Cyber Shield Up - They Shall Not Pass - Andreas Sfakianakis - Lecture at CSD - University of Crete
0 likes695 views
The lecture by Andreas Sfakianakis discusses the evolving landscape of cyber threats and the importance of building corporate cyber shields to defend against various threat actors including state-sponsored groups and cybercriminals. It emphasizes the need for continuous education, situational awareness, and strong core skills among cyber defenders. Key topics covered include the anatomy of cyber threats, historical events in cyber threat intelligence, and strategies for threat hunting and incident response.
Cyber Shield Up - They Shall Not Pass - Andreas Sfakianakis - Lecture at CSD - University of Crete
- 1. CYBER SHIELDS UP: THEY SHALL NOT PASS Lecture @ Computer Science Department University of Crete 2 April 2024 Andreas Sfakianakis Cyber Threat Intelligence Professional
- 2. WHO AM I ▪ Proud CEID and CSD Alumni ▪ CTI in Financial, Energy, and Technology sectors ▪ SANS, ENISA, FIRST.org, European Commission ▪ Twitter: @asfakian Website: www.threatintel.eu
- 3. DISCLAIMER
- 4. OUTLINE Anatomy of Cyber Threats The Corporate Cyber Shield Building the Cyber Defenders
- 6. ANATOMY OF CYBER THREATS Image from bestofspain.es
- 8. TIMELINE OF IMPORTANT EVENTS IN CTI HISTORY 1989 Cuckoo’s Egg 2009 Operation Aurora 2010 Stuxnet 2011 LM Kill Chain 2013 APT1 Report 2013 Pyramid of Pain 2013 Snowden Leaks 2014 Heart Bleed 2015 ATT&CK 2016 The Shadow Brokers / US Elections 2017 Wanna Cry / Petya APT Becomes Mainstream Wider CTI Adoption
- 9. WHO ARE THE CYBER THREAT ACTORS?
- 19. THE HUMAN BEHIND THE KEYBOARD
- 20. State Sponsored
- 22. HOW DO GOVERNMENTS DO ATTRIBUTION?
- 26. Cybercriminals
- 27. WHAT IS THE TOP CYBER THREAT NOWADAYS FOR ORGANISATIONS?
- 30. HOW MUCH IS THE AVERAGE RANSOM PAYMENT?
- 32. HOW LONG DOES IT TAKE TO GET RANSOMWARED?
- 34. Hacktivists
- 36. THE CORPORATE CYBER SHIELD
- 37. WELCOME TO CYBER SECURITY https://www.linkedin.com/pulse/cybersecurity-domain-map-ver-30-henry-jiang/
- 38. SECURITY OPERATIONS AND INCIDENT RESPONSE
- 42. RED & PURPLE TEAMING https://twitter.com/LetsDefendIO/status/1706614342219628912
- 43. THE CORPORATE CYBER SHIELD https://www.linkedin.com/pulse/cybersecurity-domain-map-ver-30-henry-jiang/
- 44. BUILDING THE CYBER DEFENDERS Image from heritage-history.com
- 48. KEEPING UP TO DATE - SITUATIONAL AWARENESS RSS Aggregator (e.g., Feedly) Twitter Cyber News Websites Reddit Podcasts (e.g., CyberWire) Newsletter Team (e.g.,TC Dragon News Bytes) Strategic Sources (e.g., Economist, CFR, etc.) Weekly Summaries (e.g.This Week in 4n6) Threat Intelligence Reports ISACs Trust Groups (e.g., Slack channels, mailing lists) Threat Intelligence Vendors
- 49. CONTINUOUS EDUCATION MINDSET Self-initiated CTFs Academic programs Certifications Online training material Conferences Books Audiobooks
- 52. DON’T UNDERESTIMATE CORE SKILLS ▪Communication ▪Teamwork ▪Emotional Intelligence ▪Business acumen ▪Ethics
- 53. FINAL REMARKS Image from elladocomicodedonquijote.wordpress.com
- 54. RECAP ▪Evolving cyber threat landscape ▪Organisations with different threat profiles, business priorities, and “cyber shields” ▪New generation of cyber defenders and tomorrow’s leaders