Hi [[ session.user.profile.firstName ]]

Why Targeting Is the Next Big Trend in Attacks

While we will never see the end of generalized mass attacks, the real damage is being done through highly targeted attacks. In discussing why targeted attacks are so effective and economically advantageous to the attacker, we'll learn why that trend is likely to continue. Timely case studies of targeted and integrated attacks will contribute to understanding the trade-offs for the adversaries. Some suggestions for countermeasures against this strategy will be provided.
Recorded Nov 4 2016 43 mins
Your place is confirmed,
we'll send you email reminders
Watch for free
Presented by
Dr. Lance Cottrell, CISSP®, Chief Scientist, Ntrepid Corp.
Presentation preview: Why Targeting Is the Next Big Trend in Attacks
Related topics:

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile

(ISC)2 Think Tank

  • Using MITRE ATT&CK In Cloud and Hybrid Environments Mar 5 2020 6:00 pm UTC 60 mins
    Vince Stross, Princ. Security SE, ExtraHop; Blake Strom, ATT&CK Leader, MITRE; Chip Wagner, Cybersecurity Leader, IBM
    The MITRE ATT&CK Framework provides an excellent structure for security professionals to identify the strengths and gaps in their ability to detect attacker tactics, techniques, and procedures (TTPs) in the environment. The framework is applicable for cloud, on-premises, and hybrid environments. Join ExtraHop and (ISC)² on March 5, 2020 at 1:00PM Eastern for a discussion on the MITRE ATT&CK Framework as we look at:

    • How to get the most value from the MITRE ATT&CK Framework in a hybrid environment

    • How upcoming changes in MITRE ATT&CK may affect utilization of the framework by SecOps teams

    • How MITRE ATT&CK fits into an overall framework-driven strategy for improving detection coverage and security maturity in hybrid enterprises of all sizes.
    Save your seat
  • The Blame Game: Does Attribution Matter? Recorded: Feb 6 2020 58 mins
    John McClurg, Senior VP & CISO, BlackBerry; John McCumber; Matt Waddell; Brandon Dunlap (Moderator)
    You’ve been attacked and you’re defending your organization against the intrusion. Do you need to know who’s behind the attack, and why they’re targeting you? here have always been two schools of thought in response to this question. One school of thought believes that attributing the attack to a threat actor, i.e. attribution, is less important than figuring out how your defenses failed and focusing your efforts on mitigating the attack. The other school believes that identifying who the attackers are can help to inform the way an organization protects against such incidents. In the current geopolitical context, have the tides turned in favor of one or the other approach as the global security community grapples with an increasing volume of state-sponsored attacks? Is how the better question than who? Join BlackBerry Cylance and (ISC)2 on February 6, 2020 at 1:00PM Eastern for a discussion on attribution. We’ll debate the merits of both schools of thought and examine the possible costs and advantages of each approach.
    Watch now
  • Walking on the Wild Side: Exploring the Attacker Underground Recorded: Jan 30 2020 57 mins
    Tarik Saleh, DomainTools; Aamir Lakhani; Ju-Lie McReynolds; Brandon Dunlap, Moderator
    You don’t have to visit the dark web to find a black market where attackers and other bad actors trade information and can acquire tools & services that they can use to compromise your organization. Examples include things like Packer services (crypters, binders and packers), Malware services (RATs and silent doc kits) and Infrastructure services (such as VPSs, Domains and Shells). Join Domain Tools and (ISC)2 on Thursday, January 30, 2020 at 1:00PM Eastern for a discussion of attacker underground economy, how attackers see success with these tools and services and what defenders need to know to combat these threats.
    Watch now
  • Hijacked! The Perils of Business Email Compromise Recorded: Jan 16 2020 59 mins
    Ryan Terry, ProofPoint; Derrick Butts, Truth Initiative; Michael Weisberg, Garnet River, LLC; Brandon Dunlap (Moderator)
    According to the FBI’s Internet Crime Complaint Center, Business Email Compromise (BEC) resulted in more than $26 Billion in losses since 2016. Bad actors impersonating or using stolen trusted identities use a variety of attack vectors to defraud targets out of money and sensitive information. The problem is only getting worse, as these attacks are increasing due to a larger attack surface and the ability to move quickly through an organization. Detection can be difficult. What can be done to combat this fast growing and moving threat? Join ProofPoint and (ISC)2 on January 16, 2020 at 1PM Eastern for a Roundtable discussion on BEC, the threats it poses and strategies to defend against it.
    Watch now
  • All Together Now – Using Security Orchestration for Better Incident Response Recorded: Dec 19 2019 60 mins
    Nick Tausek, Security Research Engineer, Swimlane; Nate Zahedi; Lucie Hayward; Anne Saita, Moderator
    Most security departments suffer from the same issue – too many security alarms and not enough personnel to deal with them. Security Orchestration, Automation and Response (SOAR) can help by integrating your disparate tools and using modular workflows and playbooks to make incident response more effective by replacing the manual process. In many cases, the faster you respond and mitigate, the better your security posture. Join Swimlane and (ISC)2 on December 19, 2019 at 1:00PM Eastern for a discussion on SOAR and automated incident response and how this proactive approach can improve your security.
    Watch now
  • Hoodwinked! Why Users are the Preferred Target for Attackers Recorded: Nov 21 2019 60 mins
    Mark Guntrip, Group Prod. Mktg Director, ProofPoint; Chrysa Freeman, Sec Awareness Mgr., Code42; Charles Gaughf, (ISC)²;
    Manipulation of human beings has been going on since the dawn of time. With the multiple channels and speed that information and data are arriving to every individual, the opportunity to be manipulated or “conned” is at an all-time high. With the continued diligence in hardening system, the attackers have moved to the softer targets, the “human element”. But an educated and aware user is a resilient target. What can an organization due to better harden their users and make them aware of the myriad threats that target them? Join Proofpoint and (ISC)2 on November 21, 2019 at 10:00 AM PST/1:00 PM EST for a panel discussion on how to better defend against threat actors with a cybersecurity strategy that's focused on your organization's most valuable assets: your people.
    Watch now
  • Not Just Another Acronym: The Resurgence of PKI Recorded: Nov 14 2019 61 mins
    Chris Hickman, CSO, Keyfactor; Dallas Bishoff, Managing Partner, MANUS360; Scott Stephenson; Sen Mgr & PKI Architect
    Public key infrastructure (PKI) has been a core building block of IT for more than two decades. Whether it is securing a network, sensitive data, or a growing number of API connected services, IT leaders have turned to PKI as a proven technology to establish trust in their business. Yet, despite vast coverage that spans across the enterprise today, most IT and security leaders do not fully understand why PKI has become so critical to protecting their business. Additionally, the emergence of IoT in the enterprise has created its own challenges. Join Keyfactor and (ISC)2 November 14, 2019 at 1:00PM Eastern/10:00AM Pacific for a discussion on the increasingly important role of PKI in the enterprise, how it has evolved, and why getting it right can make the difference between a highly secure environment and a serious breach.
    Watch now
  • Nice to Have or Have to Have? The Case for Cyber Insurance Recorded: Oct 10 2019 59 mins
    John Smith, Prin. Sec. Engr, ExtraHop; Sean Scranton, RLI Cyber; William Boeck, Lockton; Brandon Dunlap, Moderator
    More and more companies are offering cyber insurance policies to help mitigate the financial losses an organization might suffer from a cyber incident. With the increase in breaches, intrusions and ransomware incidents, cyber insurance could be right for your organization as a part of the risk mitigation strategy. But there’s a lot of confusion for organizations in determining what a company’s exposure is and what exceptions and exclusions might be in a policy. Organizations are almost forced to think like an underwriter to address these concerns. Join ExtraHop and (ISC)2 October 10, 2019 at 1PM Eastern for a discussion on cyber insurance, demystifying the current insurance landscape and what are the right questions to answer.
    Watch now
  • Bothersome Bots: Dealing with the Swarm Recorded: Sep 26 2019 59 mins
    Joe Martin, F5; Xena Olsen; Kevin Mcnamee, Nokia; Brandon Dunlap (Moderator)
    Automation has brought great advances to computing. But automation has also brought forth the bot. While some bots are beneficial, being able to determine the difference between humans, good bots and bat bots has become extremely difficult. Bot creators are making their creations more sophisticated and with bots making up most of the traffic on the internet, the identification of malicious bots and the defense against them is becoming critical for organizations of all sizes. Join F5 and (ISC)2 on September 26, 2019 at 1:00PM Eastern for a discussion on the application threats driven by bots, how they infect an enterprise and the role an advanced web application firewall can play in defending an organization.
    Watch now
  • Hardening Office 365’s Email for Better Security & Availability Recorded: Sep 19 2019 56 mins
    Matthew Gardiner, Dir. Enterprise Sec. Campaigns, Mimecast; Bruce Beam, CIO, (ISC)²; Tina Meeker, Beacon Infosecurity;
    Organizations of all sizes are accelerating their move to the cloud and are shifting critical applications such as email to Office 365 as a first step. The security and resilience of such a critical application is paramount for an organization’s communications, data availability, and governance strategies. Organizations experience a significant productively hit when their email or email-based data becomes unavailable. And of course, there are no shortage of phishing attacks which leverage email and target Office 365. How can you ensure the security and availability of Office 365’s email and better defend against those threats that can bring it down? What role does awareness play in securing the organization? Join Mimecast and (ISC)2 on Thursday, September 19, 2019 at 1PM Eastern for a discussion on the topic of security and availability, as well as strategies for moving such applications to the cloud more easily and securely.
    Watch now
  • The Power of 2: How Automated Threat Hunting & ATT&CK Can Work Together Recorded: Aug 15 2019 59 mins
    Jason Bevis, VP Global Threat Hunting, Cylance; Alex Holden, CISO/Pres, Hold Security, Chip Wagner, Sec Analytics, IBM
    Many organizations are so busy responding to and remediating indents that they don’t have the time, resources or framework for being proactive and searching for these threats. Automation (artificial intelligence or machine learning) can provide actionable intelligence quickly without being a resource drain. Pairing automation with a threat hunting framework like the MITRE ATT&CK can help to build an overarching strategy for addressing this critical area. Join BlackBerry Cylance and (ISC)² on August 15, 2019 at 1:00PM Eastern for a discussion on how to better and more quickly identify malicious behaviors and how a model of continuous improvement can benefit an organization.
    Watch now
  • Want to be a Better Blue Teamer? Think Like an Attacker! Recorded: Jul 25 2019 59 mins
    Tarik Saleh, DomainTools; Rob Armstrong, Mathan Cyber Security, LLC; Keith Young, Mont. Co., MD; Brandon Dunlap, Moderator
    “If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle.”
    – Sun Tzu.

    The ability to understand your adversary is always a good skill for any security practitioner to have. But beyond understanding, one really needs to know how an attacker thinks. This enables better defense and cooperation between “Blue Teams” and “Red Teams”. Join DomainTools and (ISC)² on July 25, 2019 at 1:00PM Eastern for a discussion on defense and protection, how an attacker thinks and goes about breaching your enterprise, and the trend in “Purple Teaming”.
    Watch now
  • Let’s Work Together! How to Drive SecOps and NetOps Collaboration Recorded: Jul 18 2019 59 mins
    John Smith, Princ Sales Eng, ExtraHop; Caroline Saxon, Sr Advisor to CIO, TSYS; Glenn Leifheit, Microsoft; B. Dunlap
    The siloed, standalone operations of security operations (SecOps) and network operations (NetOps) resulted in teams with their own culture, technologies, processes, skillsets and lexicons. When SecOps and NetOps each have their own tools and workflows, this results in slower detection and response, higher costs and an ineffective use of cybersecurity personnel. Security has also become complex, fast moving and critical to all organizations and it no longer makes sense for the two functions to remain siloed. Join ExtraHop and (ISC)2 on July 18, 2019 at 1:00PM Eastern for a discussion on how to increase collaboration between SecOps and NetOps and the benefits derived from that.
    Watch now
  • Delivering Security Awareness That Works Recorded: Jun 20 2019 57 mins
    Matt Sitelman, Mimecast; Shayla Treadwell, ECS Federal; Ashley Schwartau, Sec. Awa. Co.; Brandon Dunlap
    All organizations wrestle with their security awareness programs. It is clear that users need to be part of the solution and not just part of the problem. Many users however see these programs as “gimmicks” and don’t take the training as seriously as the organization would like them to. Security managers are often putting out other fires and can’t devote the time they would like to ongoing awareness training. So what can be done to overcome these issues? Join Mimecast and (ISC)2 on June 20, 2019 at 1PM Eastern for a discussion on the do’s and don’ts of security awareness training and testing, why it’s important to customize training for different groups and how to truly engage your end-users to make them part of your security program. We will also provide tips for gaining management support and building a company-wide culture of security with training as a key component.
    Watch now
  • AI-Driven EDR - The Machine Age of Information Security Recorded: Jun 13 2019 59 mins
    Brian Robison, BlackBerry Cylance; Eric Walters, Burns & McDonnell; Travis Farral, CISO, LEO Cyber Security; B. Dunlap
    The historical evidence of rules-based solutions in the Endpoint Detection and Response (EDR) has proven that this approach is unable to keep up with the speed of the shifting threatscape. Join BlackBerry Cylance and (ISC)2 on June 13, 2019 at 1:00PM Eastern where we will explore how machine learning and artificial intelligence are closing the OODA (observe–orient–decide–act) loop on the attackers. We’ll also examine how you can gain an advantage over emerging threats, your time to respond and impact of artificial intelligence on security professionals.
    Watch now
  • A Day in the Life - Tips and Best Practices from 3 CISSPs Recorded: May 21 2019 60 mins
    James Packer, CISSP, London; Chuan-Wei Hoo, CISSP, Singapore; James R. McQuiggan, CISSP, United States; B. Dunlap (Moderator)
    More than 130,000 information security professionals have invested time, determination and resources to attain the CISSP certification. Join (ISC)² members from different regions on May 21, 2019 at 10:00AM Eastern as we discuss what pain points, issues and challenges they encounter in their day-to-day work life, as well as solutions, tips and best practices they have developed along the way. We’ll also examine how the CISSP certification has helped them with their job and career.
    Watch now
  • Insider Data Breach – Separating the Malicious from the Mistaken Recorded: May 9 2019 56 mins
    Sudeep Venkatesh, Chief Product Officer, Egress; Charles Moore, Opinions Matters; Spencer Wilcox, Brandon Dunlap (Moderator)
    According to a recent Ponemon Institute survey, the average data breach costs $3.8M, up 6.4% from 2017. When it comes to an insider data breach, 95% of IT leaders view this as a concern for their organization (statistic from 2019 Data Breach Survey from Egress Software and Opinions Matters). Employees can put sensitive data at risk by accessing or sharing without permission, just because they are “curious” or intrigued by the content. An insider data breach can be the most damaging, the most expensive and the most difficult to detect and stop. How can an organization deal with these insider data breaches? Join Egress Software and (ISC)² on May 9, 2019, at 1PM Eastern for a wide-ranging discussion on insider data breaches, the malicious and the accidental and what can be done to mitigate such occurrences.
    Watch now
  • Going Off Script – Code Eats InfoSec Recorded: Apr 11 2019 58 mins
    Tarik Saleh, Snr Sec. Engr, DomainTools; Erik von Geldern, CISO, FXCM; Clinton Campbell, CEO & Prin. Consul., Quirktree, LLC
    Marc Andreessen famously said “Software is eating the world”, but what about in InfoSec? In the beginning, security practitioners depended on Excel and VB scripts to make sense of their data. Today, machine learning is aiding in the discovery and reporting of insights. As more and more cloud-forward companies are embracing an “infrastructure-as-code” model, what does this mean for the security leaders of tomorrow? Is automation important to your role and to the organization’s infosecurity posture? If so, join DomainTools and (ISC)2 on April 11, 2019 at 1:00PM for a discussion on security automation and how being fluent with programming languages and scripting can expand your knowledge and value to an organization, as well as strategizing for machines to work in harmony with the compliance and risk teams.
    Watch now
  • Smelling the Roses at 100Gb - Security Tooling at the Speed of Life Recorded: Mar 14 2019 56 mins
    Ron Nevo, CTO, cPacket Networks; John Carnes, Info Sec. Architect; Gordon Rudd, 3rd Party Risk Officer, Venminder, B. Dunlap
    Ferris Bueller famously said, “Life moves pretty fast. If you don’t stop to look around once in a while, you could miss it.” With complex data flows now reaching speeds 100G, what are your security tools missing? Can they handle the increased volume of information that’s coming in? By making use of packet brokers, you can get the visibility you need and not miss out on life. Join cPacket Networks and (ISC)2 on March 14, 2019 at 1:00PM for a discussion on packet brokering visibility across the network, the need for pre-egress filtering and how the convergence of NetOps and SecOps can help protect your company’s top-line revenue and productivity.
    Watch now
  • Detecting & Preventing Threat Evasions Techniques – 2019 And Beyond Recorded: Feb 14 2019 59 mins
    Shimon Oren, Deep Instinct; Jared Peck, Financial Services; Rob Armstrong; Colossal Technologies, LLC; B. Dunlap (Moderator)
    Cyber-attacks and the threat actors behind them are becoming more and more sophisticated. Today’s attackers adopt existing techniques, modify them and develop new capabilities much faster than ever before. This translates not only to more attacks, but also to a bigger share of attacks which are highly evasive and stealthy, and inevitably more challenging to prevent or detect over-time. How does an organization stay up-to-speed with the varied attacks that are aimed at them? Join Deep Instinct and (ISC)2 on February 14, 2019 at 1:00PM Eastern when we’ll review several common and emerging evasion techniques in today’s threat-landscape and discuss the best avenues to counter them in terms of technology and cost-effectiveness.
    Watch now
Regular roundtable discussions on a variety of infosecurity topics.
(ISC)2 hosts regular panel discussions on hot button infosecurity topics featuring thought leaders and visionaries from the industry who answer questions from the audience.
  • Upcoming webinars (1)
  • Recorded webinars (224)
  • Subscribers (77,175)
Channel RSS feed

Register for Free

 

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Why Targeting Is the Next Big Trend in Attacks
  • Live at: Nov 4 2016 7:40 pm
  • Presented by: Dr. Lance Cottrell, CISSP®, Chief Scientist, Ntrepid Corp.
  • From:
Your email has been sent.
or close