This is my presentation from the Cyber Security Summit held in Prague 2015 at the Boscolo Prague Spa Hotel. For the missing slides and further information, contact me directly.
As technology and software become more and more important to Portuguese society, it is time for Portugal to take them more seriously, and become a real player in that world.
A look at why Caribbean cyber security is important, Caribbean experiences achieving cyber security, why an effective strategy is critical and the importance of an effective Information Governance strategy.
Impressions from Caribbean ICT Stakeholder Meeting, CyberSecurityShiva Bissessar
Brief impressions of the current state of Cyber Security development efforts in the Caribbean with focus on Trinidad and Tobago, as gleaned from the recently held (26th -28th May 2014) Caribbean Stakeholders Meeting (ICT) and knowledge of the landscape in Trinidad & Tobago.
Lessons learned from the SingHealth Data Breach COI ReportBenjamin Ang
16 recommendations for better cybersecurity, digested from the 454 page COI (Committee of Inquiry) report on Singapore's biggest data breach to date (1.5 million patients' records), presented at Cyber Resilience and Risk Forum 2019, Singapore. Useful info for board directors, managers, CSOs, CISOs, cybersecurity professionals
Singapore Cybersecurity Strategy and Legislation (2018)Benjamin Ang
A primer on Singapore's Cybersecurity Strategy, and the laws of Singapore relating to Cybersecurity (Computer Misuse Act, Personal Data Protection Act, Cybersecurity Act 2018). Also contains a summary of the results of the Public Consultation on the Cybersecurity Bill
This document provides an overview of an incident response presentation on the topic of "Incident Response Requires Superhumans". It discusses how expectations for incident response have grown exponentially with technology advancement. It outlines some of the multi-faceted skills and expertise required of incident response professionals, including deep technical knowledge across many domains as well as soft skills like communication and working under pressure. The document cautions that developing capable incident response teams is challenging due to the hands-on experience required and calls for continuous learning to address the dynamic nature of the field.
The document discusses information security workshops offered by Pinaka Technology Solutions to help organizations strengthen their security governance and increase user awareness of threats like phishing. The workshops cover topics such as security policies, risk management, and social engineering attacks, and are aimed at executives, IT staff, and other personnel handling sensitive data. Details are provided on workshop content, duration, cost, and customization options.
The document discusses cybersecurity risks and responsibilities in the Caribbean region. It notes recent cyber attacks and security audits in Trinidad, Jamaica, and Barbados. It summarizes a section of the Cybercrime Bill 2014 that holds corporate directors responsible if they fail to prevent cybercrimes originating from their organization. Finally, it argues that information security requires governance, securing people and processes in addition to technology, and following standards like ISO 27001 to be prepared for incidents.
As technology and software become more and more important to Portuguese society, it is time for Portugal to take them more seriously, and become a real player in that world.
A look at why Caribbean cyber security is important, Caribbean experiences achieving cyber security, why an effective strategy is critical and the importance of an effective Information Governance strategy.
Impressions from Caribbean ICT Stakeholder Meeting, CyberSecurityShiva Bissessar
Brief impressions of the current state of Cyber Security development efforts in the Caribbean with focus on Trinidad and Tobago, as gleaned from the recently held (26th -28th May 2014) Caribbean Stakeholders Meeting (ICT) and knowledge of the landscape in Trinidad & Tobago.
Lessons learned from the SingHealth Data Breach COI ReportBenjamin Ang
16 recommendations for better cybersecurity, digested from the 454 page COI (Committee of Inquiry) report on Singapore's biggest data breach to date (1.5 million patients' records), presented at Cyber Resilience and Risk Forum 2019, Singapore. Useful info for board directors, managers, CSOs, CISOs, cybersecurity professionals
Singapore Cybersecurity Strategy and Legislation (2018)Benjamin Ang
A primer on Singapore's Cybersecurity Strategy, and the laws of Singapore relating to Cybersecurity (Computer Misuse Act, Personal Data Protection Act, Cybersecurity Act 2018). Also contains a summary of the results of the Public Consultation on the Cybersecurity Bill
This document provides an overview of an incident response presentation on the topic of "Incident Response Requires Superhumans". It discusses how expectations for incident response have grown exponentially with technology advancement. It outlines some of the multi-faceted skills and expertise required of incident response professionals, including deep technical knowledge across many domains as well as soft skills like communication and working under pressure. The document cautions that developing capable incident response teams is challenging due to the hands-on experience required and calls for continuous learning to address the dynamic nature of the field.
The document discusses information security workshops offered by Pinaka Technology Solutions to help organizations strengthen their security governance and increase user awareness of threats like phishing. The workshops cover topics such as security policies, risk management, and social engineering attacks, and are aimed at executives, IT staff, and other personnel handling sensitive data. Details are provided on workshop content, duration, cost, and customization options.
The document discusses cybersecurity risks and responsibilities in the Caribbean region. It notes recent cyber attacks and security audits in Trinidad, Jamaica, and Barbados. It summarizes a section of the Cybercrime Bill 2014 that holds corporate directors responsible if they fail to prevent cybercrimes originating from their organization. Finally, it argues that information security requires governance, securing people and processes in addition to technology, and following standards like ISO 27001 to be prepared for incidents.
Singapore Cybersecurity Strategy and Legislation (for SMU Law School 2019)Benjamin Ang
The document discusses Singapore's cybersecurity strategy and legal framework. It has 4 pillars: (1) enhancing Singapore as a trusted hub, (2) promoting collective responsibility, (3) using cybersecurity as an advantage, and (4) national cyber R&D. The Cybersecurity Act designates critical infrastructure and gives the Cyber Security Agency powers to investigate incidents. The strategy aims to strengthen cyber defenses, educate the public, and develop Singapore as a cybersecurity hub in Asia.
Marcel van der Heijden - SpeedInvest & Aircloak - EU GDPR & Data Privacy Comp...Burton Lee
Talk by Marcel van der Heijden, SpeedInvest & Aircloak (Silicon Valley | AT | DE), at Stanford on Feb 26 2018, in our session: 'New EU Data Privacy Rules : Lessons & Risks for Silicon Valley Corporations & Startups || GDPR'.
Website: http://www.StanfordEuropreneurs.org
YouTube Channel: https://www.youtube.com/user/StanfordEuropreneurs
Twitter: @Europreneurs
Information Security Management Education Program - Concept Document Dinesh O Bareja
The document proposes an information security management program to train future security managers. It notes shortcomings in existing education and certification programs. The proposed program would [1] provide practical skills training using real-world scenarios, [2] cover technical, business, audit and legal topics to prepare students for security leadership roles, and [3] include soft skills development and fieldwork opportunities. The program differentiators include an experiential learning lab, partnerships with industry, and mentoring to support career placement.
1. MyCERT was established in 1997 as Malaysia's national computer emergency response team to handle cybersecurity incidents and coordinate responses.
2. It launched the Cyber999 service in 2008 to provide a central reporting point for all cyber incidents.
3. MyCERT operates the Malware Research Centre, set up in 2009, to analyze malware samples and issue advisories to improve the country's cyber defenses.
This document provides information about an upcoming intelligence strategies conference for law enforcers. The two-day conference will cover topics such as investigating suspects, organized crime, using intelligence to prevent crime, technological support for intelligence operations, and turning collaborative information into actionable intelligence. It will feature presentations from experts in fields such as law enforcement, private security, banking, and academia. Attendees will include a variety of law enforcement professionals. The conference aims to provide an independent platform for collaboration and will include technology exhibitions and a workshop on modern investigation techniques.
DIGITAL FORENSICS IS A BRANCH OF FORENSIC SCIENCE FOCUSING ON THE RECOVERY AND INVESTIGATION OF RAW DATA RESIDING IN ELECTRONIC OR DIGITAL DEVICES. THE GOAL OF THE PROCESS IS TO EXTRACT AND RECOVER ANY INFORMATION FROM A DIGITAL DEVICE WITHOUT ALTERING THE DATA PRESENT ON THE DEVICE.
--D3
For more; https://d3pakblog.wordpress.com
This document discusses cyber security strategies and approaches used by various governments and organizations. It outlines national strategies from the UK, US, Estonia, and Singapore, as well as approaches at the European Union level. Common themes across strategies include recognizing the interconnected nature of IT systems, moving from attack detection to prevention, and the need for joint public-private collaboration to develop regulations, share intelligence, and protect critical infrastructure and society.
The document outlines 26 rules for a new craft of intelligence in 3 paragraphs or less:
Rule 1 discusses moving from data to information to intelligence, with the goal of answering questions and determining next steps. Rule 2 notes analysis adds value by considering all sources rather than just secret ones. Rule 3 emphasizes the importance of broad global coverage over focus on just a few "hard targets."
Several rules address the need for more open-source information, cultural and linguistic expertise, decentralized networks, and burden sharing between allies. Rules 24 discusses the need for analysts to manage projects and priorities while collectors take a more analytical role.
The final rules propose creating shared resources and standards between intelligence agencies internationally. Rule 26 emphasizes that while some
What is Information Security and why you should care ...James Mulhern
An interactive introduction to Information Security and Cyber Security for BTEC students studying IT at Swindon College in the UK. The session illustrates the breadth and diversity of the subject and opportunities it can offer. The session illustrates things might not always be as they seem and the impacts can be far more reaching than at first imagined.
Gdpr demystified - making sense of the regulationJames Mulhern
Slightly out dated introduction to GDPR, that tries to move away from the headlines on fines and emphasises the global nature of the regulation, the numerous forms of lawful processing and the absolute need to manage privacy and be transparent. Goes on to show how using public cloud can help solve part of the problem.
The document discusses rethinking cyber security approaches for financial institutions. It outlines key factors driving an evolution in how cyber security risks are managed, including emerging threats, increased attacks, higher costs, and greater regulatory scrutiny. The document proposes transforming cyber security programs to employ an enterprise-wide risk management approach with a focus on governance, risk assessment, controls, incident response planning, vendor management, training, threat intelligence, and cyber insurance. Adopting these measures could help address ongoing cyber security challenges.
ITrust is a leading French cybersecurity company that provides expertise, products, and security operations center services. It has over 200 clients, 100% annual growth, and offices in Paris, Toulouse, New York, and Shanghai. ITrust's flagship product is the IKare vulnerability management tool, which can reduce vulnerabilities by 90% by identifying and helping to correct security flaws. The company is working on new behavioral analytics and AI solutions to better detect unknown cyber threats.
Top 2020 Predictions: Cybersecurity Threats, Trends, and the CCPA RegulationPECB
This session discusses the top cyber threats for 2020 world-wide, where our presenters will discuss the top security priorities in their states for cybersecurity, followed by a Q/A session at the end of the presentation.
What topics are hot for Chief Security Officers in 2020? Which cyber threats are demanding the most attention for top government cybersecurity leaders? What projects are the U.S. states of Washington and Illinois applying resources to address security priorities? Where next with privacy legislation and implementation of regulations likes the California Consumer Privacy Act (CCPA)?
The webinar covers:
• Top security predictions for 2020 from global security vendors – along with CISO reactions and feedback
• Security trends (in specific areas such as ransomware) seen at the end of 2019 and in the first weeks of 2020
• CISO project priorities from Washington State and the State of Illinois
• Panel discussion of privacy actions and CCPA implementation nationwide
Date: February 19, 2019
Recorded webinar: https://youtu.be/QN35YHEA_4E
PAC Webinar - "Show me the money!" - evaluating market opportunities in cyber...Nicolas Beyer
This document summarizes the cyber security market opportunity. It notes that the total cyber security market size was $31.5 billion in 2013 and is expected to grow 8.8% annually. It identifies several trends driving growth, such as the digital economy, need for holistic approaches, and focus on data security. It also outlines market segments, players, and growth opportunities and challenges for both security services and software providers.
Data Security in the Insurance Industry: what you need to know about data pro...XeniT Solutions nv
With the amount of personal and sensitive customer information needed to accurately ensure a client, it’s no wonder the Insurance industry is a target for data security threats.
While all businesses across every industry are at risk, there are a few things that make the insurance industry particularly attractive – and susceptible – to data breaches and cyber-attacks.
- The sheer volume of information available
- The highly sensitive nature of the information
- Large amounts of unstructured data
In this webinar, our speakers illustrated the state of art, including the technical and legal framework, to protect your most relevant information from cyberattacks. You will learn:
- How to define a roadmap that optimizes the impact of cyber security expenditure
- How to adopt a general risk management approach to identify Cyber security risks
- What are the most relevant technologies available today to protect your data
Recent developments and future challenges in privacyPECB
The document discusses recent developments and future challenges in privacy. It begins with an introduction to Sébastien Gambs, a professor specializing in computer security and privacy. It then covers several topics:
1. A discussion of privacy in the digital age and the risks posed by collecting and linking digital traces to identities.
2. An overview of recent developments in privacy-enhancing technologies like anonymous communication networks (Tor), anonymous credentials, and secure multiparty computation.
3. Future challenges posed by big data like enabling useful analytics while protecting privacy, and the difficulty of creating truly anonymous datasets given the threat of de-anonymization attacks.
The document summarizes an ICSA Technology Conference focused on cyber security that was held on Friday, November 4, 2017. The conference included chair remarks, discussions on building business confidence in cyber security, the evolving cyber threat landscape, ransomware and cyber extortion, and how to respond to a cyber security breach. Speakers addressed questions organizations have about current cyber risk levels and how to understand and address cyber threats through practical measures.
Cyber attacks have been hitting the headlines for years; but in spite of the risks, the reputational damage and the rising cost of fines, there is still an endless stream of businesses being exposed for security failings.
The scale of the problem is vast: Accenture’s recent 2016 Global Security Report highlighted “an astounding level of breaches” with the organisations surveyed facing more than 80 targeted attacks every year, of which a third were successful. Much has been made of the evolving threat landscape and increasing sophistication of attacks. But whilst there is evidence to support the growing complexity of the challenge, all too often the analysis of these high-profile attacks determines basic, foundational security principles were ignored.
Some commentators argue that the persistence of failings is a direct reflection of organisational priorities, and that while businesses may talk a good game, security is not yet given the attention that it requires at board level. This leaves CISOs and IT leaders fighting a losing battle to secure adequate attention and investment for an area of the business which does not generate revenue.
This conference will look at raising security standards across the business, exploring some of the most persistent problems from IT infrastructure to staff engagement. Amidst a backdrop of perpetual media hysteria, turbulent markets and looming regulatory change, it can prove difficult to establish a coherent picture of the threat, never mind what action to take. The conference will help contextualise the challenging landscape and discuss how to deliver meaningful improvements and end to end organisational resilience.
Singapore Cybersecurity Strategy and Legislation (for SMU Law School 2019)Benjamin Ang
The document discusses Singapore's cybersecurity strategy and legal framework. It has 4 pillars: (1) enhancing Singapore as a trusted hub, (2) promoting collective responsibility, (3) using cybersecurity as an advantage, and (4) national cyber R&D. The Cybersecurity Act designates critical infrastructure and gives the Cyber Security Agency powers to investigate incidents. The strategy aims to strengthen cyber defenses, educate the public, and develop Singapore as a cybersecurity hub in Asia.
Marcel van der Heijden - SpeedInvest & Aircloak - EU GDPR & Data Privacy Comp...Burton Lee
Talk by Marcel van der Heijden, SpeedInvest & Aircloak (Silicon Valley | AT | DE), at Stanford on Feb 26 2018, in our session: 'New EU Data Privacy Rules : Lessons & Risks for Silicon Valley Corporations & Startups || GDPR'.
Website: http://www.StanfordEuropreneurs.org
YouTube Channel: https://www.youtube.com/user/StanfordEuropreneurs
Twitter: @Europreneurs
Information Security Management Education Program - Concept Document Dinesh O Bareja
The document proposes an information security management program to train future security managers. It notes shortcomings in existing education and certification programs. The proposed program would [1] provide practical skills training using real-world scenarios, [2] cover technical, business, audit and legal topics to prepare students for security leadership roles, and [3] include soft skills development and fieldwork opportunities. The program differentiators include an experiential learning lab, partnerships with industry, and mentoring to support career placement.
1. MyCERT was established in 1997 as Malaysia's national computer emergency response team to handle cybersecurity incidents and coordinate responses.
2. It launched the Cyber999 service in 2008 to provide a central reporting point for all cyber incidents.
3. MyCERT operates the Malware Research Centre, set up in 2009, to analyze malware samples and issue advisories to improve the country's cyber defenses.
This document provides information about an upcoming intelligence strategies conference for law enforcers. The two-day conference will cover topics such as investigating suspects, organized crime, using intelligence to prevent crime, technological support for intelligence operations, and turning collaborative information into actionable intelligence. It will feature presentations from experts in fields such as law enforcement, private security, banking, and academia. Attendees will include a variety of law enforcement professionals. The conference aims to provide an independent platform for collaboration and will include technology exhibitions and a workshop on modern investigation techniques.
DIGITAL FORENSICS IS A BRANCH OF FORENSIC SCIENCE FOCUSING ON THE RECOVERY AND INVESTIGATION OF RAW DATA RESIDING IN ELECTRONIC OR DIGITAL DEVICES. THE GOAL OF THE PROCESS IS TO EXTRACT AND RECOVER ANY INFORMATION FROM A DIGITAL DEVICE WITHOUT ALTERING THE DATA PRESENT ON THE DEVICE.
--D3
For more; https://d3pakblog.wordpress.com
This document discusses cyber security strategies and approaches used by various governments and organizations. It outlines national strategies from the UK, US, Estonia, and Singapore, as well as approaches at the European Union level. Common themes across strategies include recognizing the interconnected nature of IT systems, moving from attack detection to prevention, and the need for joint public-private collaboration to develop regulations, share intelligence, and protect critical infrastructure and society.
The document outlines 26 rules for a new craft of intelligence in 3 paragraphs or less:
Rule 1 discusses moving from data to information to intelligence, with the goal of answering questions and determining next steps. Rule 2 notes analysis adds value by considering all sources rather than just secret ones. Rule 3 emphasizes the importance of broad global coverage over focus on just a few "hard targets."
Several rules address the need for more open-source information, cultural and linguistic expertise, decentralized networks, and burden sharing between allies. Rules 24 discusses the need for analysts to manage projects and priorities while collectors take a more analytical role.
The final rules propose creating shared resources and standards between intelligence agencies internationally. Rule 26 emphasizes that while some
What is Information Security and why you should care ...James Mulhern
An interactive introduction to Information Security and Cyber Security for BTEC students studying IT at Swindon College in the UK. The session illustrates the breadth and diversity of the subject and opportunities it can offer. The session illustrates things might not always be as they seem and the impacts can be far more reaching than at first imagined.
Gdpr demystified - making sense of the regulationJames Mulhern
Slightly out dated introduction to GDPR, that tries to move away from the headlines on fines and emphasises the global nature of the regulation, the numerous forms of lawful processing and the absolute need to manage privacy and be transparent. Goes on to show how using public cloud can help solve part of the problem.
The document discusses rethinking cyber security approaches for financial institutions. It outlines key factors driving an evolution in how cyber security risks are managed, including emerging threats, increased attacks, higher costs, and greater regulatory scrutiny. The document proposes transforming cyber security programs to employ an enterprise-wide risk management approach with a focus on governance, risk assessment, controls, incident response planning, vendor management, training, threat intelligence, and cyber insurance. Adopting these measures could help address ongoing cyber security challenges.
ITrust is a leading French cybersecurity company that provides expertise, products, and security operations center services. It has over 200 clients, 100% annual growth, and offices in Paris, Toulouse, New York, and Shanghai. ITrust's flagship product is the IKare vulnerability management tool, which can reduce vulnerabilities by 90% by identifying and helping to correct security flaws. The company is working on new behavioral analytics and AI solutions to better detect unknown cyber threats.
Top 2020 Predictions: Cybersecurity Threats, Trends, and the CCPA RegulationPECB
This session discusses the top cyber threats for 2020 world-wide, where our presenters will discuss the top security priorities in their states for cybersecurity, followed by a Q/A session at the end of the presentation.
What topics are hot for Chief Security Officers in 2020? Which cyber threats are demanding the most attention for top government cybersecurity leaders? What projects are the U.S. states of Washington and Illinois applying resources to address security priorities? Where next with privacy legislation and implementation of regulations likes the California Consumer Privacy Act (CCPA)?
The webinar covers:
• Top security predictions for 2020 from global security vendors – along with CISO reactions and feedback
• Security trends (in specific areas such as ransomware) seen at the end of 2019 and in the first weeks of 2020
• CISO project priorities from Washington State and the State of Illinois
• Panel discussion of privacy actions and CCPA implementation nationwide
Date: February 19, 2019
Recorded webinar: https://youtu.be/QN35YHEA_4E
PAC Webinar - "Show me the money!" - evaluating market opportunities in cyber...Nicolas Beyer
This document summarizes the cyber security market opportunity. It notes that the total cyber security market size was $31.5 billion in 2013 and is expected to grow 8.8% annually. It identifies several trends driving growth, such as the digital economy, need for holistic approaches, and focus on data security. It also outlines market segments, players, and growth opportunities and challenges for both security services and software providers.
Data Security in the Insurance Industry: what you need to know about data pro...XeniT Solutions nv
With the amount of personal and sensitive customer information needed to accurately ensure a client, it’s no wonder the Insurance industry is a target for data security threats.
While all businesses across every industry are at risk, there are a few things that make the insurance industry particularly attractive – and susceptible – to data breaches and cyber-attacks.
- The sheer volume of information available
- The highly sensitive nature of the information
- Large amounts of unstructured data
In this webinar, our speakers illustrated the state of art, including the technical and legal framework, to protect your most relevant information from cyberattacks. You will learn:
- How to define a roadmap that optimizes the impact of cyber security expenditure
- How to adopt a general risk management approach to identify Cyber security risks
- What are the most relevant technologies available today to protect your data
Recent developments and future challenges in privacyPECB
The document discusses recent developments and future challenges in privacy. It begins with an introduction to Sébastien Gambs, a professor specializing in computer security and privacy. It then covers several topics:
1. A discussion of privacy in the digital age and the risks posed by collecting and linking digital traces to identities.
2. An overview of recent developments in privacy-enhancing technologies like anonymous communication networks (Tor), anonymous credentials, and secure multiparty computation.
3. Future challenges posed by big data like enabling useful analytics while protecting privacy, and the difficulty of creating truly anonymous datasets given the threat of de-anonymization attacks.
The document summarizes an ICSA Technology Conference focused on cyber security that was held on Friday, November 4, 2017. The conference included chair remarks, discussions on building business confidence in cyber security, the evolving cyber threat landscape, ransomware and cyber extortion, and how to respond to a cyber security breach. Speakers addressed questions organizations have about current cyber risk levels and how to understand and address cyber threats through practical measures.
Cyber attacks have been hitting the headlines for years; but in spite of the risks, the reputational damage and the rising cost of fines, there is still an endless stream of businesses being exposed for security failings.
The scale of the problem is vast: Accenture’s recent 2016 Global Security Report highlighted “an astounding level of breaches” with the organisations surveyed facing more than 80 targeted attacks every year, of which a third were successful. Much has been made of the evolving threat landscape and increasing sophistication of attacks. But whilst there is evidence to support the growing complexity of the challenge, all too often the analysis of these high-profile attacks determines basic, foundational security principles were ignored.
Some commentators argue that the persistence of failings is a direct reflection of organisational priorities, and that while businesses may talk a good game, security is not yet given the attention that it requires at board level. This leaves CISOs and IT leaders fighting a losing battle to secure adequate attention and investment for an area of the business which does not generate revenue.
This conference will look at raising security standards across the business, exploring some of the most persistent problems from IT infrastructure to staff engagement. Amidst a backdrop of perpetual media hysteria, turbulent markets and looming regulatory change, it can prove difficult to establish a coherent picture of the threat, never mind what action to take. The conference will help contextualise the challenging landscape and discuss how to deliver meaningful improvements and end to end organisational resilience.
This document provides an agenda for the Spotlight on Technology (#SOT17) event. The agenda includes times for registration, exhibitor meet and greets, presentations from various technology companies (including SmartSTEMs, Pure Storage, ZoneFox, Lenovo, and Trend Micro), panels on threats and how to manage them, and a customer panel with Q&A. Presentation topics include GDPR compliance, ransomware attacks, and user behavior analytics for insider threat detection. The event aims to inform attendees about new technologies through demonstrations and discussions of current issues.
Today's Breach Reality, The IR Imperative, And What You Can Do About ItResilient Systems
Despite changing threats and the near certainty of compromise, most
IT security programs are much the same as they were a decade ago. How
have attacker motivations and tactics changed, and why? What does
this mean for IT security departments, and how must they adapt?
This webinar will detail the security challenges organizations face
today, the implications of changes in attacker tactics and
motivations, and what firms can do to better align their security
program with today's reality.
Our featured speakers for this webinar will be:
- Ted Julian, Chief Marketing Officer, Co3 Systems
- Colby Clark, Director of Incident Management, Fishnet Security
ASFWS 2013 - Critical Infrastructures in the Age of Cyber Insecurity par Andr...Cyber Security Alliance
Threats, risks, actors, trends, attack techniques, defense issues and possible future scenarios for Critical Infrastructures in the age of cyber insecurity.
Hacking Portugal and making it a global player in Software development
As technology and software becomes more and more important to Portuguese society it is time to take it seriously and really become a player in that world.
Application Security can act as an enabler, due to its focus on how code/apps actually work, and its enormous drive on secure-coding, testing, dev-ops and quality.
This presentation will provide a number of paths for making
Portugal a place where programming, TDD, Open Source, learning how to code, hacking and DevOps are first class citizens.
This document discusses cyber security risks and strategies for mitigation. It begins with definitions of cyber security and outlines how the threat landscape has changed with more impactful cyber incidents. It then discusses determining an organization's cyber risk profile by assessing business environment factors, possible targets, threat actors, vulnerabilities, and legal/regulatory requirements. The document provides examples of common cyber attacks and psychological techniques used in social engineering. It emphasizes that employees are both the weakest link and greatest asset in cyber defense. Finally, it recommends five steps to minimize exposure: assess readiness, identify critical assets, select appropriate defenses, boost security awareness, and enhance monitoring and incident response capabilities.
The document discusses a theft at the University of California, Berkeley where a laptop containing personal information on 98,000 people was stolen from an administration building. While university policy mandates encrypting personal data, the files on the stolen laptop had not yet been encrypted. The university is attempting to notify those affected and authorities do not believe the data has been misused yet. The incident raises questions about storing sensitive data on portable devices.
The document discusses a presentation given by Raoul Chiesa on auditing the mind of hackers and profiling different types of hackers. It provides an overview of Chiesa's background and work with the United Nations on issues related to cybercrime. The presentation outlines the Hackers Profiling Project which aims to better understand hackers through technical and criminological approaches in order to differentiate between various types of hackers.
Managing Frequently Overlooked Risks & Threats (FORTS) in CorporationsDinesh O Bareja
There are many (small) risks and threats which are frequently overlooked in an organization. The presentation takes a look at where Risks & Threats (RaT) come from and at the "Biggies" in the RaT Lists. We look at a few Frequently Overlooked Threats and Risks (FORT) and Course Correction Options and finally a few Case Studies to highlight FORTs
Cybercrime: 5 Practical Tips for Law Firms on Avoiding Financial & Reputation...Lucien Pierce
Between 2011 and 2015, 80% of large law firms suffered some sort of cyber security breach. Taking into account the Protection of Personal Information Act and other privacy requirements, the Law Society of South Africa's L.E.A.D, asked me to host a webinar to educate South African law firms on how to protect themselves. The tips are just as applicable to most businesses. Here's my presentation. You can find a recording of the presentation here: http://tinyurl.com/zt7p6uq
Presentation by Larry Clinton, President of the Internet Security Alliance (ISA) to the 66th Annual Fowler Seminar on Oct 12 2012 titled Evolution of the Cyber Threat - A Unified Systems Approach.
Digital Transformation and Data ProtectionSerter Ozturk
This expedited timeline has created vehicles with advanced capabilities but few protections!
Governments are very sensitive about car safety and cyber security issues. For 2017, connectivity is already prioritized on lawmakers’ agendas. It is obvious that the automotive industry’s growth trajectory does not leave much time for reflection.
Data privacy and cybersecurity will become a strong selling point for car buyers. The key will be providing a smooth communication in an easy to understand way despite such protective features.
This document discusses cyber security best practices for media organizations. It notes that hacking and espionage are not new threats, and that organized cybercrime is now worth more than the global drugs trade. The document outlines advanced persistent threats faced by UK broadcasters and financial institutions. It recommends developing practical security policies, mandating scanning and patching, and installing security information and event management systems to monitor for threats. The document also discusses new regulations like the General Data Protection Regulation and the need for organizations to adapt security practices to address evolving threats like ransomware and phishing.
Using Technology and People to Improve your Threat Resistance and Cyber SecurityStephen Cobb
A presentation delivered at the 2014 meeting of the Municipal Information Systems Association of California. Includes suggestions for security awareness programs.
The internet of things..perspectives for the Nigerian legal systemSimon Aderinlola
The ability for everyday devices to connect with each other and with people is a hot topic.
The Nigerian Communications Commission identified a need for the Nigerian legal system to be aware of present and future possibilities, grey areas and learnings from other countries that have taken proactive steps to prepare for this inevitable future.
Learnings from the EU, USA, China etc are considered. It is comforting to know that no country claims to have its legislation ahead of the tech innovations curve, but the catchup game needs to be at a pace that dragnets the present effectively and constantly repositions for the unknown future.
Regulation should also be smart. Rather than get bogged down regulating aluminium weight for car use, fuel grades for combustion, rather regulate speed (protect lives) and drive regulation by principles that outlive wherever tech wants to go next.
The session was eye-opening for a good number of the aged and candid judges, but it was gladdening to see the mindset: mobile tech is not "that thing", it has to be used, understood and admitted as evidence.
The nerds and more tech savvy should help these 'learned ones' to better embrace tech and help them do their work better for joint good!
Attendee/delegate feedback was candid and NCC hopes to build on this in the coming years.
Similar to APT or not - does it make a difference if you are compromised? (20)
This presentation by Juraj Čorba, Chair of OECD Working Party on Artificial Intelligence Governance (AIGO), was made during the discussion “Artificial Intelligence, Data and Competition” held at the 143rd meeting of the OECD Competition Committee on 12 June 2024. More papers and presentations on the topic can be found at oe.cd/aicomp.
This presentation was uploaded with the author’s consent.
This presentation by OECD, OECD Secretariat, was made during the discussion “The Intersection between Competition and Data Privacy” held at the 143rd meeting of the OECD Competition Committee on 13 June 2024. More papers and presentations on the topic can be found at oe.cd/ibcdp.
This presentation was uploaded with the author’s consent.
• For a full set of 530+ questions. Go to
https://skillcertpro.com/product/servicenow-cis-itsm-exam-questions/
• SkillCertPro offers detailed explanations to each question which helps to understand the concepts better.
• It is recommended to score above 85% in SkillCertPro exams before attempting a real exam.
• SkillCertPro updates exam questions every 2 weeks.
• You will get life time access and life time free updates
• SkillCertPro assures 100% pass guarantee in first attempt.
This presentation by OECD, OECD Secretariat, was made during the discussion “Artificial Intelligence, Data and Competition” held at the 143rd meeting of the OECD Competition Committee on 12 June 2024. More papers and presentations on the topic can be found at oe.cd/aicomp.
This presentation was uploaded with the author’s consent.
This presentation by Thibault Schrepel, Associate Professor of Law at Vrije Universiteit Amsterdam University, was made during the discussion “Artificial Intelligence, Data and Competition” held at the 143rd meeting of the OECD Competition Committee on 12 June 2024. More papers and presentations on the topic can be found at oe.cd/aicomp.
This presentation was uploaded with the author’s consent.
This presentation by Professor Alex Robson, Deputy Chair of Australia’s Productivity Commission, was made during the discussion “Competition and Regulation in Professions and Occupations” held at the 77th meeting of the OECD Working Party No. 2 on Competition and Regulation on 10 June 2024. More papers and presentations on the topic can be found at oe.cd/crps.
This presentation was uploaded with the author’s consent.
This presentation by Professor Giuseppe Colangelo, Jean Monnet Professor of European Innovation Policy, was made during the discussion “The Intersection between Competition and Data Privacy” held at the 143rd meeting of the OECD Competition Committee on 13 June 2024. More papers and presentations on the topic can be found at oe.cd/ibcdp.
This presentation was uploaded with the author’s consent.
This presentation by OECD, OECD Secretariat, was made during the discussion “Pro-competitive Industrial Policy” held at the 143rd meeting of the OECD Competition Committee on 12 June 2024. More papers and presentations on the topic can be found at oe.cd/pcip.
This presentation was uploaded with the author’s consent.
This presentation by Tim Capel, Director of the UK Information Commissioner’s Office Legal Service, was made during the discussion “The Intersection between Competition and Data Privacy” held at the 143rd meeting of the OECD Competition Committee on 13 June 2024. More papers and presentations on the topic can be found at oe.cd/ibcdp.
This presentation was uploaded with the author’s consent.
The importance of sustainable and efficient computational practices in artificial intelligence (AI) and deep learning has become increasingly critical. This webinar focuses on the intersection of sustainability and AI, highlighting the significance of energy-efficient deep learning, innovative randomization techniques in neural networks, the potential of reservoir computing, and the cutting-edge realm of neuromorphic computing. This webinar aims to connect theoretical knowledge with practical applications and provide insights into how these innovative approaches can lead to more robust, efficient, and environmentally conscious AI systems.
Webinar Speaker: Prof. Claudio Gallicchio, Assistant Professor, University of Pisa
Claudio Gallicchio is an Assistant Professor at the Department of Computer Science of the University of Pisa, Italy. His research involves merging concepts from Deep Learning, Dynamical Systems, and Randomized Neural Systems, and he has co-authored over 100 scientific publications on the subject. He is the founder of the IEEE CIS Task Force on Reservoir Computing, and the co-founder and chair of the IEEE Task Force on Randomization-based Neural Networks and Learning Systems. He is an associate editor of IEEE Transactions on Neural Networks and Learning Systems (TNNLS).
XP 2024 presentation: A New Look to Leadershipsamililja
Presentation slides from XP2024 conference, Bolzano IT. The slides describe a new view to leadership and combines it with anthro-complexity (aka cynefin).
This presentation by Yong Lim, Professor of Economic Law at Seoul National University School of Law, was made during the discussion “Artificial Intelligence, Data and Competition” held at the 143rd meeting of the OECD Competition Committee on 12 June 2024. More papers and presentations on the topic can be found at oe.cd/aicomp.
This presentation was uploaded with the author’s consent.
This presentation by OECD, OECD Secretariat, was made during the discussion “Competition and Regulation in Professions and Occupations” held at the 77th meeting of the OECD Working Party No. 2 on Competition and Regulation on 10 June 2024. More papers and presentations on the topic can be found at oe.cd/crps.
This presentation was uploaded with the author’s consent.
Why Psychological Safety Matters for Software Teams - ACE 2024 - Ben Linders.pdfBen Linders
Psychological safety in teams is important; team members must feel safe and able to communicate and collaborate effectively to deliver value. It’s also necessary to build long-lasting teams since things will happen and relationships will be strained.
But, how safe is a team? How can we determine if there are any factors that make the team unsafe or have an impact on the team’s culture?
In this mini-workshop, we’ll play games for psychological safety and team culture utilizing a deck of coaching cards, The Psychological Safety Cards. We will learn how to use gamification to gain a better understanding of what’s going on in teams. Individuals share what they have learned from working in teams, what has impacted the team’s safety and culture, and what has led to positive change.
Different game formats will be played in groups in parallel. Examples are an ice-breaker to get people talking about psychological safety, a constellation where people take positions about aspects of psychological safety in their team or organization, and collaborative card games where people work together to create an environment that fosters psychological safety.
Why Psychological Safety Matters for Software Teams - ACE 2024 - Ben Linders.pdf
APT or not - does it make a difference if you are compromised?
1. APT or not
Does it make a difference if you are compromised?
Thomas Malmberg
2. Who I am - and why you are listening to me
2
•I work with IT-risk management and IT-
security
•I develop security principles, processes and
architectures for both the corebanking as
well as the netbanking platform
•I develop and maintain auditing principles
and methodologies
•I perform and manage internal IT-audits in
the bank
•I like processes, log management, web-
application firewalls and IAM
- Finlandis themostsparselypopulatedcountryinthe
EuropeanUnion,withonly16 inhabitantsperkm².
-Thereareexactly187,888lakes(largerthan500m²)
and179,584islandswithintheterritoryofFinland.
- Bothareworldrecords.
Source:Google
3. What you need to know about Aktia
3
•Aktia provides individual solutions in banking,
asset management, insurance and real estate
services
•Aktia operates in the Helsinki region, in the
coastal area and in growth centres of Finland
•Operating profit was EUR 68.3 million and the
profit for the year was EUR 55.0 million
•Aktia is renewing its core banking system and
the launch of the new system is planned to
the end of 2015 - the investment cost is
estimated to approx. EUR 40 million
4. Todays topics
1. If phishing works, why bother with APT?
– Finnish stats and stories
2. Easy targets are always targeted first
– APT economics
– Tone at the top
3. Whether it's an attack or a disguise - logs are your
best friends
– Situational (un)awareness
4. How to manage the risks - continuous “auditing”
– How you hook up audits & scans, projects, backlogs, source-
code, people and risk-management together
4
Source:Unknown
6. Situation in Finland 2011-2014
•Financial institutions and companies
are mostly targeted by
– Phishing
– Banking malware & trojans
– Denial of Service
•Criminals have successfully monetized
phishing and malware
•“Ransom demands” have been seen in social media
like Facebook & Twitter during DoS-attacks
– Demands between 10-100BTC
– Monetization success rate probably zero (but not known)
6
Source: EUROPOL Exploring tomorrow’s organised crime
2015
7. How phishing worked best in 2014
•Background
– TUPAS is an 2F authentication method created by the Federation of Finnish Financial
Services over 10 years ago
– TUPAS is based on ebanking authentication – PIN & TAN
– TUPAS is used for almost everything that requires
real and reliable authentication in Finland –
including governmental services
•The modus operandi in 2013 and 2014
– Create a fake service that requires TUPAS to log into
– Acquire PIN & 1 TAN
– Use credentials to get a “payday loan”
• NOTE: Targeted mainly payday loan companies, NOT banks!
7
8. About TUPAS-authentication
8
•Safety
– There are known issues,
but it is not inherently
unsafe
•Market
– It is the de facto standard
– No alternatives
•Sponsorship
– Standard defined by banks
– Implementations owned
by banks
Source: Federation of Finnish Financial Services /
FK
9. Details about the simplicity of the campaign
•1 Estonian person behind the phishing campaign
•The Estonian language is close to Finnish making it easy
to create realistic phishing emails and SMS’s
•The campaign used more than 40 mules and
“associates” and netted between 700k€-800k€
•KISS was a successful paradigm
– Create a rock solid plan to monetize the data you gather
– Use correct and proper language for your communication
– Use psychology – “if you do not immediately … you will face
liability”
– Make it easy for the targets to lose their credentials
9
<100km
Source:Google
11. How this phishingcase evolved
11
Source:HelsinginSanomat
Maximum sentence – 7 years
11 grand frauds in 2014
0,5M€ - 100’s of people
12. Trends for nasty activities (financial sector)
12
2010 2011 2012 2013 2014
APT
Malware & Trojans
Phishing
DoS
This graph shows trends and
relations in an ”apples vs. oranges”
-way. This graph does not show any
actual amounts. It is based on
official reports and other public
information.
”MUCH”
”NOT SO MUCH”
19. Can we agree on what an APT is NOT!
•It is not an APT
– If you leave the front door open, someone
walks in and steals all your data – and
repeats this every workday for a month
– If your customers are targeted using
phishing emails for several weeks
– If your network - which is lacking firewalls,
antivirus-solutions and content-proxies – is
infiltrated with malware - for months
– If your customers are infested by banking-
trojans (Zeus etc.)
•A single piece of malware, a single
exploit or vuln is NOT an APT.
19
Source:GraphicsbyISACA
20. What they need to do and what you can lose
20
Source:GraphicsbyISACA
What they need to do
ISACA Survey in the US in 2013
What you are scared to lose
21. Analyze your ”adversary landscape”
21
The only relevant threat in the table
seems to be criminal groups.
- What are their actual capabilities?
- What are their motives?
The Snowden-Greenwald –revelations
have taught us that the best APT-
capabilities are held here.
Source:GraphicsbyISACA
We aim to avoid PR-disasters that could
trigger such a level of badwill that
someone in these categories might want
to target me. We adhere to money
laundering rules and maintain a high
ethical level.
”Threat Agent”
22. The financial anatomy of an APT
22
•The criminal
– The criminal does not know the financial outcome or gain
beforehand
– The research phase will require a significant amount of
investment in time
– The penetration requires costly tools
• 0-days or “near-zero” can cost between 5k-100k
• You probably need other tools or social engineering & bribes
– The (financial) outcome has to outweigh the investment
•You
– Protection (licenses + appliances) can cost many 100k€
– A forensics project costs around 100k€-150k€
Input: 100k€
Output: ?€
Input: 3k€
Output: 50k€
24. Don’t be an easy target
24
•Every risk can be quantified as a business
risk
•Don’t let salespersons fool you into false
security with silver bullets – not on any level
•IT-security (security appliances and
software) is only one component in the IT-
risk landscape
•Also – “cyber security” is hidden somewhere
in those boxes…
•Use your money wisely
Business risk
IT risk
IT security
IT
26. Create a culture of security awareness
26
•Management has to be involved
•All incentive programs should have a security awareness and/or
security incentive built in – including those at the C-level
•All of us – act accordingly
“Well, once again,
we’ve saved civilization as we know it.”
Captain James T. Kirk
28. ”But we are so secure already”
28
Source:MicrosfotSecurityIntelligenceReport
29. A small banks perspective
29
Source:ISACA
•I have a limited budget
•I want to spend my money against
– Things I understand and
– Things I can measure
• Because I cannot reasonably motivate
spending if I am not able to
– Make my management understand
– Show my management figures
30. Who cares?
30
• “Industry analysts have inferred that
shareholders are numb to news of data
breaches”
• “Since consumers don’t have sufficient tools to
measure the impact of breaches themselves, they are
at the mercy of companies to disclose the impacts of
their own corporate data breaches”
• “New, more stringent regulations on
when to disclose data breaches and more
sophisticated technologies […] may contribute
to more shareholder reaction to these types of
incidents down the road. “
32. All your logs are belong to us
32
•Nobody has ”all the logs”
•Case Gemalto
Source:GemaltoPressRelease
33. Logs are just a bunch of huge files
33
•Gathering logs can be is a tough job
•Who knows what the logs actually contain and
which logs are important?
•You can easily kill your efforts by choosing too
simple sources which
– are high volume
– add very little value on their own
– cost a lot to store
– create only a limited ”buzz” in your organization
?
34. Logs are DevOps!
34
•Leverage your dev’s!
– They know the application logs
– They SHOULD know the application logs
– They can enhance and add to the logs – given the motive
•Leverage your ops!
– They know the infrastructure logs
– They SHOULD know the infrastructure logs
– They can configure the logs – given the motive
•Leverage yourself!
– Add security as a viewpoint
35. Put a SOC in it
35
•You can outsource everything – and make your
life easy – but...
– You can not outsource understanding
– You should not outsource understanding
– You can not outsource responsibility
•An outsourced SOC can
– do a lot of the hard work
– leverage special skills
•The information and data should be yours, not
just a quarterly report and some (hopefully)
occasional alerts Delivered as ordered?
36. Add external information and tools to the brew
36
•HAVARO
– An IDS-IPS –like tool developed by CERT-FI (NCSC-FI) and the National Emergency
Supply Agency in 2011
– Targeted primarily for Finnish companies that have some kind of statutory duties
in a national emergency situation
•Does NOT compete with commercial solutions – is not meant to be
the only security solution
•Creates security awareness within Finland and within specific
industries
•Governed by Finnish laws – safe for companies
37. Add people and communications to the brew
37
•In Finland, exchange of critical information is good
Public mailinglists
Closed mailinglists
Personal contacts & first name basis
Interest groups
International cooperation
Federation of Finnish
Financial Services /
Security
National
Emergency
Supply Agency
National
Bureau of
Investigation
NCSC-FI
Europol
Banks
38. Create Awareness
38
•Enable critical logs
•Gather and SECURE logs
•Understand log relevance
•Understand volume
relevance
•Correlate
•Visualize
Show Off !
40. How to manage the risks–
continuous security auditing
continuous monitoring
continuous risk assessment
continuous excellence
continuous risk monitoring
41. Definition of continuos <activity>
41
•“Continuous auditing has been defined as a methodology or framework
that enables auditors to provide written results on the subject matter
using one or a series of reports issued simultaneously”
•“Continuous monitoring allows an organization to observe the
performance of one or many processes, systems or types of data“
•“Continuous risk monitoring and assessment is used to dynamically
measure risk and provide input for audit planning”
Source: ISACA & Wikipedia
42. Our implementation of continuos auditing
42
•The definitions are not really optimal
•We do a best of breed combining
– continuous (technical and process) auditing,
– continous monitoring (of logs and events) and
– continuous (security) risk monitoring and assessment
•I call this continuous auditing to make it
sound simple (enough)
– Hopefully it isn’t simplifying this matter too much
While you plan for next years audit, I hack away.
Source: Juha Strandman
43. How we link things together
43
•Processes
– Regular pentests (3rd party, external & internal)
– Weekly security scans
– Systems security audits and process analysis
– Log analysis and monitoring
– Most important critical business processes
•Dogmas and paradigms
– Ticket everything
– Track everything
– Analyze everything
44. What hinders progress
44
•Management commitment and ”tone”
– ”We want more powerpoints”
– ”We want more email attachments”
•Separate tools with nonexistent integration
– A bad stack doesn’t make it easy enough to
integrate the security efforts into the process
•Resistance
– ”A valid pentest report is only valid if it looks
exactly like this.”
•No DevOps
– Dev’s love agile, Ops hate it
45. What enables progress
45
•Link to the real activities, goals and
people
– Our security organization is small
– Written reports and formal bureaucracy
would cripple us
•Projects use agile methodologies
– Teams are used to managing tickets
– Projects are agileboard-driven
•Tools that work together
– Link tickets, reports, sourcecode, releases,
deliverables, configurations, backlogs, sprints
and documentation
47. Credits & thanks
• Images and pictures are
• created by the author
• sourced as noted in the
presentation
• from freeimages.com
• Thanks to everyone who gave
insight and comments during the
creation of this presentation
• Thanks for the pig!
Wrapup
• Do your homework and spend your money
wisely
• Share information - internally and
externally
• The ”tone at the top” is a decisive factor
• Keep focus on the real threats
• Good is not good enough (only good enough is!)
linkedin.com/in/thomasmalmberg
@tsmalmbe
malmberg@iki.fi