Documente Academic
Documente Profesional
Documente Cultură
Fundamentals
Prof. Georges Ataya, Vice President of the Belgian Cybersecurity Coalition
Academic Director, IT Management Education
(Solvay Brussels School of Economics and Management)
Managing Partner, ICT Control SA
Previously: One to One solution
Security Address
Threat Vulnerability
Previously: One to One solution
Software to detect and Staff awareness
Technical solution
eradicate malware and education
Building higher defensive walls
and installing defense-in-depth
solutions
Advanced persistent threats
List of major APT Attacks
Attack name Period Impact or outcome
Tens of thousands of files stolen, including maps of military installations, troop configurations and military
Moonlight Maze 1998‐2000 hardware designs, resulting in millions of dollars of damage
Not disclosed. Likely to be similar to Moonlight Maze
Titan Rain 2003‐2005
Trade secrets stolen, including design, financial, manufacturing and strategic planning information from US
Sykipot 2007‐2012 and UK companies, resulting in loss of competitiveness
Political and economic data compromised on more than 1,000 computers in over 100 countries
GhostNet 2008‐2009
Large quantities of intellectual property stolen, resulting in substantial losses in competitiveness
Operation Aurora 2009‐2010
Infected more than one million computers around the world, causing tens of millions of dollars in
Gozi 2007 onward damages
Compromised tens of thousands of FTP accounts on company sites and several million bank users,
Zeus 2007 onward resulting in the theft of hundreds of millions of dollars
Millions of dollars stolen from the customer accounts of several hundred banks across the world
SpyEye 2009 onward
The malware was reported to have caused substantial damage to the centrifuges at the Natanz nuclear
Stuxnet 2010 enrichment laboratory in Iran.
Captured information that might enable a future APT attack on industrial control systems
Duqu 2011
Stole information from around 1,000 machines in Iran, Israel, Sudan, Syria, Lebanon, Saudi Arabia, and
Flame 2012 Egypt. Attacks ceased when publicly disclosed
Reported to have stolen hundreds of terabytes of secrets from diplomatic, trade, military, aerospace,
Red October 2007‐2012 energy, and research organizations in Russia, Iran, the US, and other countries
Stole an estimated 36 million euro from more than 30,000 customers in over 30 banks across Europe
Eurograbber 2012
Sources of APT Threat
Highest Enterprise Risk
of Successful APT
Attack
WHAT DO YOU BELIEVE TO BE THE HIGHEST RISK TO YOUR
ENTERPRISE ASSOCIATED WITH A SUCCESSFUL APT ATTACK?
The “Cyber Kill
Chain”
Sequence of activities conducted by
an attacker to carry out an APT
attack
The Cybersecurity 2
Skills Gap
There are an estimated 410,000 to 510,000
information security professionals
worldwide, and jobs are expected to increase
53 percent by 2018 with over 4.2 million jobs
available1.
1 However, recent studies and reports
suggest that there are simply not enough
skilled professionals to fill them.
1 McKinsey Study 2011
2 Source: 2013 Global Information Security Workforce Study, Frost & Sullivan and Booz Allen Hamilton.
Cybersecurity
Roles Board of Directors
Executive Management
The structure and governance of every
organization is different and varies based on
the type of organization. Each organization Senior Information
has its own mission (business), size, industry, Security Management
culture and legal regulations. However, all Cybersecurity Practitioners
organizations have a responsibility and duty Compliance
to protect their assets and operations,
Risk management Information Security Roles
including their IT infrastructure and
information
Knowledge domains for
Information Security Age
Technical Generic Management
IDENTIFY
PROTECT
DETECT
RESPOND
RECOVER
© 2015 ICTC.EU
Cybersecurity processes
IDENTIFY
PROTECT
DETECT
RESPOND
RECOVER
Sources of information
To be downloaded at isaca.org
2014
“Information
security risk can be
seen as the
multiplication of
three factors: assets,
vulnerabilities and
threats.”
Executive Education in Executive Education in
IT Management Information Security
Management
Solvay.edu/IT
Executive Master in Executive Master in
IT Management Information Risk and Cybersecurity
Executive Programme in Executive Programme in
CIO Practices Security Governance
CIO Leadership Information Security
IT Business Agility Cybersecurity
Enterprise and IT Architecture
IT Sourcing
IT Management Consulting
Solvay.edu/IT
Lectured tracks and modules
S – track G – track M – track B – track A – track
Info Security IT Governance IT Management Business Agility Activating skills
B1 – Enterprise
S1 – Information G1 – The CIO M1 – Applications A1 – IT Finance and
Strategy and
Security Management Foundation Build and Management Portfolio Management
Architecture
S2 – IT Security G2 – IT Governance M2 – IT Services and B2 – Business A2 – Soft Skills for IT
Practices Workshop Run Management Transformation professionals
S3 – Cybersecurity G3 – IT Risk and Legal M3 – IT Sourcing B3 – Digital Agility and A3 – Building Expert
Workshop concerns Management Innovation Opinion
© 2014 ictc.eu
Solvay.edu/IT
Today: Knowledge exchange Ultimate goal
• Share experiences: good and bad • Get the number of infected
• Learn from each other
computers down
• Create the foundations for the
awareness building and the policy
recommendations
Georges Ataya ‐ gataya@solvay.edu – solvay.edu/it