Please enable JavaScript.
Coggle requires JavaScript to display documents.
Section 6 Security Implications and Adoption of Evolving Technology…
Section 6 Security Implications and Adoption of Evolving Technology
Current Threat Landscape
1.1 Cybersecurity Risk
Increasing
dependence on digital technologies
more
susceptible to cybersecurity risk
1.2 Threat Landscape
Threat environment
Collection of threats
1.3 Recent Trends
Increasing
Malware
Web-based Attacks
Ransomware
Stable
Physical damage/theft/loss
Phishing
Data Breaches
Declining
Botnets
Spam
Cloud and Digital Collaboration
5.1 Cloud Computing
Model for enabling convenient, on-demand access to a shared pool of configurable computing resources
Can be rapidly provisioned and released with minimal management effort or service provider interaction
Platforms offered in the cloud:
Software as a Service (SaaS)
Platform as a Service (PaaS)
Infrastructure as a Service (IaaS)
5.2 Top Cloud Computing Threats
Data breaches
Data loss
Account hijacking
Insecure application programming interfaces (APIs)
Denial-of-service (DoS)
Malicious insiders
Abuse of cloud services
Insifficient due diligence
Shared technology issues
5.3 Web Applications
Enterprises often use SaaS offerings, sometimes extending this use to critical business processes and related applications
Generate data-in-flow vulnerabilities that may be exploited by cybercrime and cyberwarfare
Saas increase risk at the application layer including these attack vectors:
Zero-day exploits
Primary malware
Secondary malware
5.4 Social Media
Has created highly effective communication platforms where any user, virtually anywhere in the world , can freely create content and disseminate this information in real time to a global audience
5.5 Risks of Enterprise Use of Social Media
Risk associated with a corporate social media presence
Intrduction of viruses/malware to the organizational network
Unclear/unidentified content rights to information posted to social media sites
Risk associated with employee personal use of social media
Use of persoal accounts to communicate work-related information
Employee posting pictures or information that link them to the enterprise
Mobile Technology-Vulnerabilities, Threats and Risk
3.1 Security for Mobile Technology
Threats related to mobile technology
Insecure Communication
Insecure Authentication
Insufficient Cryptography
Insecure Authorization
Client Code Quality
Code Tampering
Reverse Engineering
Extraneous Functionality
Improper Platform Usage
Insecure Data Storage
3.2 Technical Risk
Mobile devices present a number of technical risks, in addition to physical and organizational risks
3.3 Activity Monitoring and Data Retrieval Risk
Messaging
Audio
Pictures/Video
Geolocation
Static Data
History
Storage
3.4 Unauthorized Network Connectivity Risk
Email
SMS
HTTP get/post
TCP/UDP socket
DNS exfiltration
Bluetooth
WLAN/WiMAX
3.5 Sensitive Data Leakage
Amount of storage space on devices is
growing
will
increase
the risk of data leakage
Sensitive data leakage can be:
Inadvertent
Occur through side channel attacks
Side channel attacks over prolonged periods of time allow building of a detailed user profile
Movements
Behavior
Private/business habits
3.6 Risk Associated With Mobile Data Storage and Transmission
Unsafe Sensitive Data Storage
Applications store sensitive data
Data stored is often replicated without encryption
Unsafe Sensitive Data Transmission
Users use unsecured public network for data transmission
3.7 Drive-by Vulnerabilities
Restrict nature of mobile device applications will increase risk of drive-by attack
Consumerization of IT and Mobile Devices
4.1 Consumerization of IT
Reorientation of technologies and services designed around the individual end user
4.2 Bring Your Own Device
The use of privately owned mobile devices for work purposes
PROS
Shifts costs to user
Worker satisfaction
More frequent hardware upgrades
Cutting-edge technology with the latest features and capabilities
CONS
IT loss of control
Known/unknown security risk
Acceptable Use Policy is more difficult to implement
Unclear compliance and ownership of data
4.3 Internet of Things
Refers to physical objects that possess embedded network and computing elements
Communicate with other objects over a network
Types of risk
Business Risk
Operational Risk
Technical Risk
4.4 Big Data
Relies on data sets that are too large or too fast-changing to be analyzed using traditional database techniques or commonly used software tools
Change in analytics capabilities dealing with big data can introduce technical and operational risk, including:
Amplified technical impact
Privacy in data collection
Re-identification
Advanced Persistent Threats
2.1 Evolution of the Threat Landscape
Unsophisticated Attackers (Script Kiddies)
Sophisticated Attackers (Hackers)
Corporate Espionage (Hackers)
State-sponsored Attacks (Advanced Persistent Threat)
2.2 Advanced Persistent Threat
Targeted threat that is composed of various complex attack vectors
Can remain undetected for an extended period of time
Not easily deflected by a determine defensive response
2.3 APT Targets
All sizes of companies across all sectors of industry
All geographic regions that contain high-value assets
Often encompass third-party organizations delivering services to targeted enterprises
2.4 APT Sources of Threat
Intelligence Agencies
Criminal Groups
Terrorist Groups
Activist Groups
Armed Forces
2.5 APT Attack Stages
Target Selection
Target Research
Target Penetration
Command and Control
5.Target Discovery
Data Exfiltration
Intelligence Dissemination
Information Exploitation
