Cyber security in Sri Lanka faces several challenges. Sri Lanka's cyber security body, SLCERT, is understaffed and has limited technical knowledge compared to the private sector. Sri Lankan cyber security resources and attention are also less than neighboring countries. To improve, Sri Lanka should coordinate cyber activities across institutions, regulate with business involvement, and extend national security policies to include cyber security. Public-private partnerships and international cooperation are also needed to bolster Sri Lanka's cyber defenses.
Introduction to Cyber forensics: Information Security Investigations, Corporate Cyber Forensics, Scientific method in forensic analysis, investigating large scale Data breach cases.
Analyzing Malicious software.
Types of Computer Forensics Technology, Types of Military Computer Forensic Technology, Types of Law Enforcement, Computer Forensic Technology, Types of Business Computer Forensic Technology, Specialized Forensics Techniques, Hidden Data and How to Find It, Spyware and Adware, Encryption Methods and Vulnerabilities, Protecting Data from Being Compromised Internet Tracing Methods, Security and Wireless Technologies, Avoiding Pitfalls with Firewalls Biometric Security Systems
Introduction to Cyber forensics: Information Security Investigations, Corporate Cyber Forensics, Scientific method in forensic analysis, investigating large scale Data breach cases.
Analyzing Malicious software.
Types of Computer Forensics Technology, Types of Military Computer Forensic Technology, Types of Law Enforcement, Computer Forensic Technology, Types of Business Computer Forensic Technology, Specialized Forensics Techniques, Hidden Data and How to Find It, Spyware and Adware, Encryption Methods and Vulnerabilities, Protecting Data from Being Compromised Internet Tracing Methods, Security and Wireless Technologies, Avoiding Pitfalls with Firewalls Biometric Security Systems
ETHICAL HACKING AND SOCIAL ENGINEERING
Topics Covered: Ethical Hacking Concepts and Scopes, Threats and Attack Vectors, Information Assurance, Threat Modelling, Enterprise Information Security Architecture, Vulnerability, Assessment and Penetration Testing, Types of Social Engineering, Insider Attack, Preventing Insider Threats, Social Engineering Targets and Defence Strategies
When identifying the most useful best-practice standards and guidance for implementing effective cyber security, it is important to establish the role that each fulfils, its scope and how it interacts (or will interact) with other standards and guidance.
Cybersecurity standards are generally applicable to all organisations regardless of their size or the industry and sector in which they operate. This page provides generic information on each of the standards that is usually recognised as an essential component of any cyber security strategy.
The basic fundamental of cybersecurity and how can it be used for unethical purposes.
For this type of presentations (customised), you can contact me here : rishav.sadhu11@gmail.com
Cybercrime and Cybersecurity Governance: A Kenyan PerspectiveIvan Sang
Achieving effective cybersecurity and governance is a complex challenge for states, businesses and individuals. Recent empirical analyses indicate that cybercrime now costs the global economy over USD 600 billion annually, but many experts believe that this is a conservative figure that understates the actual amount. Reports of cyber breaches that affect democracy, financial services, retail, healthcare, defence, utilities, and infrastructure are becoming more frequent. Also, this trend is projected to increase in the near future. Governments of developing countries, including Kenya, are slowly adopting technology as a tool to offer efficient services. In contrast, cybercriminals use some of the most cutting edge cyber technologies to commit criminal offences and to outfox state countermeasures. Another trend is that cyber threats originate not only from individual actors or highly organized groups, but are also increasingly states-sponsored. Weaknesses in the cyber domain such as deficient cyber or law enforcement capabilities and poor legislation have been exploited to cause harm and impede socio-economic progress. Using a comparative approach, this presentation shows that cybersecurity is a shared responsibility for private citizens, communities, corporations and states alike. It also illustrates that professionals should play a more active role in minimizing and deterring cyber incidents. This session will explore the case of Kenya as country-specific yet comparatively relevant jurisdiction to explore strategic responses to cybercrime, the operational limits of cybersecurity governance and propose ways to mitigate cyber risks.
Cyber Security introduction. Cyber security definition. Vulnerabilities. Social engineering and human error. Financial cost of security breaches. Computer protection. The cyber security job market
We at AVANZO Strongly believe that PREVENTION IS BETTER THAN CURE and so an awareness program in schools named as Cyber Awareness Program (CAP) is introduced for schools across the country....
Are you aware of the current security threats to your business? Are you prepared to handle the next big DDoS attack? What can you do to be prepared?
Join this webinar to learn about:
- Growing threat landscape
- Challenges to a successful security strategy
- Business impact of attacks
- Securing web applications from attacks
ETHICAL HACKING AND SOCIAL ENGINEERING
Topics Covered: Ethical Hacking Concepts and Scopes, Threats and Attack Vectors, Information Assurance, Threat Modelling, Enterprise Information Security Architecture, Vulnerability, Assessment and Penetration Testing, Types of Social Engineering, Insider Attack, Preventing Insider Threats, Social Engineering Targets and Defence Strategies
When identifying the most useful best-practice standards and guidance for implementing effective cyber security, it is important to establish the role that each fulfils, its scope and how it interacts (or will interact) with other standards and guidance.
Cybersecurity standards are generally applicable to all organisations regardless of their size or the industry and sector in which they operate. This page provides generic information on each of the standards that is usually recognised as an essential component of any cyber security strategy.
The basic fundamental of cybersecurity and how can it be used for unethical purposes.
For this type of presentations (customised), you can contact me here : rishav.sadhu11@gmail.com
Cybercrime and Cybersecurity Governance: A Kenyan PerspectiveIvan Sang
Achieving effective cybersecurity and governance is a complex challenge for states, businesses and individuals. Recent empirical analyses indicate that cybercrime now costs the global economy over USD 600 billion annually, but many experts believe that this is a conservative figure that understates the actual amount. Reports of cyber breaches that affect democracy, financial services, retail, healthcare, defence, utilities, and infrastructure are becoming more frequent. Also, this trend is projected to increase in the near future. Governments of developing countries, including Kenya, are slowly adopting technology as a tool to offer efficient services. In contrast, cybercriminals use some of the most cutting edge cyber technologies to commit criminal offences and to outfox state countermeasures. Another trend is that cyber threats originate not only from individual actors or highly organized groups, but are also increasingly states-sponsored. Weaknesses in the cyber domain such as deficient cyber or law enforcement capabilities and poor legislation have been exploited to cause harm and impede socio-economic progress. Using a comparative approach, this presentation shows that cybersecurity is a shared responsibility for private citizens, communities, corporations and states alike. It also illustrates that professionals should play a more active role in minimizing and deterring cyber incidents. This session will explore the case of Kenya as country-specific yet comparatively relevant jurisdiction to explore strategic responses to cybercrime, the operational limits of cybersecurity governance and propose ways to mitigate cyber risks.
Cyber Security introduction. Cyber security definition. Vulnerabilities. Social engineering and human error. Financial cost of security breaches. Computer protection. The cyber security job market
We at AVANZO Strongly believe that PREVENTION IS BETTER THAN CURE and so an awareness program in schools named as Cyber Awareness Program (CAP) is introduced for schools across the country....
Are you aware of the current security threats to your business? Are you prepared to handle the next big DDoS attack? What can you do to be prepared?
Join this webinar to learn about:
- Growing threat landscape
- Challenges to a successful security strategy
- Business impact of attacks
- Securing web applications from attacks
Appreciation of Digital Evidence in Sri Lankan LawTalwant Singh
With the changing times, the mode of producing evidence before Court has also changed. Most of the evidence presented before Courts is going to be Digital Evidence, so it is necessary to understand nature and methods to capture such evidence and present the same before Court.
Use of Information technology in Human Resource Management is increasing day by day. The Judiciary has to adopt appropriate ICT for its HRM related needs.
The Cyber Security Readiness of Canadian OrganizationsScalar Decisions
Highlights of the 2015 Scalar Security Study, The Cyber Security Readiness of Canadian Organizations, published February 2015. The full report can be downloaded at: http://hubs.ly/y0tFbr0
DANE: The Future of Transport Layer Security (TLS)
Dan York (Internet Society)
If you connect to a “secure” server using TLS/SSL (such as a web server, email server or xmpp server), how do you know you are using the correct certificate? With DNSSEC now being deployed, a new protocol has emerged called “DANE” (“DNS-Based Authentication of Named Entities“), which allows you to securely specify exactly which TLS/SSL certificate an application should use to connect to your site. DANE has great potential to make the Internet much more secure by marrying the strong integrity protection of DNSSEC with the confidentiality of SSL/TLS certificates. In this session, we will explain how DANE works and how you can use it to secure your websites, email, XMPP, VoIP, and other web services.
Executive Summary of the 2016 Scalar Security StudyScalar Decisions
Executive Summary of the 2016 Scalar Security Study, The Cyber Security Readiness of Canadian Organizations, published February 2016. The full report can be downloaded at: scalar.ca/security-study-2016/
There is no argument about the popularity of the social platforms such as Facebook, YouTube, twitter, etc. These platforms can be used to stay in touch with your friends, increase sales revenues for organizations and as a collaboration tool to stay connected with the public. However, each of these benefits comes at a cost, putting your private information at a risk/ exposed. We aim to discuss the common security risks associated with usage of these platforms including risk mitigation strategies.
Intro Video : https://www.youtube.com/watch?v=zxpa4dNVd3c
Presentation for Computer Society of Sri Lanka on 24 Feb 2015
Cybersecurity concepts & Defense best practisesWAJAHAT IQBAL
This presentation is an attempt to present the complex Subject of Cybersecurity in a concise format with main focus to present the core of Cybersecurity and best practises and standards to protect an enterprise Network.Comments of readers welcomed.Thank You (Wajahat Iqbal)
Email: Wajahat_Iqbal@yahoo.com
talks about the present status of the cyber security in India. The policy of cyber security is also discussed. the general principles of the cyber security is highlighted.
Legal position of cyber security and instances of breach of information technology code is also discussed.
A look at why Caribbean cyber security is important, Caribbean experiences achieving cyber security, why an effective strategy is critical and the importance of an effective Information Governance strategy.
Many ways to support street children.pptxSERUDS INDIA
By raising awareness, providing support, advocating for change, and offering assistance to children in need, individuals can play a crucial role in improving the lives of street children and helping them realize their full potential
Donate Us
https://serudsindia.org/how-individuals-can-support-street-children-in-india/
#donatefororphan, #donateforhomelesschildren, #childeducation, #ngochildeducation, #donateforeducation, #donationforchildeducation, #sponsorforpoorchild, #sponsororphanage #sponsororphanchild, #donation, #education, #charity, #educationforchild, #seruds, #kurnool, #joyhome
Jennifer Schaus and Associates hosts a complimentary webinar series on The FAR in 2024. Join the webinars on Wednesdays and Fridays at noon, eastern.
Recordings are on YouTube and the company website.
https://www.youtube.com/@jenniferschaus/videos
Canadian Immigration Tracker March 2024 - Key SlidesAndrew Griffith
Highlights
Permanent Residents decrease along with percentage of TR2PR decline to 52 percent of all Permanent Residents.
March asylum claim data not issued as of May 27 (unusually late). Irregular arrivals remain very small.
Study permit applications experiencing sharp decrease as a result of announced caps over 50 percent compared to February.
Citizenship numbers remain stable.
Slide 3 has the overall numbers and change.
ZGB - The Role of Generative AI in Government transformation.pdfSaeed Al Dhaheri
This keynote was presented during the the 7th edition of the UAE Hackathon 2024. It highlights the role of AI and Generative AI in addressing government transformation to achieve zero government bureaucracy
Understanding the Challenges of Street ChildrenSERUDS INDIA
By raising awareness, providing support, advocating for change, and offering assistance to children in need, individuals can play a crucial role in improving the lives of street children and helping them realize their full potential
Donate Us
https://serudsindia.org/how-individuals-can-support-street-children-in-india/
#donatefororphan, #donateforhomelesschildren, #childeducation, #ngochildeducation, #donateforeducation, #donationforchildeducation, #sponsorforpoorchild, #sponsororphanage #sponsororphanchild, #donation, #education, #charity, #educationforchild, #seruds, #kurnool, #joyhome
Russian anarchist and anti-war movement in the third year of full-scale warAntti Rautiainen
Anarchist group ANA Regensburg hosted my online-presentation on 16th of May 2024, in which I discussed tactics of anti-war activism in Russia, and reasons why the anti-war movement has not been able to make an impact to change the course of events yet. Cases of anarchists repressed for anti-war activities are presented, as well as strategies of support for political prisoners, and modest successes in supporting their struggles.
Thumbnail picture is by MediaZona, you may read their report on anti-war arson attacks in Russia here: https://en.zona.media/article/2022/10/13/burn-map
Links:
Autonomous Action
http://Avtonom.org
Anarchist Black Cross Moscow
http://Avtonom.org/abc
Solidarity Zone
https://t.me/solidarity_zone
Memorial
https://memopzk.org/, https://t.me/pzk_memorial
OVD-Info
https://en.ovdinfo.org/antiwar-ovd-info-guide
RosUznik
https://rosuznik.org/
Uznik Online
http://uznikonline.tilda.ws/
Russian Reader
https://therussianreader.com/
ABC Irkutsk
https://abc38.noblogs.org/
Send mail to prisoners from abroad:
http://Prisonmail.online
YouTube: https://youtu.be/c5nSOdU48O8
Spotify: https://podcasters.spotify.com/pod/show/libertarianlifecoach/episodes/Russian-anarchist-and-anti-war-movement-in-the-third-year-of-full-scale-war-e2k8ai4
3. Agenda
1. Background
2. Importance of Study
3. Definitions
4. International Incidents and Local Incidents
5. Preparedness Levels
6. Concluding Remarks
4. The Snowden Effect
• The Economist speculated that "the big
consequence" of the "Snowden Effect“
will be that "countries and companies
will erect borders of sorts in
cyberspace.
• In Forbes, the effect was seen as
evidenced by a rare bipartisan
movement in the U.S. Congress: "a
divided, intransigent Congress seems
nearly united over the idea that the
massive domestic intelligence gathering
system that grew after 9/11 has simply
gone too far."
7. Definitions of Cyber Terrorism
• “Cyber Terrorism is the premeditated use of disruptive
activities, or the threat thereof, against computers and/or
networks, with the intention to cause harm or further social,
ideological, religious, political or similar objectives, or to
intimidate any person in furtherance of such objectives. ”
• Cyber Terrorism is limited to actions by individuals, independent groups, or
organizations. Any form of cyber warfare conducted by governments and states would
be regulated and punishable under international law.
• Examples are ,
– hacking into computer systems, introducing
viruses to vulnerable networks, web site
defacing, Denial-of-service attacks,
or terroristic threats made via
electronic communication.
8. International Incidents
• The Baltic state of Estonia was target to a massive denial-of-service attack
that ultimately rendered the country offline and shut out from services
dependent on Internet connectivity for three weeks in the spring of 2007.
The infrastructure of Estonia including everything from online banking and
mobile phone networks to government services and access to health care
information was disabled for a time. The tech-dependent state was in
severe problem and there was a great deal of concern over the nature and
intent of the attack.
• During the Russia-Georgia War, on 5 August 2008, three days before
Georgia launched its invasion of South Ossetia, the websites for OSInform
News Agency and OSRadio were hacked.
• In October 2007, the website of Ukrainian president Viktor Yushchenko
was attacked by hackers. A radical Russian nationalist youth group, the
Eurasian Youth Movement, claimed responsibility.
9. Local Incidents
• In 1998, ethnic Tamil guerrillas swamped Sri Lankan
embassies with 800 e-mails a day over a two-week
period. The messages read "We are the Internet Black
Tigers and we're doing this to disrupt your
communications." Intelligence authorities
characterized it as the first known attack by terrorists
against a country's computer systems.
• In May 2009 SRI LANKA Army's official news wing,
(www.army.lk) has been illegally hacked by suspected
Tiger terrorists
10. Other Countries – State of
Preparedness
• The Chinese Defense Ministry confirmed the existence of an online defense unit in
May 2011. Composed of about thirty elite internet specialists, the so-called "Cyber
Blue Team," or "Blue Army," is officially claimed to be engaged in cyber-defense
operations, though there are fears the unit has been used to penetrate secure online
systems of foreign governments.
• May 2011 Israeli Prime Minister Benjamin Netanyahu announced the establishment
of the National Internet Defense Taskforce, charged with developing tools to secure
vital Israeli online infrastructure. "The main responsibility of the taskforce will be to
expand the state's ability to defend vital infrastructure networks against cybernetic
terrorist attacks perpetrated by foreign countries and terrorist elements
• The US Department of Defense (DoD) charged the United States Strategic Command
with the duty of combating cyber terrorism. This is accomplished through the Joint
Task Force-Global Network Operations, which is the operational component
supporting USSTRATCOM in defense of the DoD's Global Information Grid. This is
done by integrating GNO capabilities into the operations of all DoD computers,
networks, and systems used by DoD combatant commands, services and agencies.
11. Other Countries – State of
Preparedness
National Cyber Security Strategies in the World
12. Other Countries – State of
Preparedness
EU Moving Towards a Combined Strategy .
The Strategy is accompanied by the technical legislative proposal by the European
Commission's Directorate General Connect to strengthen the security of
information systems in the EU. This will encourage economic growth as people's
confidence in buying things online and using the Internet will be strengthened.
The Strategy is offering clear priorities for the EU international cyberspace policy:
1. Freedom and openness: The strategy will outline the vision and principles on applying the
EU core values and fundamental rights in cyberspace.
2. The laws, norms and EU's core values apply as much in the cyberspace as in the physical
world: The responsibility for a more secure cyberspace lies with all players of the global
information society, from citizens to governments.
3. Developing cyber security capacity building: The EU will engage with international partners
and organisations, the private sector and civil society to support global capacity building in
third countries. It will include improving access to information and to an open Internet, and
preventing cyber threats.
4. Fostering international cooperation in cyberspace issues: To preserve open, free and secure
cyberspace is a global challenge, which the EU will address together with the relevant
international partners and organisations, the private sector and civil society.
13. Sri Lanka Computer Emergency
Readiness Team (CERT)
Reshan Dewapura (Head of SL Central IT Body / ICTA ) made the following
five practical proposals to overcome cyber crime in Sri Lanka:-
1. We have to recognise that it is the responsibility of the government to ensure that national
networks are secure and have not been penetrated. To achieve this, the nation’s cyber
activities need to be coordinated on both the institutional, district and provincial levels.
And this has to be led by the Apex Agency of Cyber Security in Sri Lanka, SLCERT.
2.
Centralised bodies such as Sri Lanka CERT, Law Enforcement Agencies and the Legislature
should focus on areas where it has particular competence, such as protecting critical
infrastructure and coordinating legal structures, as well as regulating and working with
business, consumer protection privacy, and anti-terrorism.
3.
The national security policy would need to be extended to include a cyber security agenda
that covers the length and breadth of the country, in order to take the message to the
people that cyber security is compatible with individual rights, privacy and freedom of
speech.
14. Sri Lanka Computer Emergency
Readiness Team (CERT)
4.
This national security and defense policy can be used for
furthering Sri Lanka’s cyber security agenda; this policy must also
ensure that military operations and civilian missions are protected
against cyber attacks. Cyber defence should be made an active
capability of the country as a whole; it is crucial that Sri Lanka
takes advantage of the overlaps it shares with its powerful Asian
neighbours to coordinate activities between our countries.
5. Establish Public Private Partnerships – It is essential for
governments to cooperate with the private sector, as the majority
of web infrastructure is in private hands. All developed nations
have identified this and are working closely with the private
sector, and the private sector in return should reciprocate
equally.”
15. Sri Lanka Computer Emergency
Readiness Team (CERT)
- Actual State
• Citizens
Citizens who use emails, social media and many web applications such as e-banking
are misled and duped by people who have malicious and financial intents.
• Government Organizations
1. Information Security (IS) Audit. IS audits on your IT systems should be carried out every 6
months, at the very minimum.
2. Sri Lanka CERT|CC conducted a web security workshop/seminar for government
3. Ensure your website is compliant with Sri Lanka Government web standards.
4. Ensure that your web developer or the party responsible for maintain the website comply
with Information Security checklist.
5. Ensure that your organization has adopted, implemented and conforming to the Information
Security Policy which has been approved by the Cabinet of Ministers through the
eGovernment Policy.
6. Information Security Management Systems (ISMS) certificate
16. Concluding Remarks
1. Resources and attention given to Sri Lankan Cyber
Security sector is very less compared with
neighboring countries.
2. The appointed body to secure the country from such
threats are severely understaffed, and comparatively
has limited technical knowledge compared to privet
sector specialists.
3. Cyber Security is the least secure of the security
bodies in Sri Lanka (Compared with Army , Navy Air
force & Police)
18. Bibliography for Research
1. Westcott N. (2008) , “Digital Diplomacy: The Impact of the Internet on
International Relations” , Oxford Internet Institute, Research Report 16
2. Nissenbaum H (2005) , “Where Computer Security Meets National Security” , Ethics
and Information Technology , New York University
3. Edith Cowan University (2010) , “International Relations and Cyber Attached
Official and Unofficial Disclosure” , Australian Information Security Welfare
Conference
4. Nye J S (2010), “Cyber Power”, Harvard Kennedy School
5. Graham E (2010) , “Cyber Threats and Law of War” , Journal of Security Law and
Policy”
6. Herzog J (2011) , “Revisiting Estonian Cyber Attacks: Digital Threats and
Multinational Responses” , Journal of Strategy Security
7. Cavelty M (2013) , “ From Cyber Bombs to Political Fallout: Threat Representations
with an Impact in the Cyber Security Disclosure” , International Studies Review