So now you have some scores.
Now what? Well, first,
you need to focus on creating a priority list.
But how do you prioritize? We will walk you through four steps
on how to properly prioritize your findings.
is to understand your mission
or business operations. How a system would be impacted for critical infrastructure versus healthcare versus manufacturing versus finance versus law enforcement
may differ significantly.
Next step is to understand your current threat landscape meeting
who you're most likely aggressors, their individual actors,
nation state players and organized criminal syndicates,
have very unique tools, tactics and techniques.
Additionally, their motivations various well,
where, as an individual actor
may be looking to, you
simply have status amongst his peers.
Nation State actors are generally more interested in obtaining state secrets,
whereas organized criminal syndicates
are we usually financially motivated. Now let's turn to Step three.
Looking at probable outcomes,
I would like to ask you to try to think
like you're most likely adversary, an individual actor,
or criminal syndicate.
I'd like to ask yourself, Are Russian backed hackers
more likely to manipulate the integrity of the data in stock market trades
or an individual actor. Likewise, if you have Mission critical, Resource is in the hospital.
Recent use of Ransomware has been very effective and highly profitable again.
Think about the type of actors that would be responsible
and whether skill sets, tools, tactics and techniques would look like.
What about simply trying to give network operators at an airline a headache
by disrupting their ticketing systems, as we've seen over the past couple of years with major airlines?
Step four Legal considerations For the 1st 3 steps, we covered the topics of knowing your business, knowing your adversary
in knowing your probable outcomes.
we further explore probable outcomes and focus on their respective legal challenges.
So let's say that we have an HP Pavilion computer exposed to that Microsoft vulnerability back in 2006
and this allows for remote, unauthorized access to your system. Resource is
here. We describe the potential scenarios for what a remote command control of a computing resource may look like. Based on the business that it serves.
We will use the same enterprises from a couple of slides ago, starting with critical infrastructure and ending with law enforcement.
Yes, Yes, I do understand that all of these businesses could technically be defined as a critical infrastructure.
However, there also define its business verticals as well. So if we have a remote command and control of the computer inside of Victims Network
by compromising this vulnerability,
what might some of the potential impacts look like for critical infrastructure
more than healthcare,
each one has very distinct legal challenges.
While the intent of this training is not to prepare you for law school,
understand the legal considerations of these technical threats. Is
Justus important as understanding the technical vulnerabilities within your own organisation?
Because it directly impacts business risk,
we will explore these legal challenges even further
in the phone slides.
The goal of this slide is to get you to start thinking about what potential liabilities you can illustrate to system owners