Information Security and Cyber Threats
Information Security and Cyber Threats
Information Security and Cyber Threats
Countermeasures
Landscape
Presented by: Anjum Nazir
Sr. Network Security Analyst (UBL)
Security Consultant / Trainer (Geeks Hub)
Presentation Overview
• Key Terminologies
• Traditional Threat Vectors
• Modern Threats - Advance Persistent Threats
(APT)
• Conventional / Advance Security Approach
• Countermeasures
• Key Components of an Effective Security Program
• Questions?
Key Terminologies
• Vulnerability
– Software flaws, bugs, weaknesses, logic design or
implementation errors that could lead to un-expected and
undesirable results
• Exploit
– A piece of code or software that can take advantage of a
bug, vulnerability or weakness of the system leading to un-
authorized access, privilege escalation or denial of service
Key Terminologies (2)
• Attack
– An attack occurs when a system is being
compromised due to vulnerability.
– Many attacks are perpetuated via an exploit.
• Threat
– An environment or situation that could lead to a
potential security breach.
Traditional Threat Vectors
“stealth” / advanced Tools
scanning techniques
Comm written
Awareness
EDUCATE Programs
General Training Specialized Training
Asset ID and
DOCUMENT Policies Standards Procedures
Classification
Dedicated Roles and Security Asset Risk Management
MANAGE ISO Responsibilities Skills (Life Cycle Approach)
Strategic Cross-Functional
Charter Funding
PROGRAM Planning Security Oversight
Executive Commitment
Questions?