SlideShare a Scribd company logo

Cyber security best practices

Download as PPTX, PDF
John Moylan
John Moylan

This document discusses cyber security best practices for media organizations. It notes that hacking and espionage are not new threats, and that organized cybercrime is now worth more than the global drugs trade. The document outlines advanced persistent threats faced by UK broadcasters and financial institutions. It recommends developing practical security policies, mandating scanning and patching, and installing security information and event management systems to monitor for threats. The document also discusses new regulations like the General Data Protection Regulation and the need for organizations to adapt security practices to address evolving threats like ransomware and phishing.

Technology
1 of 20
Cyber Security Best Practices EBU/FNS – RTÉ 27/09/2016 John Moylan
“Breaking bad habits”
Hacking and espionage are not new Al-Kindi, 9th, Century AD Cryptoanalysis by frequency analysis
Organised Cybercrime Worth more than the global drugs trade USD$3T (2013 Europol report)
Advanced persistent threats the ones we know about.. 2016 – ”GCHQ sees off..cyber attack on UK broadcasters” 2016 – Swift Hacks – Ecuador, Bangladesh, Ukraine (USD$12M, USD$81M, USD$10M) 2015 – TV5 Monde attacked 2014 – Sony hacked.. allegedly state sponsored
FBI in the not too-distant-future we anticipate that the cyberthreat will pose the greatest threat to our country," FBI Director Robert Mueller (2012)
Catch up The Risk Profile has changed • GDPR • NIST • Ransomware • CEO Fraud • Phishing • DDOS • ...
Focus "When a man knows he is to be hanged... it concentrates the mind wonderfully" - Samuel Johnson
Putting flesh on bones
Real Examples • Internet transcoder • Vulnerable services – no patches • Default passwords – not possible to reset • All network attached equipment needs QA'd and monitored
Develop practical Policies • Mandate scanning and patching • Helps Avoid: • Putting your systems at risk • Putting your users at risk
MCS Publications • R141 – Mitigation of Distributed Denial of service attacks • R142 – Cybersecurity on Connected TV's • R143 – Cybersecurity for media vendor systems, software and services • R144 – Cybersecurity Governance for Media Companies • R145 – Mitigating Ransomware and Malware attacks
MCS Cyber Security representatives from the majority of EBU members.
OWASP The Open Web Application Security Project "not-for-profit charitable organization focused on improving the security of software"
Install a SIEM If something is happening you need to know about it! Sed and Grep do not a SIEM maketh!
Keep up with your options • Increased Phishing Activity • Solution: Education and 2FA
GDPR • Does your company have a DPO? • How do you manage email? – Attachments? – The Cloud? – CCTV? The test is 'Can the data harm the individual or the company?'
New Regulations General Data Protection Regulation(GDPR) (Regulation (EU) 2016/679) Protects Personally Identifiable Data Max. fine of either 4% of global turnover or €20,000,000 (whichever is highest)
What can I do? • Make Security a board level issue • Keep auditing for weaknesses • Educate and Communicate • Keep monitoring
In Summary Security is evolving, change is the only constant. Old habits need to be broken to adapt to the new reality

Recommended

Prince banton cybercrime presentation
Prince banton cybercrime presentationPrince banton cybercrime presentation
Prince banton cybercrime presentation
PrinceBanton1
 
Cyber Crime is around us
Cyber Crime is around usCyber Crime is around us
Cyber Crime is around uslichuyuliting
 
Cyber Crime - "Who, What and How"
Cyber Crime - "Who, What and How"Cyber Crime - "Who, What and How"
Cyber Crime - "Who, What and How"
Jisc
 
Law and warfare in the cyber domain (for NSSP, AFP, NDCP)
Law and warfare in the cyber domain (for NSSP, AFP, NDCP)Law and warfare in the cyber domain (for NSSP, AFP, NDCP)
Law and warfare in the cyber domain (for NSSP, AFP, NDCP)
Benjamin Ang
 
Infographic Economic Impact of Cybercrime
Infographic Economic Impact of CybercrimeInfographic Economic Impact of Cybercrime
Infographic Economic Impact of Cybercrime
Jeferson Propheta
 
Cyber crime (mis305)
Cyber crime (mis305)Cyber crime (mis305)
Cyber crime (mis305)
Istiaq Jahan Shuvo
 
Cyber threats and cooperation in Indo Pacific for Pacific Forum 2020
Cyber threats and cooperation in Indo Pacific for Pacific Forum 2020Cyber threats and cooperation in Indo Pacific for Pacific Forum 2020
Cyber threats and cooperation in Indo Pacific for Pacific Forum 2020
Benjamin Ang
 
New Challenges in Data Privacy - Cybercrime and Cybersecurity Forum 2013, Sof...
New Challenges in Data Privacy - Cybercrime and Cybersecurity Forum 2013, Sof...New Challenges in Data Privacy - Cybercrime and Cybersecurity Forum 2013, Sof...
New Challenges in Data Privacy - Cybercrime and Cybersecurity Forum 2013, Sof...
Zdravko Stoychev, CISM, CRISC
 

Recommended

Prince banton cybercrime presentation
Prince banton cybercrime presentationPrince banton cybercrime presentation
Prince banton cybercrime presentation
PrinceBanton1
 
Cyber Crime is around us
Cyber Crime is around usCyber Crime is around us
Cyber Crime is around uslichuyuliting
 
Cyber Crime - "Who, What and How"
Cyber Crime - "Who, What and How"Cyber Crime - "Who, What and How"
Cyber Crime - "Who, What and How"
Jisc
 
Law and warfare in the cyber domain (for NSSP, AFP, NDCP)
Law and warfare in the cyber domain (for NSSP, AFP, NDCP)Law and warfare in the cyber domain (for NSSP, AFP, NDCP)
Law and warfare in the cyber domain (for NSSP, AFP, NDCP)
Benjamin Ang
 
Infographic Economic Impact of Cybercrime
Infographic Economic Impact of CybercrimeInfographic Economic Impact of Cybercrime
Infographic Economic Impact of Cybercrime
Jeferson Propheta
 
Cyber crime (mis305)
Cyber crime (mis305)Cyber crime (mis305)
Cyber crime (mis305)
Istiaq Jahan Shuvo
 
Cyber threats and cooperation in Indo Pacific for Pacific Forum 2020
Cyber threats and cooperation in Indo Pacific for Pacific Forum 2020Cyber threats and cooperation in Indo Pacific for Pacific Forum 2020
Cyber threats and cooperation in Indo Pacific for Pacific Forum 2020
Benjamin Ang
 
New Challenges in Data Privacy - Cybercrime and Cybersecurity Forum 2013, Sof...
New Challenges in Data Privacy - Cybercrime and Cybersecurity Forum 2013, Sof...New Challenges in Data Privacy - Cybercrime and Cybersecurity Forum 2013, Sof...
New Challenges in Data Privacy - Cybercrime and Cybersecurity Forum 2013, Sof...
Zdravko Stoychev, CISM, CRISC
 
Cybercrime Legislation in the Middle East
Cybercrime Legislation in the Middle EastCybercrime Legislation in the Middle East
Cybercrime Legislation in the Middle East
Mohamed N. El-Guindy
 
Cyberterrorism. Past, Present, Future
Cyberterrorism. Past, Present, FutureCyberterrorism. Past, Present, Future
Cyberterrorism. Past, Present, Future
Priyanka Aash
 
Bo e v1.0
Bo e v1.0Bo e v1.0
Bo e v1.0
Prof John Walker FRSA Purveyor Dark Intelligence
 
IBC 2016 Presentation - Breaking bad habits - Security Challenges for Public ...
IBC 2016 Presentation - Breaking bad habits - Security Challenges for Public ...IBC 2016 Presentation - Breaking bad habits - Security Challenges for Public ...
IBC 2016 Presentation - Breaking bad habits - Security Challenges for Public ...
John Moylan
 
cyber crime it presentation
cyber crime it presentationcyber crime it presentation
cyber crime it presentation
KenzaJamil
 
Cyberterrorism final
Cyberterrorism finalCyberterrorism final
Cyberterrorism final
sudheerreddy59
 
Technical, Legal and Political Issues of Combating Terrorism on the Internet.
Technical, Legal and Political Issues of Combating Terrorism on the Internet.Technical, Legal and Political Issues of Combating Terrorism on the Internet.
Technical, Legal and Political Issues of Combating Terrorism on the Internet.
Abzetdin Adamov
 
Singapore Asean cyber conflict and cybersecurity strategy - for Columbia Univ...
Singapore Asean cyber conflict and cybersecurity strategy - for Columbia Univ...Singapore Asean cyber conflict and cybersecurity strategy - for Columbia Univ...
Singapore Asean cyber conflict and cybersecurity strategy - for Columbia Univ...
Benjamin Ang
 
cybersecurity- A.Abutaleb
cybersecurity- A.Abutalebcybersecurity- A.Abutaleb
cybersecurity- A.Abutaleb
Fahmi Albaheth
 
Is Cyber-offence the New Cyber-defence?
Is Cyber-offence the New Cyber-defence?Is Cyber-offence the New Cyber-defence?
Is Cyber-offence the New Cyber-defence?
Jim Geovedi
 
Wannacry ransomware attack (Sherly)
Wannacry ransomware attack (Sherly)Wannacry ransomware attack (Sherly)
Wannacry ransomware attack (Sherly)
SherlyPinto
 
Cyber Crime Challenges in the Middle East
Cyber Crime Challenges in the Middle EastCyber Crime Challenges in the Middle East
Cyber Crime Challenges in the Middle East
Mohamed N. El-Guindy
 
Voices of Vulnerability Disclosure Policy
Voices of Vulnerability Disclosure PolicyVoices of Vulnerability Disclosure Policy
Voices of Vulnerability Disclosure Policy
HackerOne
 
Cyber war a threat to indias homeland security 2015
Cyber war a threat to indias homeland security 2015Cyber war a threat to indias homeland security 2015
Cyber war a threat to indias homeland security 2015
Ajay Serohi
 
Curbing Cyber Menace BY: Kenneth Adu Amanfoh Deputy Director IT,NCA
Curbing Cyber Menace BY: Kenneth Adu Amanfoh Deputy Director IT,NCACurbing Cyber Menace BY: Kenneth Adu Amanfoh Deputy Director IT,NCA
Curbing Cyber Menace BY: Kenneth Adu Amanfoh Deputy Director IT,NCA
Francis Amaning
 
Cyber Terrorism
Cyber TerrorismCyber Terrorism
Cyber Terrorism
loverakk187
 
chapter 3 ethics: computer and internet crime
chapter 3 ethics: computer and internet crimechapter 3 ethics: computer and internet crime
chapter 3 ethics: computer and internet crime
muhammad awais
 
Cyber terrorism
Cyber terrorismCyber terrorism
Cyber terrorism
Suyash Shanker
 
Adrian Ifrim - prezentare - Cyber Security Trends 2020
Adrian Ifrim - prezentare - Cyber Security Trends 2020Adrian Ifrim - prezentare - Cyber Security Trends 2020
Adrian Ifrim - prezentare - Cyber Security Trends 2020
Business Days
 
APT in the Financial Sector
APT in the Financial SectorAPT in the Financial Sector
APT in the Financial Sector
LIFARS
 
Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...
Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...
Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...
IBM Security
 
LTU Cybersecurity
LTU CybersecurityLTU Cybersecurity
LTU CybersecurityMichael Fieldhouse
 

More Related Content

What's hot

Cybercrime Legislation in the Middle East
Cybercrime Legislation in the Middle EastCybercrime Legislation in the Middle East
Cybercrime Legislation in the Middle East
Mohamed N. El-Guindy
 
Cyberterrorism. Past, Present, Future
Cyberterrorism. Past, Present, FutureCyberterrorism. Past, Present, Future
Cyberterrorism. Past, Present, Future
Priyanka Aash
 
Bo e v1.0
Bo e v1.0Bo e v1.0
Bo e v1.0
Prof John Walker FRSA Purveyor Dark Intelligence
 
IBC 2016 Presentation - Breaking bad habits - Security Challenges for Public ...
IBC 2016 Presentation - Breaking bad habits - Security Challenges for Public ...IBC 2016 Presentation - Breaking bad habits - Security Challenges for Public ...
IBC 2016 Presentation - Breaking bad habits - Security Challenges for Public ...
John Moylan
 
cyber crime it presentation
cyber crime it presentationcyber crime it presentation
cyber crime it presentation
KenzaJamil
 
Cyberterrorism final
Cyberterrorism finalCyberterrorism final
Cyberterrorism final
sudheerreddy59
 
Technical, Legal and Political Issues of Combating Terrorism on the Internet.
Technical, Legal and Political Issues of Combating Terrorism on the Internet.Technical, Legal and Political Issues of Combating Terrorism on the Internet.
Technical, Legal and Political Issues of Combating Terrorism on the Internet.
Abzetdin Adamov
 
Singapore Asean cyber conflict and cybersecurity strategy - for Columbia Univ...
Singapore Asean cyber conflict and cybersecurity strategy - for Columbia Univ...Singapore Asean cyber conflict and cybersecurity strategy - for Columbia Univ...
Singapore Asean cyber conflict and cybersecurity strategy - for Columbia Univ...
Benjamin Ang
 
cybersecurity- A.Abutaleb
cybersecurity- A.Abutalebcybersecurity- A.Abutaleb
cybersecurity- A.Abutaleb
Fahmi Albaheth
 
Is Cyber-offence the New Cyber-defence?
Is Cyber-offence the New Cyber-defence?Is Cyber-offence the New Cyber-defence?
Is Cyber-offence the New Cyber-defence?
Jim Geovedi
 
Wannacry ransomware attack (Sherly)
Wannacry ransomware attack (Sherly)Wannacry ransomware attack (Sherly)
Wannacry ransomware attack (Sherly)
SherlyPinto
 
Cyber Crime Challenges in the Middle East
Cyber Crime Challenges in the Middle EastCyber Crime Challenges in the Middle East
Cyber Crime Challenges in the Middle East
Mohamed N. El-Guindy
 
Voices of Vulnerability Disclosure Policy
Voices of Vulnerability Disclosure PolicyVoices of Vulnerability Disclosure Policy
Voices of Vulnerability Disclosure Policy
HackerOne
 
Cyber war a threat to indias homeland security 2015
Cyber war a threat to indias homeland security 2015Cyber war a threat to indias homeland security 2015
Cyber war a threat to indias homeland security 2015
Ajay Serohi
 
Curbing Cyber Menace BY: Kenneth Adu Amanfoh Deputy Director IT,NCA
Curbing Cyber Menace BY: Kenneth Adu Amanfoh Deputy Director IT,NCACurbing Cyber Menace BY: Kenneth Adu Amanfoh Deputy Director IT,NCA
Curbing Cyber Menace BY: Kenneth Adu Amanfoh Deputy Director IT,NCA
Francis Amaning
 
Cyber Terrorism
Cyber TerrorismCyber Terrorism
Cyber Terrorism
loverakk187
 
chapter 3 ethics: computer and internet crime
chapter 3 ethics: computer and internet crimechapter 3 ethics: computer and internet crime
chapter 3 ethics: computer and internet crime
muhammad awais
 
Cyber terrorism
Cyber terrorismCyber terrorism
Cyber terrorism
Suyash Shanker
 
Adrian Ifrim - prezentare - Cyber Security Trends 2020
Adrian Ifrim - prezentare - Cyber Security Trends 2020Adrian Ifrim - prezentare - Cyber Security Trends 2020
Adrian Ifrim - prezentare - Cyber Security Trends 2020
Business Days
 

What's hot (19)

Cybercrime Legislation in the Middle East
Cybercrime Legislation in the Middle EastCybercrime Legislation in the Middle East
Cybercrime Legislation in the Middle East
 
Cyberterrorism. Past, Present, Future
Cyberterrorism. Past, Present, FutureCyberterrorism. Past, Present, Future
Cyberterrorism. Past, Present, Future
 
Bo e v1.0
Bo e v1.0Bo e v1.0
Bo e v1.0
 
IBC 2016 Presentation - Breaking bad habits - Security Challenges for Public ...
IBC 2016 Presentation - Breaking bad habits - Security Challenges for Public ...IBC 2016 Presentation - Breaking bad habits - Security Challenges for Public ...
IBC 2016 Presentation - Breaking bad habits - Security Challenges for Public ...
 
cyber crime it presentation
cyber crime it presentationcyber crime it presentation
cyber crime it presentation
 
Cyberterrorism final
Cyberterrorism finalCyberterrorism final
Cyberterrorism final
 
Technical, Legal and Political Issues of Combating Terrorism on the Internet.
Technical, Legal and Political Issues of Combating Terrorism on the Internet.Technical, Legal and Political Issues of Combating Terrorism on the Internet.
Technical, Legal and Political Issues of Combating Terrorism on the Internet.
 
Singapore Asean cyber conflict and cybersecurity strategy - for Columbia Univ...
Singapore Asean cyber conflict and cybersecurity strategy - for Columbia Univ...Singapore Asean cyber conflict and cybersecurity strategy - for Columbia Univ...
Singapore Asean cyber conflict and cybersecurity strategy - for Columbia Univ...
 
cybersecurity- A.Abutaleb
cybersecurity- A.Abutalebcybersecurity- A.Abutaleb
cybersecurity- A.Abutaleb
 
Is Cyber-offence the New Cyber-defence?
Is Cyber-offence the New Cyber-defence?Is Cyber-offence the New Cyber-defence?
Is Cyber-offence the New Cyber-defence?
 
Wannacry ransomware attack (Sherly)
Wannacry ransomware attack (Sherly)Wannacry ransomware attack (Sherly)
Wannacry ransomware attack (Sherly)
 
Cyber Crime Challenges in the Middle East
Cyber Crime Challenges in the Middle EastCyber Crime Challenges in the Middle East
Cyber Crime Challenges in the Middle East
 
Voices of Vulnerability Disclosure Policy
Voices of Vulnerability Disclosure PolicyVoices of Vulnerability Disclosure Policy
Voices of Vulnerability Disclosure Policy
 
Cyber war a threat to indias homeland security 2015
Cyber war a threat to indias homeland security 2015Cyber war a threat to indias homeland security 2015
Cyber war a threat to indias homeland security 2015
 
Curbing Cyber Menace BY: Kenneth Adu Amanfoh Deputy Director IT,NCA
Curbing Cyber Menace BY: Kenneth Adu Amanfoh Deputy Director IT,NCACurbing Cyber Menace BY: Kenneth Adu Amanfoh Deputy Director IT,NCA
Curbing Cyber Menace BY: Kenneth Adu Amanfoh Deputy Director IT,NCA
 
Cyber Terrorism
Cyber TerrorismCyber Terrorism
Cyber Terrorism
 
chapter 3 ethics: computer and internet crime
chapter 3 ethics: computer and internet crimechapter 3 ethics: computer and internet crime
chapter 3 ethics: computer and internet crime
 
Cyber terrorism
Cyber terrorismCyber terrorism
Cyber terrorism
 
Adrian Ifrim - prezentare - Cyber Security Trends 2020
Adrian Ifrim - prezentare - Cyber Security Trends 2020Adrian Ifrim - prezentare - Cyber Security Trends 2020
Adrian Ifrim - prezentare - Cyber Security Trends 2020
 

Similar to Cyber security best practices

APT in the Financial Sector
APT in the Financial SectorAPT in the Financial Sector
APT in the Financial Sector
LIFARS
 
Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...
Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...
Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...
IBM Security
 
Final cyber risk report 24 feb
Final cyber risk report 24 febFinal cyber risk report 24 feb
Final cyber risk report 24 febmharbpavia
 
Scot Secure 2017
Scot Secure 2017Scot Secure 2017
Scot Secure 2017
Ray Bugg
 
Investigating Cybercrime in the UK
Investigating Cybercrime in the UKInvestigating Cybercrime in the UK
Investigating Cybercrime in the UK
Napier University
 
AECF: A Look into Cyber Crime - Doomsday Preppers for the Naked and Afraid
AECF: A Look into Cyber Crime - Doomsday Preppers for the Naked and AfraidAECF: A Look into Cyber Crime - Doomsday Preppers for the Naked and Afraid
AECF: A Look into Cyber Crime - Doomsday Preppers for the Naked and Afraid
Phil Agcaoili
 
European Cyber Security Perspectives 2016
European Cyber Security Perspectives 2016European Cyber Security Perspectives 2016
European Cyber Security Perspectives 2016
Omer Coskun
 
APT or not - does it make a difference if you are compromised?
APT or not - does it make a difference if you are compromised?APT or not - does it make a difference if you are compromised?
APT or not - does it make a difference if you are compromised?
Thomas Malmberg
 
Showreel ICSA Technology Conference
Showreel ICSA Technology ConferenceShowreel ICSA Technology Conference
Showreel ICSA Technology Conference
Institute of Chartered Secretaries and Administrators
 
Cyber Resilience
Cyber ResilienceCyber Resilience
Cyber Resilience
Ian-Edward Stafrace
 
Gus Hunt's Work-Bench Enterprise Security Summit Keynote
Gus Hunt's Work-Bench Enterprise Security Summit KeynoteGus Hunt's Work-Bench Enterprise Security Summit Keynote
Gus Hunt's Work-Bench Enterprise Security Summit Keynote
Work-Bench
 
Security in e-commerce
Security in e-commerceSecurity in e-commerce
Security in e-commerce
SensePost
 
TPC_Presentation - Copy.pptx
TPC_Presentation - Copy.pptxTPC_Presentation - Copy.pptx
TPC_Presentation - Copy.pptx
SPMTPCAMPUS
 
2016 trustwave global security report
2016 trustwave global security report2016 trustwave global security report
2016 trustwave global security report
Marco Antonio Agnese
 
Year of pawnage - Ian trump
Year of pawnage - Ian trumpYear of pawnage - Ian trump
Year of pawnage - Ian trump
MAXfocus
 
ASFWS 2013 - Critical Infrastructures in the Age of Cyber Insecurity par Andr...
ASFWS 2013 - Critical Infrastructures in the Age of Cyber Insecurity par Andr...ASFWS 2013 - Critical Infrastructures in the Age of Cyber Insecurity par Andr...
ASFWS 2013 - Critical Infrastructures in the Age of Cyber Insecurity par Andr...
Cyber Security Alliance
 
Cyber crime & security
Cyber crime & securityCyber crime & security
Cyber crime & security
MehediHasan996
 
TPC_Presentation.pptx
TPC_Presentation.pptxTPC_Presentation.pptx
TPC_Presentation.pptx
SPMTPCAMPUS
 
Cybercrime & Cybersecurity
Cybercrime & CybersecurityCybercrime & Cybersecurity
Cybercrime & Cybersecurity
RitamaJana
 

Similar to Cyber security best practices (20)

APT in the Financial Sector
APT in the Financial SectorAPT in the Financial Sector
APT in the Financial Sector
 
Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...
Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...
Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...
 
LTU Cybersecurity
LTU CybersecurityLTU Cybersecurity
LTU Cybersecurity
 
Final cyber risk report 24 feb
Final cyber risk report 24 febFinal cyber risk report 24 feb
Final cyber risk report 24 feb
 
Scot Secure 2017
Scot Secure 2017Scot Secure 2017
Scot Secure 2017
 
Investigating Cybercrime in the UK
Investigating Cybercrime in the UKInvestigating Cybercrime in the UK
Investigating Cybercrime in the UK
 
AECF: A Look into Cyber Crime - Doomsday Preppers for the Naked and Afraid
AECF: A Look into Cyber Crime - Doomsday Preppers for the Naked and AfraidAECF: A Look into Cyber Crime - Doomsday Preppers for the Naked and Afraid
AECF: A Look into Cyber Crime - Doomsday Preppers for the Naked and Afraid
 
European Cyber Security Perspectives 2016
European Cyber Security Perspectives 2016European Cyber Security Perspectives 2016
European Cyber Security Perspectives 2016
 
APT or not - does it make a difference if you are compromised?
APT or not - does it make a difference if you are compromised?APT or not - does it make a difference if you are compromised?
APT or not - does it make a difference if you are compromised?
 
Showreel ICSA Technology Conference
Showreel ICSA Technology ConferenceShowreel ICSA Technology Conference
Showreel ICSA Technology Conference
 
Cyber Resilience
Cyber ResilienceCyber Resilience
Cyber Resilience
 
Gus Hunt's Work-Bench Enterprise Security Summit Keynote
Gus Hunt's Work-Bench Enterprise Security Summit KeynoteGus Hunt's Work-Bench Enterprise Security Summit Keynote
Gus Hunt's Work-Bench Enterprise Security Summit Keynote
 
Security in e-commerce
Security in e-commerceSecurity in e-commerce
Security in e-commerce
 
TPC_Presentation - Copy.pptx
TPC_Presentation - Copy.pptxTPC_Presentation - Copy.pptx
TPC_Presentation - Copy.pptx
 
2016 trustwave global security report
2016 trustwave global security report2016 trustwave global security report
2016 trustwave global security report
 
Year of pawnage - Ian trump
Year of pawnage - Ian trumpYear of pawnage - Ian trump
Year of pawnage - Ian trump
 
ASFWS 2013 - Critical Infrastructures in the Age of Cyber Insecurity par Andr...
ASFWS 2013 - Critical Infrastructures in the Age of Cyber Insecurity par Andr...ASFWS 2013 - Critical Infrastructures in the Age of Cyber Insecurity par Andr...
ASFWS 2013 - Critical Infrastructures in the Age of Cyber Insecurity par Andr...
 
Cyber crime & security
Cyber crime & securityCyber crime & security
Cyber crime & security
 
TPC_Presentation.pptx
TPC_Presentation.pptxTPC_Presentation.pptx
TPC_Presentation.pptx
 
Cybercrime & Cybersecurity
Cybercrime & CybersecurityCybercrime & Cybersecurity
Cybercrime & Cybersecurity
 

Recently uploaded

To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsTo Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
Paul Groth
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
BookNet Canada
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Product School
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
Cheryl Hung
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance
 
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptxIOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
Abida Shariff
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Thierry Lestable
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
DanBrown980551
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
Kari Kakkonen
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
Alan Dix
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
Sri Ambati
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
Prayukth K V
 
Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
Elena Simperl
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
ThousandEyes
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Jeffrey Haguewood
 
Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
OnBoard
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Ramesh Iyer
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
Product School
 

Recently uploaded (20)

To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsTo Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
 
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptxIOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
 
Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
 
Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
 

Cyber security best practices

  • 1. Cyber Security Best Practices EBU/FNS – RTÉ 27/09/2016 John Moylan
  • 3. Hacking and espionage are not new Al-Kindi, 9th, Century AD Cryptoanalysis by frequency analysis
  • 4. Organised Cybercrime Worth more than the global drugs trade USD$3T (2013 Europol report)
  • 5. Advanced persistent threats the ones we know about.. 2016 – ”GCHQ sees off..cyber attack on UK broadcasters” 2016 – Swift Hacks – Ecuador, Bangladesh, Ukraine (USD$12M, USD$81M, USD$10M) 2015 – TV5 Monde attacked 2014 – Sony hacked.. allegedly state sponsored
  • 6. FBI in the not too-distant-future we anticipate that the cyberthreat will pose the greatest threat to our country," FBI Director Robert Mueller (2012)
  • 7. Catch up The Risk Profile has changed • GDPR • NIST • Ransomware • CEO Fraud • Phishing • DDOS • ...
  • 8. Focus "When a man knows he is to be hanged... it concentrates the mind wonderfully" - Samuel Johnson
  • 10. Real Examples • Internet transcoder • Vulnerable services – no patches • Default passwords – not possible to reset • All network attached equipment needs QA'd and monitored
  • 11. Develop practical Policies • Mandate scanning and patching • Helps Avoid: • Putting your systems at risk • Putting your users at risk
  • 12. MCS Publications • R141 – Mitigation of Distributed Denial of service attacks • R142 – Cybersecurity on Connected TV's • R143 – Cybersecurity for media vendor systems, software and services • R144 – Cybersecurity Governance for Media Companies • R145 – Mitigating Ransomware and Malware attacks
  • 13. MCS Cyber Security representatives from the majority of EBU members.
  • 14. OWASP The Open Web Application Security Project "not-for-profit charitable organization focused on improving the security of software"
  • 15. Install a SIEM If something is happening you need to know about it! Sed and Grep do not a SIEM maketh!
  • 16. Keep up with your options • Increased Phishing Activity • Solution: Education and 2FA
  • 17. GDPR • Does your company have a DPO? • How do you manage email? – Attachments? – The Cloud? – CCTV? The test is 'Can the data harm the individual or the company?'
  • 18. New Regulations General Data Protection Regulation(GDPR) (Regulation (EU) 2016/679) Protects Personally Identifiable Data Max. fine of either 4% of global turnover or €20,000,000 (whichever is highest)
  • 19. What can I do? • Make Security a board level issue • Keep auditing for weaknesses • Educate and Communicate • Keep monitoring
  • 20. In Summary Security is evolving, change is the only constant. Old habits need to be broken to adapt to the new reality

Editor's Notes

  1. Cyber criminals are more organised than ever before. Our networks are under attack by well organised groups working around the clock to steal our resources and they have proven to be extremely successful at doing so.
  2. “There are only two types of companies: those that have been hacked, and those that will be.” ~ Robert Mueller, FBI Director, 2012