Using SurfWatch Labs' Threat Intelligence to Understand Third-Party Risk
Download as PPTX, PDF0 likes145 views
The document discusses using Surfwatch Labs' threat intelligence to manage third-party cyber risks, emphasizing the different types of threat intelligence: 'known knowns', 'known unknowns', and 'unknown unknowns'. It outlines the importance of understanding digital footprints and highlights that a significant percentage of breaches come from partners and suppliers, particularly affecting smaller businesses. Practical risk mitigation strategies include ensuring vendor compliance, gaining visibility of connected parties, and leveraging both internal and external threat intelligence.
Using SurfWatch Labs' Threat Intelligence to Understand Third-Party Risk
- 1. Using SurfWatch Labs’ Threat Intelligence To Understand 3rd Party Risk
- 2. Today’s Speaker Adam Meyer Chief Security Strategist SurfWatch Labs 2
- 3. Baselining the Different Types of Cyber Threat Intelligence For Senior Business Leaders – CISO, CIO, Risk Officer, etc. • Informs business decisions and used to prioritize defense and direct cybersecurity investments • “Known Knowns” – Threat is understood and can be acted on / mitigated For SOC/NOC Managers and Threat Analysts • Aggregation of events along with the motivations, intent, and capabilities of adversaries – how they plan, conduct, and sustain attack campaigns • “Known Unknowns” – Confirmed existence of an actual threat For SOC/NOC Operators • The effort to detect and respond to on-the-wire events that are technical and high volume. Focuses on threat indicators to hunt for and defend against adversaries. Little-to-no contextualization or learning. • “Unknown Unknowns” – Something weird is going on Operational Tactical Decision Strategic Inputs Outputs Inputs Outputs LevelofIntelligence 3
- 4. Your Digital Footprint Provides a Lot of Opportunity for Adversaries 4
- 5. Your Digital Footprint Provides a Lot of Opportunity for Adversaries 5 You Are Here Or Here Or Here According to PwC • Smaller companies spend far less on cyber security • As big companies get better, attackers are targeting smaller, less capable businesses • 57% of breaches originate from partners & suppliers. In retail & consumer goods it’s 68% • Large orgs make little effort to monitor the security of their partners or suppliers • Attackers know this! • A moat around a heavily fortified castle does nothing if the bridge is down to your supply chain
- 6. Practical Risk Mitigation Steps You Can Take 6 1. Ensure vendors are properly managing data and access credentials. Poor security practices and errors among 3rd parties regularly lead to unauthorized access and sensitive information being exposed. 2. Gain visibility of who is connected to your organization. Know who you’re working with, continue to evaluate their cyber risks and understand how they are digitally connected to you. 3. Look at threat activity outside your organization – as well as obviously from within. Threat intelligence provides insights as to where to focus your resources most effectively. The best approach leverages both internal and external intel – so you have a complete picture of risk.
- 7. Dark Web Markets: Where Your Information is Actively Targeted and Sold • Hacking for Hire • PII/Identity Info/Credit Cards • Cyber Exploits for Sale • Vulnerabilities for Sale • Stolen IP, Designs & Counterfeits • Spam & Phishing Campaigns for Hire • Doxxing & Investigation for Hire • Hacktivist Targeting Forums • Insider Threat for Hire 7
- 8. 8 The SurfWatch Labs Threat Intelligence Stack Cloud-based Suite and Advisory Services deliver: • Strategic and Operational Threat Intelligence • Relevant Cyber Risk Management • Actionable Fraud Awareness and Prevention • Digital Supply Chain Risk Visibility • Brand and IP Protection • Legal and Regulatory Diligence • KPIs and Cyber Risk Reporting Products SaaS Applications and API Information and Analytics Collect, Validate, Analyze and Enrich Solutions Human Expertise Threat Analyst Cyber Advisor Data Collection Sources: • Millions of Open Source Media Outlets • Twitter – Full Feed • Cyber-Focused Sources- Blogs, Security Researchers, etc.) • Govt Mandated Breach Reports • Vulnerability Reports • PII Release Reports • Phishing Feeds • Dark Web Markets & Forums • Paste Sites • SurfWatch Customers
- 9. Q&A and Additional SurfWatch Labs Resources 9 SurfWatch Cyber Advisor: www.surfwatchlabs.com/cyber-advisor SurfWatch Threat Analyst: www.surfwatchlabs.com/threat-intel Dark Web Intelligence: www.surfwatchlabs.com/dark-web-intelligence Personalized SurfWatch Demo: info.surfwatchlabs.com/request-demo Strategic and Operational Threat Intelligence
Editor's Notes
- #8: Talk through the different types of threats out on the dark web