The evolving threats and the challenges of the modern CISOisc2-hellenic
This document summarizes a presentation given by Gerasimos Moschonas on the evolving threats facing CISOs and the challenges they face. It discusses how threats are becoming more advanced as attacks grow more aggressive and attackers become more professional. It also examines how the role of CISO has evolved from an IT security administrator to an independent and strategic role responsible for information security governance. Specific threats discussed include big data, the internet of things, cybercrime, social engineering, mobility, and an increasingly regulated environment. The challenges for CISOs are aligning security and business strategies, reducing risks to an acceptable level while protecting the business brand, and preparing for security incidents.
Security has risen to the top of the agenda amongst most C-suite executives and boards of directors today. Rapidly evolving security threats pose an ongoing, central challenge, as companies and governments face an increasingly sophisticated threat environment.
Accenture collaborated with the Ponemon Institute, LLC to explore the success factors of companies that demonstrated measurable improvement in security effectiveness over a period of two years. Find out how leapfrog organizations are improving their security posture and more quickly detecting security threats.
The document summarizes the detection and analysis of an Advanced Persistent Threat (APT) called "Grand Mars Operation" targeting organizations. The APT was detected through anomalous AV alerts and event log entries. It used social engineering via email to install a malicious VBS file as an entry point. It then persisted through scheduled tasks, registry runs, and memory resident scripts. Anunak malware was installed to gather system info, disable security software, enable RDP, and steal passwords. Cobalt Strike and Metasploit were used for command and control. The motivation was to collect bots, steal financial info, and control victim organizations. Multiple criminal groups were likely involved given the complex malware and techniques used.
European Cyber Security Challenge - Greel National Cyber Security Teamisc2-hellenic
The document discusses the European Cyber Security Challenge (ECSC), an annual competition that brings together young cybersecurity talents from European countries. It aims to find and encourage new cybersecurity professionals, promote an open and secure cyberspace, and place cybersecurity at the service of humankind. This year's competition will take place in Malaga, Spain in October 2017, involving 14 teams of 10 competitors each from countries like Greece, Germany, and the UK. The Greek team will be selected through a national competition and supported by the University of Piraeus.
The evolving threats and the challenges of the modern CISOisc2-hellenic
This document summarizes a presentation given by Gerasimos Moschonas on the evolving threats facing CISOs and the challenges they face. It discusses how threats are becoming more advanced as attacks grow more aggressive and attackers become more professional. It also examines how the role of CISO has evolved from an IT security administrator to an independent and strategic role responsible for information security governance. Specific threats discussed include big data, the internet of things, cybercrime, social engineering, mobility, and an increasingly regulated environment. The challenges for CISOs are aligning security and business strategies, reducing risks to an acceptable level while protecting the business brand, and preparing for security incidents.
Security has risen to the top of the agenda amongst most C-suite executives and boards of directors today. Rapidly evolving security threats pose an ongoing, central challenge, as companies and governments face an increasingly sophisticated threat environment.
Accenture collaborated with the Ponemon Institute, LLC to explore the success factors of companies that demonstrated measurable improvement in security effectiveness over a period of two years. Find out how leapfrog organizations are improving their security posture and more quickly detecting security threats.
The document summarizes the detection and analysis of an Advanced Persistent Threat (APT) called "Grand Mars Operation" targeting organizations. The APT was detected through anomalous AV alerts and event log entries. It used social engineering via email to install a malicious VBS file as an entry point. It then persisted through scheduled tasks, registry runs, and memory resident scripts. Anunak malware was installed to gather system info, disable security software, enable RDP, and steal passwords. Cobalt Strike and Metasploit were used for command and control. The motivation was to collect bots, steal financial info, and control victim organizations. Multiple criminal groups were likely involved given the complex malware and techniques used.
European Cyber Security Challenge - Greel National Cyber Security Teamisc2-hellenic
The document discusses the European Cyber Security Challenge (ECSC), an annual competition that brings together young cybersecurity talents from European countries. It aims to find and encourage new cybersecurity professionals, promote an open and secure cyberspace, and place cybersecurity at the service of humankind. This year's competition will take place in Malaga, Spain in October 2017, involving 14 teams of 10 competitors each from countries like Greece, Germany, and the UK. The Greek team will be selected through a national competition and supported by the University of Piraeus.
Pci standards, from participation to implementation and reviewisc2-hellenic
The document provides an overview of the PCI Data Security Standard (PCI DSS) including:
- The goals of PCI DSS which are to build and maintain a secure network, protect cardholder data, maintain a vulnerability management program, implement strong access control measures, regularly monitor and test networks, and maintain an information security policy.
- The twelve requirements of PCI DSS which are organized under these six goals.
- An introduction to the PCI Council which developed and manages the PCI DSS standard.
The case of the Western Region Municipality, Abu Dhabi was presented at the CISO Asia Summit in Singapore (2014). This presentation showcases both the ADSIC Information Security Programme and how the government entities benefit from such strategic initiative in Information Security.
Flowchart - Building next gen malware behavioural analysis environment isc2-hellenic
The document describes the behavior of a ransomware sample. It unpacks files, checks system requirements like CPU cores and Windows version, decrypts decoy files using XOR, identifies a .NET binary, writes registry keys for persistence, checks for security software and debuggers, downloads and executes updates, and includes keylogging and screenshot capturing functionality before deleting logs and persisting on the system.
Building next gen malware behavioural analysis environment isc2-hellenic
This document discusses building an automated malware behavioral analysis environment. It covers types of malware analysis, taxonomy of analysis platforms, analysis phases and checks, and evaluation strategies. Static and dynamic automated analysis are described as well as their pros, cons, and limitations. The analysis phases of submission, analysis, and reporting are outlined. Key challenges like modularity, fingerprinting, stalling, social engineering, and decoys are examined. Examples of analysis platforms and tools are provided.
Trust and ethics are important qualities for leadership. Trust involves predictability, value exchange, and delayed reciprocity. Ethical leadership requires commitment to core values, articulating a vision to motivate others, and practicing virtuous behavior. Ratan Tata is presented as a perfect example of an ethical leader who is trustworthy and refused to compromise his principles, such as declining a bribe to enter the aviation industry. His leadership has been recognized with several honors.
From Cave Man to Business Man, the Evolution of the CISO to CIROPriyanka Aash
The CISO is evolving to CIRO. Successful IT security leaders are transforming their skills to meet the demands for today and future needs of their organization. A CIRO understands how to prepare board presentations, information risk management, third-party risk and regulatory requirements, and how to balance those with the needs of the business. Earn your seat at the table by becoming a CIRO!
(Source: RSA USA 2016-San Francisco)
The GDPR introduces significant new compliance obligations for any organization handling personal data of EU individuals. It increases fines for non-compliance up to 4% of global annual turnover and strengthens the rights of individuals. Key changes include new consent requirements, breach notification timelines, data protection officers, privacy by design principles, documentation requirements, and extraterritorial jurisdiction. Organizations must review their data protection practices and ensure appropriate technical and organizational security measures are implemented to protect personal data.
This document discusses cyber privacy insurance and the General Data Protection Regulation (GDPR). It provides an overview of data breach costs by industry. GDPR fines can be up to 20 million Euros or 4% of annual global turnover for breaches. Under GDPR, breaches must be reported to regulators within 72 hours and affected individuals if there is a high risk. The document also summarizes common cyber insurance coverage types like crisis management, cyber extortion, data asset protection, and business interruption. It analyzes past insurance claims payouts and causes of loss. Websites for cyber insurance quotes and resources are also listed.
This document discusses how security can enable business through mobility. It outlines how businesses have evolved to leverage mobile capabilities across various industries like banking, airlines, retail, and healthcare. The document then discusses how Samsung Business Services can help CIOs and CISOs develop a mobile strategy with key elements like establishing clear roles and ownership, focusing on user experience, developing a roadmap, and ensuring end-to-end security as mobility and IoT expand. It emphasizes establishing a foundation of device and application security to protect information and manage risks as businesses innovate and transform with mobile technologies.
Cyber Security for Your Clients: Business Lawyers Advising Business ClientsShawn Tuma
This presentation focused on cyber security protections for businesses and other law firm clients. Cybersecurity and data privacy attorney Shawn Tuma presented this continuing legal education session on March 10, 2017. It was delivered live at the TexasBarCLE presents the 8th Annual Course
Essentials of Business Law:Four Modules for a Robust Practice Cosponsored by the Business Law Section of the State Bar of Texas.
The document emphasizes the importance of getting the basics right in cybersecurity. It provides three reasons why basics are important: 1) because basics never change, 2) because basics support more complex systems, and 3) because basics have stood the test of time. However, the document notes that in several data breach examples, the basics were missed. This led to personal information being exposed. The document stresses that strong cybersecurity requires keeping the basics, like access management and patching, as a strong foundation to build upon while also adapting to new priorities and complexities.
This document discusses timers and their uses in automation control circuits. It describes several types of timers, including on-delay timers, off-delay timers, and on/off-delay timers. The difference between on-delay and off-delay timers is also noted. Several exercises are provided to design control circuits using various timers to run multiple motors in sequences, with starting, stopping, and delays between motor operations. Completing these project designs helps to understand applying timers in automation applications.
This document discusses cyber security strategies at JFK Health, a 498-bed acute care medical center. It outlines JFK Health's implementation of various cyber security technologies and processes to protect patient data, including intrusion detection systems, encryption of devices and data, secure messaging/texting, and endpoint patch management. It also discusses the challenges of balancing security, costs, and user experience. Regular audits, education of staff, and executive support are emphasized as important factors for success.
The document discusses various examples of companies that effectively and ineffectively managed crises. It outlines lessons that can be learned from how companies like Nokia, BP, Tylenol, Ford, London Underground, and Monsanto prepared for and responded to catastrophic incidents. Effective crisis management requires advance preparation, building a strong risk management culture, acting decisively in response, avoiding blame games, clearly defining responsibilities, and ensuring proper communication.
Is Cyber Security the Elephant in the Boardroom? Rahul Neel Mani
This document discusses how to simplify and communicate cybersecurity to CEOs and boards of directors. It notes that over 70% of organizations do not have cybersecurity strategies aligned with business goals and 58% lack confidence in their cybersecurity programs. It recommends taking a portfolio approach that focuses on articulating a cybersecurity vision, journey, landscape, and roadmap using simple and clear language rather than complex technical jargon. The crown jewels approach identifies the most critical assets to protect. Effective communication involves challenging complexity and risk with a contextual and challenging vision.
Social Engineering - Human aspects of grey and black competitive intelligence. What is social engineering? How it is used in the context of competitive intelligence and industrial espionage? How to recognize HUMINT / social engineering attacks? Which governments are known to use it?
Pci standards, from participation to implementation and reviewisc2-hellenic
The document provides an overview of the PCI Data Security Standard (PCI DSS) including:
- The goals of PCI DSS which are to build and maintain a secure network, protect cardholder data, maintain a vulnerability management program, implement strong access control measures, regularly monitor and test networks, and maintain an information security policy.
- The twelve requirements of PCI DSS which are organized under these six goals.
- An introduction to the PCI Council which developed and manages the PCI DSS standard.
The case of the Western Region Municipality, Abu Dhabi was presented at the CISO Asia Summit in Singapore (2014). This presentation showcases both the ADSIC Information Security Programme and how the government entities benefit from such strategic initiative in Information Security.
Flowchart - Building next gen malware behavioural analysis environment isc2-hellenic
The document describes the behavior of a ransomware sample. It unpacks files, checks system requirements like CPU cores and Windows version, decrypts decoy files using XOR, identifies a .NET binary, writes registry keys for persistence, checks for security software and debuggers, downloads and executes updates, and includes keylogging and screenshot capturing functionality before deleting logs and persisting on the system.
Building next gen malware behavioural analysis environment isc2-hellenic
This document discusses building an automated malware behavioral analysis environment. It covers types of malware analysis, taxonomy of analysis platforms, analysis phases and checks, and evaluation strategies. Static and dynamic automated analysis are described as well as their pros, cons, and limitations. The analysis phases of submission, analysis, and reporting are outlined. Key challenges like modularity, fingerprinting, stalling, social engineering, and decoys are examined. Examples of analysis platforms and tools are provided.
Trust and ethics are important qualities for leadership. Trust involves predictability, value exchange, and delayed reciprocity. Ethical leadership requires commitment to core values, articulating a vision to motivate others, and practicing virtuous behavior. Ratan Tata is presented as a perfect example of an ethical leader who is trustworthy and refused to compromise his principles, such as declining a bribe to enter the aviation industry. His leadership has been recognized with several honors.
From Cave Man to Business Man, the Evolution of the CISO to CIROPriyanka Aash
The CISO is evolving to CIRO. Successful IT security leaders are transforming their skills to meet the demands for today and future needs of their organization. A CIRO understands how to prepare board presentations, information risk management, third-party risk and regulatory requirements, and how to balance those with the needs of the business. Earn your seat at the table by becoming a CIRO!
(Source: RSA USA 2016-San Francisco)
The GDPR introduces significant new compliance obligations for any organization handling personal data of EU individuals. It increases fines for non-compliance up to 4% of global annual turnover and strengthens the rights of individuals. Key changes include new consent requirements, breach notification timelines, data protection officers, privacy by design principles, documentation requirements, and extraterritorial jurisdiction. Organizations must review their data protection practices and ensure appropriate technical and organizational security measures are implemented to protect personal data.
This document discusses cyber privacy insurance and the General Data Protection Regulation (GDPR). It provides an overview of data breach costs by industry. GDPR fines can be up to 20 million Euros or 4% of annual global turnover for breaches. Under GDPR, breaches must be reported to regulators within 72 hours and affected individuals if there is a high risk. The document also summarizes common cyber insurance coverage types like crisis management, cyber extortion, data asset protection, and business interruption. It analyzes past insurance claims payouts and causes of loss. Websites for cyber insurance quotes and resources are also listed.
This document discusses how security can enable business through mobility. It outlines how businesses have evolved to leverage mobile capabilities across various industries like banking, airlines, retail, and healthcare. The document then discusses how Samsung Business Services can help CIOs and CISOs develop a mobile strategy with key elements like establishing clear roles and ownership, focusing on user experience, developing a roadmap, and ensuring end-to-end security as mobility and IoT expand. It emphasizes establishing a foundation of device and application security to protect information and manage risks as businesses innovate and transform with mobile technologies.
Cyber Security for Your Clients: Business Lawyers Advising Business ClientsShawn Tuma
This presentation focused on cyber security protections for businesses and other law firm clients. Cybersecurity and data privacy attorney Shawn Tuma presented this continuing legal education session on March 10, 2017. It was delivered live at the TexasBarCLE presents the 8th Annual Course
Essentials of Business Law:Four Modules for a Robust Practice Cosponsored by the Business Law Section of the State Bar of Texas.
The document emphasizes the importance of getting the basics right in cybersecurity. It provides three reasons why basics are important: 1) because basics never change, 2) because basics support more complex systems, and 3) because basics have stood the test of time. However, the document notes that in several data breach examples, the basics were missed. This led to personal information being exposed. The document stresses that strong cybersecurity requires keeping the basics, like access management and patching, as a strong foundation to build upon while also adapting to new priorities and complexities.
This document discusses timers and their uses in automation control circuits. It describes several types of timers, including on-delay timers, off-delay timers, and on/off-delay timers. The difference between on-delay and off-delay timers is also noted. Several exercises are provided to design control circuits using various timers to run multiple motors in sequences, with starting, stopping, and delays between motor operations. Completing these project designs helps to understand applying timers in automation applications.
This document discusses cyber security strategies at JFK Health, a 498-bed acute care medical center. It outlines JFK Health's implementation of various cyber security technologies and processes to protect patient data, including intrusion detection systems, encryption of devices and data, secure messaging/texting, and endpoint patch management. It also discusses the challenges of balancing security, costs, and user experience. Regular audits, education of staff, and executive support are emphasized as important factors for success.
The document discusses various examples of companies that effectively and ineffectively managed crises. It outlines lessons that can be learned from how companies like Nokia, BP, Tylenol, Ford, London Underground, and Monsanto prepared for and responded to catastrophic incidents. Effective crisis management requires advance preparation, building a strong risk management culture, acting decisively in response, avoiding blame games, clearly defining responsibilities, and ensuring proper communication.
Is Cyber Security the Elephant in the Boardroom? Rahul Neel Mani
This document discusses how to simplify and communicate cybersecurity to CEOs and boards of directors. It notes that over 70% of organizations do not have cybersecurity strategies aligned with business goals and 58% lack confidence in their cybersecurity programs. It recommends taking a portfolio approach that focuses on articulating a cybersecurity vision, journey, landscape, and roadmap using simple and clear language rather than complex technical jargon. The crown jewels approach identifies the most critical assets to protect. Effective communication involves challenging complexity and risk with a contextual and challenging vision.
Social Engineering - Human aspects of grey and black competitive intelligence. What is social engineering? How it is used in the context of competitive intelligence and industrial espionage? How to recognize HUMINT / social engineering attacks? Which governments are known to use it?
Accompanying slides for Chapter 8 "Malicious Software" of the book "Information Systems Security" (http://www.papasotiriou.gr/product/asfaleia-pliroforiakon-sistimaton-237775), March 2004
Σειρά μαθημάτων ΤΠΕ, Ε' και ΣΤ' Δημοτικού 2015-16.
Τα αρχεία που απαιτούνται για την υλοποίηση των Δραστηριοτήτων και τα οποία στη διάρκεια της σχολικής χρονιάς αποθήκευα σε φάκελο "Μαθήματα" στους Η/Υ των μαθητών (όπως αναφέρεται στις διαφάνειες) διατίθενται πλέον διαδικτυακά στο:
https://drive.google.com/folderview?id=0B48d8jMibLYGTkFIUExDaHJEZkE&usp=sharing
This document provides an agenda and summary for a General Assembly meeting of the (ISC)2 Hellenic Chapter. The agenda includes reviewing the chapter's accomplishments and financial results for 2015, as well as planning for 2016. In 2015, the chapter established its legal entity, grew membership to 85 members, held educational events, and became an official CISSP training provider. Financially, the chapter had revenues of €5,609.32 against a budget of €10,520 and expenses of €2,558.03 against a budget of €10,470, leaving a net position of €3,051.29. The meeting will also include an internal audit report and requests for general assembly approvals.
This document describes a cybersecurity simulation exercise taking place between April and October 2016. It will involve the staged release of scenarios related to technical cybersecurity incidents, business continuity, and crisis management. Participants will include IT security and business continuity teams who will handle incidents virtually and develop relationships with national and EU authorities. The goals are to test incident response and build expertise in addressing large-scale cybersecurity events. Details are provided on the types of incidents that will be covered as well as registration information.
The document discusses the key aspects of the upcoming EU Directive concerning measures for a high common level of security of network and information systems across the Union. It outlines that the directive will require all EU member states to have a national cybersecurity strategy and designate authorities to cooperate on strategic and operational cybersecurity issues. It also establishes security and incident notification requirements for operators of essential services, such as energy and transport, and digital service providers.
This document provides an agenda for a cyber security predictions event held by OTE Academy in Athens, Greece. The event included two sessions on cyber security technology predictions and workforce trends for 2016. The first session included a panel of security professionals discussing expectations for 2016. The second session presented findings from the (ISC)2 2015 Global Information Security Workforce Study and another panel on expanding career opportunities. Sponsors and supporters of the event and information about (ISC)2, the organizing association, were also included.
This document outlines a panel discussion on security expectations for 2016. The panel included four security experts: Bill Nikolopoulos from Checkpoint, Eleftherios Antoniadis from Odyssey, Emmanouil Gavriil from Neurosoft, and Panagiotis Sotiriou from Symantec. The discussion was coordinated by Panagiotis Trimintzios from the (ISC)2 Hellenic Chapter Membership.
Event 16 12-15 global information security workforce study 1.0isc2-hellenic
The document summarizes key findings from the 2015 Global Information Security Workforce Study. It found that the security skills gap is estimated to reach 1.5 million professionals within 5 years. Organizations report being forced to react to threats rather than prevent them due to growing complexity from technology and solution sprawl. The shortage of security professionals is leading organizations to outsource security tasks and push some responsibilities to overburdened IT staff.
5. Experience from recent national & international cyber exercisesisc2-hellenic
This document discusses cyber exercises and the speaker's experience participating in them. It provides definitions of cyber exercises, categories of exercises (real-time and offline), typical training incidents covered, and objectives. The speaker's organization has participated in the Panoptis national Greek cyber defense exercises from 2010-2014 and the NATO Cyber Coalition 2014 exercise. These exercises train participants in skills like forensic investigation, malware analysis, and incident response through scenarios. The objectives are to evaluate security controls and identify gaps, train blue teams, and provide lessons learned.
This document outlines steps to mitigate cyber attacks. It defines a cyber attack as any offensive maneuver targeting computer systems for political or security purposes. Cyber attacks target critical infrastructure and aim to steal information, damage infrastructure, or harm reputation for financial or political goals. Attackers include hacktivists, nation states, cyber criminals, and insiders. The document discusses crime-as-a-service on underground forums and lists the Critical Security Controls for effective cyber defense. It also covers detecting attacks through logs and behavior analysis and having an incident response plan to prepare for and respond to attacks.
This document discusses advanced persistent threats (APTs) and strategies for cyber defense. It describes APTs as advanced, persistent, and threatening adversaries that are formally tasked to accomplish missions. The document outlines the lifecycle of APT attacks, including establishing backdoors in networks, maintaining long-term control, and exfiltrating data using encryption. It provides examples of APT groups and tools they use, such as exploiting vulnerabilities to escalate privileges and dump cached credentials from Windows networks. The overall summary is that APTs are dangerous, organized adversaries requiring persistent cyber defense strategies.
The document discusses the formation and status of the (ISC)2 Hellenic Chapter. It provides an overview of (ISC)2 and its certification programs, as well as information about the (ISC)2 Foundation. The (ISC)2 Hellenic Chapter was officially established in July 2014 and aims to provide a professional network for information security professionals in Greece. The presentation notes achievements in establishing the chapter and outlines plans for future activities and events.
The University of Piraeus has a Systems Security Laboratory that conducts education and research in digital systems security, information systems security, and network security. The laboratory has 3 faculty members, 6 post-doc fellows, 15 PhD students, and 60 MSc students. It has received over 5 million euros in funding for international and national research projects. The laboratory teaches security courses at the undergraduate and postgraduate level and supervises theses. It collaborates extensively with other universities and industry partners on security research.
2. Βασική διαπίστωση: οι πληροφοριακοί πόροι δηλαδή τα
πληροφοριακά συστήματα και τα δεδομένα τους, βρίσκονται
συνεχώς υπό καθεστώς κινδύνου.
Καλούμαστε να αντιμετωπίσουμε αυτούς τους κινδύνους και να
δημιουργήσουμε ένα πλαίσιο προστασίας μέσω μίας διαδικασίας
ανάλυσης κινδύνων.
Πληροφοριακά Συστήματα – Απειλές – Κίνδυνοι
Στην προσπάθεια αυτή, οι έως τώρα κίνδυνοι
που γνωρίζουμε έχουν συγκεκριμενοποιηθεί,
καταγραφεί, κατηγοριοποιηθεί, οριοθετηθεί,
αναλυθεί, ενώ έχουν διαπιστωθεί οι
επιπτώσεις τους και έχουν υλοποιηθεί τρόποι
αντιμετώπισής τους.
3. Απειλές σε φυσικό επίπεδο:
Απάτη, δολιοφθορά, βανδαλισμός, κλοπή, διαρροές πληροφορίας,
μη εξουσιοδοτημένη πρόσβαση, επιθέσεις τρομοκρατικές,
διαφθορά, εκβιασμός
Καταστροφή, απώλεια πληροφοριακών πόρων:
Διαρροή πληροφοριών, λανθασμένη χρήση ή διαχείριση συστημάτων,
λανθασμένος σχεδιασμός, απώλεια υπολογιστικών συστημάτων,
καταστροφή αρχείων
Φυσικές καταστροφές:
Σεισμός, πλημμύρα, φωτιά, μόλυνση, έκρηξη, διαρροή ραδιενέργειας,
ηλεκτρομαγνητική ακτινοβολία
Αστοχίες και δυσλειτουργία:
Αστοχία συσκευών και συστημάτων, επικοινωνιών, παροχής
ενέργειας, παροχής υπηρεσιών τρίτων καθώς και δυσλειτουργία
εξοπλισμού
4. Διακοπή, απώλεια:
Απώλεια πόρων, Ελλείψεις σε προσωπικό, Απεργίες, Διαδικτυακές και
δικτυακές διακοπές, διακοπή λειτουργίας μηχανογραφικού εξοπλισμού.
Παρείσφρηση, υποκλοπή, πειρατεία:
Παρακολούθηση επικοινωνιών, υποκλοπή πληροφοριών, δικτυακή
αναγνώριση, χειραγώγηση δικτυακής κίνησης και συλλογή
πληροφοριών, man in the middle.
Θεσμικής, Νομικής φύσης:
Παραβίαση Νομοθεσίας, αδυναμία τήρησης συμβάσεων, κατάχρηση
προσωπικών δεδομένων και πληροφοριών, μη εξουσιοδοτημένη χρήση
διαβαθμισμένης πληροφορίας.
5. Κακόβουλη, καταχρηστική δραστηριότητα:
Υποκλοπή Ταυτότητας, Λογαριασμών,
Λήψη πλαστών E-mail, επιθέσεις DDoS,
κακόβουλο λογισμικό, ιοί, ransomware,
επιθέσεις κοινωνικής μηχανικής,
phishing, κατάχρηση πρόσβασης σε
πληροφορία, διαρροή πληροφοριών,
δημιουργία και χρήση πλαστών
πιστοποιητικών, hardware και software
τροποποιήσεις, κακή χρήση εργαλείων
ελέγχου, μη εξουσιοδοτημένες ενέργειες, μη εξουσιοδοτημένη
εγκατάσταση προγραμμάτων, έκθεση σε κίνδυνο εμπιστευτικών
πληροφοριών, απάτες, επιθέσεις απομακρυσμένης πρόσβασης,
στοχευόμενες επιθέσεις (APTs etc.), επιθέσεις brute force,
κατάχρηση δικαιωμάτων πρόσβασης σε συστήματα και
πληροφορίες.
6. Από τη διαβάθμιση, κατηγοριοποίηση και ανάλυση της έκθεσης του
κινδύνου στις απειλές που υπόκεινται οι πληροφοριακοί πόροι
καθώς και των απαιτήσεων από θεσμικά όργανα και ιδρύματα
πιστοποίησης, υλοποιούμε ένα πλαίσιο ασφάλειας και δομές
προστασίας που περιλαμβάνουν πολιτικές, διαδικασίες, συστήματα,
εφαρμογές και μηχανισμούς προστασίας όπως ενδεικτικά:
Antivirus, Firewalls, Log Analyzers, Intrusion Prevention Systems,
Intrusion Detection Systems, Penetration Tests, Vulnerabilities
Assessments, Cyber Risk analysis, Incident Handling Procedures,
Spam Ε-mail administration, AntiDDoS Services, Data Classifications,
Software Updates and Upgrades, Passwords, Data Encryption, Data
Leakage Prevention, Back up, Disaster sites, Ενημερώσεις
Προσωπικού και πολλά άλλα.
Πληροφοριακά Συστήματα – Προστασία – Πλαίσιο Ασφάλειας
7. Είναι η συνήθης διαπίστωση βέβαια, πως όλα τα μέτρα προστασίας
που λαμβάνουμε δεν προσφέρουν την απόλυτη προστασία και
πάντα υπάρχει κάτι νέο που θα πρέπει να αντιμετωπίσουμε μιας και
η ανθρώπινη εφευρετικότητα δεν έχει όρια.
Κάθε νέα όμως απειλή είτε εκμεταλλεύεται προϋπάρχοντα κενά
ασφάλειας άγνωστα έως τώρα είτε στηρίζεται εν γένει σε
μετασχηματισμούς παλαιότερων απειλών επαναφέροντας τες στο
νέο τεχνολογικά επίπεδο.
Ο προβληματισμός μας είναι απειλές που θα προκύψουν ως
νεοτερισμοί και θα ξεπηδήσουν αυθύπαρκτες εκμεταλλευόμενες τα
όρια της τεχνολογίας, απειλές που θα προέλθουν από την σύμπραξη
διαφορετικών τρόπων αντίληψης και κατανόησης της τεχνολογικής
πραγματικότητας.
Οι επιτιθέμενοι ένα βήμα μπροστά
8. Παράδειγμα μη σχετικό με ασφάλεια:
Ο ερευνητής μηχανικός Roland Meertens ασχολείται με νευρωνικά
δίκτυα. Στόχος του ήταν να μπορέσει μέσω αυτών να αναπαράγει
φωτορεαλιστικές φωτογραφίες από την απλή ασπρόμαυρη κάμερα
ανάλυσης 190x144 pixel του Nintendo Gameboy.
Τροφοδοτώντας το κύκλωμα με φωτογραφίες των προσώπων
κανονικά και σε αντιπαραβολή με τις φωτογραφίες που έβγαζε το
Nintendo Gameboy μετά από μερικές επαναλήψεις το νευρωνικό
δίκτυο είχε διδαχθεί.
Τα αποτελέσματα είναι παραπάνω από θεαματικά.
9. Σκεφτείτε λοιπόν αντίστοιχα
για το πώς θα μπορούσε ένα
νευρωνικό δίκτυο σε χέρια
hacker να χρησιμοποιηθεί και
λαμβάνοντας περιορισμένη
πληροφορία από τους χρήστες
μας, από τα δίκτυά μας, από
τις ιστοσελίδες μας, από
κοινωνικά δίκτυα πληροφορίες
που θεωρούνται ως μη
διαβαθμισμένες, θα μπορούσε
τελικά να του αποκαλύψει και
να συνθέσει συνδυαστικά
εξαιρετικές πληροφορίες ώστε
να τον βοηθήσει να μας
επιτεθεί αποτελεσματικά!
10. Δεν μπορούμε να προβλέψουμε την επόμενη νέα απειλή.
Πρέπει να είμαστε έτοιμοι να αντιδράσουμε το ταχύτερο δυνατό.
Δεν εφησυχάζουμε, δεν μειώνουμε τις άμυνες μας αλλά το αντίθετο
συνεχώς να τις ενδυναμώνουμε.
Παραμένουμε αυστηροί στις πολιτικές και τις διαδικασίας μας
περιορίζοντας στο ελάχιστο δυνατό τις εξαιρέσεις.
Δεν υποτιμούμε τον αντίπαλο.
Παραμένουμε πάντα σε ετοιμότητα.
Διατηρούμε ένα οργανωμένο Incident Response Plan, καλά
σχεδιασμένο, ενημερωμένο, δοκιμασμένο, και επαρκώς στελεχωμένο
με το κατάλληλο προσωπικό.
Τρόποι προστασίας