Since the implementation of the EU’s General Data Protection Regulation (GDPR) in May, media reports of data breaches have skyrocketed. British Airways, Facebook, Ticketmaster, and Cathay Pacific are all organisations that have made headlines over the last months showing the breadth of sectors affected worldwide by data compromises.
Compliance-driven pieces have been a relatively common occurrence in the media since the application of GDPR. We however aim to look in this blog post at GDPR from a threat actors’ perspective. With GDPR bringing in major changes on the management and transfer of data, threat actors are likely to find innovative ways to exploit and benefit from these changes.
‘There are now three certainties in life – there’s death, there’s taxes and there’s a foreign intelligence service on your system’ – Head of Cyber at MI5 (2013)
Over the last two decades, the scale and severity of cyber attacks has been very variable. It is probably safe to suggest that the secret sabotage of a nuclear facility by the Stuxnet worm is in a slightly different league to the theft of payment card data held by a commercial brand like Chipotle. Nonetheless, there are several underlying attributes that provide a common framework to compare unconnected incidents. The Diamond Model of Intrusion Analysis indicates that for every incident, there is:
- An Adversary
- The Capabilities of the Adversary
- A Victim
- Infrastructure over which the attack occurs
On September 28th, Rob Dartnall, Director of Cyber Intelligence, Security Alliance will be presenting to ITLA members at the London offices of Freshfields Bruckhaus Deringer. Join us for Away from the Hype: What Is Cyber Intelligence and How Is It Leveraged by Law Firms
The Dark Web is a fascinating, confusing and for some, a shocking place. Amongst the plethora of forums discussing, selling and sharing drugs, guns, pornography, credit cards (the list goes on), cybercriminals of all levels of sophistication also seek to acquire, enhance, and profit from a variety of hacking tools. This post provides examples of trading and collaboration that lie behind development of malicious software (malware), as well as providing examples of how it can be rapidly upgraded and changed.
Security Alliance has achieved CBEST Threat Intelligence provider status. CBEST is a ground-breaking and targeted cyber assessment scheme, created and run by the Bank of England.
This accreditation recognises Security Alliance’s competency in delivering cyber threat intelligence services to the Finance sector.
“Not everything that can be counted counts, and not everything that counts can be counted.”
The application of traditional threat intelligence to the field of information security is a relatively young one. As the ability of the community to collect and share intelligence grows, the techniques we use to analyse it become more sophisticated. Assuming we have access to a “firehose” of big data, how can we model and analyse security threats most effectively? This question has led to many organisations attempting to standardise the process and provide a consistent way of distributing threat data. How effective are they at doing this, and how could they be better? How can we better use these imperfect sources of intelligence to inform our analyses?