we secure.

Cyber Threats

secure Solutions

How We
Can Help

By understanding the different types of cyber attackers and how they operate, we can make rational decisions on the level of security required, the probability of attack and how to allow business processes to continue unobstructed. 

Threat Landscape

TYPES OF ATTACKERS

Attackers, known as adversaries, have different capabilities and different motivations for launching attacks. Here we describe the most common types.

Motivated by mischief . Tend to perform attacks individually. Limited capability and skillset.

Motivated by feelings of being wronged or on behalf of others. Vengeance driven. Tend to act in groups. Skilled attackers.

Motivated by greed. Usually well financed due to their activities.

Motivated by power and domination. Most skilled and financed group.

CYBER KILL CHAIN

Security perimeters can be breached by malware, zero day exploits, social engineering and compromised downloads. Once inside, the attacker may not have the privileges necessary to create real damage so they will try to escalate their privileges to that of ROOT or SYSADMIN. Once this has been achieved, they can then download and install further malicious software and create a back door to allow access even after their presence has become apparent. They may also copy and send sensitive data to a command and control centre or install ransomware.

“It takes 20 years to build a reputation and few minutes of cyber-incident to ruin it.”

Nappo

plan of action

know your obligations

Stop the kill chain in its tracks. Use defence in depth techniques such as firewalls, IDS, IPS. Use granular access control on files. Use white-listing of applications. Use multi-factor authentication. Take away admin privileges from non-security accounts. Make sure staff are adequately trained. For a full list of techniques, contact us.

we are your knowledge partners. all the way through.

Our expertise in all areas of security is always on-hand. Contact us to know more.

you are not alone

our professional services Include:

We can provide security as a service packages or deliver full security programs including training.

We take care of the technical issues:

  • Perimeter defence strategy with firewalls, IDS, IPS
  • Endpoint security and data loss prevention strategies
  • Encryption and public key infrastructure management
  • Implementation of event monitoring systems