4. What is a Threat Actor?
Why characterise?
Theoretical: To gain understanding of and an
ability to anticipate an adversary in order to build
improved threat models
In Practice: Improved profiling
of attackers at post attack and
forensic levels
6. *Mandiant Consulting, M-Trends Report, Feb 2016
the average time before an organisation
figures out it has been internally
compromised *
146
days
Cyber Challenge
7.
8. Complexity of existing solutions is a major barrier to critical Cyber visibility
Too Expensive
Requires Cyber
Specialists
Alert Overload
Slow &
Cumbersome
Cryptic Logs
Changing
Landscape
11. • British Airways
• CyberQ Group
• Equifax
• HMG
• Insurance Industry: Captive, Non-Captive and Retained
• Logistics
• Not for Profit Organisations
• Private Health and Wellbeing
• Ticket Master
• Wembley Stadium and the new generation of sports grounds
Case Studies: the Good, the Bad and the
Ugly
12. Digital Resilience on an International Stage
Q&A
Dr Clive Stainton
clive@cyberqgroup.com
Editor's Notes
Protect the house –
Do not forget about the outside –
Stolen Credentials – IP thief – Blue print -
Protect the house –
Do not forget about the outside –
Stolen Credentials – IP thief – Blue print -