I delivered a talk to the Northern Ireland Business Continuity Forum on Cybersecurity Threats on 12 November 2014.
This is a sanitised version of the slide deck that I used.
EY Principal and Cyber Threat Management Leader Anil Markose shows you best practices for cyber risk management and how to sense, resist, and react to cyber attacks on your company.
Recognized as a Top-Ten Innovator at Information Services Group (ISG), Alex-Paul Manders leads ISG's global Blockchain solutions line and also serves on ISG’s global Digital Leadership Council. Alex-Paul is a prominent industry thought leader on blockchain with hands on technology experience, and is sought out as a subject matter expert presenter for University and conference presentations. In addition, Alex-Paul writes prolifically on blockchain and other relevant topics, and has represented ISG in more than 40 leadership articles featured in leading publications. Contact Alex-Paul at Alex.Manders@isg-one.com.
Smart City Lecture 2 - Privacy in the Smart CityPeter Waher
Privacy is a basic human right that has been heavily eroded on the point of extinction in the current digital age, as the constant reports on security breaches tell us. With the help of the General Data Protection Regulation (GDPR), privacy has been brought back from the dead, and is at least discussed in most enterprises in Europe, and perhaps a large part of the world. This lecture introduces the GDPR and Privacy, as it relates to the Smart City. It presents concepts such as “Data Protection by design and by default”, “Consent”, “Legal Basis”, etc. It also presents technologies that make protecting Privacy more difficult, and why.
These technologies work against the basic principles of privacy by default, so you need to know the details of how they work, to avoid serious pitfalls. There are also technologies that are more Privacy neutral. While not making data protection easier, at least the technology does not work against the basic principles of privacy. Finally, technologies that intrinsically help you protect Privacy are presented. These technologies make it easier to protect Privacy and sensitive data in general.
EY Principal and Cyber Threat Management Leader Anil Markose shows you best practices for cyber risk management and how to sense, resist, and react to cyber attacks on your company.
Recognized as a Top-Ten Innovator at Information Services Group (ISG), Alex-Paul Manders leads ISG's global Blockchain solutions line and also serves on ISG’s global Digital Leadership Council. Alex-Paul is a prominent industry thought leader on blockchain with hands on technology experience, and is sought out as a subject matter expert presenter for University and conference presentations. In addition, Alex-Paul writes prolifically on blockchain and other relevant topics, and has represented ISG in more than 40 leadership articles featured in leading publications. Contact Alex-Paul at Alex.Manders@isg-one.com.
Smart City Lecture 2 - Privacy in the Smart CityPeter Waher
Privacy is a basic human right that has been heavily eroded on the point of extinction in the current digital age, as the constant reports on security breaches tell us. With the help of the General Data Protection Regulation (GDPR), privacy has been brought back from the dead, and is at least discussed in most enterprises in Europe, and perhaps a large part of the world. This lecture introduces the GDPR and Privacy, as it relates to the Smart City. It presents concepts such as “Data Protection by design and by default”, “Consent”, “Legal Basis”, etc. It also presents technologies that make protecting Privacy more difficult, and why.
These technologies work against the basic principles of privacy by default, so you need to know the details of how they work, to avoid serious pitfalls. There are also technologies that are more Privacy neutral. While not making data protection easier, at least the technology does not work against the basic principles of privacy. Finally, technologies that intrinsically help you protect Privacy are presented. These technologies make it easier to protect Privacy and sensitive data in general.
Blockchains: Opportunities & Risks for Law Firms [RelativityFest 2018]Kroll
With a dramatic increase in high-profile receiverships, regulatory fact finding, and class action lawsuits, it’s clear that cases involving blockchain technology are on the rise—and so is the risk these engagements bring to your firm. Learn what you can do to recognize when digital assets (such as Bitcoin and Ethereum) are involved in an engagement, how to reduce your exposure to risk with proper collection and review processes, and how to uncover and understand all the relevant information.
Presented by Josh McDougall, Director, Cyber Risk at Kroll during RelativityFest 2018
As part of the 2019 Global Ventures Summit being hosted at Tech Expo Guadalajara, we shared our outlook for cybersecurity entrepreneurship in the region
2015 - Data Security Solutions @Dienas Bizness Exigen IBM - Business Data Pro...Andris Soroka
One of the most remarkable business daily newspaper "Dienas Bizness" together with one of the biggest IT companies in Baltics - Exigen Services and IBM Corporation organized spring seminary "Business Data Protection" where "Data Security Solutions" did a presentation about importance of technology innovations usage over different frameworks, legal and other compliances. Presentation done by Member of the Board at DSS - Andris Soroka.
This paper discusses how information security function in enterprises must engage with business users and stakeholders to ensure innovation and adoption of digital transformation.
The promises of the digital new world is inextricably locked with cloud computing technologies.
Cloud computing technology is central to the converging interconnecting forces of collaboration, mobility, BYOD, IoT and social enterprise.
The information/data security and entitlements of users of these services and apps is bound to their identities and the contexts within which they may partake in this ecosystem.
Traditional security models, information governance, identity management and role based access control don’t quite cut the mustard.
However, new technologies are yet to be tested both commercially and functionally.
The potential benefits to the enterprise such as seamless collaboration, agility and efficiency are too rewarding to ignore. The security industry must help organisations balance the risks and rewards.
As the internet has expanded and criminals have found more ways of creating revenue from stolen information, the need for digital threat intelligence management (DTIM) has increased. Without a means of early identification, companies that are being targeted have no way of knowing their customer’s or employee’s security is threatened or that their brand is being stolen, resulting in an erosion of reputation. DTIM is the early warning system to aid those organizations in identifying the infringements and thefts before severe damage is done.
These slides--based on the webinar from leading IT analyst firm Enterprise Management Associates (EMA) and RiskIQ -- highlight why DTIM is a growing necessity for mid- and large-sized organizations.
Emerging application and data protection for multi cloudUlf Mattsson
Emerging Application and Data Protection for Multi-Cloud
Personal data privacy will be the most prominent issue affecting how businesses gather, store, process, and disclose data in public cloud. Businesses have been inundated with information on what recent privacy laws like GDPR and CCPA require, but many are still trying to figure out how to comply with them on a practical level. Many companies are focusing on data privacy from the legal and security side, which are foundational, but are missing the focus on data. The good news is that these data privacy regulations compel businesses to get a handle on personal data - how they get it, where they get it from, which systems process it, where it goes internally and externally, etc. In other words, the new norms of data privacy require proactive data management, which enables organizations to extract real business value from their data, improve the customer experience, streamline internal processes, and better understand their customers. The new Verizon Data Breach Investigations Report (DBIR) provides perspectives on how Criminals simply shift their focus and adapt their tactics to locate and steal the data they find to be of most value. This session will discuss Emerging Application and Data Protection for Multi-cloud and review Differential privacy, Tokenization, Homomorphic encryption, and Privacy-preserving computation.
Insights Success Magazine, we have The 10 Most Trusted Cyber Threat Solution Providers, in order to assist businesses to choose their right Cyber Threat Solution Providers. In this issue, we have specially featured Tesseract Global as the cover story. Tesseract Global is a renowned cyber security solution provider, delivering defensive & offensive security capabilities to diverse businesses.
Cyber Risk Measurement: what 25 CISOs & CROs plan for 2020Kevin Duffey
Chief Risk Officers and CISOs from 25 of our customers & friends debated their SMART objectives for 2020. Here's the results, showing who to involve and how to report progress on cyber risk across 3rd parties during 2020.
Now in its 5th year, the conference has established itself as the largest annual Digital Energy summit in the country: the event brought together senior IT, Digital and business leaders, providing a unique forum for knowledge exchange, discussion and high-level networking. The programme explored the use of Information Technology in driving tangible outcomes across the organisation, looking at key trends and providing practical insight from an array of industry leaders.
In this report we share our insight on the recruitment of cyber security professionals including information regarding the key drivers in the cyber security market, permanent and contract recruitment trends, transferable skills, the top job titles, salaries and qualifications analysis, a heat map of skills demands/talent pools across the UK, concluding with recommendations on attracting and retaining cyber security talent.
In depth presentation covers market trends and risks related to network security & big data analytics. The presentation was given by Matan Trogan at Cybertech Singapore.
Cyber attacks have been hitting the headlines for years; but in spite of the risks, the reputational damage and the rising cost of fines, there is still an endless stream of businesses being exposed for security failings.
The scale of the problem is vast: Accenture’s recent 2016 Global Security Report highlighted “an astounding level of breaches” with the organisations surveyed facing more than 80 targeted attacks every year, of which a third were successful. Much has been made of the evolving threat landscape and increasing sophistication of attacks. But whilst there is evidence to support the growing complexity of the challenge, all too often the analysis of these high-profile attacks determines basic, foundational security principles were ignored.
Some commentators argue that the persistence of failings is a direct reflection of organisational priorities, and that while businesses may talk a good game, security is not yet given the attention that it requires at board level. This leaves CISOs and IT leaders fighting a losing battle to secure adequate attention and investment for an area of the business which does not generate revenue.
This conference will look at raising security standards across the business, exploring some of the most persistent problems from IT infrastructure to staff engagement. Amidst a backdrop of perpetual media hysteria, turbulent markets and looming regulatory change, it can prove difficult to establish a coherent picture of the threat, never mind what action to take. The conference will help contextualise the challenging landscape and discuss how to deliver meaningful improvements and end to end organisational resilience.
Blockchains: Opportunities & Risks for Law Firms [RelativityFest 2018]Kroll
With a dramatic increase in high-profile receiverships, regulatory fact finding, and class action lawsuits, it’s clear that cases involving blockchain technology are on the rise—and so is the risk these engagements bring to your firm. Learn what you can do to recognize when digital assets (such as Bitcoin and Ethereum) are involved in an engagement, how to reduce your exposure to risk with proper collection and review processes, and how to uncover and understand all the relevant information.
Presented by Josh McDougall, Director, Cyber Risk at Kroll during RelativityFest 2018
As part of the 2019 Global Ventures Summit being hosted at Tech Expo Guadalajara, we shared our outlook for cybersecurity entrepreneurship in the region
2015 - Data Security Solutions @Dienas Bizness Exigen IBM - Business Data Pro...Andris Soroka
One of the most remarkable business daily newspaper "Dienas Bizness" together with one of the biggest IT companies in Baltics - Exigen Services and IBM Corporation organized spring seminary "Business Data Protection" where "Data Security Solutions" did a presentation about importance of technology innovations usage over different frameworks, legal and other compliances. Presentation done by Member of the Board at DSS - Andris Soroka.
This paper discusses how information security function in enterprises must engage with business users and stakeholders to ensure innovation and adoption of digital transformation.
The promises of the digital new world is inextricably locked with cloud computing technologies.
Cloud computing technology is central to the converging interconnecting forces of collaboration, mobility, BYOD, IoT and social enterprise.
The information/data security and entitlements of users of these services and apps is bound to their identities and the contexts within which they may partake in this ecosystem.
Traditional security models, information governance, identity management and role based access control don’t quite cut the mustard.
However, new technologies are yet to be tested both commercially and functionally.
The potential benefits to the enterprise such as seamless collaboration, agility and efficiency are too rewarding to ignore. The security industry must help organisations balance the risks and rewards.
As the internet has expanded and criminals have found more ways of creating revenue from stolen information, the need for digital threat intelligence management (DTIM) has increased. Without a means of early identification, companies that are being targeted have no way of knowing their customer’s or employee’s security is threatened or that their brand is being stolen, resulting in an erosion of reputation. DTIM is the early warning system to aid those organizations in identifying the infringements and thefts before severe damage is done.
These slides--based on the webinar from leading IT analyst firm Enterprise Management Associates (EMA) and RiskIQ -- highlight why DTIM is a growing necessity for mid- and large-sized organizations.
Emerging application and data protection for multi cloudUlf Mattsson
Emerging Application and Data Protection for Multi-Cloud
Personal data privacy will be the most prominent issue affecting how businesses gather, store, process, and disclose data in public cloud. Businesses have been inundated with information on what recent privacy laws like GDPR and CCPA require, but many are still trying to figure out how to comply with them on a practical level. Many companies are focusing on data privacy from the legal and security side, which are foundational, but are missing the focus on data. The good news is that these data privacy regulations compel businesses to get a handle on personal data - how they get it, where they get it from, which systems process it, where it goes internally and externally, etc. In other words, the new norms of data privacy require proactive data management, which enables organizations to extract real business value from their data, improve the customer experience, streamline internal processes, and better understand their customers. The new Verizon Data Breach Investigations Report (DBIR) provides perspectives on how Criminals simply shift their focus and adapt their tactics to locate and steal the data they find to be of most value. This session will discuss Emerging Application and Data Protection for Multi-cloud and review Differential privacy, Tokenization, Homomorphic encryption, and Privacy-preserving computation.
Insights Success Magazine, we have The 10 Most Trusted Cyber Threat Solution Providers, in order to assist businesses to choose their right Cyber Threat Solution Providers. In this issue, we have specially featured Tesseract Global as the cover story. Tesseract Global is a renowned cyber security solution provider, delivering defensive & offensive security capabilities to diverse businesses.
Cyber Risk Measurement: what 25 CISOs & CROs plan for 2020Kevin Duffey
Chief Risk Officers and CISOs from 25 of our customers & friends debated their SMART objectives for 2020. Here's the results, showing who to involve and how to report progress on cyber risk across 3rd parties during 2020.
Now in its 5th year, the conference has established itself as the largest annual Digital Energy summit in the country: the event brought together senior IT, Digital and business leaders, providing a unique forum for knowledge exchange, discussion and high-level networking. The programme explored the use of Information Technology in driving tangible outcomes across the organisation, looking at key trends and providing practical insight from an array of industry leaders.
In this report we share our insight on the recruitment of cyber security professionals including information regarding the key drivers in the cyber security market, permanent and contract recruitment trends, transferable skills, the top job titles, salaries and qualifications analysis, a heat map of skills demands/talent pools across the UK, concluding with recommendations on attracting and retaining cyber security talent.
In depth presentation covers market trends and risks related to network security & big data analytics. The presentation was given by Matan Trogan at Cybertech Singapore.
Cyber attacks have been hitting the headlines for years; but in spite of the risks, the reputational damage and the rising cost of fines, there is still an endless stream of businesses being exposed for security failings.
The scale of the problem is vast: Accenture’s recent 2016 Global Security Report highlighted “an astounding level of breaches” with the organisations surveyed facing more than 80 targeted attacks every year, of which a third were successful. Much has been made of the evolving threat landscape and increasing sophistication of attacks. But whilst there is evidence to support the growing complexity of the challenge, all too often the analysis of these high-profile attacks determines basic, foundational security principles were ignored.
Some commentators argue that the persistence of failings is a direct reflection of organisational priorities, and that while businesses may talk a good game, security is not yet given the attention that it requires at board level. This leaves CISOs and IT leaders fighting a losing battle to secure adequate attention and investment for an area of the business which does not generate revenue.
This conference will look at raising security standards across the business, exploring some of the most persistent problems from IT infrastructure to staff engagement. Amidst a backdrop of perpetual media hysteria, turbulent markets and looming regulatory change, it can prove difficult to establish a coherent picture of the threat, never mind what action to take. The conference will help contextualise the challenging landscape and discuss how to deliver meaningful improvements and end to end organisational resilience.
The importance of understanding the global cybersecurity indexShivamSharma909
With the advent of modern technologies such as IoT, artificial intelligence, and cloud computing, there is a rapid increase in the number of interconnected devices globally. It has also increased the number of cyber-attacks and data breaches. As a result, cybercrime is a global concern, and appropriate solutions are essential if proper responses are to be found. The Global Cybersecurity Index (GCI) is one such instrument to control cybercrime and provide feedback.
https://www.infosectrain.com/blog/the-importance-of-understanding-the-global-cybersecurity-index/
Data Security in the Insurance Industry: what you need to know about data pro...XeniT Solutions nv
With the amount of personal and sensitive customer information needed to accurately ensure a client, it’s no wonder the Insurance industry is a target for data security threats.
While all businesses across every industry are at risk, there are a few things that make the insurance industry particularly attractive – and susceptible – to data breaches and cyber-attacks.
- The sheer volume of information available
- The highly sensitive nature of the information
- Large amounts of unstructured data
In this webinar, our speakers illustrated the state of art, including the technical and legal framework, to protect your most relevant information from cyberattacks. You will learn:
- How to define a roadmap that optimizes the impact of cyber security expenditure
- How to adopt a general risk management approach to identify Cyber security risks
- What are the most relevant technologies available today to protect your data
FS-ISAC APAC Summit 2017 Singapore - Of Crown Jewels and Data AssetsPuneet Kukreja
When organisations today connect digitally and the concept of a network is found to be fast disappearing. Mobile and Cloud solutions are being enabled across the enterprise to aid digital agendas. Calls for agility by the business are driving CIOs and CISOs to look for effective trust-based service enablement models that can help cater to business demand.
In the past two years following the pandemic, there is an emergent paradigm shift across all Digital Identities, Business Processes and Technology. It is no longer about People, but Human and Non-Human Identities including Machines, Applications, Cloud, Internet of Things and others. It is important for Technology Leaders and Professionals to understand that resilient Identity and Access Management is achievable as Technology and Business evolve. Inculcating Multi-factor authentication and Zero Trust Model into their Identity and Access Management System should be the order of this Digital Age. It is also important to work with the newly updated frameworks in Identity Management to accommodate the state of the art technology. The culture of Identifying, authenticating, authorizing and Accounting should be strictly applied in the above order for optimal security. The Support of Identity Management vendors should be embraced. Happy Identity Management Day!
Cyber-attacks are an alarming threat to all types of businesses & organizations.The risk of a cyber-attack is not just a risk to your company but also to your privacy.Hence, cybersecurity is crucial for every business. Cybersecurity protects critical data from cyber attackers. This includes sensitive data, governmental and industry information, personal information, personally identifiable information (PII), intellectual property, and protected health information (PHI). If you are looking for tools to fight against cyber threats, then Techwave’s tools & technologies with adequate controls will help your organization stay protected.
Cyber-attacks are an alarming threat to all types of businesses & organizations.The risk of a cyber-attack is not just a risk to your company but also to your privacy.Hence, cybersecurity is crucial for every business. Cybersecurity protects critical data from cyber attackers. This includes sensitive data, governmental and industry information, personal information, personally identifiable information (PII), intellectual property, and protected health information (PHI). If you are looking for tools to fight against cyber threats, then Techwave’s tools & technologies with adequate controls will help your organization stay protected.
The Next Great Challenge for CISOs
I am honored to be recognized! Cybersecurity is truly a team effort at a strategic level, either we all work together or the threats will tear us down piecemeal! Every person, no matter their role, can play an important part in making digital technology trustworthy and keeping the Internet secure, private, and safe.
The pace and scale of technology advancements have created extraordinary avenues for businesses to grow. But with opportunities come risks, which need to be constantly navigated. Read this blog to uncover the top 5 cybersecurity trends to watch out for in 2021 and beyond.
Often when organizations are expanding rapidly, they do not give sufficient and necessary focus on information security aspects and guidelines, specifically IP protection.
Cybersecurity is difficult. It is a serious endeavor which over time strives to find a balance in managing the security of computing capabilities to protect the technology which connects and enriches the lives of everyone. Characteristics of cyber risk continue to mature and expand on the successes of technology innovation, integration, and adoption. It is no longer a game of tactics, but rather a professional discipline, continuous in nature, where to be effective strategic leadership must establish effective and efficient structures for evolving controls to sustain an optimal level of security.
This presentation will discuss the emerging challenges as it analyzes the cause-and-effect relationships of factors driving the future of cybersecurity.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
Search and Society: Reimagining Information Access for Radical FuturesBhaskar Mitra
The field of Information retrieval (IR) is currently undergoing a transformative shift, at least partly due to the emerging applications of generative AI to information access. In this talk, we will deliberate on the sociotechnical implications of generative AI for information access. We will argue that there is both a critical necessity and an exciting opportunity for the IR community to re-center our research agendas on societal needs while dismantling the artificial separation between the work on fairness, accountability, transparency, and ethics in IR and the rest of IR research. Instead of adopting a reactionary strategy of trying to mitigate potential social harms from emerging technologies, the community should aim to proactively set the research agenda for the kinds of systems we should build inspired by diverse explicitly stated sociotechnical imaginaries. The sociotechnical imaginaries that underpin the design and development of information access technologies needs to be explicitly articulated, and we need to develop theories of change in context of these diverse perspectives. Our guiding future imaginaries must be informed by other academic fields, such as democratic theory and critical theory, and should be co-developed with social science scholars, legal scholars, civil rights and social justice activists, and artists, among others.
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
Connector Corner: Automate dynamic content and events by pushing a button
Cybersecurity Threats - NI Business Continuity Forum
1. CYBER SECURITY | THREATS
12TH NOVEMBER 2014
DAVID CROZIER – TECHNICAL MARKETING MANAGER
@DAVID_CROZIER
2. David Crozier
Technical Marketing Manager at QUB’s Centre for Secure Information Technologies (CSIT)
Responsible for marketing of commercial R&D, IP, MSc and membership programmes and planning
its annual World Cyber Security Technology Research Summit.
Currently advise the Northern Ireland Organised Crime Task Force on cyber and cyber enabled crime.
Holds a BSc Computer Science and MSc Innovation & Entrepreneurship from the University of Ulster.
3. Vision
Our vision is to establish a
global innovation hub for
cyber security, to accelerate
new value creation, drive new
venture creation and build
capacity for the cyber security
industry, whilst not
compromising on research
excellence
GLOBAL
INNOVATION
HUB FOR
CYBER
SECURITY
4. CSIT within the Innovation landscape
TRLs
SBRI, KTP,
Innovation Voucher
EPSRC–
Responsive Mode
Research CASE, PhDs
Horizon 2020
Collaborative R&D
Technology
Deployed,
Spinouts
EPSRC Innovate UK
Contract Development
CSIT - IKC
VCs, Angels etc.
SMART
1 2 3 4 5 6 7 8 9
10. Categories of Threats
CCoorrppoorraattiioonnss,,
Individuals
Corporations,
Individuals
Corporations,
Individuals,
Governments
N/A
Retailers,
Financial
Services,
Individuals
Intellectual
Property,
Negotiation
positions, Legal
posture, R&D,
Weapons
Low Low-Med Low-Med Low-Med High High
Phishing,
Malware
Destruction,
Theft
DDOS,
Anonymous,
Wikileaks, Lulzsec
Al-Qaeda Sites,
ISIS Recruitment
Carding,
ACH, PII
Chinese
Hackers, APTs,
ICS SCADA
Targets
Skill Level
Example
Objective
Financial
Gain
Revenge,
Monetary Gain
Defamation,
Notoriety
Fundraising,
Propaganda,
Recruitment
Financial
Gain
Economic,
Political
Advantage
Viruses
Worms, Spam
Insider threat,
Insider sabotage
Hacktivists Terrorists
Organised
Crime
State Sponsored
Amended from original and used with permission from – Paul C Dwyer, Cyber Risk International Ltd
11. The Insider Threat
“A person who exploits, or has the intention to exploit, their legitimate
access to an organisation’s assets for unauthorised purposes.”
Gender: 82% Male, 18% Female
Age: 49% 41-45 Years Old
Contract: 88% Permanent Staff
Job Type: Customer Service (20%), Financial (11%), Security 11%)
Role: 45% Managers, 49% Administrative/Support Roles
Duration: 6 Months (41%), 5+ Years (11%)
Time in Service: 5 Years (60%)
CPNI Insider Data Collection Study 2013
12. Detecting The Insider Threat
Threat Indicators:
Anomaly Detection
• Physical/Remote Access Patterns
• Data Access Patterns
• Communication Channels (Email, Phone, IM)
IT Observables
• Data Exfiltration
• Resource Usage (Systems, Printers, Data Storage)
• Access Violations (Resource Probing)
Evidential Reasoning
• Criminology Profiles (Immature, Self-Esteem, Impulsive)
• Motivation Analysis (Grievances, HR Reports)
• Behavioural Evidence (Stressed, Adverse Life Events)
13. The Increasing Network Perimeter
Multiple Access Points
Distributed Corporate Systems
Third-party IT Providers
Wireless Connectivity Support
3G/4G Pervasiveness
BYOD Support
Collaborative Data Sharing Tools
14. Compliance and certification is enough – Right?
Wrong!
• Payment Card Industry Data Security Standard (PCI DSS)
• ISO 27001:2013
• Certified Information Systems Security Professional (CISSP)
• Certified Information Security Manager (CISM)
• Certified Ethical Hacker (CEH)
These are only a starting point, baselines.
You need to aim for Compliance
Plus+ in relation to cyber security.
15. Cyber Security is not just ITs problem
CEO
CIO CFO COO CMO
Not knowing is not good enough anymore
16. If, not when.
Protect
Prepare
Detect
Analyse
Containment,
eradication
and
Remediation
Post-mortem
17. Threat Intelligence Sharing
The Cyber-security Information Sharing Partnership (CiSP), part of
CERT-UK, is a joint industry government initiative to share cyber threat
and vulnerability information in order to increase overall situational
awareness of the cyber threat and therefore reduce the impact on UK
business.
CiSP members receive enriched cyber threat and vulnerability
information from the ‘Fusion Cell’, a joint industry and government
analytical team who examine, analyse and feedback cyber information
from a wide variety of data sources.
600 Organisations and 1700 Individuals signed up for this free service
as of summer 2014.
18. Incident Reporting
• Significant under-reporting in Northern Ireland
• New reporting portal for industry only being tested
• Will support business case for further investigative resources
• PSNI are mindful of reputational damage.
• Investigation processes updated accordingly to minimise negative
commercial impact.
19. Growth Prospects
• Global Cybersecurity market size:
• £136Bn (K-Matrix, May 2013)
• £51Bn (Markets and Markets, 2012)
• UK Cybersecurity market size:
• £4.3Bn (K-Matrix, May 2013)
• £2.8Bn growing to £3.4Bn by 2017 (PAC, 2013)
• Importance to UK
• National Cybersecurity Strategy
• Major Businesses (BAE Systems, Thales UK, QinetiQ, BT), specialist
consultants (KPMG, PwC), UK based FDI (IBM, Intel, Microsoft,
Lockheed Martin, CGI) and numerous SMEs
• Cyber Growth Partnership
• Government have targeted £2Bn by 2016 for exports (£850M in 2012)
• 135% Growth
21. MSc in Cyber Security
Industry Informed Work Placement Opportunities
• Feedback incorporated into course structure module content
• McAfee providing lecture material to support Malware module
• Invited seminars and special guest lectures from industry experts
• Internship and work placement opportunities will be open to students
accepted for enrolment on the MSc in Cyber Security