Keeping pace with the deteriorating threat landscape is becoming more difficult as threat actors devise new ways of infiltrating systems.

Understanding the threat actors and the techniques they use are critical in determining the likelihood of becoming a target and preparing mitigations as part of an intelligence-led security strategy.

The threat actors can be divided into 5 main types:

– Cybercrime: where criminals commit fraud for financial gain.

– Ransomware: where data is encrypted or systems are made inoperable in demand of a ransom.

– Intellectual capital: where data is stolen for commercial purposes, identity theft, etc.

– Hacktivist/Activist: where a motivated group or individual can disrupt business.

– Nation state: where foreign government resources are used for political gain.

Each type of actor uses different techniques, although the boundaries are now merging as zero-day malware becomes more prevalent, malware now runs in application memory, and advanced persistent threats once used by Nation State actors is now being used for Cybercrime.

Additionally, the measurement and reporting of security metrics is still performed poorly and many organisations do not understand the real number of attacks targeting their systems. Most companies now have over 90% of email categorised as spam and medium-sized companies are experiencing over 10 million attacks per month on internet gateways.

This presentation will provide examples of metrics and expose the real threats faced by organisations today, while providing practical mitigations as part an inclusive security strategy.