Galahad

OPERATIONALIZING DARK WEB MONITORING… IN NEAR REAL TIME

• Dark web activity increased 300% over three years from 2018 – 2020. There are now over 2 million active users connecting to the Dark Web through the Tor browser daily.
• Cybercrime is predicted to have FY21 global cost of $6 trillion USD and will reach $10.5 trillion USD by FY25.
• Cybercrime is third, only to the United States and China, as the largest “economy” in the world.
• A ransomware attack takes place every 11 seconds in 2021 and there is a daily global average of 2250 active hacking attempts, or one every 39 seconds.
• 60% of data and information available on the Dark Web can directly impact Enterprises, almost 90% would impact US citizens.

Who has the responsibility to analyze, exploit, and disseminate dark web intelligence?

There are multiple agencies who have some semblance of purview for action or collection of intelligence across the growing Cyber-base battle space. This is both good… and bad. Current activities across the US Federal government are managed by multiple agencies based on both legal authority and mission set:

Security Automation / Machine Learning

Introduction

While many industries are struggling amid the coronavirus pandemic, both the IT industry and the broader trend of transition to remote work have revealed many areas where traditional approaches to managing businesses create unnecessary waste. Still, data science and its subdivision – machine learning – reveal that such expansion is nearly limitless.

When it comes to giving cyber security experts the tools they need to take action, automation and machine learning (ML) can make a big difference. Many companies are working with high volumes of data, and types and variants of attack are always growing and changing. It can become too much for people to process in a meaningful time frame. But security automation and machine learning-based early triage can reduce data volumes…

Navigating Cyber Risk

Cyber criminals strike again! Your peers, partners, competition, or maybe even you have personally become a victim of cyber crime. You realize you’re at risk, but what can you do about it? Cybersecurity is a massive topic and there are a plethora of tools claiming to help companies secure their digital footprint. However, resources are finite and very few companies can afford a shotgun approach to securing their systems. Cybersecurity is a continuously evolving process that requires short and long-term planning. You can think of cybersecurity like an epic journey. You have to know where you’re starting from, where you need to go, how you will travel, and how to make sure you are staying on track.

Where are we going? – Critical Systems and Information

The first step is to determine what needs to be protected. This will assist in establishing an organization’s security goals and objectives. Setting security and privacy objectives involves identifying the critical systems and information that need protection. This could be proprietary information, financial information, customer and employee personal information, system credentials, business systems, or any other data or system often targeted by cyber criminals…

Application of the NIST Standards of Risk Management

A Framework for Applied Enterprise Risk Management

If you cannot say that you do it, write down how you do it, and prove that you do it that way…
Then you don’t do it.

Before we get started, I’d like you to take a few minutes to jot down some personal notes. Getting a baseline of the “who, why, and where” of your particular approach to the NIST Risk Management Framework (RMF) will help you identify areas of this course that are most important to your function.

First, I want you to identify what organization you work for. Think about what this might mean for the information types and system type that you may come into contact with, or even be responsible for protecting. Next, and the first question should assist you with your response to this question, why is the NIST Risk Management Framework important to you? Is it a mandatory course or action, or are you here because you believe in the power of pro-active, technical, and operational security across your organization? Maybe both? Now, what level of professional experience with information and network security do YOU possess…

IOT Devices within Business/Home Environment

Section 1) Introduction

As devices continue to develop wireless and internet capabilities, the internet of things (IOT) becomes dense with new endpoints. These devices and access points range in security strength, leaving many vulnerable. Threat actors are not ignorant to this trend, in fact they are in favor of it. Cybercriminals are on the cutting edge of tools used to breach networks and have reached the point of automation with these attacks. These factors led to IOT devices having a 32.72% rate of infection across all platforms in 2020, nearly doubling the stat from 2019. The bottom line is the more devices visible on the internet, the more infections that will occur. Negligence to the state of the current cybersecurity climate will only magnify these results. Preparedness is the best response to a security threat; most organizations have wireless devices but are not ready to deal with a threat actor. To evaluate how this information could affect your organization consider questions like: where are your facilities wireless boundaries? What could an adversary want from you? Security makes use of borders, gates, fences and walls; are yours as seamless digitally as they are physically?…

Insider Threat

Introduction

Companies all over the world and throughout the United States suffer massive costs from insider threat by people in positions of trust. These individuals have the potential to misuse access knowingly or unknowingly to networks within an organization. Insiders or individuals within an organization have caused more damage to the organization itself than known outside threats.

The Department of Defense (DoD) Counterintelligence and Security Agency (DCSA)1 defines insider threat as: Acts of commission or omission by an insider who intentionally or unintentionally compromises or potentially compromises DoD’s ability to accomplish its mission. While this definition is applied to the DoD, it’s the same damage to other agencies and private companies which harms finance, trust, and security throughout the world…

Cyber Risk

Cyber attacks are in the news again, am I at risk?

Introduction

You may be tired of hearing it but data IS the currency of digital era. As with all forms of currency, Criminals want to steal it, Governments want to regulate it, and Businesses are having to learn to protect it. Cyber attacks are no longer only the concern of Cybersecurity professionals. Consumers are concerned with how their data is used and sold, while governments are beginning to regulate how businesses store and use data that they collect. This means that cyber risk is becoming more important when calculating business risk. The average attack costs $3.92 million, and regulators can assess fines without an attack taking place.1 Like all risk Cyber risk has to be accepted, mitigated, and anticipated. Cyber risk effects both businesses and individuals, so while this article will discuss business networks the risk exists on home networks as well. Covid-19 has forced many industries to adopt work from home policies that connected employees home networks and business networks, increasing the attack area for cyber threats…