Defining The Scope
- Embedding human security as a part of organization culture
- Empowering and enabling every individual
Understanding The Attack Surface & Risks
- Expansion of attack surface due to merging of official and personal spaces
- Non-obvious attack surface – IoT, BYOD
- Agentless malware
- Spear phishing
- Management is more vulnerable
- Identity theft
- 3rd and Vendor’s people risk
- APT/Ransomware
- Insider threats
- Complacency as a major cause
Strategies / Principles
- Getting management alignment …and budget
- Utilize Training budget
- Define responsibilities set the KRAs/KPIs
- Specialized training especially for the top management
Framework (In PPT)
Parameters include Identify, Protect, Detect, Respond, Recover
Identify
- Process
- Identify most vulnerable users and key person
- Compromise assessment
- Red teaming with social engineering
- Take audit and incident inputs
- Metrics Program
- Technology
- Phishing simulating technology
- Vulnerability/Threat scanning for users, bad domains, spear phishing
- Regular measurement and reporting
Protect
- DMARC/DKIM/SPF
- Awareness/Training
- Anti-APT
- Anti-Spear phishing solutions
- MFA
Detect
- Detect incidents
- UEBA/UAM
- Honeypots/Deception
- SOC/SIEM
- Actionable Threat intel (Internal+External)
- Email security solutions
- Sandboxing, AI, Threat intel sources, ease of management,Spam filters, Geo-tagging
- Ease of reporting/Multi channel
- Web filtering
Respond & Recover
- Crisis management training+playbook+simulations
- Breach reporting and compliance reporting
- BCP/DR testing
- IR playbooks specific to human centrics attacks
- Continuous Backups+resotration
- Email forensics
- Compromise assessment
- Cyber insurance
Detailed Presentation
Comments