INTELLIGENCE LED CYBER SECURITY TESTING
iCAST – Intelligence Led Cyber Security Testing
One of LRQA Nettitude’s additional services that it provides to its broad range of financial services clients is iCAST testing. This intelligence led framework was introduced by the Hong Kong Monetary Authority (HKMA) in response to the ever changing cyber security landscape.
iCAST is an innovative regulatory requirement, that does not just rely on a strategy that is focussed on Penetration Testing alone. The focus of the iCast framework is to deliver a Threat Intelligence based scenario test, with the testing element focusing on ‘Red Teaming’. The Threat Intelligence phase focuses on: –
- Reviewing open source intelligence relating to an organisation
- Defining scenarios that reflect real work attack vectors
- Reviewing of TTP’s and modus operandi of likely Threat Actors
- Providing a list of actionable intelligence to confirm the right approach for the Red Team phase
Reviewing and Defining Stage
Upon completion of the Threat Intelligence phase, LRQA Nettitude will help an organisation to define the likely scenarios for the red teaming phase. The iCAST framework encourage organisations to define a list of key assets that is it trying to protect and use the output of the threat intelligence to define what tactics and approach should be used to carry out the attack phase of the assessment. During this phase the LRQA Nettitude team will launch various attacks such as phishing or insider threats to mimic real work threat actors.
After the Red Team phase in complete, LRQA Nettitude will provide the final stage of the engagement, known as the Attack Replay. In this phase, LRQA Nettitude will work closely with the Blue Team and re-create some of the scenarios to see how the defensive layer of the business was able to react to the testing phase. In this phase the organisation will fully understand what LRQA Nettitude was able to do.
The Benefits Of iCAST Cyber Security Testing
Some organisations will be asked to complete and annual iCAST assessment by HKMA. The value in undertaking this service is as follows: –
- A better understanding of how likely threat actors will try and target you
- Clarification of how good your business is at protecting its key assets
- A greater understanding of your ability to identify when an adversary is trying to attack
- A more robust cyber strategy that encompasses attack and defence
Why Work With LRQA Nettitude?
Since iCAST was first introduced several years ago, LRQA Nettitude has been engaging with global banks that are trying to protect their most important systems. Whether it’s delivering CBEST, GBEST, iCAST or AASE, LRQA Nettitude’s team are well placed to help organisations to deliver an end-to-end engagement, including Threat Intelligence and Red Teaming combined. These services have been delivered using LRQA Nettitude’s in house tooling, as well a combination of open source tools to ensure that companies understand how best to protect themselves. Delivering a scenario based engagement isn’t just about finding a way into an organisation, it’s also about helping companies to get better at defending themselves over a longer period of time, in case they ever experience a real life attack.
Cybersecurity doesn’t stand still, so working with a company like LRQA Nettitude, that continues to innovate, will benefit you in the long term. Contact your local team to find out more.