CYBER RISK LANDSCAPE

1

CRAIGROSEWARNE(MBA,CISM,CISSP,ISO27001LeadImplementer&

Auditor,CertifiedLeadIncidentResponseProfessional)

AGENDA

INTRODUCTION:• Threat Landscape

• Recent High Impact Incidents

MANAGING THE RISK:• Country

• Organisation

• People

2

4

WHO?

WHERE?

HOW?

RISK LANDSCAPE

VICTIMVSTHREATACTORS

Employees

ThirdParties(Contractors/Suppliers)

Online

Predators

Governments

Hackers

Terrorists

Criminals

Hacktivists

Competitors/

Clients

ESTIMATED GLOBAL SPEND $120 BILLION+

Country Risk

Organisation Risk

People Risk

ESTIMATED COST OF CYBERCRIME$400 BILLION+

4

WHO?

WHERE?

HOW?

WHY?PowerOutages

Flooding

WaterShortages

NaturalDisasters

PoliticalUnrest

EnvironmentalImpact

FiscalCrisisCorruption

EconomicSlowdown

TerrorAttacks

COLLUSION

SCAMS

SOCIALENGINEERING

SPEARPHISHING

INFORMATIONLEAKS

EXTORTION

DARKWEBACTIVITY

RANSOMWARE

DISGRUNTLEDEMPLOYEES

RECKLESSEMPLOYEES

HACKTIVISTS

UNAWAREEMPLOYEES

INFORMATIONPARTNERS

5

WHO? HOW?

ORGANISEDCRIMINALSYNDICATES

OPPORTUNISTICCRIMINALS

ONLINEPREDATORS

THUGSCybercriminalCodeof

Ethics

“IfwhatyouputontheInternetis

worthanything,oneofuswilltryto

hackorstealit.”

“Ifyoudon’tcareaboutprotecting

yourstufffromthelikesofus,don’t

worry:You’reourfavouritetypeof

customer!” 6

WHO?THEFTOFSENSITIVE

INFORMATION

EXTORTION

FRAUD

BUSINESSDISRUPTION

INFORMATIONLEAKS

HOW?

INTELLIGENCEGATHERING

INTELLECTUALPROPERTYTHEFT

PROPAGANDA&MISINFORMATION

TERRORFUNDING

CRITICALINFRASTRUCTUREDAMAGE

DISTRIBUTEDDENIALOFSERVICE

STATESPONSOREDATTACKS– MILITARY/

INTELLIGENCE

MERCENARY/BLACKHATHACKERS

TERRORGROUPS

HACKTIVISTS

7

WHO? HOW?

VULNERABILITY MANAGEMENT

8

WHERE?

Threat Actor (Introduces)

Threat (Exploits)

Vulnerability (Leads to)

Risk (Can damage)

Asset

Exposure

BusinessOperationsImpact

FinancialImpact

ReputationImpact

PersonalImpact

9

WHO…HOW…WHERE…WHY?

11

11

COUNTRY RISK:

NATIONAL CYBER STAKEHOLDERS

12

NATIONAL CYBER STAKEHOLDERS

13

Public Sector Private Sector Safety and Security ClustersOversight CommitteesGovernment CSIRTDisaster Management

IntelligenceDefenceLaw EnforcementJustice & CorrectionsForeign AffairsKey Departments – Tax / Home Affairs / Communications / Water / Energy / Transport…

National Key Points | National, Provincial & Local Government | Citizens | Children

Industry Associations (AGI)Regulators / OmbudsmanNon-Profit Organisations

Financial | Retail | ISPs | TMT| Manufacturing | Academia | Healthcare | Professional Services | Vendors…

Investment Partners | B2B | B2C | Informal Traders | Customers

STRATEGIC

KEY SECTORS

DEPENDANTS

NATIONAL PRIORITY AREAS

Edit Text Here

1. SAFETY & SECURITY

2. CYBER CRIME

4. SKILLS & AWARENESS

3. CRITICAL INFRASTRUCTURE PROTECTION

14

15

FRAUD?

RANSOMWARE?

CYBER ATTACKS?

BUSINESS RESILIENCE?

COMPLIANCE - PENALTIES?

ORGANISATIONAL RISK

RISK & OPPORTUNITY MANAGEMENT

13

ATTACK SCENARIO

Reconnaissance Weaponisation Exploitation Command-and-Control Encryption

UnauthorisedAccess UnauthorisedUse

Installation

ObjectiveAchieved:

Monetise4Infect&Lateral

Movement3SpearPhishing2Intelligence

Gathering1

Source:CyberKillChain(LockheedMartin)

17

DEMO

CYBER RISK BUILDING BLOCKS

INFORMATIONRISKSTRATEGY&FRAMEWORK

GOVERNANCE&COMPLIANCE

CONTINUOUSLEARNING&AWARENESS

INFORMATIONSHARING&COLLABORATION MONITORING&

THREATINTELLIGENCE

RISK&CONTROLASSESSMENT

PERFORMANCEMEASUREMENT&METRICS

INCIDENTMANAGEMENT RECOVERY&RESILIENCE

18

PREV

ENT

RES

PON

DD

ETECT

REC

OVER

RANSOMWARE EXAMPLE

14

20

THE EXECUTIVE CYBER CHECKLIST

RISK ASSESSMENT GUIDANCE

21

Information Risk Assessment

Cyber Risk Analysis

Ensure the team includes strategic and operational

teams from across business – not just IT!

The assessment shouldfactor in concerns raised by stakeholders, audit findings

and past incidents

Wolfpack Cyber Security Framework:

SA Banking Sector (Incl SWIFT)SA Government Sector (Incl CIIP)

Covers over 500 vulnerabilities:• Key GRC• CIS 20 Critical Controls• ISO 27002 / 27032 / 27035• ASD – Strategies to Mitigate Cyber• Business Impact, Privacy

22

• Gaming• Passwords• Safe Banking• Scams• Online Shopping• Mobile Safety• Online Predators• Cyberbullying• Social Media…

PERSONAL SELF DEFENCE

23

PEOPLERISK DEMO

WOLFPACK INFORMATION RISK (PTY) LTD

Established: July 2011Black Economic Empowerment: Level 2 BBEEE

We specialise in information and cyber-threatmanagement covering the full spectrum of prevention,detection, incident response and business resiliencecapabilities.

Trust: Wolfpack are security cleared by the SA Government and

SA Reserve Bank. Confidentiality & Integrity assured!

Experience - Recent Projects: African Bank / Barloworld / Blue

Label Telecoms / Bidvest Bank / Gautrain / Mercantile Bank /

MTN / Nampak / Nedbank / Netcare / Outsurance / Pick n Pay /

SA National Blood Services / SARB / Toyota

WeareanindependentSouthAfricaninformationriskservicescompany

24

PHYSICAL ADDRESS :

Unit A3, Rock Cottage Office Park Cnr Christiaan de Wet & John Vorster Roads, Randpark Ridge, Johannesburg, South Africa.

CONTACT DETAILS:Phone: +27 11 794 7322Fax +27 86 604 6736

info@wolfpackrisk.comhttps://www.wolfpackrisk.com

SERVICES:

Research and Threat IntelligenceAdvisory AwarenessTrainingMonitoring Incident Management

25