Abstract image of a woman sitting on books and studying on a laptop

4. Mitigating a Cyber Attack

I
isc2-hellenic

This document outlines steps to mitigate cyber attacks. It defines a cyber attack as any offensive maneuver targeting computer systems for political or security purposes. Cyber attacks target critical infrastructure and aim to steal information, damage infrastructure, or harm reputation for financial or political goals. Attackers include hacktivists, nation states, cyber criminals, and insiders. The document discusses crime-as-a-service on underground forums and lists the Critical Security Controls for effective cyber defense. It also covers detecting attacks through logs and behavior analysis and having an incident response plan to prepare for and respond to attacks.

Technology
1 of 19
Downloaded 56 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
Mitigating a Cyber Attack The New Era of Cyber Security University of Piraeus 8/12/2014 Γιάννης Κυπραίος CISSP, CISM, ISO-27005 CIRM Υποδιεύθυνση Ασφάλειας Πληροφοριακών Συστημάτων Διεύθυνση Διακυβέρνησης Πληροφορικής Ομίλου ΕΤΕ
Agenda • Cyber Attack Definition • Cyber Attack Targets • Cyber Criminals Profile • Crime-as-a-Service • Type of Cyber Attacks • Critical Controls for effective Cyber Defense • Cyber Attack Detection • Reaction to a Cyber Attack
Cyber Attack Definition Wikipedia Cyber-attack is any type of offensive maneuver employed by individuals or whole organizations that targets computer information systems, infrastructures, computer networks, and/or personal computer devices by various means of malicious acts usually originating from an anonymous source that either steals, alters, or destroys a specified target by hacking into a susceptible system. Yale Law School A Cyber-attack consists of any action taken to undermine the functions of a computer network for a political or national security purpose. Yale: The Law of Cyber Attack
Cyber Attack Definition
Cyber Attack Definition
Cyber Attack Targets • Control Systems • Energy • Finance • Telecommunication • Transportation • Water
Cyber Attack Targets • Stealing Information • Wiping Data, Blocking Infrastructure • Stealing money • Damaging Company Reputation • Financial Losses
Cyber Criminal Profiles • The Hacktivist • Nation States • Cyber Criminals • Insiders
Motives Europol: Internet Organized Crime Threat Assessment 2014
Motives Europol: Internet Organized Crime Threat Assessment 2014
Crime-as-a-Service • Underground forums • Criminal Services – Infrastructure-as-a-Service – DDoS-as-a-Service – Data-as-a-Service – Pay-per-install Services – Hacking-as-a-Service – Malware-as-a-Service – Translation Services – Money Laundering-as-a-Service
Critical Controls for Effective Cyber Defense Critical Security Controls - Version 5 1. Inventory of Authorized and Unauthorized Devices 2. Inventory of Authorized and Unauthorized Software 3. Secure Configurations for Hardware and Software on Mobile Devices, Laptops, Workstations, and Servers 4. Continuous Vulnerability Assessment and Remediation 5. Malware Defenses 6. Application Software Security https://www.sans.org/critical-security-controls/
Critical Controls for Effective Cyber Defense Critical Security Controls - Version 5 7. Wireless Access Control 8. Data Recovery Capability 9. Security Skills Assessment and Appropriate Training to Fill Gaps 10.Secure Configurations for Network Devices such as Firewalls, Routers, and Switches 11.Limitation and Control of Network Ports, Protocols, and Services 12.Controlled Use of Administrative Privileges 13.Boundary Defense https://www.sans.org/critical-security-controls/
Critical Controls for Effective Cyber Defense Critical Security Controls - Version 5 14.Maintenance, Monitoring and Analysis of Audit Logs 15.Controlled Access Based on the Need to Know 16.Account Monitoring and Control 17.Data Protection 18.Incident Response and Management 19.Secure Network Engineering 20.Penetration Tests and Red Team Exercises https://www.sans.org/critical-security-controls/
Cyber Attack Detection There is no ”if”; only “when”! • “I am convinced that there are only two types of companies: those that have been hacked and those that will be. And even they are converging into one category: companies that have been hacked and will be hacked again.” R.S. Mueller III, Director of FBI • “There are two types of law firms: those that know they’ve been hacked and those that do not;” Attorney V. Polley
Cyber Attack Detection (Logs) • Network Firewalls • AntiVirus • Data Base Firewalls • Web Application Firewalls • Intrusion Prevention Systems • Security Logs Security Information & Event Management
Cyber Attack Detection (Behavior) • Slow Internet • Slow LAN • Inaccessible Web Sites • Computer Behavior Changes • Unknown Services • Unknown Connections DoS / DDoS Malware
Reaction to a Cyber Attack Be Prepared • Response Team • Reporting • Initial Response • Investigation • Recovery and follow-up • Public Relations • Law Enforcement
Mitigating a Cyber Attack The New Era of Cyber Security University of Piraeus 8/12/2014 Ioannis Kypraios CISSP, CISM, ISO-27005 CIRM ikipr@nbg.gr

More Related Content

PPT
Cyber security 22-07-29=013
Dr. Amitabha Yadav
 
PPTX
Cyber-Espionage: Understanding the Advanced Threat Landscape
Aaron White
 
PPTX
Cyber attack
Manjushree Mashal
 
PPTX
Cyber Security: Threats and Needed Actions
John Gilligan
 
PDF
Cyber Security Landscape and Systems Resiliency – Challenges & Priorities - T...
Knowledge Group
 
PDF
Global Cyber Security Outlook - Deloitte (Hotel_Digital_Security_Seminar_Sept...
XEventsHospitality
 
PPTX
Cyber Security
ADGP, Public Grivences, Bangalore
 
PDF
Cyber security
Bhavin Shah
 
Cyber security 22-07-29=013
Dr. Amitabha Yadav
 
Cyber-Espionage: Understanding the Advanced Threat Landscape
Aaron White
 
Cyber attack
Manjushree Mashal
 
Cyber Security: Threats and Needed Actions
John Gilligan
 
Cyber Security Landscape and Systems Resiliency – Challenges & Priorities - T...
Knowledge Group
 
Global Cyber Security Outlook - Deloitte (Hotel_Digital_Security_Seminar_Sept...
XEventsHospitality
 
Cyber Security
ADGP, Public Grivences, Bangalore
 
Cyber security
Bhavin Shah
 

What's hot (20)

PPTX
Cyber security
Eduonix
 
PPTX
Should i study cyber security
Vishal Singh
 
PPTX
The Importance of Cybersecurity in 2017
R-Style Lab
 
PPTX
Cyber Security
rahulbhardwaj312501
 
PPTX
Introduction to Cybersecurity
Adri Jovin
 
PPTX
Cybersecurity
Eng Hasan Shamroukh CISCO Exams Author
 
PPT
Cyber security & Importance of Cyber Security
Mohammed Adam
 
PPTX
презентация1
sagidullaa01
 
DOCX
Hot Cyber Security Technologies
RuchikaSachdeva4
 
PPTX
Pranavi verma-cyber-security-ppt
PranaviVerma
 
PPTX
Cybersecurity
A. Shamel
 
PDF
Cyber security and demonstration of security tools
Vicky Fernandes
 
PDF
Cyber Security Vulnerabilities
Siemplify
 
PDF
Cyber Security
JamshidRaqi
 
PPTX
Cyber security
abithajayavel
 
PPTX
Cyber Security Research Project Topics
Matlab Simulation
 
PDF
Cyber Security - awareness, vulnerabilities and solutions
inLabFIB
 
PPTX
Latest Top 10 Types of Cyber Security Threats
B R SOFTECH PVT LTD
 
PPTX
Cyber security # Lec 1
Kabul Education University
 
PDF
Cybersecurity concepts & Defense best practises
WAJAHAT IQBAL
 
Cyber security
Eduonix
 
Should i study cyber security
Vishal Singh
 
The Importance of Cybersecurity in 2017
R-Style Lab
 
Cyber Security
rahulbhardwaj312501
 
Introduction to Cybersecurity
Adri Jovin
 
Cybersecurity
Eng Hasan Shamroukh CISCO Exams Author
 
Cyber security & Importance of Cyber Security
Mohammed Adam
 
презентация1
sagidullaa01
 
Hot Cyber Security Technologies
RuchikaSachdeva4
 
Pranavi verma-cyber-security-ppt
PranaviVerma
 
Cybersecurity
A. Shamel
 
Cyber security and demonstration of security tools
Vicky Fernandes
 
Cyber Security Vulnerabilities
Siemplify
 
Cyber Security
JamshidRaqi
 
Cyber security
abithajayavel
 
Cyber Security Research Project Topics
Matlab Simulation
 
Cyber Security - awareness, vulnerabilities and solutions
inLabFIB
 
Latest Top 10 Types of Cyber Security Threats
B R SOFTECH PVT LTD
 
Cyber security # Lec 1
Kabul Education University
 
Cybersecurity concepts & Defense best practises
WAJAHAT IQBAL
 
Ad

Viewers also liked (10)

PDF
Enhancing Cybersecurity Readiness Through International Cooperation
Positive Hack Days
 
PPTX
Cyber Attack Survival: Are You Ready?
Radware
 
PDF
Is Cyber-offence the New Cyber-defence?
Jim Geovedi
 
PPTX
Cyber attack
Avinash Navin
 
PDF
Cyber Defense in 2016
Nixu Corporation
 
PPTX
Cyber attacks and IT security management in 2025
Radar Cyber Security
 
PPTX
Corporate-Espionage
Sam
 
PDF
Cyber Defense: three fundamental steps
Leonardo
 
PDF
cyber security and impact on national security (3)
Tughral Yamin
 
PDF
Anatomy of a cyber attack
Mark Silver
 
Enhancing Cybersecurity Readiness Through International Cooperation
Positive Hack Days
 
Cyber Attack Survival: Are You Ready?
Radware
 
Is Cyber-offence the New Cyber-defence?
Jim Geovedi
 
Cyber attack
Avinash Navin
 
Cyber Defense in 2016
Nixu Corporation
 
Cyber attacks and IT security management in 2025
Radar Cyber Security
 
Corporate-Espionage
Sam
 
Cyber Defense: three fundamental steps
Leonardo
 
cyber security and impact on national security (3)
Tughral Yamin
 
Anatomy of a cyber attack
Mark Silver
 
Ad

Similar to 4. Mitigating a Cyber Attack (20)

PDF
Tecnologie a supporto dei controlli di sicurezza fondamentali
Jürgen Ambrosi
 
PDF
Defining Security Intelligence for the Enterprise - What CISOs Need to Know
IBM Security
 
PDF
Introduction to QRadar
PencilData
 
PPTX
Cyber security for business
Daniel Thomas
 
PPT
CCNA Security 02- fundamentals of network security
Ahmed Habib
 
PPTX
Introduction to cyber security.pptx
SharmaAnirudh2
 
PDF
8 Top Cybersecurity Tools.pdf
Metaorange
 
PPT
Information Technology Security Basics
Mohan Jadhav
 
PPTX
8 Top Cybersecurity Tools.pptx
Metaorange
 
PDF
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
James Anderson
 
PPTX
Add-Structure-and-Credibility-to-Your-Security-Portfolio-with-CIS-Controls-v8...
hoang971
 
PPTX
Topic – cyber security, Introduction,future scope
gauravnainwal2291
 
PDF
𝐓𝐨𝐩 𝐂𝐲𝐛𝐞𝐫𝐬𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐀𝐧𝐚𝐥𝐲𝐬𝐭 𝐈𝐧𝐭𝐞𝐫𝐯𝐢𝐞𝐰 𝐐𝐮𝐞𝐬𝐭𝐢𝐨𝐧𝐬: 𝐃𝐨𝐰𝐧𝐥𝐨𝐚𝐝 𝐎𝐮𝐫 𝗪𝗵𝗶𝘁𝗲 𝗣𝗮𝗽𝗲𝗿!
Mansi Kandari
 
PDF
InfosecTrain Cybersecurity Analyst Interview Questions
priyanshamadhwal2
 
PDF
Cyber Security Analyst Interview Questions: Download our white paper
InfosecTrain
 
PDF
Cybersecurity Analyst Interview Questions for 2024.pdf
infosec train
 
PDF
Top Cybersecurity Analyst Interview Questions: Download InfosecTrain’s White ...
infosecTrain
 
PPTX
Zero Trust: Redefining Security in the Digital Age
Arnold Antoo
 
PDF
Cybersecurity Analyst Interview Questions By InfosecTrain
priyanshamadhwal2
 
PDF
Cyber Security Interview Analyst Questions.pdf
InfosecTrain
 
Tecnologie a supporto dei controlli di sicurezza fondamentali
Jürgen Ambrosi
 
Defining Security Intelligence for the Enterprise - What CISOs Need to Know
IBM Security
 
Introduction to QRadar
PencilData
 
Cyber security for business
Daniel Thomas
 
CCNA Security 02- fundamentals of network security
Ahmed Habib
 
Introduction to cyber security.pptx
SharmaAnirudh2
 
8 Top Cybersecurity Tools.pdf
Metaorange
 
Information Technology Security Basics
Mohan Jadhav
 
8 Top Cybersecurity Tools.pptx
Metaorange
 
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
James Anderson
 
Add-Structure-and-Credibility-to-Your-Security-Portfolio-with-CIS-Controls-v8...
hoang971
 
Topic – cyber security, Introduction,future scope
gauravnainwal2291
 
𝐓𝐨𝐩 𝐂𝐲𝐛𝐞𝐫𝐬𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐀𝐧𝐚𝐥𝐲𝐬𝐭 𝐈𝐧𝐭𝐞𝐫𝐯𝐢𝐞𝐰 𝐐𝐮𝐞𝐬𝐭𝐢𝐨𝐧𝐬: 𝐃𝐨𝐰𝐧𝐥𝐨𝐚𝐝 𝐎𝐮𝐫 𝗪𝗵𝗶𝘁𝗲 𝗣𝗮𝗽𝗲𝗿!
Mansi Kandari
 
InfosecTrain Cybersecurity Analyst Interview Questions
priyanshamadhwal2
 
Cyber Security Analyst Interview Questions: Download our white paper
InfosecTrain
 
Cybersecurity Analyst Interview Questions for 2024.pdf
infosec train
 
Top Cybersecurity Analyst Interview Questions: Download InfosecTrain’s White ...
infosecTrain
 
Zero Trust: Redefining Security in the Digital Age
Arnold Antoo
 
Cybersecurity Analyst Interview Questions By InfosecTrain
priyanshamadhwal2
 
Cyber Security Interview Analyst Questions.pdf
InfosecTrain
 

More from isc2-hellenic (20)

PDF
Cyber Security Expect the Unexpected
isc2-hellenic
 
PDF
European Cyber Security Challenge - Greel National Cyber Security Team
isc2-hellenic
 
PDF
The evolving threats and the challenges of the modern CISO
isc2-hellenic
 
PDF
Operation Grand Mars
isc2-hellenic
 
PDF
Pci standards, from participation to implementation and review
isc2-hellenic
 
PDF
Flowchart - Building next gen malware behavioural analysis environment
isc2-hellenic
 
PPTX
Building next gen malware behavioural analysis environment
isc2-hellenic
 
PDF
GDPR Cyber Insurance 11/1/2017
isc2-hellenic
 
PDF
GDPR 11/1/2017
isc2-hellenic
 
PDF
General assembly 2016 02 24 1.0
isc2-hellenic
 
PDF
2016 02-14 - tlp-white ce2016 presentation
isc2-hellenic
 
PDF
Panoptis 2016
isc2-hellenic
 
PDF
2016 02-14-nis directive-overview isc2 chapter
isc2-hellenic
 
PDF
Event 16 12-15 kostas papadatos
isc2-hellenic
 
PDF
Event 16 12-15 panel1
isc2-hellenic
 
PDF
Event 16 12-15 panel2
isc2-hellenic
 
PDF
Event 16 12-15 global information security workforce study 1.0
isc2-hellenic
 
PDF
5. Experience from recent national & international cyber exercises
isc2-hellenic
 
PDF
3. APTs Presentation
isc2-hellenic
 
PDF
2. Chapter introduction & update
isc2-hellenic
 
Cyber Security Expect the Unexpected
isc2-hellenic
 
European Cyber Security Challenge - Greel National Cyber Security Team
isc2-hellenic
 
The evolving threats and the challenges of the modern CISO
isc2-hellenic
 
Operation Grand Mars
isc2-hellenic
 
Pci standards, from participation to implementation and review
isc2-hellenic
 
Flowchart - Building next gen malware behavioural analysis environment
isc2-hellenic
 
Building next gen malware behavioural analysis environment
isc2-hellenic
 
GDPR Cyber Insurance 11/1/2017
isc2-hellenic
 
GDPR 11/1/2017
isc2-hellenic
 
General assembly 2016 02 24 1.0
isc2-hellenic
 
2016 02-14 - tlp-white ce2016 presentation
isc2-hellenic
 
Panoptis 2016
isc2-hellenic
 
2016 02-14-nis directive-overview isc2 chapter
isc2-hellenic
 
Event 16 12-15 kostas papadatos
isc2-hellenic
 
Event 16 12-15 panel1
isc2-hellenic
 
Event 16 12-15 panel2
isc2-hellenic
 
Event 16 12-15 global information security workforce study 1.0
isc2-hellenic
 
5. Experience from recent national & international cyber exercises
isc2-hellenic
 
3. APTs Presentation
isc2-hellenic
 
2. Chapter introduction & update
isc2-hellenic
 

Recently uploaded (20)

PDF
Produktkatalog für HOBO Datenlogger, Wetterstationen, Sensoren, Software und ...
Metrics GmbH
 
PDF
Dell Pro Micro: Speed customer interactions, patient processing, and learning...
Principled Technologies
 
PPTX
Module 1 Introduction to Web Programming .pptx
kamleshkc191
 
PDF
The-2025-Engineering-Revolution-AI-Quality-and-DevOps-Convergence.pdf
Kalilur Rahman
 
PPTX
Internet of Everything -Basic concepts details
sendilkumar66
 
PPTX
Build Your First AI Agent with UiPath.pptx
suhanisingh58689
 
PPTX
AI-driven Assurance Across Your End-to-end Network With ThousandEyes
ThousandEyes
 
PDF
The influence of sentiment analysis in enhancing early warning system model f...
IAESIJAI
 
PDF
“A New Era of 3D Sensing: Transforming Industries and Creating Opportunities,...
Edge AI and Vision Alliance
 
PDF
Convolutional neural network based encoder-decoder for efficient real-time ob...
IAESIJAI
 
DOCX
Basics of Cloud Computing - Cloud Ecosystem
suthak11
 
PPTX
future_of_ai_comprehensive_20250822032121.pptx
forrandomuse090
 
PPT
Galois Field Theory of Risk: A Perspective, Protocol, and Mathematical Backgr...
Melanie Swan
 
PDF
NewMind AI Weekly Chronicles – August ’25 Week IV
NewMind AI
 
PDF
Transform-Your-Streaming-Platform-with-AI-Driven-Quality-Engineering.pdf
Kalilur Rahman
 
PDF
Co-training pseudo-labeling for text classification with support vector machi...
IAESIJAI
 
PDF
Rapid Prototyping: A lecture on prototyping techniques for interface design
Mark Billinghurst
 
PDF
giants, standing on the shoulders of - by Daniel Stenberg
Daniel Stenberg
 
PDF
The-Future-of-Automotive-Quality-is-Here-AI-Driven-Engineering.pdf
Kalilur Rahman
 
PDF
Early detection and classification of bone marrow changes in lumbar vertebrae...
IAESIJAI
 
Produktkatalog für HOBO Datenlogger, Wetterstationen, Sensoren, Software und ...
Metrics GmbH
 
Dell Pro Micro: Speed customer interactions, patient processing, and learning...
Principled Technologies
 
Module 1 Introduction to Web Programming .pptx
kamleshkc191
 
The-2025-Engineering-Revolution-AI-Quality-and-DevOps-Convergence.pdf
Kalilur Rahman
 
Internet of Everything -Basic concepts details
sendilkumar66
 
Build Your First AI Agent with UiPath.pptx
suhanisingh58689
 
AI-driven Assurance Across Your End-to-end Network With ThousandEyes
ThousandEyes
 
The influence of sentiment analysis in enhancing early warning system model f...
IAESIJAI
 
“A New Era of 3D Sensing: Transforming Industries and Creating Opportunities,...
Edge AI and Vision Alliance
 
Convolutional neural network based encoder-decoder for efficient real-time ob...
IAESIJAI
 
Basics of Cloud Computing - Cloud Ecosystem
suthak11
 
future_of_ai_comprehensive_20250822032121.pptx
forrandomuse090
 
Galois Field Theory of Risk: A Perspective, Protocol, and Mathematical Backgr...
Melanie Swan
 
NewMind AI Weekly Chronicles – August ’25 Week IV
NewMind AI
 
Transform-Your-Streaming-Platform-with-AI-Driven-Quality-Engineering.pdf
Kalilur Rahman
 
Co-training pseudo-labeling for text classification with support vector machi...
IAESIJAI
 
Rapid Prototyping: A lecture on prototyping techniques for interface design
Mark Billinghurst
 
giants, standing on the shoulders of - by Daniel Stenberg
Daniel Stenberg
 
The-Future-of-Automotive-Quality-is-Here-AI-Driven-Engineering.pdf
Kalilur Rahman
 
Early detection and classification of bone marrow changes in lumbar vertebrae...
IAESIJAI
 

4. Mitigating a Cyber Attack

  • 1. Mitigating a Cyber Attack The New Era of Cyber Security University of Piraeus 8/12/2014 Γιάννης Κυπραίος CISSP, CISM, ISO-27005 CIRM Υποδιεύθυνση Ασφάλειας Πληροφοριακών Συστημάτων Διεύθυνση Διακυβέρνησης Πληροφορικής Ομίλου ΕΤΕ
  • 2. Agenda • Cyber Attack Definition • Cyber Attack Targets • Cyber Criminals Profile • Crime-as-a-Service • Type of Cyber Attacks • Critical Controls for effective Cyber Defense • Cyber Attack Detection • Reaction to a Cyber Attack
  • 3. Cyber Attack Definition Wikipedia Cyber-attack is any type of offensive maneuver employed by individuals or whole organizations that targets computer information systems, infrastructures, computer networks, and/or personal computer devices by various means of malicious acts usually originating from an anonymous source that either steals, alters, or destroys a specified target by hacking into a susceptible system. Yale Law School A Cyber-attack consists of any action taken to undermine the functions of a computer network for a political or national security purpose. Yale: The Law of Cyber Attack
  • 6. Cyber Attack Targets • Control Systems • Energy • Finance • Telecommunication • Transportation • Water
  • 7. Cyber Attack Targets • Stealing Information • Wiping Data, Blocking Infrastructure • Stealing money • Damaging Company Reputation • Financial Losses
  • 8. Cyber Criminal Profiles • The Hacktivist • Nation States • Cyber Criminals • Insiders
  • 9. Motives Europol: Internet Organized Crime Threat Assessment 2014
  • 10. Motives Europol: Internet Organized Crime Threat Assessment 2014
  • 11. Crime-as-a-Service • Underground forums • Criminal Services – Infrastructure-as-a-Service – DDoS-as-a-Service – Data-as-a-Service – Pay-per-install Services – Hacking-as-a-Service – Malware-as-a-Service – Translation Services – Money Laundering-as-a-Service
  • 12. Critical Controls for Effective Cyber Defense Critical Security Controls - Version 5 1. Inventory of Authorized and Unauthorized Devices 2. Inventory of Authorized and Unauthorized Software 3. Secure Configurations for Hardware and Software on Mobile Devices, Laptops, Workstations, and Servers 4. Continuous Vulnerability Assessment and Remediation 5. Malware Defenses 6. Application Software Security https://www.sans.org/critical-security-controls/
  • 13. Critical Controls for Effective Cyber Defense Critical Security Controls - Version 5 7. Wireless Access Control 8. Data Recovery Capability 9. Security Skills Assessment and Appropriate Training to Fill Gaps 10.Secure Configurations for Network Devices such as Firewalls, Routers, and Switches 11.Limitation and Control of Network Ports, Protocols, and Services 12.Controlled Use of Administrative Privileges 13.Boundary Defense https://www.sans.org/critical-security-controls/
  • 14. Critical Controls for Effective Cyber Defense Critical Security Controls - Version 5 14.Maintenance, Monitoring and Analysis of Audit Logs 15.Controlled Access Based on the Need to Know 16.Account Monitoring and Control 17.Data Protection 18.Incident Response and Management 19.Secure Network Engineering 20.Penetration Tests and Red Team Exercises https://www.sans.org/critical-security-controls/
  • 15. Cyber Attack Detection There is no ”if”; only “when”! • “I am convinced that there are only two types of companies: those that have been hacked and those that will be. And even they are converging into one category: companies that have been hacked and will be hacked again.” R.S. Mueller III, Director of FBI • “There are two types of law firms: those that know they’ve been hacked and those that do not;” Attorney V. Polley
  • 16. Cyber Attack Detection (Logs) • Network Firewalls • AntiVirus • Data Base Firewalls • Web Application Firewalls • Intrusion Prevention Systems • Security Logs Security Information & Event Management
  • 17. Cyber Attack Detection (Behavior) • Slow Internet • Slow LAN • Inaccessible Web Sites • Computer Behavior Changes • Unknown Services • Unknown Connections DoS / DDoS Malware
  • 18. Reaction to a Cyber Attack Be Prepared • Response Team • Reporting • Initial Response • Investigation • Recovery and follow-up • Public Relations • Law Enforcement
  • 19. Mitigating a Cyber Attack The New Era of Cyber Security University of Piraeus 8/12/2014 Ioannis Kypraios CISSP, CISM, ISO-27005 CIRM [email protected]