Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

About Cybersecurity

21 views

Published on

By Dr. Allen Wong
Chairman
e-Learning Consortium

Published in: Education
  • Be the first to comment

  • Be the first to like this

About Cybersecurity

  1. 1. Something about CyberSecurity By Dr. Allen Wong 23 Feb 2019
  2. 2. Vulnerability Test https://www.owasp.org
  3. 3. Web Application Attack in 1 Hour Web attacks observed between 2018-11-26 22:00-23:00 for All Verticals
  4. 4. Web Application Attack in A Week
  5. 5. Web Application Attack on Education Web attacks observed between 2019-02-10 to 2019-02-17 for Education
  6. 6. Hackers White Hat is known as Ethical Hacker 道德黑客
  7. 7. Ethical Hacking and CISO
  8. 8. Dr. Allen Wong Chairman of eLearning Consortium (eLC) allen.wong@elearning.org.hk
  9. 9. Vulnerability Test - Documentations Introduction & Execution Plan Engagement Letter Checklist
  10. 10. Different Types of Cyber Attacks
  11. 11. 5 Basic Security Principles  Maintain strong permission and user access controls  By periodically checking networks and default permissions/credentials, organizations can reduce the likelihood of a hacker gaining easy access to a network.  Provide employee security awareness  Inform employees of the latest security threats and social engineering techniques, how they can protect themselves, and what the organization is doing to mitigate these risks.  Implement a patch management program  Organizations should use automated tools to both identify and apply patches within network devices, operating systems and applications. For systems that cannot be upgraded or patched, compensating controls (e.g., VLAN’s or firewalls) should be implemented to protect the rest of the network.  Ensure strong system configuration management  Be sure to look into areas such as password and audit policies, services, and file permissions, as these should be controlled through the configuration management process.  Conduct periodic penetration testing  Penetration testing and ongoing vulnerability management across various pieces of IT infrastructure can help organizations identify security vulnerabilities and stay up-to-date with the latest tricks and techniques attackers are using.

×