Scribd Logo
Upload

Welcome to Scribd!

  • 14 views

    Overview of Threat Landscape

    Uploaded by

    Elijah
    The document provides an overview of the threat landscape, including different types of hackers (black hat and white hat) and how hackers target organizations. It discusses how organizations should protect themselves using a defense in depth approach across their security chain of people, processes, and technologies. It also covers legal and regulatory compliance needs like the EU GDPR and developing a cybersecurity program. Finally, it outlines steps to build a cybersecurity profile such as understanding an organization's security posture, prioritizing risks, creating current and target profiles, identifying gaps, and implementing an action plan.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content

    You might also like

    Overview of Threat Landscape

    Uploaded by

    Elijah
    14 views13 pages
    The document provides an overview of the threat landscape, including different types of hackers (black hat and white hat) and how hackers target organizations. It discusses how organizations should protect themselves using a defense in depth approach across their security chain of people, processes, and technologies. It also covers legal and regulatory compliance needs like the EU GDPR and developing a cybersecurity program. Finally, it outlines steps to build a cybersecurity profile such as understanding an organization's security posture, prioritizing risks, creating current and target profiles, identifying gaps, and implementing an action plan.

    Original Description:

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The document provides an overview of the threat landscape, including different types of hackers (black hat and white hat) and how hackers target organizations. It discusses how organizations should protect themselves using a defense in depth approach across their security chain of people, processes, and technologies. It also covers legal and regulatory compliance needs like the EU GDPR and developing a cybersecurity program. Finally, it outlines steps to build a cybersecurity profile such as understanding an organization's security posture, prioritizing risks, creating current and target profiles, identifying gaps, and implementing an action plan.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    14 views13 pages

    Overview of Threat Landscape

    Uploaded by

    Elijah
    The document provides an overview of the threat landscape, including different types of hackers (black hat and white hat) and how hackers target organizations. It discusses how organizations should protect themselves using a defense in depth approach across their security chain of people, processes, and technologies. It also covers legal and regulatory compliance needs like the EU GDPR and developing a cybersecurity program. Finally, it outlines steps to build a cybersecurity profile such as understanding an organization's security posture, prioritizing risks, creating current and target profiles, identifying gaps, and implementing an action plan.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    of 13

    Overview of

    Threat

    Landscape

    03.10.2022
    Date and time

    Photo by Edgar Moran on Unsplash


    Table of contents

    1 Overview of Threat Landscape


    2 Legal & Regulatory Compliance
    3 Building a Cyber Security Business Profile
    1 Overview of Threat Landscape
    Overview of Threat Landscape

    Know Your Hackers

    Target organisations to obtain unauthorised access, take


    Black Hat
    illegal and unethical actions, and cause harm
    Hackers

    Legally and ethically hired and granted access to track


    White Hat potential risks and vulnerabilities to protect the
    Hackers organisation
    Overview of Threat Landscape

    Becoming the Target

    Reconnaissance Scanning Gaining Maintaining Covering Tracks


    Access
    Overview of Threat Landscape

    Protecting an Organization
    Security Chain
    1.People
    2.Processes
    3.Technologies

    Hackers evaluate the security chain the find the weakest link
    to easily achieve their goals. Thus, Organizations must have a
    Defense in Depth approach when protecting their assets,
    people, processes, and technologies.
    2 Legal & Regulatory Compliance
    Legal & Regulatory Compliance

    EU GDPR (Regulation)
    Understanding the laws available and application for your organization is a must.

    Applicability:
    Businesses that collect, process, or store any
    EU citizen’s personal data, regardless of the company’s
    physical location or country, must comply with the EU
    GDPR.

    Self Assessment:
    Does the EU GDPR apply to your business?
    What type of data from EU citizens does your business collect, process, or store?
    Is any of that data collected, processed, or stored outside the EU?
    Legal and Regulatory Compliance

    Cybersecurity Program Development

    Frameworks
    Understanding the governance/frameworks available and application for your organisation is a
    must.

    As part of IT Governance, due care, and due diligence, an organization needs to implement or
    improve a cybersecurity program to protect its business. The following frameworks allow an
    organization to use industry-standard, widely accepted-and-used frameworks.
    NIST CSF
    ISO/IEC 27000 Series
    COBIT
    ISO/IEC 38500
    3 Building a Cyber Security Profile
    Building a Cyber Security Profile

    Understanding Organization’s Security

    Posture Prioritize and Scope

    Orient

    Create a Current Profile

    Conduct Risk Assessment

    Create a Target Profile

    Determine, Analyse and Prioritise Gaps


    Implement an Action Plan


    “ A single breach of data can put an

    organization out of business within a few short

    months is important because it


    Cybersecurity
    protects all categories of data from theft
    Cyber security is everyone’s responsibility,

    and damage
    and everyone has a role to play in keeping

    sensitive data safe from attackers


    THANK YOU!

    You might also like