ensequrity

eCrime Intelligence, Investigation and Prevention
Home     About Us     Our Approach     Threat Landscape     Our Services     Contact Us     Site Map      
The ensequrity approach
In our eCrime methodology we use two models called protection and effect. The first looks at what a target organisation does to protect itself, and the second looks at the attackers to see the effects that any changes made have.


The protection model considers:
•    intelligence - identifying what is actually wrong to cause opportunity for attackers. This is done through the production of threat maps, threat briefings and access to open and closed source intelligence feeds.
•    investigation - provides information on how to fix the issues and how the attacks are occurring. It is focused on identifying the sources of actual losses, such as trojans, and obtaining samples of them for analysis. Clustering of attacks can be done to identify campaigns put together by specific attacker groups.
•    prevention - puts in place measures to stop or prevent attacks and losses. This can include the correct team structure, proactive identification of malicious activity, use of decoy accounts, training and identification of “man in the browser” activity.

Together they allow for diagnosis and treatment of identified and future eCrime threats giving the potential for disruption of attackers.





The effect model considers:
•    risk - the perceived chances of detection and identification. Affected by successful investigation and response to attacker behaviour such as by law enforcement engagement.
•    reward - the material gains from an attack. Reducing the loss per compromised account, or responding quicker to an attack will reduce this.
•    effort -  how much time and cost it takes to undertake a attack. Increased through takedown of attacker infrastructure, or increasing the sophistication needed for successful attacks.

Together if the perceived sum of these by the attackers is too high then displacement is likely. Fraudsters do not stop attacking, they just move to where the payoff is higher. By putting in place longer term proactive measures using intelligence, investigation and prevention by working with ensequrity an organization can manage their risk profile to an acceptable level and keep losses down.