Peter Wood, CEO of First Base Technologies, gave a presentation on how big data and advanced analytics can help with cybersecurity challenges. He discussed how the threat landscape has become more complex with stealth malware and targeted attacks. Traditional defenses like signatures and firewalls may be insufficient. Big data can help through improved SIEM tools with real-time updates, behavior models, and correlation to detect advanced threats. However, big data analytics requires significant investment and specialized skills that are only available to large organizations currently. Cloud-based solutions may help other organizations also gain security benefits from big data.
Security Analytics and Big Data: What You Need to KnowMapR Technologies
The number of attacks on organization's' IT infrastructure are continuously increasing. It is becoming more and more difficult to identify unknown threats, in particular. This problem requires the ability to store more data and better tools to analyze the data.
Learn in this webinar why big data is enabling new security analytics solutions and why the MapR Quick Start Solution for Security Analytics offers an easy starting point for faster and deeper security analytics.
Scrubbing Your Active Directory Squeaky CleanNetIQ
Bytes Technology identified Active Directory issues within their customer base, so they brought in NetIQ as a strategic partner. This deck outlines how scrubbing your environment clean with the right tools and processes will help you keep your Active Directory environment consistent, manageable, auditable and efficient.
This report addresses the common challenge of BMS cyber security and its underlying components. Vulnerable elements across a range of components were investigated, with the vulnerabilities potentially affecting more than 10 million people.
During the research, some of the risks discovered within these BMS components include the potential ability for threat actors to:
Remotely lock or unlock doors and gates;
Control physical access of restricted areas;
Deny service (shutdown controllers);
Manipulate alarms and video surveillance;
Control temperature, boilers, air-condition, windows blinds, gas readings, etc.
Through a detailed analysis of the affected components, we provide clear cyber security recommendations for end users, vendors and system integrators, as well as a thorough technical breakdown including Proof of Concept exploit code, which allow unauthenticated remote code execution against the affected BMS products.
https://applied-risk.com/resources/i-own-your-building-management-system
MT74 - Is Your Tech Support Keeping Up with Your Instr TechDell EMC World
Learn the 3 changes Lamar CISD implemented to radically change technical support that enabled teachers to be more productive with technology than ever before! See how Lamar ISD used Dell KACE to improve insight, processes and management to cut total issues by 50% and reduce resolution time by 78%!
This is a presentation introducing the SANS Institute's 20 Security Controls and the Australian Government's Top 35 Mitigation Strategies that I gave to The Small Business Technology Consulting Group in St Paul MN on November 13, 2012
Industry experts share how to embrace the coming merger of information technology (IT) and operation technology (OT) – originally, two very distinct domains of business.
Read more at: http://tripwire.me/adaptitot and www.belden.com/adaptitot
This presentation will explore suggestions for ways Security people in Central Ohio can and do collaborate to improve Security practices within and external to organizations. This will explore ISACs, ISAOs, partnerships such as the Collaboratory, Internships, ISSA, etc.
Security Analytics and Big Data: What You Need to KnowMapR Technologies
The number of attacks on organization's' IT infrastructure are continuously increasing. It is becoming more and more difficult to identify unknown threats, in particular. This problem requires the ability to store more data and better tools to analyze the data.
Learn in this webinar why big data is enabling new security analytics solutions and why the MapR Quick Start Solution for Security Analytics offers an easy starting point for faster and deeper security analytics.
Scrubbing Your Active Directory Squeaky CleanNetIQ
Bytes Technology identified Active Directory issues within their customer base, so they brought in NetIQ as a strategic partner. This deck outlines how scrubbing your environment clean with the right tools and processes will help you keep your Active Directory environment consistent, manageable, auditable and efficient.
This report addresses the common challenge of BMS cyber security and its underlying components. Vulnerable elements across a range of components were investigated, with the vulnerabilities potentially affecting more than 10 million people.
During the research, some of the risks discovered within these BMS components include the potential ability for threat actors to:
Remotely lock or unlock doors and gates;
Control physical access of restricted areas;
Deny service (shutdown controllers);
Manipulate alarms and video surveillance;
Control temperature, boilers, air-condition, windows blinds, gas readings, etc.
Through a detailed analysis of the affected components, we provide clear cyber security recommendations for end users, vendors and system integrators, as well as a thorough technical breakdown including Proof of Concept exploit code, which allow unauthenticated remote code execution against the affected BMS products.
https://applied-risk.com/resources/i-own-your-building-management-system
MT74 - Is Your Tech Support Keeping Up with Your Instr TechDell EMC World
Learn the 3 changes Lamar CISD implemented to radically change technical support that enabled teachers to be more productive with technology than ever before! See how Lamar ISD used Dell KACE to improve insight, processes and management to cut total issues by 50% and reduce resolution time by 78%!
This is a presentation introducing the SANS Institute's 20 Security Controls and the Australian Government's Top 35 Mitigation Strategies that I gave to The Small Business Technology Consulting Group in St Paul MN on November 13, 2012
Industry experts share how to embrace the coming merger of information technology (IT) and operation technology (OT) – originally, two very distinct domains of business.
Read more at: http://tripwire.me/adaptitot and www.belden.com/adaptitot
This presentation will explore suggestions for ways Security people in Central Ohio can and do collaborate to improve Security practices within and external to organizations. This will explore ISACs, ISAOs, partnerships such as the Collaboratory, Internships, ISSA, etc.
Cyber attackers are better funded, more focused, and more successful than ever. Making matters worse, defenders have more IT territory to protect, including public cloud, virtual infrastructure, mobile, Internet of Things, and an expanding list of users, applications, and data. An evolution in security strategies is underway; shifting from a preventive approach to one that is more balanced across prevention, monitoring, and response. In this session, we delve into key innovations that enable a more effective defense and how RSA’s NetWitness suite is delivering many of these innovations.
How an Integrated Management system helps you comply with new Cyber Laws and ...PECB
When implementing an information security management system (based on ISO/IEC 27001) you need to conduct a risk analysis (based on ISO/IEC 27005) and implement information security controls (based on ISO/IEC 27002). In order to better understand the IT governance framework of the organization, you can refer to service management systems (based on ISO/IEC 20000). Moreover, you have to properly consider security incident management (based on ISO/IEC 27035) and you must ensure that the organization has business continuity and recovery capabilities (based on ISO 22301).
Recorded Webinar: https://youtu.be/aY_envTRGRY
How to Build a Successful Cybersecurity Program?PECB
How to Build a Successful Cybersecurity Program?
Is your cybersecurity program delivering on its promise? How do you know it works? Cybersecurity programs involve a significant investment in people, technology and time, so you need to ensure they help mitigate cyber risk effectively.
The webinar covers:
• Explain why assurance is so important for managing cyber risk
• Describe the key features of a successful cybersecurity program
• Highlight the role of a cyber assurance program in overall risk management
• Present essential steps required to deliver effective cybersecurity.
Date: November 06, 2019
Recorded webinar:
In “The Internet of Things and Enterprise Networks: Planning, Engineering, and Operational Strategies,” leading IT analyst firm Enterprise Management Associates (EMA) explores the strategic role the network team plays in enterprise IoT initiatives.
These slides - based on the webinar with Shamus McGillicuddy, senior analyst of network management at EMA - explore the results of this research.
What have we learned from 2017's biggest breaches and how will we deal with 2018's emerging threats? Attempting to look both backward and forward over the cyber landscape, Peter Wood will review lessons learned and apply them to the evolving threatscape.
ThinAir speaking session on endpoint data visibility and healthcare security compliance by Brian Reed. Connect with us on LinkedIn or twitter @thinairlabs for more details and live demo
Top 2020 Predictions: Cybersecurity Threats, Trends, and the CCPA RegulationPECB
This session discusses the top cyber threats for 2020 world-wide, where our presenters will discuss the top security priorities in their states for cybersecurity, followed by a Q/A session at the end of the presentation.
What topics are hot for Chief Security Officers in 2020? Which cyber threats are demanding the most attention for top government cybersecurity leaders? What projects are the U.S. states of Washington and Illinois applying resources to address security priorities? Where next with privacy legislation and implementation of regulations likes the California Consumer Privacy Act (CCPA)?
The webinar covers:
• Top security predictions for 2020 from global security vendors – along with CISO reactions and feedback
• Security trends (in specific areas such as ransomware) seen at the end of 2019 and in the first weeks of 2020
• CISO project priorities from Washington State and the State of Illinois
• Panel discussion of privacy actions and CCPA implementation nationwide
Date: February 19, 2019
Recorded webinar: https://youtu.be/QN35YHEA_4E
Security threats are growing in volume, scale, and complexity. Not a day passes that we don’t hear about another data breach; and the average organization that’s hacked goes bankrupt within a year. From small and medium-size organizations to Fortune 500 companies, across every industry, no one is immune. It’s no longer enough to keep the bad stuff out (threat protection) or just keep the good stuff in (information protection). This session is a practical discussion on the ever evolving threat landscape, how you can keep up and protect yourself, your organization, and its reputation. It will help you build awareness about the types of resources and sensitive data that your nonprofit has, with tips on practical, accessible steps that you can take to ensure that information is safeguarded.
With more than 50,000 new malware created every day organisations can no longer afford to risk the financial and reputational impacts of a security or data breach, which can be too much for a business to recover from. Because of this, IT managers face increasing scrutiny and pressure from CEOs, managing directors and boards to prove that they are keeping the organisation secure.
The changing threat landscape means organisations need to be vigilant and smarter about security. While businesses still face threats from infected devices and malware, attackers have also moved beyond that. For example, there is an increasing number of targeted email attacks with cyber criminals spending time to monitor communications so they can imitate emails that are so sophisticated that even relatively savvy users will open them.
This webinar will explore the building blocks required to ensure you have the roadmap required to best protection against cyber attacks. We will provide you with a high level view of the following topics:
· Audit and discovery – What are your weaknesses and are you compliant?
· Education – Do your employees know when not to open that attachment?
· Policy – Do you have the right policies for your industry?
· Technology – Where to start and what has changed?
IoT and the implications on business IT architecture and securityDeniseFerniza
The basics of IoT, the security issues both personal and within businesses. These slides cover the basics of what IT and Business professionals should know when considering working with Cloud Computing and IoT devices.
MT85 Challenges at the Edge: Dell Edge GatewaysDell EMC World
"Fog architecture for computing at the edge of the network utilizes edge gateways to aggregate data from multiple devices, perform edge analytics and take real-time action, and introduce data and network security at the edge. This session will explore the differences between traditional proprietary gateways and Dell's intelligent edge gateways including communication protocols, operating systems, and software and hardware-level security.
"
It staff augmentation before and after covid 19Katy Slemon
Have a look at this infographic blog post to understand how IT staff augmentation services have transformed lifestyle and work patterns before and after COVID- 19.
Why Executives Underinvest In CybersecurityHackerOne
Learn how to get around misguided thinking that leads to executive under investment in cyber security, and secure the resources you need. You'll learn how to:
- Work around CEO and CFO human biases
- Motivate decision makers to invest more in cyber infrastructure
- Replace your CEO’s mental model with new success metrics
- Compare your company’s performance with similar firms to overcome executive overconfidence
Watch the full video recording!
Cultivating security in the small nonprofitRoger Hagedorn
This is an expanded version of a previous presentation; that I did for the Nonprofit Technology & Communications Conference held on April 10, 2013 in Minneapolis MN
Big Data and Security - Where are we now? (2015)Peter Wood
Peter Wood started looking at Big Data as a solution for Advanced Threat Protection in 2013. This presentation examines how Big Data is being used for security in 2015, how this market is developing and how realistic vendor offerings are.
How Facility Controls Systems Present Cybersecurity Challenges - OSIsoftOSIsoft, LLC
As the need for facility equipment and asset data grows, serious cybersecurity risk are revealed, including inadequate security architecture, lack of process and controls the use of contractors and vendors. We need to be able to to identify risks and develop mitigation strategy. This presentation will provide insights, answers and tips. It will identify the value of IT/OT integration in solving facilities cybersecurity threats.
Cyber attackers are better funded, more focused, and more successful than ever. Making matters worse, defenders have more IT territory to protect, including public cloud, virtual infrastructure, mobile, Internet of Things, and an expanding list of users, applications, and data. An evolution in security strategies is underway; shifting from a preventive approach to one that is more balanced across prevention, monitoring, and response. In this session, we delve into key innovations that enable a more effective defense and how RSA’s NetWitness suite is delivering many of these innovations.
How an Integrated Management system helps you comply with new Cyber Laws and ...PECB
When implementing an information security management system (based on ISO/IEC 27001) you need to conduct a risk analysis (based on ISO/IEC 27005) and implement information security controls (based on ISO/IEC 27002). In order to better understand the IT governance framework of the organization, you can refer to service management systems (based on ISO/IEC 20000). Moreover, you have to properly consider security incident management (based on ISO/IEC 27035) and you must ensure that the organization has business continuity and recovery capabilities (based on ISO 22301).
Recorded Webinar: https://youtu.be/aY_envTRGRY
How to Build a Successful Cybersecurity Program?PECB
How to Build a Successful Cybersecurity Program?
Is your cybersecurity program delivering on its promise? How do you know it works? Cybersecurity programs involve a significant investment in people, technology and time, so you need to ensure they help mitigate cyber risk effectively.
The webinar covers:
• Explain why assurance is so important for managing cyber risk
• Describe the key features of a successful cybersecurity program
• Highlight the role of a cyber assurance program in overall risk management
• Present essential steps required to deliver effective cybersecurity.
Date: November 06, 2019
Recorded webinar:
In “The Internet of Things and Enterprise Networks: Planning, Engineering, and Operational Strategies,” leading IT analyst firm Enterprise Management Associates (EMA) explores the strategic role the network team plays in enterprise IoT initiatives.
These slides - based on the webinar with Shamus McGillicuddy, senior analyst of network management at EMA - explore the results of this research.
What have we learned from 2017's biggest breaches and how will we deal with 2018's emerging threats? Attempting to look both backward and forward over the cyber landscape, Peter Wood will review lessons learned and apply them to the evolving threatscape.
ThinAir speaking session on endpoint data visibility and healthcare security compliance by Brian Reed. Connect with us on LinkedIn or twitter @thinairlabs for more details and live demo
Top 2020 Predictions: Cybersecurity Threats, Trends, and the CCPA RegulationPECB
This session discusses the top cyber threats for 2020 world-wide, where our presenters will discuss the top security priorities in their states for cybersecurity, followed by a Q/A session at the end of the presentation.
What topics are hot for Chief Security Officers in 2020? Which cyber threats are demanding the most attention for top government cybersecurity leaders? What projects are the U.S. states of Washington and Illinois applying resources to address security priorities? Where next with privacy legislation and implementation of regulations likes the California Consumer Privacy Act (CCPA)?
The webinar covers:
• Top security predictions for 2020 from global security vendors – along with CISO reactions and feedback
• Security trends (in specific areas such as ransomware) seen at the end of 2019 and in the first weeks of 2020
• CISO project priorities from Washington State and the State of Illinois
• Panel discussion of privacy actions and CCPA implementation nationwide
Date: February 19, 2019
Recorded webinar: https://youtu.be/QN35YHEA_4E
Security threats are growing in volume, scale, and complexity. Not a day passes that we don’t hear about another data breach; and the average organization that’s hacked goes bankrupt within a year. From small and medium-size organizations to Fortune 500 companies, across every industry, no one is immune. It’s no longer enough to keep the bad stuff out (threat protection) or just keep the good stuff in (information protection). This session is a practical discussion on the ever evolving threat landscape, how you can keep up and protect yourself, your organization, and its reputation. It will help you build awareness about the types of resources and sensitive data that your nonprofit has, with tips on practical, accessible steps that you can take to ensure that information is safeguarded.
With more than 50,000 new malware created every day organisations can no longer afford to risk the financial and reputational impacts of a security or data breach, which can be too much for a business to recover from. Because of this, IT managers face increasing scrutiny and pressure from CEOs, managing directors and boards to prove that they are keeping the organisation secure.
The changing threat landscape means organisations need to be vigilant and smarter about security. While businesses still face threats from infected devices and malware, attackers have also moved beyond that. For example, there is an increasing number of targeted email attacks with cyber criminals spending time to monitor communications so they can imitate emails that are so sophisticated that even relatively savvy users will open them.
This webinar will explore the building blocks required to ensure you have the roadmap required to best protection against cyber attacks. We will provide you with a high level view of the following topics:
· Audit and discovery – What are your weaknesses and are you compliant?
· Education – Do your employees know when not to open that attachment?
· Policy – Do you have the right policies for your industry?
· Technology – Where to start and what has changed?
IoT and the implications on business IT architecture and securityDeniseFerniza
The basics of IoT, the security issues both personal and within businesses. These slides cover the basics of what IT and Business professionals should know when considering working with Cloud Computing and IoT devices.
MT85 Challenges at the Edge: Dell Edge GatewaysDell EMC World
"Fog architecture for computing at the edge of the network utilizes edge gateways to aggregate data from multiple devices, perform edge analytics and take real-time action, and introduce data and network security at the edge. This session will explore the differences between traditional proprietary gateways and Dell's intelligent edge gateways including communication protocols, operating systems, and software and hardware-level security.
"
It staff augmentation before and after covid 19Katy Slemon
Have a look at this infographic blog post to understand how IT staff augmentation services have transformed lifestyle and work patterns before and after COVID- 19.
Why Executives Underinvest In CybersecurityHackerOne
Learn how to get around misguided thinking that leads to executive under investment in cyber security, and secure the resources you need. You'll learn how to:
- Work around CEO and CFO human biases
- Motivate decision makers to invest more in cyber infrastructure
- Replace your CEO’s mental model with new success metrics
- Compare your company’s performance with similar firms to overcome executive overconfidence
Watch the full video recording!
Cultivating security in the small nonprofitRoger Hagedorn
This is an expanded version of a previous presentation; that I did for the Nonprofit Technology & Communications Conference held on April 10, 2013 in Minneapolis MN
Big Data and Security - Where are we now? (2015)Peter Wood
Peter Wood started looking at Big Data as a solution for Advanced Threat Protection in 2013. This presentation examines how Big Data is being used for security in 2015, how this market is developing and how realistic vendor offerings are.
How Facility Controls Systems Present Cybersecurity Challenges - OSIsoftOSIsoft, LLC
As the need for facility equipment and asset data grows, serious cybersecurity risk are revealed, including inadequate security architecture, lack of process and controls the use of contractors and vendors. We need to be able to to identify risks and develop mitigation strategy. This presentation will provide insights, answers and tips. It will identify the value of IT/OT integration in solving facilities cybersecurity threats.
Monitoring security in the externalised organisation (Auscert 2013)Huntsman Security
With an increasing prevalence of cloud services, end user computing and third party delivery - many organisations are having to monitor security controls at arms length where they don't have direct contact or access
90 % av alla dataintrång fokuserar på data i databaser. Det är där ditt företags känsliga och åtråvärda information finns. I 38 % av dessa intrång tar det minuter att få ut känsligt data, samtidigt som det för hälften av intrången tar månader eller mer innan de upptäcks. Dave Valovcin, från IBM WW Guardium Sales, berättar om hur du kan skydda din känsliga data.
44CON 2014 - Security Analytics Beyond Cyber, Phil Huggins44CON
44CON 2014 - Security Analytics Beyond Cyber, Phil Huggins
A quick summary of the current state of big data technology and data science approaches used in cyber / network defender security analytics including summary use cases, a walk through of a reference architecture and breakdown of the required skills. Focus is on the knowledge needed to run a proof of concept and establish a programme for early benefits. Will then also include a view on the future of extending the platforms and capabilities of security analytics to cover performance metrics and data-driven security management approaches.
Systems of Engagement offer much value to industry & government alike but care needs to be taken in how they are protected against cyber attack. In this presentation I explain Systems of Engagement & illustrate the benefits using government case studies. I then discuss the security challenges Systems of Engagement pose and how to address them with commercial software technologies. Finally I look ahead to how to defend Systems of Insight hosted on future generations of cloud technology.
Protecting data privacy in analytics and machine learning ISACA London UKUlf Mattsson
ISACA London Chapter webinar, Feb 16th 2021
Topic: “Protecting Data Privacy in Analytics and Machine Learning”
Abstract:
In this session, we will discuss a range of new emerging technologies for privacy and confidentiality in machine learning and data analytics. We will discuss how to put these technologies to work for databases and other data sources.
When we think about developing AI responsibly, there’s many different activities that we need to think about.
This session also discusses international standards and emerging privacy-enhanced computation techniques, secure multiparty computation, zero trust, cloud and trusted execution environments. We will discuss the “why, what, and how” of techniques for privacy preserving computing.
We will review how different industries are taking opportunity of these privacy preserving techniques. A retail company used secure multi-party computation to be able to respect user privacy and specific regulations and allow the retailer to gain insights while protecting the organization’s IP. Secure data-sharing is used by a healthcare organization to protect the privacy of individuals and they also store and search on encrypted medical data in cloud.
We will also review the benefits of secure data-sharing for financial institutions including a large bank that wanted to broaden access to its data lake without compromising data privacy but preserving the data’s analytical quality for machine learning purposes.
Privacy preserving computing and secure multi-party computation ISACA AtlantaUlf Mattsson
A major challenge that many organizations faces, is how to address data privacy regulations such as CCPA, GDPR and other emerging regulations around the world, including data residency controls as well as enable data sharing in a secure and private fashion. We will present solutions that can reduce and remove the legal, risk and compliance processes normally associated with data sharing projects by allowing organizations to collaborate across divisions, with other organizations and across jurisdictions where data cannot be relocated or shared.
We will discuss secure multi-party computation where organizations want to securely share sensitive data without revealing their private inputs. We will review solutions that are driving faster time to insight by the use of different techniques for privacy-preserving computing including homomorphic encryption, k-anonymity and differential privacy. We will present best practices and how to control privacy and security throughout the data life cycle. We will also review industry standards, implementations, policy management and case studies for hybrid cloud and on-premises.
Breaking down the cyber security framework closing critical it security gapsIBM Security
Cyber crime is pervasive and here to stay. Whether you work in the Public Sector, Private Sector, are the CEO for a Fortune 500 Company or trying to sustain a SMB everyone is under attack. This February, President Obama, issued an executive order aimed at protecting critical business and government infrastructure due to the scale and sophistication of IT security threats that have grown at an explosive rate. Organizations and Government agencies have to contend with industrialized attacks, which, in some cases, rival the size and sophistication of the largest legitimate computing efforts. In addition, they also have to guard against a more focused adversary with the resources and capabilities to target highly sensitive information, often through long-term attack campaigns. Many security executives are struggling to answer questions about the most effective approach.
Hacking is easy: understanding your vulnerabilitiesPeter Wood
Insight from a professional hacker
Hacking is easy: understanding your vulnerabilities
Creating a robust cyber security strategy has become a key focus for many insurers in recent years. In this session, a professional hacker will explore the scope and evolution of hacking activity and how this is affecting the insurance industry. You will discover key vulnerabilities within organisations and the best techniques to adopt in order to mitigate threats.
If your processing and data is in the cloud, how can you deliver assurance, compliance and governance? How do you find the flaws and soft spots that criminals will exploit? From browser to database, through human factors and end points, this presentation will take a threat-based approach to securing the cloud.
Cyber risk isn't new, but the stakes grow higher every day. An incident is no longer likely to be an isolated event, but a sustained and persistent campaign. There is no single solution that will offer protection from an attack, but a Cyber Resilience strategy can provide a multi-layered approach that encompasses people, processes and technology. Pete's presentation talks about eliminating the gap between IT and the business to present a united front against threats. This is a paradigm shift that uses security intelligence to guide decisions and support agility.
Network Security - Real and Present DangersPeter Wood
Peter Wood has analysed the results of all the network penetration tests conducted by the First Base team over the past year. This annual review covers clients in a variety of sectors including banking, insurance and retail. This presentation identifies the most common vulnerabilities, how they can be exploited and the consequences for each business.
Learn in detail how criminals can take advantage of these weaknesses and how you can secure your networks using straightforward techniques.
Advanced Threat Protection: Lessons from a Red Team ExercisePeter Wood
Ethical hackers from First Base Technologies conduct red team tests to help organisations understand where they are vulnerable to advanced attacks. This presentation describes each step of a real-world exercise: planning and recon, spear phishing, telephone social engineering, building access, network exploitation and data exfiltration. As the story develops, you will discover how an attacker thinks, why they choose a particular strategy and what you can do to minimise your organisation’s vulnerability to advanced threats.
Peter Wood and his team analysed the results from a series of network penetration tests over the past two years, in a variety of sectors including banking, insurance and retail. They identified the most common vulnerabilities, how they can be exploited and the consequences for each business. This presentation demonstrates in detail how criminals can take advantages of these weaknesses and how you can secure your networks using straightforward techniques.
Cloud, social networking and BYOD collide!Peter Wood
Working with a variety of multi-national organisations has shown Peter Wood that conventional security thinking has failed to address the challenge that the product of these areas has presented us - so how do we deal with this brave new world?
Over the past fifteen years, Peter Wood and his team have conducted numerous penetration tests for some of the largest organisations in the world. Learn about the most common problems and mistakes that they have found. Discover what to examine and test as though you were "the bad guy", not an architect or network specialist. This presentation will show you how criminal hackers think and offer you ideas for defending against them effectively.
Peter Wood has worked as an ethical hacker for the past 20 years, with clients in sectors as diverse as banking, insurance, retail and manufacturing. He will describe how advanced persistent threats operate from a security intelligence perspective, based on published case studies and analysis. He will highlight APT entry points and exploitation techniques and suggest practical prevention and detection strategies.
Peter Wood and his team conduct ethical hacking engagements for multi-national organisations in varied business sectors. Peter will address the top three emerging threats, how they affect the attack surface of a typical business and how they can be exploited.
Social Networking - An Ethical Hacker's ViewPeter Wood
People gossip because they like gossiping together. It’s in the make-up of the creature: humans are sociable gossiping animals. We can't change those core characteristics of our natures.
Search and Society: Reimagining Information Access for Radical FuturesBhaskar Mitra
The field of Information retrieval (IR) is currently undergoing a transformative shift, at least partly due to the emerging applications of generative AI to information access. In this talk, we will deliberate on the sociotechnical implications of generative AI for information access. We will argue that there is both a critical necessity and an exciting opportunity for the IR community to re-center our research agendas on societal needs while dismantling the artificial separation between the work on fairness, accountability, transparency, and ethics in IR and the rest of IR research. Instead of adopting a reactionary strategy of trying to mitigate potential social harms from emerging technologies, the community should aim to proactively set the research agenda for the kinds of systems we should build inspired by diverse explicitly stated sociotechnical imaginaries. The sociotechnical imaginaries that underpin the design and development of information access technologies needs to be explicitly articulated, and we need to develop theories of change in context of these diverse perspectives. Our guiding future imaginaries must be informed by other academic fields, such as democratic theory and critical theory, and should be co-developed with social science scholars, legal scholars, civil rights and social justice activists, and artists, among others.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
"Impact of front-end architecture on development cost", Viktor TurskyiFwdays
I have heard many times that architecture is not important for the front-end. Also, many times I have seen how developers implement features on the front-end just following the standard rules for a framework and think that this is enough to successfully launch the project, and then the project fails. How to prevent this and what approach to choose? I have launched dozens of complex projects and during the talk we will analyze which approaches have worked for me and which have not.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
10. Weekly count from FireEye Web MPS appliances across global customer base
These levels reflect the number of Web-based malware attacks that originated
outside the target organization, successfully evaded traditional filters, and were
blocked or infected target systems
11. The Post Breach Boom, Ponemon Institute, February 2013
Survey of 3,529 IT and IT security practitioners in US, Canada, UK, Australia,
Brazil, Japan, Singapore and UAE
12. The Post Breach Boom, Ponemon Institute, February 2013
Survey of 3,529 IT and IT security practitioners in US, Canada, UK, Australia,
Brazil, Japan, Singapore and UAE
The deployment of Big Data for fraud detection, and in place of security incident and event management (SIEM) systems, is attractive to many organisations. The overheads of managing the output of traditional SIEM and logging systems are proving too much for most IT departments and Big Data is seen as a potential saviour. There are commercial replacements available for existing log management systems, or the technology can be deployed to provide a single data store for security event management and enrichment. Taking the idea a step further, the challenge of detecting and preventing advanced persistent threats may be answered by using Big Data style analysis. These techniques could play a key role in helping detect threats at an early stage, using more sophisticated pattern analysis, and combining and analysing multiple data sources. There is also the potential for anomaly identification using feature extraction. Today logs are often ignored unless an incident occurs. Big Data provides the opportunity to automatically consolidate and analyse logs from multiple sources rather than in isolation. This could provide insight that individual logs cannot, and potentially enhance intrusion detection systems (IDS) and intrusion prevention systems (IPS) through continual adjustment and effectively learning “good” and “bad” behaviours. Integrating information from physical security systems, such as building access controls and even CCTV, could also significantly enhance IDS and IPS to a point where insider attacks and social engineering are factored in to the detection process. This presents the possibility of significantly more advanced detection of fraud and criminal activities. We know that organisational silos often reduce the effectiveness of security systems, so businesses must be aware that the potential effectiveness of Big Data style analysis can also be diluted unless these issues are addressed. At the very least, Big Data could result in far more practical and successful SIEM, IDS and IPS implementations.
In reality, Big Data is more about the processing techniques and outputs than the size of the data set itself, so specific skills are required to use Big Data effectively. There is a general shortage of specialist skills for Big Data analysis, in particular when it comes to using some of the less mature technologies. The growing use of Hadoop and related technologies is driving demand for staff with very specific skills. People with backgrounds in multivariate statistical analysis, data mining, predictive modelling, natural language processing, content analysis, text analysis and social network analysis are all in demand. These analysts and scientists work with structured and unstructured data to deliver new insights and intelligence to the business. Platform management professionals are also needed to implement Hadoop clusters, secure, manage and optimise them.Vendors such as Cloudera, MapR, Hortonworks and IBM offer training courses in Hadoop, offering organisations the opportunity to build their in-house skills to address Big Data challenges.