APNIC Senior Security Specialist Adli Wahid gave a keynote presentation on the essential component of a CERT at the 2023 NCIT, held in Suva, Fiji from 17 to 18 August 2023.
2021 CNCERT International Partnership Conference: Increasing cybersecurity pr...APNIC
APNIC Senior Security Specialist Adli Wahid presents on increasing cybersecurity preparedness for large-scale sporting events at the 2021 CNCERT International Partnership Conference, held online on 16 August 2021.
Embracing Threat Intelligence and Finding ROI in Your DecisionCylance
Answering the question of what threat intelligence is compared to threat data. Is it better to build or buy a solution? Who benefits? Steve presents on how to get started and what you'll need to do to best protect your organization against malicious attackers.
By Steve Mancini, Senior Director of Security, Cylance
SIEM-plifying security monitoring: A different approach to security visibilityAlienVault
Despite investments in preventative security technology and teams, devastating data breaches continue to occur, and the threats we face only grow more advanced all the time. If even the largest companies are struggling to avoid breaches, how can teams with more limited security staff and budgets hope to avoid that same fate? Organizations need to invest more in detection and proactive threat intelligence. SIEM products have been widely deployed for this purpose, however much of the technology remains unwieldy and difficult to use.
Join Dave Shackleford, founder of Voodoo Security and a Senior SANS Instructor, and Joe Schreiber, Solution Architect with AlienVault for this session covering:
Key security intelligence insights you need to defend against modern threats
"Tales from the trenches" of challenges getting the insights you need from SIEM
Fundamentals for evaluating a security approach that will work for you, not against you.
How a unified approach to security visibility can help you get from install to insight more quickly
Establishing an insider threat programme: Know your Snowden - Puneet Kukreja,...Puneet Kukreja
Insider threat seems to be one of the biggest risks for organisations looking to protect their data assets. Enterprises spend large proportion of their budget to secure and protect their most critical assets from exfiltration and leakage. However, it's not all about nation state and espionage, it's about identifying potential insider threat scenarios, understanding the organisation’s critical assets and the controls to protect them.
With the recent spate of data breaches originating from trusted insiders, how do enterprises ensure their data assets are safe from insider threat and appropriate controls are in place?
What models have been implemented to identify potential insider threat scenarios?
Which critical data assets must be safeguarded?
What combination of technologies are required to protect against insider threat?
Is there a psychology element?
The session seeks to answer these questions by sharing experience from two use cases; one which approached the problem from a technical perspective, and the other using consolidation of existing technology data sets.
Why Your Company Needs A Privacy Culture & Where To StartTrustArc
Data privacy is so much more than legal compliance! We believe legal compliance should be the result of a successful privacy program, not the goal. Moreover, companies should use personal data to support broader strategic objectives.
How to build an understanding of privacy at your company’s cultural level? How to get the necessary resources for your privacy program?
In this webinar, we explore how creating a culture of privacy within your organization can make it become a top priority and help building an efficient privacy program.
33rd TWNIC IP OPM: Practical Incident Response & Threat IntelligenceAPNIC
APNIC Senior Security Specialist Adli Wahid gives practical advice on incident response and threat intelligence at the 33rd TWNIC IP OPM in Taipei, Taiwan, on 5 December 2019
Build an Information Security StrategyAndrew Byers
Organizations are struggling to keep up with today’s evolving threat landscape.
From technology sophistication and business adoption to the proliferation of hacking techniques and the expansion of hacking motivations, organizations are facing major security risks.
Every organization needs some kind of information security program to protect their systems and assets.
Organizations today face pressure from regulatory or legal obligations, customer requirement, and now, senior management expectations.
2021 CNCERT International Partnership Conference: Increasing cybersecurity pr...APNIC
APNIC Senior Security Specialist Adli Wahid presents on increasing cybersecurity preparedness for large-scale sporting events at the 2021 CNCERT International Partnership Conference, held online on 16 August 2021.
Embracing Threat Intelligence and Finding ROI in Your DecisionCylance
Answering the question of what threat intelligence is compared to threat data. Is it better to build or buy a solution? Who benefits? Steve presents on how to get started and what you'll need to do to best protect your organization against malicious attackers.
By Steve Mancini, Senior Director of Security, Cylance
SIEM-plifying security monitoring: A different approach to security visibilityAlienVault
Despite investments in preventative security technology and teams, devastating data breaches continue to occur, and the threats we face only grow more advanced all the time. If even the largest companies are struggling to avoid breaches, how can teams with more limited security staff and budgets hope to avoid that same fate? Organizations need to invest more in detection and proactive threat intelligence. SIEM products have been widely deployed for this purpose, however much of the technology remains unwieldy and difficult to use.
Join Dave Shackleford, founder of Voodoo Security and a Senior SANS Instructor, and Joe Schreiber, Solution Architect with AlienVault for this session covering:
Key security intelligence insights you need to defend against modern threats
"Tales from the trenches" of challenges getting the insights you need from SIEM
Fundamentals for evaluating a security approach that will work for you, not against you.
How a unified approach to security visibility can help you get from install to insight more quickly
Establishing an insider threat programme: Know your Snowden - Puneet Kukreja,...Puneet Kukreja
Insider threat seems to be one of the biggest risks for organisations looking to protect their data assets. Enterprises spend large proportion of their budget to secure and protect their most critical assets from exfiltration and leakage. However, it's not all about nation state and espionage, it's about identifying potential insider threat scenarios, understanding the organisation’s critical assets and the controls to protect them.
With the recent spate of data breaches originating from trusted insiders, how do enterprises ensure their data assets are safe from insider threat and appropriate controls are in place?
What models have been implemented to identify potential insider threat scenarios?
Which critical data assets must be safeguarded?
What combination of technologies are required to protect against insider threat?
Is there a psychology element?
The session seeks to answer these questions by sharing experience from two use cases; one which approached the problem from a technical perspective, and the other using consolidation of existing technology data sets.
Why Your Company Needs A Privacy Culture & Where To StartTrustArc
Data privacy is so much more than legal compliance! We believe legal compliance should be the result of a successful privacy program, not the goal. Moreover, companies should use personal data to support broader strategic objectives.
How to build an understanding of privacy at your company’s cultural level? How to get the necessary resources for your privacy program?
In this webinar, we explore how creating a culture of privacy within your organization can make it become a top priority and help building an efficient privacy program.
33rd TWNIC IP OPM: Practical Incident Response & Threat IntelligenceAPNIC
APNIC Senior Security Specialist Adli Wahid gives practical advice on incident response and threat intelligence at the 33rd TWNIC IP OPM in Taipei, Taiwan, on 5 December 2019
Build an Information Security StrategyAndrew Byers
Organizations are struggling to keep up with today’s evolving threat landscape.
From technology sophistication and business adoption to the proliferation of hacking techniques and the expansion of hacking motivations, organizations are facing major security risks.
Every organization needs some kind of information security program to protect their systems and assets.
Organizations today face pressure from regulatory or legal obligations, customer requirement, and now, senior management expectations.
This presentation focuses on how security officers or development leaders can apply a disciplined approach to building internal consensus to build secure software. A five-step process will be laid out that will enable a manager to characterize the landscape, secure management buy-in, baseline the existing risks, set modest goals and attempt to achieve them, and sustain the initiative. Emphasis will be on actionable steps that successful managers have used to drive the adoption of secure software strategies in large organizations.
The Permanent Campaign: Driving a Secure Software Initiative in the EnterpriseDenim Group
The majority of information that exists about software security either focuses on technical means to build secure applications, or strategies to put controls in a software development process. There is a dearth of information regarding how managers should push secure initiatives forward, convincing executives that software security is critical to trusted business operations. This presentation focuses on how security officers or development leaders can apply a disciplined approach to building internal consensus to build secure software. A five-step process will be laid out that will enable a manager to characterize the landscape, secure management buy-in, baseline the existing risks, set modest goals and attempt to achieve them, and sustain the initiative. Emphasis will be on actionable steps that successful managers have used to drive the adoption of secure software strategies in large organizations.
This presentation will explore suggestions for ways Security people in Central Ohio can and do collaborate to improve Security practices within and external to organizations. This will explore ISACs, ISAOs, partnerships such as the Collaboratory, Internships, ISSA, etc.
Security Program Guidance and Establishing a Culture of SecurityDoug Copley
Doug Copley and John Kelley present advice for new CISOs, applying a framework model for assessment and measurement, establishing executive support and establishing a culture of security.
Building an Effective Data Privacy Program – 6 Steps from TRUSTeTrustArc
Six practical steps to build an effective data privacy program from conducting an initial privacy risk assessment to implementing controls & ongoing maintenance.
Watch the complete webinar from leading privacy experts on 6 practical steps to build a data privacy program https://info.truste.com/lp/truste/On-Demand-Webinar-Reg-Page2.html?asset=KB5XQRQG-567
[Agile Portugal 2014] - Agile Decision Support System for Upper Management - ...Pedro Henriques
The "life" of a company is the sum of its decisions. Hasty decisions can be disastrous, late decisions could mean loss of opportunity, but these decisions have to be made. Therefore it is important to have a tool that assists in decision making.
The main focus of this talk is to show the importance of support to decision making, understand the importance of risk and impediment management in agile environments and to present an approach to identify actions to mitigate risks and solve impediments based on Agile Community Knowledge.
This talk includes an example of a simple tool from the company SCRAIM. You can also check the video goo.gl/SBqAW4
APM webinar sponsored by the South Wales and West of England Branch on 14 July 2022.
Speaker: Sophie Okell
Introducing ethical hacking to the Ministry of Defence; the project management behind the innovation.
This webinar talked you through the journey of how a groundbreaking cyber testing methodology was applied in the Ministry of Defence.
How the project overcame the challenges faced, such as the complex stakeholder landscape, change resistance to such an innovative product and navigating commercial and legal.
The methods and factors that made the project successful:
Senior leadership support and advocacy.
Small, empowered and flexible team.
Internal marketing campaign, making use of communications and rewards.
A consultative, transformation approach.
Stakeholder mapping and engagement.
External communications, including a successful press release.
Demonstrating success early in the project and building on it.
Short delivery timescales
Clear methodology for the test, detailed in easily digestible communications
Making use of internal champions across the organisation.
The benefits achieved:
Reduction to the cyber risk.
Increased collaborative cyber culture.
Upskilling of internal IT and cyber staff.
Positioning of the MOD as a cyber leader on the global stage.
https://youtu.be/e0FXmRlKT20
https://www.apm.org.uk/news/introducing-ethical-hacking-to-the-ministry-of-defence-webinar/
Stockholm Internet Forum 2017: Development of CERTs in the Asia PacificAPNIC
APNIC Foundation Program Director Sylvia Cadena participated at the Stockholm Internet Forum from 15 to 18 May 2017 and presented an overview of APNIC's support for CERT development in the region to help ensure the Internet remains secure and stable.
Building Application Security programs from scratch or dropping into existing organizations with some AppSec functions can be a war zone. As practitioners are on the front lines of implementing AppSec programs, there is no one-size fits all or a magic supplier who can come in and solve all opportunities. It takes a dedicated staff to drive an effective program beyond the check the box mentality, with a critical focus on security culture.
Through the talk, I'd like to provide insight into the nuances of dealing with different environments large to small and the associated lessons learned to help drive the culture of security to truly provide defensive capabilities and empower the organization.
Testing in the Year 2020: The Erosion of Governance, Management, and ExcellenceTechWell
Competition is driving our business and IT partners to be ever more nimble. And Byron Glick and Jithesh Ramachandran say that the growing agility is eroding the old foundations of testing—test management, project governance, and centers of excellence. An organization pursuing lean startup approaches may reduce or eliminate traditional planning cycles and the related test management and governance. But all is not lost. Understanding why those foundations were effective in their time points to new foundations that will carry us forward into the new world of testing, technology, and society—in 2020 and beyond. The coordination and insight created with traditional test planning, management, and reporting are still needed, but new modes of partnership, alignment, value creation may be better fits for the way our organizations now work. Byron and Jithesh are seasoned explorers of this new, ever-changing landscape. Come join the conversation and build your own kit for finding a path forward in the absence of our most familiar landmarks.
Your Challenge
Organizations are struggling to keep up with today’s evolving threat landscape.
From technology sophistication and business adoption to the proliferation of hacking techniques and the expansion of hacking motivations, organizations are facing major security risks.
Every organization needs some kind of information security program to protect their systems and assets.
Organizations today face pressure from regulatory or legal obligations, customer requirement, and now, senior management expectations.
Our Advice
Critical Insight
Performing an accurate assessment of your current security operations and maturity levels can be extremely hard when you don’t know what to assess or how to assess it.
Alignment can be a difficult area for security to get right when it’s trying to balance both regular IT and the business.
Communication is needed between the business leaders, IT leaders, and the security team for an effective security strategy to be in place.
Impact and Result
Info-Tech has analyzed and integrated regulatory and industry best practice frameworks, combining COBIT 5, PCI DSS, ISO 27000, NIST SP800-53, and SANS to ensure an exhaustive approach to security.
Through this process, a comprehensive current state assessment, gap analysis, and initiative generation ensures that nothing is left off the table.
This project will elevate the perception of the security team from being a hindrance to the organization to an enabler.
Improve Information Security Practices in the Small EnterpriseGeorge Goodall
Over 80% of small-medium sized business consider themselves non-targets for cyber-attacks. However, 60% of all targeted attacks are towards small-medium sized organizations. The capabilities of hackers have risen dramatically in the last two years. Organizations of all sizes need a security plan. Security by obscurity is no longer a viable option. Adopt a proven strategy to protect vital corporate assets.
Towards data responsibility - how to put ideals into actionMindtrek
Track | Sustainable and Future-proof Tech
Mikko Eloholma Accelerator of Digital skills, TIEKE
Mindtrek Conference
3rd of October 2023.
Tampere, Finland
www.mindtrek.org
Digital crypto currency - Is it a game changer investment in India?Pavan Dikondkar
Digital crypto currency - Is it a game changer investment in India?
Crypto-Currency Investment – RISK Disclaimer
Open Source Circle Community
FIRE (Financial Independence Retire Early) Movement India Community
Crypto-Currency – Block-chain Platform
Crypto-Asset, Crypto Bill and India
Crypto Market and use cases
Crypto Investments
Crypto Investment Allocation if you plan to invest!
Crypto Exchanges – How to invest?
FIRE initiatives and workshops, Bootcamps and Courses for you
Questions and Answers | Feedback
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024APNIC
Ellisha Heppner, Grant Management Lead, presented an update on APNIC Foundation to the PNG DNS Forum held from 6 to 10 May, 2024 in Port Moresby, Papua New Guinea.
Registry Data Accuracy Improvements, presented by Chimi Dorji at SANOG 41 / I...APNIC
Chimi Dorji, Internet Resource Analyst at APNIC, presented on Registry Data Accuracy Improvements at SANOG 41 jointly held with INNOG 7 in Mumbai, India from 25 to 30 April 2024.
This presentation focuses on how security officers or development leaders can apply a disciplined approach to building internal consensus to build secure software. A five-step process will be laid out that will enable a manager to characterize the landscape, secure management buy-in, baseline the existing risks, set modest goals and attempt to achieve them, and sustain the initiative. Emphasis will be on actionable steps that successful managers have used to drive the adoption of secure software strategies in large organizations.
The Permanent Campaign: Driving a Secure Software Initiative in the EnterpriseDenim Group
The majority of information that exists about software security either focuses on technical means to build secure applications, or strategies to put controls in a software development process. There is a dearth of information regarding how managers should push secure initiatives forward, convincing executives that software security is critical to trusted business operations. This presentation focuses on how security officers or development leaders can apply a disciplined approach to building internal consensus to build secure software. A five-step process will be laid out that will enable a manager to characterize the landscape, secure management buy-in, baseline the existing risks, set modest goals and attempt to achieve them, and sustain the initiative. Emphasis will be on actionable steps that successful managers have used to drive the adoption of secure software strategies in large organizations.
This presentation will explore suggestions for ways Security people in Central Ohio can and do collaborate to improve Security practices within and external to organizations. This will explore ISACs, ISAOs, partnerships such as the Collaboratory, Internships, ISSA, etc.
Security Program Guidance and Establishing a Culture of SecurityDoug Copley
Doug Copley and John Kelley present advice for new CISOs, applying a framework model for assessment and measurement, establishing executive support and establishing a culture of security.
Building an Effective Data Privacy Program – 6 Steps from TRUSTeTrustArc
Six practical steps to build an effective data privacy program from conducting an initial privacy risk assessment to implementing controls & ongoing maintenance.
Watch the complete webinar from leading privacy experts on 6 practical steps to build a data privacy program https://info.truste.com/lp/truste/On-Demand-Webinar-Reg-Page2.html?asset=KB5XQRQG-567
[Agile Portugal 2014] - Agile Decision Support System for Upper Management - ...Pedro Henriques
The "life" of a company is the sum of its decisions. Hasty decisions can be disastrous, late decisions could mean loss of opportunity, but these decisions have to be made. Therefore it is important to have a tool that assists in decision making.
The main focus of this talk is to show the importance of support to decision making, understand the importance of risk and impediment management in agile environments and to present an approach to identify actions to mitigate risks and solve impediments based on Agile Community Knowledge.
This talk includes an example of a simple tool from the company SCRAIM. You can also check the video goo.gl/SBqAW4
APM webinar sponsored by the South Wales and West of England Branch on 14 July 2022.
Speaker: Sophie Okell
Introducing ethical hacking to the Ministry of Defence; the project management behind the innovation.
This webinar talked you through the journey of how a groundbreaking cyber testing methodology was applied in the Ministry of Defence.
How the project overcame the challenges faced, such as the complex stakeholder landscape, change resistance to such an innovative product and navigating commercial and legal.
The methods and factors that made the project successful:
Senior leadership support and advocacy.
Small, empowered and flexible team.
Internal marketing campaign, making use of communications and rewards.
A consultative, transformation approach.
Stakeholder mapping and engagement.
External communications, including a successful press release.
Demonstrating success early in the project and building on it.
Short delivery timescales
Clear methodology for the test, detailed in easily digestible communications
Making use of internal champions across the organisation.
The benefits achieved:
Reduction to the cyber risk.
Increased collaborative cyber culture.
Upskilling of internal IT and cyber staff.
Positioning of the MOD as a cyber leader on the global stage.
https://youtu.be/e0FXmRlKT20
https://www.apm.org.uk/news/introducing-ethical-hacking-to-the-ministry-of-defence-webinar/
Stockholm Internet Forum 2017: Development of CERTs in the Asia PacificAPNIC
APNIC Foundation Program Director Sylvia Cadena participated at the Stockholm Internet Forum from 15 to 18 May 2017 and presented an overview of APNIC's support for CERT development in the region to help ensure the Internet remains secure and stable.
Building Application Security programs from scratch or dropping into existing organizations with some AppSec functions can be a war zone. As practitioners are on the front lines of implementing AppSec programs, there is no one-size fits all or a magic supplier who can come in and solve all opportunities. It takes a dedicated staff to drive an effective program beyond the check the box mentality, with a critical focus on security culture.
Through the talk, I'd like to provide insight into the nuances of dealing with different environments large to small and the associated lessons learned to help drive the culture of security to truly provide defensive capabilities and empower the organization.
Testing in the Year 2020: The Erosion of Governance, Management, and ExcellenceTechWell
Competition is driving our business and IT partners to be ever more nimble. And Byron Glick and Jithesh Ramachandran say that the growing agility is eroding the old foundations of testing—test management, project governance, and centers of excellence. An organization pursuing lean startup approaches may reduce or eliminate traditional planning cycles and the related test management and governance. But all is not lost. Understanding why those foundations were effective in their time points to new foundations that will carry us forward into the new world of testing, technology, and society—in 2020 and beyond. The coordination and insight created with traditional test planning, management, and reporting are still needed, but new modes of partnership, alignment, value creation may be better fits for the way our organizations now work. Byron and Jithesh are seasoned explorers of this new, ever-changing landscape. Come join the conversation and build your own kit for finding a path forward in the absence of our most familiar landmarks.
Your Challenge
Organizations are struggling to keep up with today’s evolving threat landscape.
From technology sophistication and business adoption to the proliferation of hacking techniques and the expansion of hacking motivations, organizations are facing major security risks.
Every organization needs some kind of information security program to protect their systems and assets.
Organizations today face pressure from regulatory or legal obligations, customer requirement, and now, senior management expectations.
Our Advice
Critical Insight
Performing an accurate assessment of your current security operations and maturity levels can be extremely hard when you don’t know what to assess or how to assess it.
Alignment can be a difficult area for security to get right when it’s trying to balance both regular IT and the business.
Communication is needed between the business leaders, IT leaders, and the security team for an effective security strategy to be in place.
Impact and Result
Info-Tech has analyzed and integrated regulatory and industry best practice frameworks, combining COBIT 5, PCI DSS, ISO 27000, NIST SP800-53, and SANS to ensure an exhaustive approach to security.
Through this process, a comprehensive current state assessment, gap analysis, and initiative generation ensures that nothing is left off the table.
This project will elevate the perception of the security team from being a hindrance to the organization to an enabler.
Improve Information Security Practices in the Small EnterpriseGeorge Goodall
Over 80% of small-medium sized business consider themselves non-targets for cyber-attacks. However, 60% of all targeted attacks are towards small-medium sized organizations. The capabilities of hackers have risen dramatically in the last two years. Organizations of all sizes need a security plan. Security by obscurity is no longer a viable option. Adopt a proven strategy to protect vital corporate assets.
Towards data responsibility - how to put ideals into actionMindtrek
Track | Sustainable and Future-proof Tech
Mikko Eloholma Accelerator of Digital skills, TIEKE
Mindtrek Conference
3rd of October 2023.
Tampere, Finland
www.mindtrek.org
Digital crypto currency - Is it a game changer investment in India?Pavan Dikondkar
Digital crypto currency - Is it a game changer investment in India?
Crypto-Currency Investment – RISK Disclaimer
Open Source Circle Community
FIRE (Financial Independence Retire Early) Movement India Community
Crypto-Currency – Block-chain Platform
Crypto-Asset, Crypto Bill and India
Crypto Market and use cases
Crypto Investments
Crypto Investment Allocation if you plan to invest!
Crypto Exchanges – How to invest?
FIRE initiatives and workshops, Bootcamps and Courses for you
Questions and Answers | Feedback
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024APNIC
Ellisha Heppner, Grant Management Lead, presented an update on APNIC Foundation to the PNG DNS Forum held from 6 to 10 May, 2024 in Port Moresby, Papua New Guinea.
Registry Data Accuracy Improvements, presented by Chimi Dorji at SANOG 41 / I...APNIC
Chimi Dorji, Internet Resource Analyst at APNIC, presented on Registry Data Accuracy Improvements at SANOG 41 jointly held with INNOG 7 in Mumbai, India from 25 to 30 April 2024.
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...APNIC
Sunny Chendi, Senior Advisor, Membership and Policy at APNIC, presents 'APNIC Policy Roundup' at the 5th ICANN APAC-TWNIC Engagement Forum and 41st TWNIC OPM in Taipei, Taiwan from 23 to 24 April.
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024APNIC
Dave Phelan, Senior Network Analyst/Technical Trainer at APNIC, presents 'DDoS In Oceania and the Pacific' at NZNOG 2024 held in Nelson, New Zealand from 8 to 12 April 2024.
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...APNIC
Geoff Huston, Chief Scientist at APNIC deliver keynote presentation on the 'Future Evolution of the Internet' at the Everything Open 2024 conference in Gladstone, Australia from 16 to 18 April 2024.
IP addressing and IPv6, presented by Paul Wilson at IETF 119APNIC
Paul Wilson, Director General of APNIC delivers a presentation on IP addressing and IPv6 to the Policymakers Program during IETF 119 in Brisbane Australia from 16 to 22 March 2024.
draft-harrison-sidrops-manifest-number-01, presented at IETF 119APNIC
Tom Harrison, Product and Delivery Manager at APNIC presents at the Registration Protocols Extensions working group during IETF 119 in Brisbane, Australia from 16-22 March 2024
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...APNIC
Che-Hoo Cheng, Senior Director, Development at APNIC presents on the "Benefits of doing Internet peering and running an Internet Exchange (IX)" at the Communications Regulatory Commission of Mongolia's IPv6, IXP, Datacenter - Policy and Regulation International Trends Forum in Ulaanbaatar, Mongolia on 7 March 2024
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85APNIC
APNIC Senior Advisor, Membership and Policy, Sunny Chendi presented on APNIC updates and RIR Policies for ccTLDs at APTLD 85 in Goa, India from 19-22 February 2024.
Gen Z and the marketplaces - let's translate their needsLaura Szabó
The product workshop focused on exploring the requirements of Generation Z in relation to marketplace dynamics. We delved into their specific needs, examined the specifics in their shopping preferences, and analyzed their preferred methods for accessing information and making purchases within a marketplace. Through the study of real-life cases , we tried to gain valuable insights into enhancing the marketplace experience for Generation Z.
The workshop was held on the DMA Conference in Vienna June 2024.
Understanding User Behavior with Google Analytics.pdfSEO Article Boost
Unlocking the full potential of Google Analytics is crucial for understanding and optimizing your website’s performance. This guide dives deep into the essential aspects of Google Analytics, from analyzing traffic sources to understanding user demographics and tracking user engagement.
Traffic Sources Analysis:
Discover where your website traffic originates. By examining the Acquisition section, you can identify whether visitors come from organic search, paid campaigns, direct visits, social media, or referral links. This knowledge helps in refining marketing strategies and optimizing resource allocation.
User Demographics Insights:
Gain a comprehensive view of your audience by exploring demographic data in the Audience section. Understand age, gender, and interests to tailor your marketing strategies effectively. Leverage this information to create personalized content and improve user engagement and conversion rates.
Tracking User Engagement:
Learn how to measure user interaction with your site through key metrics like bounce rate, average session duration, and pages per session. Enhance user experience by analyzing engagement metrics and implementing strategies to keep visitors engaged.
Conversion Rate Optimization:
Understand the importance of conversion rates and how to track them using Google Analytics. Set up Goals, analyze conversion funnels, segment your audience, and employ A/B testing to optimize your website for higher conversions. Utilize ecommerce tracking and multi-channel funnels for a detailed view of your sales performance and marketing channel contributions.
Custom Reports and Dashboards:
Create custom reports and dashboards to visualize and interpret data relevant to your business goals. Use advanced filters, segments, and visualization options to gain deeper insights. Incorporate custom dimensions and metrics for tailored data analysis. Integrate external data sources to enrich your analytics and make well-informed decisions.
This guide is designed to help you harness the power of Google Analytics for making data-driven decisions that enhance website performance and achieve your digital marketing objectives. Whether you are looking to improve SEO, refine your social media strategy, or boost conversion rates, understanding and utilizing Google Analytics is essential for your success.
Bridging the Digital Gap Brad Spiegel Macon, GA Initiative.pptxBrad Spiegel Macon GA
Brad Spiegel Macon GA’s journey exemplifies the profound impact that one individual can have on their community. Through his unwavering dedication to digital inclusion, he’s not only bridging the gap in Macon but also setting an example for others to follow.
Meet up Milano 14 _ Axpo Italia_ Migration from Mule3 (On-prem) to.pdfFlorence Consulting
Quattordicesimo Meetup di Milano, tenutosi a Milano il 23 Maggio 2024 dalle ore 17:00 alle ore 18:30 in presenza e da remoto.
Abbiamo parlato di come Axpo Italia S.p.A. ha ridotto il technical debt migrando le proprie APIs da Mule 3.9 a Mule 4.4 passando anche da on-premises a CloudHub 1.0.
7. Entities & Capabilities
CERT with
National
Responsibilities
Enterprise
CERTs/CSIRTs
CERT of the
Last Resort
Ad-Hoc
Incident
Response
Check out www.first.org
Trusted Point of Contacts
7
9. Managing Things
9
• Managing Security Incidents
o Reduce Impact of Security Incidents
o Prevent Security Incident from Occurring
o Fixing actual vulnerabilities
o Gain insights about emerging threats or incidents (Information Security & Analysis
Centers, Threat Intel Feeds)
o Collaborate with other stakeholders (i.e. investigation, policy/strategy)
• Managing Security Incident Response Teams
o Establishing CSIRT
o Operationalizing CSIRT
o Having the right skill-sets, knowledge and tools
o Being part of the community
o Mentoring
11. Don’t Phish Me!
• Online Banking
• Traditional Phishing (email ->
Web)
• Multiple Banks
• CERT receiving reports but
coordination is needed
• Money Mules!
• Outcomes – coordinated plan,
LEA engagement, Awareness for
Customers, Browser Plugin
Anti Phishing Working Group
(2007)
11
12. Key Ingredient – People
• Who is going to work in the team
• Role/Position = $$
• Training and capacity development
oGo deeper and wider
• Transitioning from non-security, non-secops
• Upskilling for tech folks – management
12
Sri Lanka CERT Cyber Security Awareness Week (2016)
13. Annual National Cyber Security
Exercise 2007 - XMAYA
National Cyber
Crisis
Management
Plan for Critical
Infrastructure
Process
Coordination /
Escalation
People /
Technology
Capabilities and
Communication
o National Security Council
o Support by Sector Lead of
Critical Infrastructure
o Drill Development &
Preparation by National
CERT
o Good view of policy vs
implementation
o Roles & Responsibilities
o Capacity Development –
Experience Incident
13
14. Challenges
• Different Set of Challenges for National vs Enterprise CERTs
• Getting started **
• Organisational – Mandate/Responsibility, Sustainability and Expansion
• Operational – visibility, resources, collaboration & coordination
14
15. Challenges - Continuity
• Continuity – change is expected
• Consistent policy, vision needed
• Positive = CERT expanding into a cyber security agency
• Negative = No funding for CERT, hostile takeovers
• Strengthening the Stakeholders
• User base and technology is dynamic
• Supporting the ecosystem – Resources, Training & Infrastructure
15
16. CERT/CSIRT in the Pacific Project
• Interest in setting up a National CERT (starting with CERT
Tonga) in 2016
• Kick Start – Series of Workshops
• Focus
o Establishing & Operationalizing a CERT in the context of the
Pacific
o Collaboration + Networking (with other partners PACSON,
APCERT & FIRST)
o On the job training
o Sharing ideas, success stories etc
• Created momentum in other areas of cyber security i.e.
education & awareness, support for LEAs and other
stakeholders
16
17. Where are we?
1. Do you have an incident response plan?
2. What are the top 5 threats last year or last month?
3. Where do cyber security incidents* get reported?
4. Is there an active information sharing network for security
practitioners or security teams?
5. Is there good visibility of what is happening in the environment?
6. Are organisations assessed to deal with data breach incidents or
ransomware? How is the coverage?
7. Are there any activities related to the coordination of incidents
within a specific economic sector or at the national level.
17
19. Take Aways
• Appreciation of Incident Response in the
Bigger Security Picture
• Cyber Resilience is not an option
• Continuous process
• Dedicated Teams & Capabilities
• Challenges – Getting Started, Expanding
and Maintaining
• Requires planning, resources and
persistence
• Our role – support & do something now
19
20. Thank you
Adli Wahid (LInkedIn)
adli@apnic.net
www.apnic.net
academy.apnic.net
20