAPE
1990’s
Hackers
• Spam, Phishing, Scams & Heists
• Organised Crime –Financial Motive
= High Concern
Criminals
2000 - 2010
• Damaging Breaches
• Infiltrate, Disclose, Control or Destroy Motive
= Major Risk
Activist / State
Today
• Website Defacements
• Hacker Groups seeking notoriety
= Irritation
6
![Page 7: Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032](https://reader033.fdocuments.us/reader033/viewer/2022060317/5f0c380c7e708231d43452df/html5/thumbnails/7.jpg)
• Cybercrime is a global problem costingthe economy billions of Dollars annually
• Large scale cyber espionageprogrammes, IP theft & privacy concerns
• Governments in Africa have underestimated the challenge of implementing national cyber securityinitiatives
CYBER RISK IS NOW A MAJOR PRIORITY!
7
![Page 8: Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032](https://reader033.fdocuments.us/reader033/viewer/2022060317/5f0c380c7e708231d43452df/html5/thumbnails/8.jpg)
8
THE EUROPEAN COMMISSON
![Page 9: Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032](https://reader033.fdocuments.us/reader033/viewer/2022060317/5f0c380c7e708231d43452df/html5/thumbnails/9.jpg)
Security: a societal challenge
It concerns the protection of citizens, society and economy as well as Europe's assets, infrastructures and services, its prosperity, political stability and well-being.
Any malfunction or disruption, intentional or accidental, can have a detrimental impact with high associated economic or societal costs.
Eurobarometer: 50% of the EU citizens are worried (percentage increasing)
9
![Page 10: Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032](https://reader033.fdocuments.us/reader033/viewer/2022060317/5f0c380c7e708231d43452df/html5/thumbnails/10.jpg)
Cyber security has become part of "Securing Societies”
Challenges:
- How to assess the threats in cyber-space and their possible scope?
- How to best tackle cyber-threats and protect citizens in the digital domain?
Cyber Security is an issue that can only be tackled effectively if all stakeholders cooperate: companies and authorities must work together across borders.
Many infrastructures and services operated in Europe are privately owned, yet protection of public (safety and security) is seen as the responsibility of public authorities.
10
![Page 11: Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032](https://reader033.fdocuments.us/reader033/viewer/2022060317/5f0c380c7e708231d43452df/html5/thumbnails/11.jpg)
WHAT IS CYBERSECURITY?
The state of being protected against the criminal or unauthorised use of electronic data, or the measures taken to achieve this. (Oxford Dictionary)
Cybersecurity is the practice of making the networks that constitute cyberspace secure against intrusions, maintaining confidentiality, availability and integrity of information, detecting intrusions and incidents that do occur, and responding to and recovering from them. (SA NCPF)
Cybersecurity is the collection of tools, policies, security concepts, security safeguards, guidelines, risk management approaches, actions, training, best practices, assurance and technologies that can be used to protect the cyber environment and organization and user’s assets. (ITU)
The process of protecting information by preventing, detecting, and responding to attacks. (NIST CybersecurityFramework)
The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032 -Guidelines for Cybersecurity)
Cybersecurity encompasses a broad range of practices, tools and concepts related closely to those of information and operational technology security. Cybersecurity is distinctive in its inclusion of the offensive use of information technology to attack adversaries. (Gartner)
11
![Page 12: Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032](https://reader033.fdocuments.us/reader033/viewer/2022060317/5f0c380c7e708231d43452df/html5/thumbnails/12.jpg)
WHAT IS CYBERSPACE? Cyberspace means a physical and non-physical terrain created by and/or composed of some or all of the following: computers, computer systems, networks, and their computer programs, computer data, content data, traffic data, and users (SA NCPF)
The complex environment resulting from the interaction of people, software and services on the Internet by means of technology devices and networks connected to it, which does not exist in any physical form (ISO 27032 -Guidelines for Cybersecurity)
Cyberspace belongs to no one but has key stakeholdersincluding:• End Users• Private and Public organisations• Internet Service Providers (ISP)• Government – Regulators and enforcement (Kenya Cyber Security Report 2014)
12
![Page 13: Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032](https://reader033.fdocuments.us/reader033/viewer/2022060317/5f0c380c7e708231d43452df/html5/thumbnails/13.jpg)
13
INFORMATION & CYBER SECURITY DEFINED
![Page 14: Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032](https://reader033.fdocuments.us/reader033/viewer/2022060317/5f0c380c7e708231d43452df/html5/thumbnails/14.jpg)
MOTIVATIONS BEHIND ATTACKS
14
Source: http://hackmageddon.com/
![Page 15: Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032](https://reader033.fdocuments.us/reader033/viewer/2022060317/5f0c380c7e708231d43452df/html5/thumbnails/15.jpg)
STATISTICS IN SOUTH AFRICA
• In 2013, South Africans lost over R2.2 billion according to the South African Banking Risk Information Centre (SABRIC)
• Cybercrime is costing South Africa over R5.8 billion rand each year (McAfee)
• According to Norton cybercrime is costing South Africa R3,42 billion
15
![Page 16: Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032](https://reader033.fdocuments.us/reader033/viewer/2022060317/5f0c380c7e708231d43452df/html5/thumbnails/16.jpg)
16
THE INTERNET ECONOMY Studies estimate that the Internet economy generates between $2 trillion and $3 trillion per annum, a share of the global economy that is expected to grow rapidly.
![Page 17: Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032](https://reader033.fdocuments.us/reader033/viewer/2022060317/5f0c380c7e708231d43452df/html5/thumbnails/17.jpg)
17
HOW MUCH IS A TRILLION DOLLARS?
![Page 18: Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032](https://reader033.fdocuments.us/reader033/viewer/2022060317/5f0c380c7e708231d43452df/html5/thumbnails/18.jpg)
18
The gross domestic product (GDP) is one the primary indicators used to gauge the health of a country's economy. It represents the total dollar value of all goods and services produced over a specific time period.
![Page 19: Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032](https://reader033.fdocuments.us/reader033/viewer/2022060317/5f0c380c7e708231d43452df/html5/thumbnails/19.jpg)
19
SUB-SAHARAN AFRICA
What is the Combined GDP of
Africa + Middle East?
US$3,082 Trillion
What is the Combined GDP of
all SSA countries?
US$1,592 Trillion
![Page 20: Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032](https://reader033.fdocuments.us/reader033/viewer/2022060317/5f0c380c7e708231d43452df/html5/thumbnails/20.jpg)
20
THE UNDERGROUNDINTERNET ECONOMY
A June 2014 report from the Center for Strategic and International Studies (CSIS) calculates the cost of cybercrime at between 15% and 20% per annum of the value created by the Internet – around $US400 billion.
![Page 21: Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032](https://reader033.fdocuments.us/reader033/viewer/2022060317/5f0c380c7e708231d43452df/html5/thumbnails/21.jpg)
21
![Page 22: Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032](https://reader033.fdocuments.us/reader033/viewer/2022060317/5f0c380c7e708231d43452df/html5/thumbnails/22.jpg)
Enterprise Risk Management
22
![Page 23: Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032](https://reader033.fdocuments.us/reader033/viewer/2022060317/5f0c380c7e708231d43452df/html5/thumbnails/23.jpg)
Lloyds 2013 Risk Index
23
![Page 24: Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032](https://reader033.fdocuments.us/reader033/viewer/2022060317/5f0c380c7e708231d43452df/html5/thumbnails/24.jpg)
24
Any disruption of these systems may cause a massive impact upon society / populations at a national or regional level.
Critical infrastructure consists of interconnected &interdependent systems (many ICT based)
CRITICAL INFORMATION INFRASTRUCTURE PROTECTION
Development of an integrated decision support system for large crisis events involving Critical Infrastructures (KRITIS)
![Page 25: Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032](https://reader033.fdocuments.us/reader033/viewer/2022060317/5f0c380c7e708231d43452df/html5/thumbnails/25.jpg)
THREAT SOURCES
25
![Page 26: Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032](https://reader033.fdocuments.us/reader033/viewer/2022060317/5f0c380c7e708231d43452df/html5/thumbnails/26.jpg)
WHO ARE THE ATTACKERS?MOTIVATIONS & TACTICS
26
![Page 27: Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032](https://reader033.fdocuments.us/reader033/viewer/2022060317/5f0c380c7e708231d43452df/html5/thumbnails/27.jpg)
VERIZON 2014 DATA BREACH INVESTIGATIONS REPORT
2727
![Page 28: Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032](https://reader033.fdocuments.us/reader033/viewer/2022060317/5f0c380c7e708231d43452df/html5/thumbnails/28.jpg)
VERIZON 2014 DATA BREACH INVESTIGATIONS REPORT
2828
![Page 29: Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032](https://reader033.fdocuments.us/reader033/viewer/2022060317/5f0c380c7e708231d43452df/html5/thumbnails/29.jpg)
A FEW INTERESTING TOOLS OF THE TRADE
29
![Page 30: Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032](https://reader033.fdocuments.us/reader033/viewer/2022060317/5f0c380c7e708231d43452df/html5/thumbnails/30.jpg)
30
![Page 31: Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032](https://reader033.fdocuments.us/reader033/viewer/2022060317/5f0c380c7e708231d43452df/html5/thumbnails/31.jpg)
BUT A LONG TIME TO DISCOVERY
• IN 66% OF CASES, THE BREACH WASN’TDISCOVERED FOR MONTHS OR EVEN YEARS.
MINIMAL TIME
PENETRATION VS DETECTION
TO COMPROMISE,
31
![Page 32: Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032](https://reader033.fdocuments.us/reader033/viewer/2022060317/5f0c380c7e708231d43452df/html5/thumbnails/32.jpg)
OF BREACHES WERE SPOTTED
BY AN EXTERNAL PARTY.
OF BREACHES WERE DISCOVERED
BY CUSTOMERS.
WHO DISCOVERED THE BREACH?
NOTIFICATION
32
![Page 33: Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032](https://reader033.fdocuments.us/reader033/viewer/2022060317/5f0c380c7e708231d43452df/html5/thumbnails/33.jpg)
33
SA CYBER SECURITY GAP ANALYSIS – ARE WE MOVING or ?
![Page 34: Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032](https://reader033.fdocuments.us/reader033/viewer/2022060317/5f0c380c7e708231d43452df/html5/thumbnails/34.jpg)
COUNTRY THREAT INTELLIGENCE REVIEW
34
SOUTH AFRICA
COUNTRY STATISTICS
POPULATION: 52 Million
GDP: US$ $350 Billion
INTERNET USERS: 14 Million
CORRUPTION SCORE: 42/100Scores range from 0 (highly corrupt) to 100 (very clean).
ISO 27001 CERTIFICATIONS: <20
![Page 35: Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032](https://reader033.fdocuments.us/reader033/viewer/2022060317/5f0c380c7e708231d43452df/html5/thumbnails/35.jpg)
35
South Africa Overall
Risk Rating
National Cyber
Security Policy
Cyber Criminal
Legislation
National
CSIRT / CERTPrivacy or
Breach
Notification Law
SCALE RATING
High Risk - None
Medium Risk - Partial South Africa
Low Risk - implemented
COUNTRY THREAT INTELLIGENCE RATING
35
![Page 36: Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032](https://reader033.fdocuments.us/reader033/viewer/2022060317/5f0c380c7e708231d43452df/html5/thumbnails/36.jpg)
36
HostExploit Rating – 43.1 out of 1000 (lower score = less vulnerabilities)
Global HE Rank – 80 of 219 countries
Spam – 44.5Unsolicited junk mail. Typically sent out indiscriminately on a mass scale, but increasingly targeted towards a specific audience.
Malware – 21.8Software with malicious intent. Usually designed to steal sensitive information for financial gain, but also can be primarily destructive. Including viruses, trojans, rootkits, worms and spyware.
Badware – 31.3Software that fundamentally disregards a user's choice regarding how their computer will be used. Including spyware and adware.
Botnets – 0.3Collections of computers running a (typically) unwanted program as a zombie, controlled by a "command & control" server, used to attack other computers or to harvest sensitive information. Generally used for financial gain, although increasingly used for political purposes.
Phishing – 105.2Fraudulent emails that appear to be from a trusted source and trick users into entering personal information.
Data Breaches – No data
Cybercrime Hubs – 1.7Servers or networks that support or control the spreading of malicious software or exploits.
Current Events – 48.4A blend of the most up-to-date attack variants and zero-day exploits. Currently includes attack vectors such as MALfi (XSS/RCE/RFI/LFI), click jacking, rogue pharmas, Koobface and others.
* The HE Index represents how vulnerable a country is to cyber threats, on a scale from 0 (no vulnerabilities detected) to 1000 (maximum vulnerabilities). It is a quantitative metric, representing the concentration of malicious activity served from an autonomous System.
HOST EXPLOIT SCORE SOUTH AFRICA
36
![Page 37: Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032](https://reader033.fdocuments.us/reader033/viewer/2022060317/5f0c380c7e708231d43452df/html5/thumbnails/37.jpg)
419 Scams
• AKA Nigerian Advance Fee Fraud
• Confidence Trick
• Email, Fax, SMS, phishing sites (fake sites)
• Invitations to countries
37
![Page 38: Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032](https://reader033.fdocuments.us/reader033/viewer/2022060317/5f0c380c7e708231d43452df/html5/thumbnails/38.jpg)
Example 419 Scam
Source: http://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/white-papers/wp-ice-419.pdf
38
![Page 39: Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032](https://reader033.fdocuments.us/reader033/viewer/2022060317/5f0c380c7e708231d43452df/html5/thumbnails/39.jpg)
Increased Support Structures
39
![Page 40: Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032](https://reader033.fdocuments.us/reader033/viewer/2022060317/5f0c380c7e708231d43452df/html5/thumbnails/40.jpg)
What’s happening in South Africa?
• Massive influx of Cameroonian scams
• Sitting locally, targeting the Far and Middle East businesses in export scams• Advertising R300k vehicles
• Spoof legitimate businesses in ZA, using their tax and company numbers
• OLX, JunkMail and WozaOnline
40
![Page 41: Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032](https://reader033.fdocuments.us/reader033/viewer/2022060317/5f0c380c7e708231d43452df/html5/thumbnails/41.jpg)
Example 419 Site
41
![Page 42: Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032](https://reader033.fdocuments.us/reader033/viewer/2022060317/5f0c380c7e708231d43452df/html5/thumbnails/42.jpg)
Example 419 Site
42
![Page 43: Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032](https://reader033.fdocuments.us/reader033/viewer/2022060317/5f0c380c7e708231d43452df/html5/thumbnails/43.jpg)
Why is it out of control?
• Automated toolkits
• Easy to register domains using fake information
• Take down procedures
• Resources/skills
43
![Page 44: Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032](https://reader033.fdocuments.us/reader033/viewer/2022060317/5f0c380c7e708231d43452df/html5/thumbnails/44.jpg)
• Critical Information Infrastructure Protection
• Technical skills shortage & capacity issues
• No national awareness programme
• Weak fraud detection mechanisms
• No National CSIRT
• Minimal cross-industry collaboration
• Improved /streamlined reporting processes needed
• Smaller cases neglected – easy victims
• Lack of quantitative cybercrime figures
• Cyber laws need updating / implementing
• Dilution of cybercrime cases with common law
GAP ANALYSIS - SUMMARY OF NATIONAL ISSUES
PROSECUTE
PREVENT
DETECT
INVESTIGATE
CYB
ER S
ECU
RTI
Y (S
SA /
DO
C)
CYB
ER C
RIM
E (S
AP
S /
NPA
)
44
![Page 45: Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032](https://reader033.fdocuments.us/reader033/viewer/2022060317/5f0c380c7e708231d43452df/html5/thumbnails/45.jpg)
1
2
Opportunities for Collaboration 3
Cyber Threat Landscape
45
2 Cyber Security Guidance for local companies
![Page 46: Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032](https://reader033.fdocuments.us/reader033/viewer/2022060317/5f0c380c7e708231d43452df/html5/thumbnails/46.jpg)
46
WHERE DID THE MISSING SQUARE GO?
![Page 47: Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032](https://reader033.fdocuments.us/reader033/viewer/2022060317/5f0c380c7e708231d43452df/html5/thumbnails/47.jpg)
THREAT RADAR
47
![Page 48: Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032](https://reader033.fdocuments.us/reader033/viewer/2022060317/5f0c380c7e708231d43452df/html5/thumbnails/48.jpg)
SELECT RELEVANT GRC STANDARDS, FRAMEWORKS AND BEST PRACTICE – ADAPT TO YOUR ENVIRONMENT
1
2
3
KING III
COBIT 5.0
ISO 27001/2
SANS 20 Critical Controls | OWASP
Protection of Personal Information (POPI) Act
Other IT related laws
48
Privacy
Information & Cyber Security
Information & IT Governance
Info
rma
tio
n
Ris
k
![Page 49: Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032](https://reader033.fdocuments.us/reader033/viewer/2022060317/5f0c380c7e708231d43452df/html5/thumbnails/49.jpg)
INFORMATION RISK MANAGEMENT FRAMEWORK
INFORMATION RISK MANAGEMENT (Tactical - How)
GOVERNANCE
Executive BoardCommittee
IS Steering Committee
Programme / Project Office Committee
Change Management Committee
Procurement / Supplier Management
HR / Communications / Training
IT Governance Council
Performance Metrics & Incentives
Enterprise Risk Committee
Compliance Committee
IT & OPERATIONS MANAGEMENT (Monitor interdependencies)
IT Operations
Infrastructure Security
Capacity Management
Change Management
Application Security
IT Service Continuity
Management
Release Management
Configuration Management
IT Vulnerability Management
Service Desk
HR Processes
Information & Asset
Management
Third Party Management
IT Incident Management
Performance Management
Facilities Management
Problem Management
Event Management
Physical Security
Systems Management
Service Level Management
IS / IT Governance
Policy & Reporting
Information Risk
Management
Threat & Vulnerability Management
Information Compliance
Management
Human Resource
Management
Programme Management
IS Performance Measurement
IT Risk Monitoring
Identity & Access
Management
IS Incident Management
Training & Awareness
Business Objectives
Corporate Governance
Enterprise Risk Management
Enterprise Architecture
Legal / Compliance
Assurance Functions HR / Audit / Security /
BCM / Fraud
BUSINESS (Strategic – What)
49
![Page 50: Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032](https://reader033.fdocuments.us/reader033/viewer/2022060317/5f0c380c7e708231d43452df/html5/thumbnails/50.jpg)
53
HOW TO GET THERE?
![Page 51: Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032](https://reader033.fdocuments.us/reader033/viewer/2022060317/5f0c380c7e708231d43452df/html5/thumbnails/51.jpg)
54
#1 PREDICT - INTEGRATE CYBER THREAT INTELLIGENCE
AUS Top 35
Strategies
Cyber Essentials
Scheme
Wolfpack Cyber
Threat Reports
Kaspersky FCI
2013
Symantec – State
of Financial
Trojans
Verizon Data
Breach Report
2014
![Page 52: Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032](https://reader033.fdocuments.us/reader033/viewer/2022060317/5f0c380c7e708231d43452df/html5/thumbnails/52.jpg)
55
#1 PREDICT - IDENTIFY THREAT PATTERNS RELEVANT TO YOUR SECTOR
![Page 53: Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032](https://reader033.fdocuments.us/reader033/viewer/2022060317/5f0c380c7e708231d43452df/html5/thumbnails/53.jpg)
THREAT INTELLIGENCE
• Prevent / Deter
• Detect
RESILIENCE
• Respond
• Recover
#1 PREDICT - ADOPT A MORE INTEGRATED APPROACH
Governance / Risk
Compliance / IT
Infosec / Audit
56
![Page 54: Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032](https://reader033.fdocuments.us/reader033/viewer/2022060317/5f0c380c7e708231d43452df/html5/thumbnails/54.jpg)
PS - TRADITIONAL RISK + AUDIT AREAS WILL NEED TO ADAPT
INFORMATION & CYBER SECURITY DOMAINS WILL
EXPAND.
57
![Page 55: Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032](https://reader033.fdocuments.us/reader033/viewer/2022060317/5f0c380c7e708231d43452df/html5/thumbnails/55.jpg)
58
# 2 ASSESS: INDUSTRY CYBER SECURITY FRAMEWORK
![Page 56: Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032](https://reader033.fdocuments.us/reader033/viewer/2022060317/5f0c380c7e708231d43452df/html5/thumbnails/56.jpg)
STRATEGIC /
EXECUTIVE
SPECIALIST /
OPERATIONAL
TACTICAL /
MANAGEMEN
T
59
# 2 ASSESS: GLOBAL SURVEY / GROUP REPORT
![Page 57: Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032](https://reader033.fdocuments.us/reader033/viewer/2022060317/5f0c380c7e708231d43452df/html5/thumbnails/57.jpg)
60
# 3 IMPROVE: PLAN TO DEVELOP IN-HOUSE CAPABILITY
Vulnerability assessments / Sourcecode reviews etc are now required more often…develop in-house capability & outsource the hard stuff
![Page 58: Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032](https://reader033.fdocuments.us/reader033/viewer/2022060317/5f0c380c7e708231d43452df/html5/thumbnails/58.jpg)
# 3 IMPROVE: DEVELOP A ROBUST INCIDENT MANAGEMENT CAPABILITY
Entrenched practices within the organisation
ISO 27035:2011
ISO 27002:2013
Cobit 5.0 / ITIL 3.0
FIRST.org
6161
![Page 59: Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032](https://reader033.fdocuments.us/reader033/viewer/2022060317/5f0c380c7e708231d43452df/html5/thumbnails/59.jpg)
Min
d the (
Skill
s)
Gap: • Rapid advances in technology & cyber threats driving
global demand for skills
• Increased compliance universe
• High pressure work environment = less time for talent management
• Limited local training providers = fragmented training options
• Difficult to find correct balance of technical & business skills
• Shortage of capable graduates entering the field
• The industry is still largely untransformed
# 3 IMPROVE: SKILLS - NATIONAL RESOURCE CHALLENGES
62
![Page 60: Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032](https://reader033.fdocuments.us/reader033/viewer/2022060317/5f0c380c7e708231d43452df/html5/thumbnails/60.jpg)
DESIRED SITUATION – ESTABLISHMENT OF NATIONAL /INDUSTRY SKILLS DEVELOPMENT CAPABILITIES
Intermediate
Assess
63
![Page 61: Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032](https://reader033.fdocuments.us/reader033/viewer/2022060317/5f0c380c7e708231d43452df/html5/thumbnails/61.jpg)
NATIONAL / INDUSTRY ACADEMY APPROACH
64
Attract Baseline
Technical
Management
Elite
Programme Entry Minimum skills Specialist skills Expert skills
Skills assessment
![Page 62: Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032](https://reader033.fdocuments.us/reader033/viewer/2022060317/5f0c380c7e708231d43452df/html5/thumbnails/62.jpg)
LESSONS LEARNT - WOLFPACK ACADEMY
65
Step 1: Understand
Requirements
Step 2: Assess Skills - Gap
Analysis
Step 3: Design Curriculum
Step 4: Implement
Training
ASSESS
![Page 63: Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032](https://reader033.fdocuments.us/reader033/viewer/2022060317/5f0c380c7e708231d43452df/html5/thumbnails/63.jpg)
STEP 1: UNDERSTAND REQUIREMENTS /CLASSIFY EMPLOYEES
• Organises cybersecurity into seven high-level categories, each comprising several specialty areas.
• Based on extensive job analysis and groups together work and workers that share common major functions, regardless of actual job titles or other occupational terms.
66
National Initiative for Cybersecurity Education (NICE)
![Page 64: Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032](https://reader033.fdocuments.us/reader033/viewer/2022060317/5f0c380c7e708231d43452df/html5/thumbnails/64.jpg)
67
![Page 65: Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032](https://reader033.fdocuments.us/reader033/viewer/2022060317/5f0c380c7e708231d43452df/html5/thumbnails/65.jpg)
68
Competency Assessment
Technical
Assessment
Skills Gaps Analysis
STEP 2: PERFORM SKILLS GAP ANALYSIS
![Page 66: Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032](https://reader033.fdocuments.us/reader033/viewer/2022060317/5f0c380c7e708231d43452df/html5/thumbnails/66.jpg)
69
Learning Management SystemIntegrated Secure Assessment & Learning PlatformSystem
![Page 67: Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032](https://reader033.fdocuments.us/reader033/viewer/2022060317/5f0c380c7e708231d43452df/html5/thumbnails/67.jpg)
STEP 3: DESIGN CURRICULA
TECHNICAL
SKILLS COMMUNICATION
SKILLS
BUSINESS
ACUMEN
CONSULTING
SKILLS
BEHAVIOUR &
ATTITUDE
5 1
24
3
• Presentation Skills
• Report Writing
• Content Delivery
• Personal Effectiveness
• Negotiation Skills
• Teamwork
• Decision Making
• Interpersonal Skills
• Time Management
• Trusted Advisor
• Research
• Programme & Project Management
• Drive to succeed
• Ethics & Integrity
• Accountability
• Self-development
• Adaptability
• Information Risk, Governance
& Compliance
• Information & Cyber Security
• Security Operations
• Incident Management
• Awareness
• Forensics
70
![Page 68: Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032](https://reader033.fdocuments.us/reader033/viewer/2022060317/5f0c380c7e708231d43452df/html5/thumbnails/68.jpg)
71
STEP 4: CONDUCT TRAINING
![Page 69: Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032](https://reader033.fdocuments.us/reader033/viewer/2022060317/5f0c380c7e708231d43452df/html5/thumbnails/69.jpg)
72
Step 1: Classify
Employees
Step 2: Perform
Skills Gap Analysis
Step 3: Design
Curriculum
Step 4: Conduct Training
CASE STUDY: INFORMATION RISK FOUNDATION PROGRAMME
• Classification: Graduates or passionate individuals <29 years
• Skills Gap: The Shortage of Information Risk Professionals
![Page 70: Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032](https://reader033.fdocuments.us/reader033/viewer/2022060317/5f0c380c7e708231d43452df/html5/thumbnails/70.jpg)
73
Step 1: Classify
Employees
Step 2: Perform
Skills Gap Analysis
Step 3: Design
Curriculum
Step 4: Conduct Training
![Page 71: Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032](https://reader033.fdocuments.us/reader033/viewer/2022060317/5f0c380c7e708231d43452df/html5/thumbnails/71.jpg)
2Strategies for Information & Cyber Security Management
74
Cyber Threat Landscape1
3 Opportunities for Collaboration
![Page 72: Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032](https://reader033.fdocuments.us/reader033/viewer/2022060317/5f0c380c7e708231d43452df/html5/thumbnails/72.jpg)
75
COMMUNITY INITIATIVES
![Page 74: Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032](https://reader033.fdocuments.us/reader033/viewer/2022060317/5f0c380c7e708231d43452df/html5/thumbnails/74.jpg)
77
![Page 75: Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032](https://reader033.fdocuments.us/reader033/viewer/2022060317/5f0c380c7e708231d43452df/html5/thumbnails/75.jpg)
AWARENESS
78
STRATEGY CONTENT
GRC RATIONALISATION AND
ALIGNMENT
POLICY ALIGNMENT
HUMAN VULNERABILITY
ASSESSMENTS
EXECUTIVE CYBER
VULNERABILITY ASSESSMENTS
GREY WOLF ASSESSMENT AND
LEARNING PLATFORM
STRATEGIC AWARENESS
PROGRAMME (SAP)
ANIMATED VIDEO SERIES:• 5 PRIVACY
• 7 INFORMATION SECURITY
• CUSTOM
POSTERS / CARTOONS
EASY POLICY COMMUNICATOR
CYBERCRIME SURVIVAL GUIDE & COURSE
INTERACTIVE AWARENESS
SESSIONS
TRAINING & SIMULATIONS
![Page 76: Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032](https://reader033.fdocuments.us/reader033/viewer/2022060317/5f0c380c7e708231d43452df/html5/thumbnails/76.jpg)
WHAT ARE YOU DOING FOR OCTOBER SECURITY AWARENESS MONTH?
79
![Page 77: Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032](https://reader033.fdocuments.us/reader033/viewer/2022060317/5f0c380c7e708231d43452df/html5/thumbnails/77.jpg)
CYBERSHIELD COMMUNITY MAGAZINE
Cybershield is a quarterly digital magazine for the African information security community. It is packed with high quality articles across 10 sectionssourced from both local & international subject matter experts. This is provided as a free resource to help improve awareness of threats facing the continent. With permission from our clients we also include relevant articles from our research work in the magazine.
http://www.wolfpackrisk.com/magazine/
80
![Page 78: Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032](https://reader033.fdocuments.us/reader033/viewer/2022060317/5f0c380c7e708231d43452df/html5/thumbnails/78.jpg)
CYBERCON AFRICA 2014
81
http://www.cyberconafrica.org
![Page 79: Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032](https://reader033.fdocuments.us/reader033/viewer/2022060317/5f0c380c7e708231d43452df/html5/thumbnails/79.jpg)
CYBER PACK - COMMUNITY TASK TEAMS
82
![Page 80: Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032](https://reader033.fdocuments.us/reader033/viewer/2022060317/5f0c380c7e708231d43452df/html5/thumbnails/80.jpg)
Data Breaches
Damage to Reputation
Increased Attacks
World Class Skills
Reduced Crime & Corruption
Safer Society
PROACTIVE
Creating stakeholder value
VALUEREACTIVE
Preserving stakeholder value
DESIRED OUTCOME – A SAFER (SOUTH) AFRICA
83
![Page 81: Manuel Corregedorlex-informatica.org/wp-content/uploads/2014/10/Lex...Framework) The preservation of confidentiality, integrity and availability of information in Cyberspace (ISO 27032](https://reader033.fdocuments.us/reader033/viewer/2022060317/5f0c380c7e708231d43452df/html5/thumbnails/81.jpg)
Wolfpack Information Risk (Pty) Ltd
+27 11 794 [email protected]
Research | Training | Awareness | Advisory | Talent
84