© PA Knowledge Limited 2014 1

INFOSECURITY MAGAZINE WEBINAR: INSIGHTS INTO INCIDENT RESPONSE – A VIEW FROM THE FRONT LINES

Mark Skilton

Digital Innovation Expert, PA Consulting

Mark.Skilton@PAConsulting.com

Professor of Practice, Information

Systems Management & Innovation

Warwick Business School

+44 7808039240

© PA Knowledge Limited 2014 2

Sony – movie and Private Data Theft,

North Korean influence..

Anthem – 80 million US medical

insurance records stolen

Cyber security – Smash and Grab versus stealth attacks

“SMASH & GRAB”

POLITICAL, CAUSE STEALTH

NEW METHODS OF ACCESS

AND PREVASIVENESS

Russian banks Malware “attack”

$1 Billion stolen incrementally

© PA Knowledge Limited 2014 3

Cyber Security – Cyber governance

ZERO DAY ATTACKS

NEW THREAT VECTORS

NEW ASSET TARGETS (MEDICAL, FINANCIAL..

NEW LEVELS OF

CYBER GOVERNANCE

FINER GRAINED

MONTORING

ADVANCED RESPONSE

THREAT MANAGEMENT

PRIVACY, CONFIDENTIALITY, (TECHNICAL) SECURITY , TRUST

INCREASED COMPLEXITY

© PA Knowledge Limited 2014 4

PCST MODEL NEEDS TO BE MORE ADVANCED

PARADOX OF OPENNESS VERSUS CONTROL VERSUS PRIVACY

© PA Knowledge Limited 2014 5

Establish a DIGITAL TRUST FRAMEWORK - Source : PA Consulting Digital TL

“ I “ “ You “ “ Us “ “ We “ “ They “ “ Them “ “ local “ “ Global ”

How

What

Where

© PA Knowledge Limited 2014 6

• Better perimeter and environment awareness

• The length of time typically have access to victims’ environments

• New finer grained usage and access

• Third party compromises – how many companies are affected and how to detect

• Consortiums – shared cyber intelligence - Multi-model

• The complexity of attribution as the lines blur between tactics used by cyber-criminals

and nation-state actors

• New legal and technical capabilities

• The stealthy new tactics cyber-criminals deploy in order to move laterally and maintain

persistence in victim environments.

Conclusions

© PA Knowledge Limited 2014 7

Thank you

© PA Knowledge Limited 2014 8

The tools and techniques of advanced persistent threat (APT) actors are constantly evolving, putting

pressure on organizations to regularly review and enhance their security posture and defense

readiness.

Organizations can take a range of approaches to improve the way they detect, respond to and contain

advanced attacks. Key to the way they organize their defenses and incident response plans is

intelligence gleaned from analysts and research reports.

This webinar will call on a range of industry experts to deliver their findings and best practice advice on

the issue of incident response. FireEye will be presenting on the key insights drawn from its M-Trends

2015 report, compiled from hundreds of incident response investigations.

Topics for discussion include:

• The length of time typically have access to victims’ environments

• Third party compromises – how many companies are affected and how to detect

• The complexity of attribution as the lines blur between tactics used by cyber-criminals and nation-

state actors

• The stealthy new tactics cyber-criminals deploy in order to move laterally and maintain persistence in

victim environments.

Insights into Incident Response – A View from the Front Lines https://www.infosecurity-magazine.com/webinars/incident-response-view-from-the/

© PA Knowledge Limited 2014 9

August 2015 Building the Digital Economy

http://www.palgrave.com/page/detail/Building-a-Digital-

Enterprise/?K=9781137477705

http://building-the-digital-enterprise.com/

© PA Knowledge Limited 2014 10

An accomplished business technology leader who has worked for

many fortune 500 companies in over 20 countries, across private and

public industry sectors. Mark is currently a Digital Expert at PA

Consulting with experience in leadership innovation and strategy for

digital platforms, big data, cloud computing, interoperability, metrics

monetization and cyber security. He has worked at board level in

strategic vision and corporate planning for Business and digital media

solutions in companies including media, telecoms, aerospace, retail ,

travel , city, central and local government, logistics. Healthcare and

financial services.

Mark is recognized international thought leader, speaking at

internationally including the EU Commission and several Industry

conferences and live TV and Radio and digital media including BBC,

Sky, FT, BBC.com and widely syndicated globally. He is an author of

two books on building Digital Enterprise for Palgrave macmillan Digital

Economy series and a co collaborator on several International

Standards with ISO and The Open group. He is also Professor of

Practice in Information Systems Management and Innovation at

Warwick Business School.

Mark Skilton

Mark Skilton

Digital Expert

PA Consulting

mark.skilton@PAConsulting.com

@mskilton

+44 7808039240