S O LT RA | A N F S - I S A C D TC C C O M PA N Y

www.soltra.com

Threat context

CY

BE

R S

EC

UR

I TY

PA

NE

L

TLP WHITE

EXTERNAL THREATS GROWING

117,339 incoming attacks every dayThe total number of security incidents detected by respondents climbed to 42.8 million this year, an increase of 48% over 2013.

Findings from The Global State of Information Security Survey 2015 Graphic Source: PwC

TLP WHITE

S O LT RA | A N F S - I S A C D TC C C O M PA N Y

Fun• Technicall

y curious individual

s

Fame• Technically adept

groups leaving their mark on

public websites

Fortune• Cyber criminals

and organized gangs stealing money, data

ransom schemes and competitive

information

Force• Nation states and non-

nation state groups launching targeted attacks for strategic

purposes

EVOLUTION OF CYBER ATTACKSCyber Threats on the Private Sector

2010

2001

2004

1988

Academic

“Script Kiddies”

Commodity Threats

Advanced Persistent Threats (APT) – Targeting government entities

APT– Targeting private sector

Nature of Threat

TLP WHITE

S O LT RA | A N F S - I S A C D TC C C O M PA N Y

WHO ARE THE ADVERSARIES?Attacker Motivation, Capability & Intent

Cri

min

als •Money

•Money•And more money

•Large number of groups

•Skills from basic to advanced

•Present in virtually every country

•Up to $$$

Hackti

vis

ts •Protest•Revenge

•Large number of groups

•Groups tend to have basic skills with a few 'standout' individuals with advanced technical and motivational skills"

•Up to $ -$$

Esp

ion

ag

e •Acquiring Secrets for national security or economic benefit

•Small but growing number of countries with capability

•Larger array of ‘supported’ or ‘tolerated’ groups

•Up to $$$$+

War •Motivation is to

destroy, degrade, or deny capabilities of an adversary

•Politics by other means

•Small but growing number of countries with capability

•Non-state actors may utilize ‘war’ like approaches

•Up to $$$$$ ?•…but, a lot less expensive than a nuclear weapon

$ - Under thousands$$ - Tens to hundreds of thousands$$$ - Millions$$$$ - Tens to hundreds of millions$$$$$ - Billions

August 2014

TLP WHITE

S O LT RA | A N F S - I S A C D TC C C O M PA N Y

THE NEED FOR SPEEDAttackers Act 150x Faster Than Victims Respond Minutes vs. Weeks/ Months

Initial Attack to Initial

Compromise(Shorter Time

Worse)

Initial Compromise to

Data Exfiltration(Shorter Time

Worse)

Initial Compromise to Discovery

(Longer Time Worse)

Seconds

Hours Days Weeks Months

10% 12% 2% 0% 1%

14% 25% 8% 8%

0% 0% 2%

Defenders take a long time to feel the impact of an

attack

Attackers have honed their skills to come at you

rapidly

13% 29% 54%

Minutes

75%

8% 38%

TLP WHITE

S O LT RA | A N F S - I S A C D TC C C O M PA N Y

CHANGING THE ECONOMICS

Cyber Warfare Symmetry

Cost to Defend

Cost to Attack

Policy Effectiveness

Advantage: DefendersAdvantage: Attackers

Cost

Min

Max

Future State of Cyber-Symmetry(Only Most Advanced Can Play)

Current State of Cyber-Symmetry(Unsophisticated Adversaries Can Play)

Cost to Firms The current cost to process a

single piece of intelligence is 7 hours. Equal to 2014 =$100m;

2015 = $1b; 2016 = $4b

Cost to Adversaries Adversaries must “re-tool” much

more often and their exploits cause less damage

Risks from Cyber Threats

Frequency and impact of threats decrease while higher adoption leads to exponential benefits