What is Red Teaming?
In cybersecurity, Red Teaming is a step above traditional penetration testing that involves a third-party simulating real-world attacks by replicating what a real threat would do to identify risks, as well as an adversary’s capabilities, motivates and strategy.
Red Teaming has become an increasingly present practice in finance. In the UK the Bank of England established CBEST, a programme involving Red Teams testing the resilience of UK Financial institutions. Similar initiatives are currently in place in countries like the USA under the NSA, Netherlands and the EU with the TIBER (Threat Intelligence Based Ethical Red teaming) initiative to test the resilience of European financial institutions, Australia under the Department of Defence’s Science and Technology division, etc.
In this presentation, our speaker Mr. Ari Davies will:
- Introduce and explore the concept of Red Teaming and its relevance to the Financial Services.
- Discuss the growing role of penetration testing and regulatory Red Teaming.
- Examine a case study on cybersecurity: “how we stole 10m euros from a bank”.
- Share his insights on attacker simulation, penetration testing trends, the evolving concept of cyber security and where it might be heading and how governments and firms are adapting.
Ari is Director at Deloitte Cyber Risk Services and has over 12 years of information security and ethical hacking experience. He is an experienced penetration testing consultant and engagement manager with notable experience in extensive and complex multi-tiered security engagements as well as an extensive background in security operations. His big interest is with the more “covert” side of ethical hacking, such as red teaming, social engineering, phishing and physical penetration testing.