SlideShare a Scribd company logo

Matt LaVigna - Cyber Security - NCFTA 2017

Invest Northern Ireland
Invest Northern Ireland

The National Cyber-Forensics and Training Alliance (NCFTA) is a nonprofit organization established in 2002 to facilitate collaboration between private industry, government, and academia to combat cybercrime. The NCFTA provides a neutral environment where these groups can share information and gain insights to develop actionable intelligence. Through the relationships and data sharing enabled by the NCFTA, over 800 cases have been referred to law enforcement resulting in hundreds of arrests and millions recovered in seizures and losses prevented.

1 of 2
Download to read offline
THE NATIONAL CYBER-FORENSICS AND TRAINING ALLIANCE ONE TEAM, ONE GOAL. COMPANIES, GOVERNMENT, AND ACADAMIA WORKING TOGETHER TO NEUTRALIZE CYBER CRIME. Establishing trusted relationships is critical to information sharing, and sharing near real-time information is important to our partners. But that’s just the first step. Our partners understand that information isn’t necessarily intelligence. Getting to intelligence takes going beyond information or indicators. It takes people, process, and a bit of technology. Our team of analysts applies the human factor to information sharing and intelligence gathering. Using shared information and our unique on-site collection of historic data, we strive to identify actionable intelligence for our industry and law enforcement partners. When law enforcement needs help understanding a threat, they rely on the NCFTA community of industry partners to provide insight into the scope and impact of the threat. When industry needs a receptive ear from law enforcement, the embedded agencies at the NCFTA are there to discretely listen. These trusted relationships enable industry and law enforcement to align priorities and resources without compromising privacy, ethics, or the integrity of an investigation. The NCFTA community includes cross-sector industry and law enforcement and offers the opportunity to co-locate in our neutral environment. This unique environment allows for true collaboration and spontaneous “aha” moments to occur. Beyond collaboration and information sharing, we strive for measurable results 1 :  815 cases referred to law enforcement  289 arrests made with NCFTA contributions  3,470 intelligence reports produced  $83,253,280 in seizures by law enforcement  $1,444,140,081 losses prevented (as reported by industry partners) 1 As reported by law enforcement and industry partners 2015-2016 Calendar Years Who We Are The National Cyber-Forensics and Training Alliance (NCFTA) is a non-profit corporation founded in 2002, focused on identifying, mitigating, and neutralizing cyber crime threats globally. The NCFTA was created by industry and law enforcement for the sole purpose of establishing a neutral, trusted environment that enables two-way information sharing with the ultimate goal to identify, mitigate, disrupt, and neutralize cyber threats. Through the NCFTA, private industry and government are able to work together in this neutral, trusted environment. The National Cyber-Forensics and Training Alliance…”a model of information-sharing platforms, bringing together different groupings of law enforcement, the private sector and academia to mitigate and combat cyber threats.” 2016 Annual Meeting of the World Economic Forum in Davos, Switzerland INFORMATION SHARING THE NCFTA WAY TRUSTED ENVIRONMENT WHAT MAKES US DIFFERENT aha moment “the common human experience of suddenly understanding a previously incomprehensible problem or concept” -Wikipedia
Organizations looking to augment their existing business risk efforts Organizations with limited intelligence resources Responsible stakeholders who want to make an impact for the greater good  The NCFTA acts as an extension of your team and force multiplier for cybersecurity and threat intelligence teams, fraud prevention groups, and brand/intellectual property protection specialists  The NCFTA provides access to a dedicated team of analysts working across initiatives as well as a community of trusted industry partner SMEs (Subject Matter Experts). All of our partners also have direct access to a committed, highly motivated cadre of domestic and international law enforcement professionals  Partners are provided with regular updates on trends, emerging threats, and near real-time threats through numerous communication channels, feeds, peer calls, working groups, intelligence reports, and white papers CyFin – the Cyber Financial Program is dedicated to the financial services industry. Threat actors may seek to steal, or siphon funds from accounts and/or compromise the integrity of the global financial infrastructure. The program seeks to develop intelligence on such threats as well as proactive and preventive countermeasures via partnerships with financial institutions in the banking, brokerage, and payment sectors of the financial services industry. BCP – the Brand & Consumer Protection Program focuses on the utilization of the Internet for the sale of retail goods, including fraud related to ecommerce transactions and the physical distribution of counterfeit merchandise. An estimated $1.8 billion dollars a year in fraud is perpetrated by cyber criminals using stole credit and debit credentials to launder money through the purchase of legitimate goods. The NCFTA provides a forum for participants from industry and law enforcement to share information and build actionable intelligence relative to such incidents. Counterfeit merchandise is a serious problem in terms of public safety, brand integrity, and even national security. The NCFTA partners with industry and the National Intellectual Property Rights Coordination Center (NIPRC) to share information and provide actionable intelligence on individuals/groups involved in the distribution of counterfeit merchandise. MCT – the Malware & Cyber Threats Program is dedicated to researching, identifying, and analyzing technical cyber threats. The program provides timely alerts through data feeds and proactive intelligence on cyber threats under analysis. MCT maintains a data repository containing malware and corresponding network attributes being utilized by threat actors around the world. The technical data is then correlated with other datasets in order to associate malware with cyber crimes such as banking fraud, spam campaigns, phishing and botnet activity. In doing so, MCT seeks to identify trends or patterns that will assist in mitigation and neutralization efforts as well as detect future threats. As hacktivism and terrorism continue to utilize social media to recruit new members, discuss ongoing or upcoming events, and maintain a revenue stream, it is critical to be aware of and observe these communications both in open source and the dark web. To find out more about our Programs and how you can become a partner, please contact us at: info@ncfta.net or visit our website: www.ncfta.net NCFTA | PITTSBURGH: 2000 Technology Drive, Suite 450, Pittsburgh, PA 15219 Phone: 412-802-8000 NCFTA | NEW YORK: One Penn Plaza, 250 West 34 th Street, Suite 2124, New York, NY 10119 NCFTA | LOS ANGELES: Wilshire Building, 601 S. Figueroa Street, Suite 1460, Los Angeles, CA 90017 WHO SHOULD JOIN SPECIALTY PROGRAMS

More Related Content

Matt LaVigna - Cyber Security - NCFTA 2017

  • 1. THE NATIONAL CYBER-FORENSICS AND TRAINING ALLIANCE ONE TEAM, ONE GOAL. COMPANIES, GOVERNMENT, AND ACADAMIA WORKING TOGETHER TO NEUTRALIZE CYBER CRIME. Establishing trusted relationships is critical to information sharing, and sharing near real-time information is important to our partners. But that’s just the first step. Our partners understand that information isn’t necessarily intelligence. Getting to intelligence takes going beyond information or indicators. It takes people, process, and a bit of technology. Our team of analysts applies the human factor to information sharing and intelligence gathering. Using shared information and our unique on-site collection of historic data, we strive to identify actionable intelligence for our industry and law enforcement partners. When law enforcement needs help understanding a threat, they rely on the NCFTA community of industry partners to provide insight into the scope and impact of the threat. When industry needs a receptive ear from law enforcement, the embedded agencies at the NCFTA are there to discretely listen. These trusted relationships enable industry and law enforcement to align priorities and resources without compromising privacy, ethics, or the integrity of an investigation. The NCFTA community includes cross-sector industry and law enforcement and offers the opportunity to co-locate in our neutral environment. This unique environment allows for true collaboration and spontaneous “aha” moments to occur. Beyond collaboration and information sharing, we strive for measurable results 1 :  815 cases referred to law enforcement  289 arrests made with NCFTA contributions  3,470 intelligence reports produced  $83,253,280 in seizures by law enforcement  $1,444,140,081 losses prevented (as reported by industry partners) 1 As reported by law enforcement and industry partners 2015-2016 Calendar Years Who We Are The National Cyber-Forensics and Training Alliance (NCFTA) is a non-profit corporation founded in 2002, focused on identifying, mitigating, and neutralizing cyber crime threats globally. The NCFTA was created by industry and law enforcement for the sole purpose of establishing a neutral, trusted environment that enables two-way information sharing with the ultimate goal to identify, mitigate, disrupt, and neutralize cyber threats. Through the NCFTA, private industry and government are able to work together in this neutral, trusted environment. The National Cyber-Forensics and Training Alliance…”a model of information-sharing platforms, bringing together different groupings of law enforcement, the private sector and academia to mitigate and combat cyber threats.” 2016 Annual Meeting of the World Economic Forum in Davos, Switzerland INFORMATION SHARING THE NCFTA WAY TRUSTED ENVIRONMENT WHAT MAKES US DIFFERENT aha moment “the common human experience of suddenly understanding a previously incomprehensible problem or concept” -Wikipedia
  • 2. Organizations looking to augment their existing business risk efforts Organizations with limited intelligence resources Responsible stakeholders who want to make an impact for the greater good  The NCFTA acts as an extension of your team and force multiplier for cybersecurity and threat intelligence teams, fraud prevention groups, and brand/intellectual property protection specialists  The NCFTA provides access to a dedicated team of analysts working across initiatives as well as a community of trusted industry partner SMEs (Subject Matter Experts). All of our partners also have direct access to a committed, highly motivated cadre of domestic and international law enforcement professionals  Partners are provided with regular updates on trends, emerging threats, and near real-time threats through numerous communication channels, feeds, peer calls, working groups, intelligence reports, and white papers CyFin – the Cyber Financial Program is dedicated to the financial services industry. Threat actors may seek to steal, or siphon funds from accounts and/or compromise the integrity of the global financial infrastructure. The program seeks to develop intelligence on such threats as well as proactive and preventive countermeasures via partnerships with financial institutions in the banking, brokerage, and payment sectors of the financial services industry. BCP – the Brand & Consumer Protection Program focuses on the utilization of the Internet for the sale of retail goods, including fraud related to ecommerce transactions and the physical distribution of counterfeit merchandise. An estimated $1.8 billion dollars a year in fraud is perpetrated by cyber criminals using stole credit and debit credentials to launder money through the purchase of legitimate goods. The NCFTA provides a forum for participants from industry and law enforcement to share information and build actionable intelligence relative to such incidents. Counterfeit merchandise is a serious problem in terms of public safety, brand integrity, and even national security. The NCFTA partners with industry and the National Intellectual Property Rights Coordination Center (NIPRC) to share information and provide actionable intelligence on individuals/groups involved in the distribution of counterfeit merchandise. MCT – the Malware & Cyber Threats Program is dedicated to researching, identifying, and analyzing technical cyber threats. The program provides timely alerts through data feeds and proactive intelligence on cyber threats under analysis. MCT maintains a data repository containing malware and corresponding network attributes being utilized by threat actors around the world. The technical data is then correlated with other datasets in order to associate malware with cyber crimes such as banking fraud, spam campaigns, phishing and botnet activity. In doing so, MCT seeks to identify trends or patterns that will assist in mitigation and neutralization efforts as well as detect future threats. As hacktivism and terrorism continue to utilize social media to recruit new members, discuss ongoing or upcoming events, and maintain a revenue stream, it is critical to be aware of and observe these communications both in open source and the dark web. To find out more about our Programs and how you can become a partner, please contact us at: info@ncfta.net or visit our website: www.ncfta.net NCFTA | PITTSBURGH: 2000 Technology Drive, Suite 450, Pittsburgh, PA 15219 Phone: 412-802-8000 NCFTA | NEW YORK: One Penn Plaza, 250 West 34 th Street, Suite 2124, New York, NY 10119 NCFTA | LOS ANGELES: Wilshire Building, 601 S. Figueroa Street, Suite 1460, Los Angeles, CA 90017 WHO SHOULD JOIN SPECIALTY PROGRAMS