Cyber Threat Management Blueprint

Cyber threat management is vital to organisational success. More than ever before we are relying on digital services to help us with vital activities in our daily lives at home , on the road and workplace. Uptake and consumption of digital services are continuously increasing across the globe. Public and private sector organisations hosting and serving these essential digital services to it’s staff, customers, partners and the wider populous have been presented with increasing cyber security threats of varying types and complexity. To successfully thwart these challenges organisations must have cyber security capability in-house or contract specialist third-parties to formulate and execute a comprehensive cyber security strategy aligned to organisational goals and objectives. We use a tailored version of our Cyber Threat Management Blueprint guided by the *cyber kill chain framework as a key component of the overall response strategy put together to safeguard and defend our customer digital assets and discover threats.

*The term kill chain was originally used as a military concept related to the structure of an attack. Later on Lockheed Martin adapted this concept to cyber security and developed “The cyber kill chain model

Threat responses and counter-measures

Reconnaissance : The start of the chain of events where the threat actor select the target and collect active and passive information which would assist in carrying out a successful attack. During this phase the target networks and associated digital assets are explored for vulnerabilities.
Weaponisation : Using the data gathered during reconnaissance the attacker plan and create malware targeting the identified vulnerabilities. This is done remotely.
Delivery: The malware which could be a virus, worm, trojan or spyware would be delivered to the identified target via email attachments, websites , social media, USB or other delivery mechanisms.
Exploitation: Once the payload is delivered the malware code is activated in the target system. This could be inform of a SQL Injection , java script hijack or other.
Installation: The malware is installed and it opens a backdoor for the threat actor to access freely. Tools such as remote access or registry changes or other tools might be used here.
Command & Control (C2): The attacker then gain control of the target and prepare to proceed with the original goals and objectives.
Actions on Objectives: The threat actor executes the plan to meet the original objectives. This could be and not limited to data manipulation, destruction, exfiltration or encryption for ransom.

How you can contribute to protect your organisation from cyber threats

Before you rush to share information with the world, ask yourself the question “what good or bad this could do to me, my family, friends, office colleagues or my employer?” And then click share.
Be careful when you open and download attachments from unknown senders.
Don’t connect devices to your PC or laptop if you don’t know the origin or owner.

Let us help you

Contact us to find out how we can help you and your organisation to safeguard your digital assets from threat actors..

Request a call back

We use cookies to enhance your experience on this website. By proceeding you agree to the terms of use and privacy policy (GDPR for EU visitors)