At this week’s Cloudsec 2016 event in London, Rik Ferguson, VP Security Research at Trend Micro echoed sentiments that in line with what we have experienced over the last 15 years, that whilst boards are getting a better understanding of cybersecurity however “they don’t necessarily get how mature the business model is with online crime”.
In the morning plenary, Trend Micros’ Forward Looking Threat Research (FTR) Team showed the audience how cybercrime services are being sold on various underground websites worldwide. Looking back over the period since their first report (in 2012 they published a paper focusing on the cybercrime underground in Russia), they demonstrated how many of the services offered were highly professional and featured toolkits, extensive support and training. Whether it’s goods-for-sale, business models, how criminals operate, culture or even just the way the undergrounds are laid out, there are certain things that are unique to each country – however what is common is just how easy it is to buy stolen credit cards, PII records and buy or rent attack toolkits such as the ‘Angler’ and ‘Sundown’ exploit kits.
From Trend Micro’s report on Evolution of Exploit Kits
“In the early days we had a problem with board-level understanding, but now they’re all over it.” said Troels Oerting, former head of cybercrime at Europol and now global CISO at Barclays. “It’s partly because there’s lots of regulation in the banking sector. They still don’t exactly throw suitcases of money at me, but they want to give me what I need, because security needs to be good enough to protect our assets, and we need to take our customer’s security very seriously.”
Standard controls should not be the only focus
We have previously written about how many of the enterprises we provide services for are caught up with managing and maintaining the complex integration of various standard security control solutions. It’s important to have these working like clockwork, all in-tune and talking with each other. This is one of the reasons that Security Incident and Event Management (SIEM) solutions have been very popular as they correlate the information from the various security devices, and when set up correctly – with an efficient Security Operations Centre (SOC) and well-orchestrated Cyber Incident Response Team – can help to reduce the time-to-identify and time-to-contain a security breach, reducing the impact to the attacked organisation.
Integration can be tricky and Infosec Partners is perhaps one of only a few companies that can offer a full spectrum security approach supporting any-device from any-vendor, but it’s critically important that standard controls such as next gen firewalls, endpoint and wifi security, breach detection, web application firewalls, SIEM etc are fully integrated. However standard controls are really just the minimum requirement. Considering how well-armed, professionally trained and supported those in the cybercrime underground are, motivated attackers deploy a wide range of blended attacks and advanced protective controls including deception technology, platform isolation and forensic analytics etc, aimed at identifying the next wave of blended attack vectors.
CyberPlus (an Infosec Partners Group company) was created to help Boards & Senior Executive Leaders by adding a vital Plus to their existing information and cyber security, providing boards with confidential services aimed at evaluating the integrity of their organisations’ Cyber Strategy. CyberPlus enables boards to cut through the jargon; making it easier to understand, translate and align the challenges and opportunities of Cyber Security, with their ongoing oversight responsibilities.
Often faced with IT departments requesting larger budgets for new technologies to combat the latest cyber threats on one side, and with regulators and investors demanding assurances that the organisation is safe from cyber attacks on the other side, boards face a barrage of information and with many board members not typically coming from a security or technology background, it can be difficult to grasp the big picture. CyberPlus bridges the gap with a highly experienced team of advisors including those previously operating at the c-level, to ease the burden on the boards and provide a highly appreciated second opinion on the true state of the enterprise’s security.
Assessments and audits through CyberPlus help to ensure that gaps are identified and closed, whilst positive Cyber Cultures are built and breathed organisation-wide as the backbone to protect against reputational and operational risk.
Contact us for Full-Spectrum Cybersecurity Assurance
Whether you are a board member looking for clarity and assurance, or responsible for the IT infrastructure and looking for advice on optimising your security controls, our trusted advisors are available. Please contact us today by completing the adjacent form or calling us on +44 (0)1256 903 662 for immediate assistance.
