Recently, RangeForce hosted a live webinar called “Tiers, Not Tears: Contextualizing Cyber Threats.” We introduced a systematic approach to threat classification by categorizing threat actors into distinct tiers.
If you didn’t register, take a look at the highlights from this insightful session below. You can also watch the full recording below.
You can find our recent webinars on-demand on our BrightTALK channel. Keep an eye on our social media and newsletter to learn about upcoming webinars!
Tiers, Not Tears: Contextualizing Cyber Threats
Presented by Tanner Howell, RangeForce Solutions Engineering Team
The Cybersecurity Landscape
- The state of cyberattacks is worsening, as the sophistication of threat actors increases
- He mentions the prediction of cybercrime reaching $10.5 trillion by 2025.
- Introduction of the concept of "cyber readiness" as the ability of an organization to protect itself from cyber threats.
Tiering Threats and Teams
- Overview of the concept of tiering, which can refer to different aspects of an organization's cybersecurity posture.
- In this context, tiering refers to categorizing threat actors and defensive teams based on their capabilities.
- Optimizing incident response requires tiering both sides.
Threat Actor Tiers
- Demonstration of a five-tier model for threat actors, ranging from script kiddies to nation-states.
- Using actionable intelligence to categorize threat actors effectively is a critical factor.
Defensive Team Tiers
- Common practice is for all incidents to be treated with the same level of urgency.
- Serious dangers with this approach include burnout for security analysts and ineffective resource allocation.
- A better solution is a tiered approach for defensive teams based on the prevalence of different threats and the organization's risk tolerance.
Case Studies
- Two case studies are presented: a medium-sized non-profit and a Fortune 500 financial institution.
- The threat landscapes of each are analyzed, and appropriate defensive tiers for each organization recommended
- Factors like organization size, data sensitivity, and potential attacker motivations are highlighted in the analyses
Conclusion
- The importance of tiering threats and teams for effective cybersecurity is reiterated.
- The need for a realistic assessment of threats and a focus on ROI when making cybersecurity investments is of utmost importance.