Hi [[ session.user.profile.firstName ]]

The Importance of Attribution Against Today's Cyber Adversaries

Without the right context and perspective to a situation, you cannot make an unbiased and fair decision. Any decision maker needs a 3D view of a situation to make informed decisions and opinions. It is similar in the security industry, if you have no context and you are not aware of the who, what, why and when in terms of a cyber attack then how do you know what to prioritise and where potential gaps maybe. This has never been more prevalent than during todays cyber threat landscape, attacks are becoming so sophisticated and specifically targeted that the right threat intelligence is absolutely key in surviving and being able to attribute correctly in your security strategy.

So why is attribution so important?
With the sophistication of todays cyber attacks its is almost impossible to expect a security manager to be able to stop all of them, so in the event of a breach it is important to have the intelligence to allow the security manager to establish the depth of an attack.
With so many alerts that organisations have to deal with on a daily basis, how do you know which ones ones are false positives and which ones to pay attention too? How do you differentiate in the crowds to find that one alert that should be stopped.
Should you "trust thy neighbour" in the world of cyber? Having the right technology, intelligence and expertise in place ensures you know exactly who is attacking you and why and how you can ensure you and your organisation is not a target again.
Recorded Apr 21 2016 49 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Stuart Davis, Mandiant Director
Presentation preview: The Importance of Attribution Against Today's Cyber Adversaries
  • Channel
  • Channel profile
  • Cyber-Krisen Management in Twitter Geschwindigkeit Nov 11 2016 1:00 pm UTC 45 mins
    Martin Krumboeck, Senior Consultant, Mandiant
    Stellen Sie sich folgendes vor: Sie sind in der Geschäftsführung und haben erfahren, das Cyber Kriminelle die Systeme Ihres Unternehmens komprimiert haben. Haben Sie einen Krisen-Kommunikationsplan bereit zur Sicherstellung, dass die richtigen Akteure zur richtigen Zeit informiert werden, um die Auswirkungen zu verringern?

    Kein Sorge, Sie sind nicht allein!
    Obwohl die meisten Unternehmen einen Krisen-Kommunikationsplan für andere Ereignisse haben, sind viele doch eher schlecht vorbereitet, wenn es um die Kommunikation, vor und nach einem Cyber Angriff, mit internen und externen Interessenvertretern geht.

    Nehmen Sie an diesem Webinar teil, wo Martin Krumboeck, Senior Consultant bei Mandiant, erörtert:
    -Wie man einen Krisen-Kommunikationsplan erstellt
    -Wann und Wie werden Kunden informiert
    -Wann und Wie sollte auf Medienanfragen reagiert werden
    -Wie kann sich das Senior Level vorbereiten
    -Wie der richtige Plan, die Auswirkungen eines Angriffs reduzieren kann
    -Reale Fallstudien, welche die Auswirkungen aufzeigen, wenn ein Cyber Krisen-Management-Plan vorhanden ist
  • Data Protection: Going Beyond Encryption and Residency Nov 9 2016 2:00 pm UTC 45 mins
    Josh Goldfarb, VP, CTO - Emerging Technologies, FireEye, Inc.
    When many people think about data protection, they tend to think about a few different things. Encrypting data at rest. Encrypting data in transit. Data residency requirements. Unfortunately, attackers do not abide by these best practices and regulations. When attackers gain access to sensitive, confidential, and proprietary information, that data often ends up in places it shouldn’t. Monitoring for and quickly containing and remediating theft of critical data is an oft-overlooked but no less important piece of the data protection puzzle.
  • Understanding the European NIS Directive Oct 26 2016 12:00 pm UTC 45 mins
    Nathan Martz, Principal Strategic Consultant, Central Europe, Mandiant
    The European Cybersecurity policy - the Network Information Security (NIS) Directive - is about to become the new law that sets security standards for many organisations across Europe.

    Recent research carried out by FireEye shows that many organisations are not fully prepared to implement the legislation, which comes into effect in less than two years' time, and it is critical these organisations begin preparing now to be in compliance and not be caught unprepared.

    In this webinar, Mandiant’s Nathan Martz, Principal Strategic Consultant for Central Europe, will cover:
    -The basics of the European Cybersecurity policy - the Network Information Security (NIS) Directive
    -Timeline, key components and possible penalties for noncompliance
    -Practical recommendations on compliance and security standards to keep your company prepared

    We look forward to welcoming you to the webinar.
  • Cyber-crisis Management at the Speed of Twitter Recorded: Oct 18 2016 42 mins
    Vitor De Souza, VP, Global Communications, FireEye
    Imagine this scenario: you’re a business leader, and you learn that cyber attackers have compromised your organisation’s systems. Do you have a crisis communication plan in place to ensure the right stakeholders are informed at the right time to reduce impact?

    Don’t worry you’re not alone. Although, most organisations plan for crisis communications for other incidents, many are ill-prepared when it comes to communicating with internal and external stakeholders during and after cyber attacks.

    Join this webinar, where Vitor De Souza, VP Global Communications at FireEye, will discuss:
    •How to create a cyber crisis communication plan
    •When should customers be told and how they will be informed
    •How and when to respond to media queries
    •How to prepare the c-suite
    •How the right plan can reduce the impact of a data breach
    •Real-life case studies showing the impact of having a cyber crisis management plan in place
  • State of the Hack: Nordics Recorded: Sep 28 2016 49 mins
    Jens Monrad, Senior Intelligence Account Analyst, FireEye iSIGHT Intelligence
    The cyber threat landscape has never been more dynamic, than what we are seeing today. With an expanding surface area for attacks and a cybercriminal ecosystem worth billion of dollars on a global scale, cybercriminals are constantly pursuing new methods to obtain financial funds.

    It is no different in the Nordics – a region that is well known for its natural resources, innovations in renewable energy and healthcare, proximity to the Arctic, and emphasis on transparency in government is also a prime target for cybercriminals. These unique attributes make the region a prime target for cyber threat groups looking to capitalize on Nordic countries’ robust economies and distinct geopolitical concerns.

    Join Jens Monrad, Senior Intelligence Account Analyst at FireEye, who will discuss:

    * The Threat Landscape in the Nordics
    * Trends and Insights in Malware detections across the Nordics
    * Geopolitical situations which can influence the threat landscape in the Nordics
    * How having accurate and enriched threat intelligence can enable organisations to make tactical, operation and strategic decisions.

    Register today and learn what tools, processes and information organisations need in order to allow them to fully reconstruct the attack scenario and help make the right decisions based on the attack, as well as prepare for the next one.
  • I-SOC, gérer la sécurité de manière proactive grâce à l'intelligence Recorded: Sep 23 2016 46 mins
    David Grout, Technical Director, Southern Europe, FireEye
    Les SOC D’aujourd’hui se détournent de leur métier de base en devenant des centres de gestion d’alertes. Nous vous présenterons comment l’apport de la cyberveille peut permettre aux équipes de passer d’un mode réactif qui gère des alertes à un modèle proactif axé sur la chasse aux indicateurs et aux groupes d’assaillants présents sur vos environnements IT.
  • Enterprise Incident Response Through a Lens Recorded: Sep 20 2016 49 mins
    Stuart Davis, Director, Mandiant
    Join Stuart Davis – Director, Mandiant Consulting a FireEye company in this webinar to see how a real life organisation responded to a recent cyber breach involving an advanced cyber threat group (APT). Stuart will explain what happens when an organisation does not have the resources or skills to respond to cyber threat activity and will address how a third party incident response team can extend the internal CSIRT capabilities. He will walk through the stages of Mandiant Consultings enterprise incident response, show how cyber threat intelligence can enrich the information at hand to help these cyber investigators and finally discuss how remediation plans can be put in place to help contain an incident and bring the organisation back to normal business operations.
  • Ein Tag im Leben eines Analysten eines Security Operation Centers (SOC) Recorded: Sep 8 2016 40 mins
    Sven Schriewer, Director, FireEye as a Service, FireEye
    Was macht überhaupt ein Analyst? Welche Abläufe finden wie statt? Welche Unterstützung benötigt ein Analyst, um effektiv zu sein. Und und und … .

    Möchte man ein SOC auf- oder ausbauen oder eine entsprechende SOC Aktivität extern unterstützen lassen, stellen sich solche und viele andere praktische Fragen. Wir geben einen Einblick, wie FireEye Analysten aus unserem SOC tagtäglich arbeiten. Ein Security Analyst berichtet von seiner täglichen Arbeit, wie er Angreifer im Zusammenspiel mit Spezialisten, Technologie und Intelligence identifiziert und Empfehlungen zur Abwehr gibt. Der SOC Direktor erläutert, wie die Analysten unterstützt und koordiniert werden.
  • Exploring Russia’s Cyber Operations Recorded: Sep 7 2016 47 mins
    Nick Rossmann, Senior Manager for Production, FireEye iSIGHT Intelligence
    Russia has a long history of utilising cyber actions to accomplish their information operations and national security goals. Organisations in Europe – in the private and public sector – are a top target of Russia-based cyber activity for espionage and crime. This talk will cover how some of Russia’s recent cyber actions were conducted, and it will highlight how well Russia has embraced the opportunities cyber provides when it comes to national security and foreign policy objectives. Dan McWhorter, Chief Intelligence Strategist at FireEye, will also discuss why organisations need to take note of these activities in Russia and steps to ensure your organisation is able to defend against these threats.
  • S'entraîner, se préparer, se juger, réagir face aux attaques ciblées Recorded: Sep 2 2016 45 mins
    David Grout, Technical Director, Southern Europe, FireEye
    Aujourd’hui la question n’est plus “vais-je être victime d’une attaque ou d’une tentative d’attaque ? » mais plutôt « quand vais-je l’être ? ». Comme pour le sport de haut niveau, la gestion de la sécurité d’une infrastructure nécessite de la préparation, de l’entrainement et de la compétition. Fort de notre expérience en victimologie avec nos équipes Mandiant et de notre vision des groupes d’attaquants à travers Isight Partners, nous avons mis en place différents programmes qui vous permettent d’être prêt le jour J et de régir le cas échéant. Venez découvrir comment nous pouvons vous accompagner dans toutes les phases amont et aval à travers nos prestations de consulting.
  • Thunderstorm in the Cloud Recorded: Aug 26 2016 37 mins
    Mathias Fuchs, Senior Incident Response Consultant, Mandiant
    Immer größer wird die Anzahl der Unternehmen die ihre IT-Services teilweise oder ganz an Clouddienstleister abgeben. Dies führt zu einem erhöhten Aufwand und einigen Komplikationen wenn es zu Sicherheitsvorfällen kommt.
    In diesem Webinar präsentiert Mathias Fuchs Strategien wie Unternehmen trotzdem effizient Sicherheitsvorfälle untersuchen und eindämmen können. Anhand einer Fallstudie wir gezeigt wie sich cloudbasierte Untersuchungen von herkömmlichen unterscheiden.
  • Hunting for Threats: tips and tricks for SOC experts Recorded: Aug 23 2016 49 mins
    Matias Bevilacqua, Mandiant Principal Consultant
    Many Security Operation Centers operate in a reactive mode. They primarily respond to alerts that are being presented to them by implemented detection technologies. And we all know alerts are generated in overwhelming volumes, severely crippling SOC’s effectiveness and efficiency. Today’s threat landscape requires SOCs to operate ever more proactively to keep up with the threat actors. More and more SOCs therefor are actively ‘hunting’ for threats that may be residing in the environment they are to defend. ‘Hunting' however requires a different approach from the traditional, reactive mode, not least for the SOC experts themselves.

    Join Matias Bevilacqua, Mandiant Principal Incident Response Consultant, as he discusses tips and tricks for hunting for those lurking threats: what to look for, what tools to use, etc.? You will leave the session with some hands-on material to start turning over stones and uncover threats you never knew were there.
  • Intel & Threat Analysis – The Defensive Duo Recorded: Aug 10 2016 41 mins
    Jens Monrad, Global Threat Intelligence Liaison, FireEye; Al Maslowski-Yerges Manager, Americas Systems Engineering
    The ongoing battle with cybercrime is asymmetric. You’ve invested millions in protection technology but unknown attackers still find a way in. So how do you stay ahead of the curve?

    "The core problem is that most cyber security tools do not make a distinction between everyday malware and advanced targeted attacks. If security tools cannot tell the difference, security teams have no way of prioritizing the alerts that matter the most."

    Join Jens Monrad, Global Threat Intelligence Liaison from FireEye in this webinar that will discuss:

    •How to ensure you are responding to the alert that matters

    •Benefits of Alerts with threat Intelligence

    •Using threat intelligence to think like your attacker

    •How to apply threat intelligence, expert rules and advanced security data analytics in order to shut down threats before they cause damage

    •How security teams can prioritize and optimize their response efforts.
  • Erhalten Sie Einsicht in die größten Cyberangriffe in EMEA im Jahr 2015 Recorded: Jul 19 2016 47 mins
    Mathias Fuchs, Senior Incident Response Consultant bei Mandiant
    Dieses Webinar verdeutlicht Ihnen, unterstützt von wichtigen Trends, Statistiken und Anwenderberichten, die Entwicklung der raffinierten Cyberangreifer und ihrer Angriffsstrategien im vergangenen Jahr in EMEA.

    Registrieren Sie sich für das Webinar und lassen Sie sich von Mathias Fuchs, Senior Incident Response Consultant bei Mandiant, die wichtigsten Erkenntnisse aus diesem Report erläutern. Außerdem zeigt er Ihnen, wie Sie sich optimal auf einen Cyberangriff vorbereiten und im Falle eines Vorfalls richtig reagieren.
  • Next Gen Security: Utilising Threat Intel Recorded: Jul 13 2016 43 mins
    Josh Golfarb, CTO of Emerging Technologies, FireEye
    CISOs and senior IT executives have to make tough choices, deciding among competing budget requests for programs, staff, technology and services. They have to make critical choices about which strategic investments to make toward reducing risk. In order to make these choices, they have to prioritise threats relevant to their specific enterprise, which requires sifting through a continuous deluge of reports, analysis and hyperbole from media, analysts and vendors.

    Join this live webinar where Josh Golfarb, CTO of Emerging Technologies, presents an overview of the threat landscape, and introduces a practical foundation for building an intelligence-led security program aimed toward reducing risk to the enterprise.
  • Using the power of threat Intelligence with the board Recorded: Jul 7 2016 46 mins
    Richard Turner - President EMEA, FireEye & Daniel McWhorter, Chief Intelligence Strategist, FireEye
    Today, CEOs and board members are bombarded with media reports about cybercriminals, hacktivists, and catastrophic data breaches. CISOs and senior IT executives need to be proactive about keeping top executives informed about genuine threats to the enterprise and why the IT organisation is investing in specific programs, technologies and staff.

    Threat intelligence can help CISOs and senior IT executives communicate with non-technical top executives in terms of risks and threats to the business and the financial and political goals of threat actors. It can help them respond quickly and accurately to questions about incidents publicised in national and industry media, as well as cybersecurity priorities. When incidents occur, threat intelligence can help IT executives better inform the CEO and board about potential responses, so everyone can agree on appropriate next steps

    Join Richard Turner, EMEA President and Dan McWhorter, Chief Intelligence Strategist in this live webinar for an inside look at how Cyber Threat Intelligence can help executives assess and communicate strategic risks threatening their business.

    Learn how to better:
    - Identify and prioritize real threats relevant to your enterprise amidst a deluge of media, reports and false alarms.
    - Communicate risks, threats and response in terms top-level executives understand.
    - Assess the risk of new initiatives to strategically direct investments in people, programs and technology that minimize corporate exposure.
    - Prevent and predict evolving cyber threats by exposing the means, motives and technologies behind threat actors known to target your industry.
  • Automatiser son SOC : une obligation Recorded: Jul 1 2016 40 mins
    Philippe Vialle, Channel PreSales Systems Engineer, FireEye
    Les SOC sont aujourd’hui soumis à une pression incroyable : toujours plus d’alertes, toujours plus de technologies et moins de ressources pour les traiter. A l’arrivée, le SOC d’aujourd’hui se retrouve à travailler en mode réactif avec des équipes qui se concentrent sur des tâches répétitives qui pourraient être automatisées. L’automatisation et la sécurité ont toujours été deux mots qui ont eu du mal à cohabiter, par peur, par habitude, par hésitation. Néanmoins le constat est là, l’automatisation dans le SOC est un passage obligatoire. Venez découvrir comment FireEye Orchestrator, avec ses playbook et ses workflows automatisés, peut redonner du temps à vos ressources et vous accompagner dans la croissance de votre SOC.
  • Risikominimierung durch Security Rightsizing Recorded: Jun 30 2016 49 mins
    Frank Koelmel, VP Central and Eastern Europe bei FireEye
    Viel zu häufig werden einfach neue Technologien gekauft, um „die Mauern zu erhöhen“ und damit das Sicherheitsniveau zu verbessern. Es ist jedoch erwiesen, dass diese Art von Investitionen nicht den gewünschten Effekt bei der Vermeidung von Datenlecks haben. Eine aktuelle Studie von Mandiant zeigt, dass 97% der befragten Unternehmen bereits Opfer von Datenschutzverletzungen waren. Was sollten Organisationen also tun?

    In diesem Webinar erläutert Frank Koelmel, VP Central and Eastern Europe
    bei FireEye, folgende Fragen:

    - Mit welchen Methoden können Sie die Risiken für Ihr Unternehmen bewerten und diese ins Verhältnis zu den Security-Ausgaben setzen?
    - Was sind die wichtigsten Schritte hin zu einer risikobasierten Sicherheitsstrategie?
    - Wie und wo haben Ihre Investitionen in IT-Sicherheit den größten Effekt?
    - Welche Arten von Managed Services helfen Ihnen, einen großen Teil der Herausforderungen zu lösen? Was kann outgesourced werden,
    was muss intern gemacht werden?
    - Welche Risikomanagement-Modelle können Sie anwenden, um
    den Nutzen und die Total Cost of Ownership (TCO) der Security-Investitionen gegenüber Ihrem CIO zu demonstrieren?
  • How prepared are EMEA organisations in responding to a data breach? Recorded: Jun 28 2016 33 mins
    Bill Hau, VP Security Consulting Services, Mandiant
    Our Mandiant consultants have responded to and investigated many of 2015's biggest security incidents. The insights gained from these consultancies provide us with a unique vantage point when it comes to understanding the ever-evolving cyber threat landscape.
    This webinar will discuss key trends, statistics, and case studies to illustrate the evolution of the advanced threat actors over the last year in EMEA.
    Register for the webinar and join Mandiant's VP for Security Consulting Services, Bill Hau as he delivers the top findings from this report and explains how to prepare and respond to a breach when it occurs.
  • Uncovering The Middle East Banking Attacks Recorded: Jun 26 2016 46 mins
    Stuart Davis, Director, Mandiant
    FireEye’s Dynamic Threat Intelligence (DTI) has identified a wave of emails containing malicious attachments being sent to multiple banks in the Middle East region. The threat actors appear to be performing initial reconnaissance against would-be targets, and the attacks caught FireEye’s attention since they were using unique scripts not commonly seen in crimeware campaigns.

    FireEye now invites you to learn more about what happened from its Director of Mandiant Services in the Middle East. Stuart will elaborate on these targeted attacks, detailing the tools, tactics, techniques and procedures used as well as to discuss the intelligence gained from them to help you better protect your organisation against similar natured attacks now and in the future.
Security Re-Imagined
FireEye is the leader in stopping today’s advanced cyber attacks by combining the world most advanced technology, intelligence, and expertise. FireEye has over 2,200 customers across more than 60 countries, including over 130 of the Fortune 500.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: The Importance of Attribution Against Today's Cyber Adversaries
  • Live at: Apr 21 2016 1:00 pm
  • Presented by: Stuart Davis, Mandiant Director
  • From:
Your email has been sent.
or close