Embed Size (px)
Citation preview
Security Threats and Trends –Middle EastLorna Trayan
Agenda» Security Threats and Trends – Global» Security Threats and Trends – Industry-specific» Notable Attack Vectors» Attack Maps and Visualizations» Cost of a Data Breach – Ponemon Institute» Assumptions for Your Security Strategy - Gartner
3
Security Threats and TrendsGlobal View
An unprecedented amount of records and unstructured data leaked around the global in 2016
20141,000,000,000 records
breached, while CISOs cite increasing risks from external
threats
2015Healthcare mega-breachesset the trend for high value
targets of sensitive information
Source: IBM X-Force Threat Intelligence Index - 2017
2016Larger than life breaches
as over four billion records and entire digital footprints of many
companies were exposed
Source: IBM X-Force Threat Intelligence Index - 2017
In addition to PII, much larger caches of unstructured data were also exposed in 2016.
Security Threats and TrendsIndustry View
Information and communications led the pack in most successfully breached companies
Source: IBM X-Force Threat Intelligence Index - 2017
Source: IBM X-Force Threat Intelligence Index - 2017
Notable Attack Vectors
Record vulnerabilities disclosures topped 10,000, with new discoveries up across all classes of software.
Source: IBM X-Force Threat Intelligence Index - 2017
Spam email volume grew fourfold, with nearly half of spam containing malicious attachments
Source: IBM X-Force Threat Intelligence Index - 2017
Attack Maps & VisualizationsRegional View
Source: http://map.norsecorp.com/
NB. This image is a point-in-time (May 13th 2016) representation of the attacks happening to the UAE
Norse - The UAE is a target
Kaspersky – CyberThreat Real-time Map
Source: https://cybermap.kaspersky.com/
TrendMicro - Command & Control Servers communicating with target computers in the UAE
Source: http://www.trendmicro.com/us/security-intelligence/current-threat-activity/global-botnet-map/index.html - May 22nd 2016
NB. This is a point-in-time representation of the attacks happening to the UAE
In this example, Recorded future is being used to monitor the most active malware targeting GCC countries. From here, an analyst can easily pivot to a strain of malware of interest (e.g. Shamoon, or Mamba), in order to gain real-time, actionable intel on that malware within seconds.
Recorded Future - Analysis of cyber campaigns targeting GCC countries
Recorded Future - Most Active Threat Actors in GCC & Their Methods
Commercial Threat Intelligence Feed: RecordedFuture
Cost of a Data BreachMiddle East and Industries
$71 $101
$119 $123 $124 $131 $132 $137
$149 $150 $154 $165
$188 $200
$223 $245
$380
Public SectorResearch
MediaTransportation
HospitalityEntertainment
ConsumerEnergy
IndustrialCommunications
RetailTechnologyLife science
EducationServices
FinancialHealth
Globally: The per-record cost of a data breach also varies widely by industry
Currencies converted to US dollars
Up 7%Up 10.9%
Up 7.2%Down 18.7%
Up 13.8%Down 3.6%
Down 10.5%
Down 8.5%Down 4.5%
Down 7.4%Down 0.8%*
Down 10.8%Down 4.7%
Down 9.1%
Down 9.8%
Down11.3% *Comparative y-t-y data not available
Percent change over 2016:IncreaseDecrease
Middle East (Saudi Arabia and United Arab Emirates)
4 years in the study27 companies participated
Currency: Saudi Arabian Riyal (SAR)
Per-record costs for top three industries
Average number of breached records33,125
Average cost of lost business7.57M SAR
Average total cost of data breach
18.54M SAR 7%
Average cost per record lost or stolen580 SAR 10%
Financial
830 SAR Services
745 SAR
Technology692 SAR
Assumptions for Your Security StrategyRecommendations by Gartner
Gartner: Strategic Planning Assumptions for Security» By 2020, a third of successful attacks experienced by enterprises will be on their
shadow IT resources. » Through 2021, the single most impactful enterprise activity to improve security
will be patching. » Through 2021, the second most impactful enterprise activity to improve security
will be removing web server vulnerabilities. » Through 2020, 99% of vulnerabilities exploited will continue to be the ones known
by security and IT professionals for at least one year. (Not the zero days as everyone thinks).
» When gathering Threat Intelligence, quality over quantity, target “Actionable Threats” that are relevant to you. Hire a Security Intelligence Analyst.
» Integrate Analytics into your solutions, but don’t get carried away with the Market Hype of the Artificial Intelligence.
Thank YouAny Questions?
