The cyber threat landscape is now made up of organised, smart, well-resourced and clandestine criminals and nations, determined to steal intelligence and capital.
Cyber attacks: Like trying to outrun your own personal bear
A definite trend over the last 18 months is of tools developed by the world’s most sophisticated attackers filtering down to less adept adversaries and being used far more widely. These aren't the script kiddie attacks of years past – they’re more targeted, sophisticated and dangerous.
Most attacks CISOs saw in the past were ‘just good enough’ to hit only the poorly-protected: you could out-run the bear by not being the slowest. Now as targeted attacks become more common, you must outrun your own personal bear.
Jon Draper, Director of Threat Analytics at BAE Systems Applied Intelligence, explains in this video how customisable toolkits are enabling a wider range of attackers to launch sophisticated targeted attacks.
The return of phishing and more: why old attacks are making a comeback
Information security professionals often remember past battles – but being prepared to fight them all over again is another thing. The reality is that often, resources are shifted around to meet new threats, and vigilance is directed that way too. After the past few years, phishing attacks have enjoyed a resurgence in effectiveness for just this reason.
In this video, Mike Flouton, Vice President of Product Marketing at BAE Systems Applied Intelligence, reveals how older attacks, including Phishing and even older Macro-based tactics, are making a resurgence - and talks about how companies and CISOs can build effective defences.
The new era of fraud; a cyber-enabled approach
Modern cyber attack techniques are being applied to traditional frauds, from insider trading to basic confidence tricks. And these attacks are becoming more and more sophisticated as new techniques are added to traditional fraud campaigns by criminals.
Neal Watkins, Chief product officer, at BAE Systems Applied Intelligence, argues that a people-oriented, rather than just technological approach, is key to tackling this new era of fraud. The role of the CISO is absolutely vital in tackling fraud at an organisational level.
Watch Neal’s video to hear about examples of cyber-enabled frauds that BAE Systems has observed in the world, from insider trading to old-fashioned con tricks, and understand what CISOs can do to protect their organisations.
You're well protected, but what about your suppliers?
Advances in the technology used to connect supply chains over recent years have been great for business, but have also begun to pose new security risks. One trend Penny Allen, Head of Incident Response, EMEA at BAE Systems Applied Intelligence, has seen in recent years is an increasing tendency of attackers to use smaller, less well-defended companies within the supply chain to reach the data or systems of their real targets, further up the chain.
Watch Penny’s video to learn more about what BAE Systems has seen and what CISOs can do to protect against this threat.
Are industry bodies exposing your business to cyber attack?
Think tanks and industry bodies have been the target of cyber attack for some time. They are attractive because of the level of trust they have with participants from business and government organisations and the indirect access that gives to attackers.
James Hatch, Director of Cyber Services at BAE Systems Applied Intelligence, explains how BAE Systems has identified and countered threats to industry bodies and simple, non-technical remedies that can be applied to organisations dealing with them.