SlideShare a Scribd company logo

Cyber_Services_2015_company_intro_ENG_v2p0

Ferenc Fresz
Ferenc Fresz
1 of 17
Download to read offline
Cyber Services 2015 Ferenc Frész Founder, CEO Cyber Services Plc WE ESTABLISH ORDER
Overview – About Us Key Experts The Team Technical Competencies Ethical Hacking Cyber Threat Analysis Cyber Defence Exercises Multi-level Information Security Awareness Programs Information Security Courses and Education Program Development Reputation Management Cyber Defence Services Advanced Cyber Services Portfolio Key References Table of ContentsWE ESTABLISH ORDER
Overview – About Us Founded in 2015 Founders and key experts are information security veterans with proven international reputation Available resources 10+ Senior consultants 20+ Sofware/Hardware Developers 20+ Sofware/Hardware Testers Qualifications of the team 9 Certified Ethical Hackers (KCEH) 3 International CEHs 4 Offensive Security Certified Professionals (OSCP) Services Ethical hacking Cyber threat analysis Cyber (defence) exercises (planning, execution) Multi-level information security awareness trainings – Gamification Information security and IT security courses, development Reputation management Key references NATO UAE Dubai ZAIN Kuwait EU Council Significant role in establishing national cyber security and defence potentials (incl. establishing and managing National Security Authority Cyber Defence Management Authority of Hungary) WE ESTABLISH ORDER
Anett Mádi- Nátor Senior cyber security expert (strategic, administrative) and trainer 10 years working experience for government, NATO, European Union, and private sector incl. critical information infrastructure (approx. 400 projects on 5 (sub)continents) Recent positions include HUN MilCIRC Head of Coordination (2015), NATO Cyber Defence Capability Team Chair (2013-2015), NATO Cyber Coalition Exercises Core Stategic and Administrative Planner (2012-2015) HUN NSA CDMA Administrative Head (2011-2015) KÜRT Academy Ethical Hacking Course Lead of Strategic Communication and Project Management Module Ferenc Frész Senior cyber security expert (strategic, technical) and trainer Approx. 20 years working experience for government, NATO, European Union, and private sector incl. critical information infrastructure (more than 1400 projects on 5 (sub)continents) Recent positions inlcude HUN MilCIRC Technical Head (2015), HUN National Rep. to NATO Cyber Defence Capability Team (2011- 2015), NATO Cyber Coalition Exercises Core Technical Planner (2012-2015) HUN NSA CDMA Head, Founder and Lead Trainer of KÜRT Ethical Hacking Course Key ExpertsWE ESTABLISH ORDER
TheTeam Qualification 9 Certified Ethical Hackers (KCEHA) 3 International CEHs 4 Offensive Security Certified Professionals (OSCP) Core competencies Analysis of complex IT systems IT and information security expert activity Hardening process support Planning and management of IT processes and projects Information security process support System design and documentation Incident management (log analysis and investigative network activities – network forensics and forensics) Supervision of critical infrastructure IT networks Installation and support of critical infrastructure system servers Software/hardware development Software/hardware testing Resources 10+ Senior consultants, advisors 20+ Developers 20+ Testers WE ESTABLISH ORDER
Technical Competencies Windows 2008 R2 DNS, AD, DC installation, support Linux, Unix servers installation, support Exchange 2007 SP3 installation, support CISCO Firewalls ASA551xx programming, installation, support CISCO switch family – programming, installation, support Professional consultation on qualified operator networks Python, C, C++, C#, Ruby, Php, OpenCL programming (Windows, Linux) BASH scripting ’Reverse engineering – hardware (motherboard) compromise capabilities’ Application databases management – MySQL, MSSQL, Oracle, etc. NoSQL-s Cyber exercises planning and exeution based on NATO and NATO/EU compatible methodologies Tempest evaluation, reporting based on EU / NATO / National criteria Preparing classified information processing workstations for accreditation, monitoring; consultation WE ESTABLISH ORDER
Ethical Hacking Black Box, Grey Box, White Box Testing, Assessments External Infrastructure Testing, Assessments Internal Infrastructure Testing, Assessments Application Testing, Assessments Automated, Manual, and Hybrid Vulnerability Assessments Methodology Reconnaissance Scanning Testing Exploitation Report of Findings WE ESTABLISH ORDER
CyberThreat Analysis Focuses on revealing and identifying modern, so called asymmetric threat actors Enables proactive decision making Enables identifying and analysing hacktivist teams, hacker groups and state sponsored malicious threat actors Creates the capability to protect and to prepare for any potential cyber attacks WE ESTABLISH ORDER
Cyber Defence Excercises Cyber (defence) exercises serve the purpose of testing, developing, and training the ability of organisations and commercial entities to defend their networks and information protection systems from various challenges that those are to face when operating in the virtual space. A well-developed cyber exercise tests systems and networks to make sure that those are able to keep pace with evolving threats. The human factor matters as well, as exercises also test individual and collective skills and expertise of cyber specialists of organisations and companies. Exercises provide the opportunity to involve all experts from technical fields up to the highest level decision making entities, even from remote locations. One important internal goal of such exercises is to exchange critical cyber information and promote a collective defence approach in a rapid manner. Then coordinated response approaches may be developed and followed in due course for real life situations, to mitigate and eliminate virtual attacks to result in consequences that are real and potentially destructive. Cyber exercises may be developed at various levels from table-top (mostly administrative) to fully developed and highly technical formats. WE ESTABLISH ORDER
Multi-level Information Security Awareness Programs Multi-level (corporate-wide) information security awareness programs and campaigns for general users, system administrators, system developers, privileged users, internal trainers Contact sessions E-learning and e-campaigns through social media (apps) Technical and social challenges Gamification ’Policy in Practice’ ’Train the Trainer’ WE ESTABLISH ORDER
Information Security Courses and Education Program Development Cyber Threat Analysis Log Analysis and Log Management Network Forensics Social Engineering Incident Handling and Management (incl. Early Warning, Incident Response, and Incident Mitigation) IT Project Communication (strategic approach) Cyber Defence Management WE ESTABLISH ORDER
Reputation Management Real time influencer monitoring Implementing communicational content search engine optimizing strategy for existing and future search terms on the client organisations and commercial entities Real time content creation Real time link shield building Proactive actions prior to important initiatives of client organisations and commercial entities may launch WE ESTABLISH ORDER
Cyber Defence Services Preventive (Proactive) Defence •CTAC (CYBER THREAT ANALYSIS) •AWARENESS •ETHICAL HACKING •GAMIFICATION •CYBER EXCERCISES Managed Security Services •MONITORING •LOG MANAGEMENT •INCIDENT MANAGEMENT •VULNERABILITY MANAGEMENT •APT and ZERODAY MANAGEMENT Incident Response •INCIDENT INVESTIGATION •COMPUTER AND NETWORK FORENSICS •MALWARE ANALYSIS Mitigation •RISK AND IMPACT MITIGATION •SYSTEM HARDENING •SOFTWARE REFACTORING Information Exchange •EARLY WARNING (VULNERABILITY INFORMATION EXCHANGE) •BUSINESS PROCESS REENGINEERING •TEAM DEVELOPMENT •DECISION SUPPORT •3rd PARTIES IIEX WE ESTABLISH ORDER
Advanced Cyber Services Portfolio Proactive Defence CTAC (CYBER THREAT ANALYSIS) AWARENESS ETHICAL HACKING REPUTATION MANAGEMENT GAMIFICATION CYBER EXCERCISES Managed Security Services MONITORING LOG MANAGEMENT INCIDENT MANAGEMENT VULNERABILITY MANAGEMENT APT and 0day MANAGEMENT Incident Response INCIDENT INVESTIGATION COMPUTER AND NETWORK FORENSICS MALWARE ANALYSIS Mitigation RISK AND IMPACT MITIGATION SYSTEM HARDENING SOFTWARE REFACTORING Information Exchange EARLY WARNING BUSINESS PROCESS REENGINEERING TEAM DEVELOPMENT DECISION SUPPORT 3rd PARTIES IIEX Strategic Planning POLICY DEVELOPMENT CYBER DEFENCE MANAGEMENT SUPPORT AND CONSULTING Research and Developement STARTUP INCUBATION AUTOMATED METHODS DEVELOPMENT BIGDATA ANALYSIS DEVELOPMENT WE ESTABLISH ORDER
Ethical hacking trainings for approx. 10 years (English, Hungarian) – duration varies b/w 2 weeks – 10 months KÜRT Academy Ethical Hacking course for 6 years NATO Cyber Coalition Exercises – core strategic, administrative, and technical planning (incl. Enterprise, Allies, Partners), 2012 – 2015 HUN MoD MilCIRC capability development, internal trainings for CTAC and forensics, 2015 UAE Dubai Smart Government GWISAP – Government Wide Information Security Awareness Program, developing and managing content of program; developing, managing content of, and conducting ’Train the Trainer’ module, 2013 – 2014 HUN National Security Authority Cyber Defence Management Authority development and management, internal training of employees incl. CTAC, network forensics, log analysis, etc., 2011 – 2015 SME IT security trainings for the HUN government IT service provider, incl. information security awareness EU Council SME IT Security Awareness course, course development and conducting the course, 2012 ZAIN Kuwait – SME IT security awareness and IT professional courses, information security awareness campaigns 2010 – 2015 Global Conference on CyberSpace 2015 – Responsible Disclosure Initiative, founders of initiative (Global Forum on Cyber Expertise) and participating national representatives Key ReferencesWE ESTABLISH ORDER
Our Slogan WE ESTABLISH ORDER WE ESTABLISH ORDER
Thank you for your attention. Ferenc Frész Founder, CEO https://www.linkedin.com/in/ferencfresz WE ESTABLISH ORDER

Recommended

Noah Maina: Computer Emergency Response Team (CERT)
Noah Maina: Computer Emergency Response Team (CERT)Noah Maina: Computer Emergency Response Team (CERT)
Noah Maina: Computer Emergency Response Team (CERT)Hamisi Kibonde
 
Setting up CSIRT
Setting up CSIRTSetting up CSIRT
Setting up CSIRTAPNIC
 
Day 1 Enisa Setting Up A Csirt
Day 1 Enisa Setting Up A CsirtDay 1 Enisa Setting Up A Csirt
Day 1 Enisa Setting Up A Csirtvngundi
 
CERT Certification
CERT CertificationCERT Certification
CERT CertificationConferencias FIST
 
Building CSIRT and its competency
Building CSIRT and its competencyBuilding CSIRT and its competency
Building CSIRT and its competencyDidik Partono Rudiarto
 
CERT Australia Update, by Scott Brown [APNIC 38 / Network Abuse BoF]
CERT Australia Update, by Scott Brown [APNIC 38 / Network Abuse BoF]CERT Australia Update, by Scott Brown [APNIC 38 / Network Abuse BoF]
CERT Australia Update, by Scott Brown [APNIC 38 / Network Abuse BoF]APNIC
 
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Edureka!
 
Cert adli wahid_iisf2011
Cert adli wahid_iisf2011Cert adli wahid_iisf2011
Cert adli wahid_iisf2011Directorate of Information Security | Ditjen Aptika
 

Recommended

Noah Maina: Computer Emergency Response Team (CERT)
Noah Maina: Computer Emergency Response Team (CERT)Noah Maina: Computer Emergency Response Team (CERT)
Noah Maina: Computer Emergency Response Team (CERT)Hamisi Kibonde
 
Setting up CSIRT
Setting up CSIRTSetting up CSIRT
Setting up CSIRTAPNIC
 
Day 1 Enisa Setting Up A Csirt
Day 1 Enisa Setting Up A CsirtDay 1 Enisa Setting Up A Csirt
Day 1 Enisa Setting Up A Csirtvngundi
 
CERT Certification
CERT CertificationCERT Certification
CERT CertificationConferencias FIST
 
Building CSIRT and its competency
Building CSIRT and its competencyBuilding CSIRT and its competency
Building CSIRT and its competencyDidik Partono Rudiarto
 
CERT Australia Update, by Scott Brown [APNIC 38 / Network Abuse BoF]
CERT Australia Update, by Scott Brown [APNIC 38 / Network Abuse BoF]CERT Australia Update, by Scott Brown [APNIC 38 / Network Abuse BoF]
CERT Australia Update, by Scott Brown [APNIC 38 / Network Abuse BoF]APNIC
 
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Edureka!
 
Cert adli wahid_iisf2011
Cert adli wahid_iisf2011Cert adli wahid_iisf2011
Cert adli wahid_iisf2011Directorate of Information Security | Ditjen Aptika
 
Science of Security: Cyber Ecosystem Attack Analysis Methodology
Science of Security: Cyber Ecosystem Attack Analysis MethodologyScience of Security: Cyber Ecosystem Attack Analysis Methodology
Science of Security: Cyber Ecosystem Attack Analysis MethodologyShawn Riley
 
Is Cyber Resilience Really That Difficult?
Is Cyber Resilience Really That Difficult?Is Cyber Resilience Really That Difficult?
Is Cyber Resilience Really That Difficult?John Gilligan
 
CSIRT_16_Jun
CSIRT_16_JunCSIRT_16_Jun
CSIRT_16_JunCandan BOLUKBAS
 
Dealing with Information Security, Risk Management & Cyber Resilience
Dealing with Information Security, Risk Management & Cyber ResilienceDealing with Information Security, Risk Management & Cyber Resilience
Dealing with Information Security, Risk Management & Cyber ResilienceDonald Tabone
 
Understanding cyber resilience
Understanding cyber resilienceUnderstanding cyber resilience
Understanding cyber resilienceChristophe Foulon, CISSP
 
A Strategy for Addressing Cyber Security Challenges
A Strategy for Addressing Cyber Security Challenges A Strategy for Addressing Cyber Security Challenges
A Strategy for Addressing Cyber Security Challenges Cybersecurity Education and Research Centre
 
Introduction to Cyber Resilience
Introduction to Cyber ResilienceIntroduction to Cyber Resilience
Introduction to Cyber ResiliencePeter Wood
 
Data-Driven Assessment of Cyber Risk: Challenges in Assessing and Migrating C...
Data-Driven Assessment of Cyber Risk: Challenges in Assessing and Migrating C...Data-Driven Assessment of Cyber Risk: Challenges in Assessing and Migrating C...
Data-Driven Assessment of Cyber Risk: Challenges in Assessing and Migrating C...Cybersecurity Education and Research Centre
 
Cyber Security Professionals Viewed via Supply Chain
Cyber Security Professionals Viewed via Supply ChainCyber Security Professionals Viewed via Supply Chain
Cyber Security Professionals Viewed via Supply Chainaletarw
 
The evolving threats and the challenges of the modern CISO
The evolving threats and the challenges of the modern CISOThe evolving threats and the challenges of the modern CISO
The evolving threats and the challenges of the modern CISOisc2-hellenic
 
ISACA 2019 Amman Chapter - Shah Sheikh - Cyber Resilience
ISACA 2019 Amman Chapter - Shah Sheikh - Cyber ResilienceISACA 2019 Amman Chapter - Shah Sheikh - Cyber Resilience
ISACA 2019 Amman Chapter - Shah Sheikh - Cyber ResilienceShah Sheikh
 
Cybersecurity Framework - Introduction
Cybersecurity Framework - IntroductionCybersecurity Framework - Introduction
Cybersecurity Framework - IntroductionMuhammad Akbar Yasin
 
Information Security Intelligence
Information Security IntelligenceInformation Security Intelligence
Information Security Intelligenceguest08b1e6
 
What is cyber resilience?
What is cyber resilience?What is cyber resilience?
What is cyber resilience?Aaron Clark-Ginsberg
 
Implementing of a Cyber Security Program Framework from ISO 27032 to ISO 55001
Implementing of a Cyber Security Program Framework from ISO 27032 to ISO 55001Implementing of a Cyber Security Program Framework from ISO 27032 to ISO 55001
Implementing of a Cyber Security Program Framework from ISO 27032 to ISO 55001PECB
 
Cyber Security Strategies and Approaches
Cyber Security Strategies and ApproachesCyber Security Strategies and Approaches
Cyber Security Strategies and Approachesvngundi
 
Cybersecurity framework v1-1_presentation
Cybersecurity framework v1-1_presentationCybersecurity framework v1-1_presentation
Cybersecurity framework v1-1_presentationMonchai Phaichitchan
 
You can't detect what you can't see illuminating the entire kill chain
You can't detect what you can't see illuminating the entire kill chainYou can't detect what you can't see illuminating the entire kill chain
You can't detect what you can't see illuminating the entire kill chainFidelis Cybersecurity
 
DTS Solution - Company Presentation
DTS Solution - Company PresentationDTS Solution - Company Presentation
DTS Solution - Company PresentationShah Sheikh
 
Super CISO 2020: How to Keep Your Job
Super CISO 2020: How to Keep Your JobSuper CISO 2020: How to Keep Your Job
Super CISO 2020: How to Keep Your JobPriyanka Aash
 
My CV-Jan-2016
My CV-Jan-2016My CV-Jan-2016
My CV-Jan-2016Adel Zayed
 
David Patterson IT Security Resumes 2016
David Patterson IT Security Resumes 2016David Patterson IT Security Resumes 2016
David Patterson IT Security Resumes 2016David Patterson
 

More Related Content

What's hot

Science of Security: Cyber Ecosystem Attack Analysis Methodology
Science of Security: Cyber Ecosystem Attack Analysis MethodologyScience of Security: Cyber Ecosystem Attack Analysis Methodology
Science of Security: Cyber Ecosystem Attack Analysis MethodologyShawn Riley
 
Is Cyber Resilience Really That Difficult?
Is Cyber Resilience Really That Difficult?Is Cyber Resilience Really That Difficult?
Is Cyber Resilience Really That Difficult?John Gilligan
 
Dealing with Information Security, Risk Management & Cyber Resilience
Dealing with Information Security, Risk Management & Cyber ResilienceDealing with Information Security, Risk Management & Cyber Resilience
Dealing with Information Security, Risk Management & Cyber ResilienceDonald Tabone
 
Introduction to Cyber Resilience
Introduction to Cyber ResilienceIntroduction to Cyber Resilience
Introduction to Cyber ResiliencePeter Wood
 
Data-Driven Assessment of Cyber Risk: Challenges in Assessing and Migrating C...
Data-Driven Assessment of Cyber Risk: Challenges in Assessing and Migrating C...Data-Driven Assessment of Cyber Risk: Challenges in Assessing and Migrating C...
Data-Driven Assessment of Cyber Risk: Challenges in Assessing and Migrating C...Cybersecurity Education and Research Centre
 
Cyber Security Professionals Viewed via Supply Chain
Cyber Security Professionals Viewed via Supply ChainCyber Security Professionals Viewed via Supply Chain
Cyber Security Professionals Viewed via Supply Chainaletarw
 
The evolving threats and the challenges of the modern CISO
The evolving threats and the challenges of the modern CISOThe evolving threats and the challenges of the modern CISO
The evolving threats and the challenges of the modern CISOisc2-hellenic
 
ISACA 2019 Amman Chapter - Shah Sheikh - Cyber Resilience
ISACA 2019 Amman Chapter - Shah Sheikh - Cyber ResilienceISACA 2019 Amman Chapter - Shah Sheikh - Cyber Resilience
ISACA 2019 Amman Chapter - Shah Sheikh - Cyber ResilienceShah Sheikh
 
Cybersecurity Framework - Introduction
Cybersecurity Framework - IntroductionCybersecurity Framework - Introduction
Cybersecurity Framework - IntroductionMuhammad Akbar Yasin
 
Information Security Intelligence
Information Security IntelligenceInformation Security Intelligence
Information Security Intelligenceguest08b1e6
 
Implementing of a Cyber Security Program Framework from ISO 27032 to ISO 55001
Implementing of a Cyber Security Program Framework from ISO 27032 to ISO 55001Implementing of a Cyber Security Program Framework from ISO 27032 to ISO 55001
Implementing of a Cyber Security Program Framework from ISO 27032 to ISO 55001PECB
 
Cyber Security Strategies and Approaches
Cyber Security Strategies and ApproachesCyber Security Strategies and Approaches
Cyber Security Strategies and Approachesvngundi
 
Cybersecurity framework v1-1_presentation
Cybersecurity framework v1-1_presentationCybersecurity framework v1-1_presentation
Cybersecurity framework v1-1_presentationMonchai Phaichitchan
 
You can't detect what you can't see illuminating the entire kill chain
You can't detect what you can't see illuminating the entire kill chainYou can't detect what you can't see illuminating the entire kill chain
You can't detect what you can't see illuminating the entire kill chainFidelis Cybersecurity
 
DTS Solution - Company Presentation
DTS Solution - Company PresentationDTS Solution - Company Presentation
DTS Solution - Company PresentationShah Sheikh
 
Super CISO 2020: How to Keep Your Job
Super CISO 2020: How to Keep Your JobSuper CISO 2020: How to Keep Your Job
Super CISO 2020: How to Keep Your JobPriyanka Aash
 

What's hot (20)

Science of Security: Cyber Ecosystem Attack Analysis Methodology
Science of Security: Cyber Ecosystem Attack Analysis MethodologyScience of Security: Cyber Ecosystem Attack Analysis Methodology
Science of Security: Cyber Ecosystem Attack Analysis Methodology
 
Is Cyber Resilience Really That Difficult?
Is Cyber Resilience Really That Difficult?Is Cyber Resilience Really That Difficult?
Is Cyber Resilience Really That Difficult?
 
CSIRT_16_Jun
CSIRT_16_JunCSIRT_16_Jun
CSIRT_16_Jun
 
Dealing with Information Security, Risk Management & Cyber Resilience
Dealing with Information Security, Risk Management & Cyber ResilienceDealing with Information Security, Risk Management & Cyber Resilience
Dealing with Information Security, Risk Management & Cyber Resilience
 
Understanding cyber resilience
Understanding cyber resilienceUnderstanding cyber resilience
Understanding cyber resilience
 
A Strategy for Addressing Cyber Security Challenges
A Strategy for Addressing Cyber Security Challenges A Strategy for Addressing Cyber Security Challenges
A Strategy for Addressing Cyber Security Challenges
 
Introduction to Cyber Resilience
Introduction to Cyber ResilienceIntroduction to Cyber Resilience
Introduction to Cyber Resilience
 
Data-Driven Assessment of Cyber Risk: Challenges in Assessing and Migrating C...
Data-Driven Assessment of Cyber Risk: Challenges in Assessing and Migrating C...Data-Driven Assessment of Cyber Risk: Challenges in Assessing and Migrating C...
Data-Driven Assessment of Cyber Risk: Challenges in Assessing and Migrating C...
 
Cyber Security Professionals Viewed via Supply Chain
Cyber Security Professionals Viewed via Supply ChainCyber Security Professionals Viewed via Supply Chain
Cyber Security Professionals Viewed via Supply Chain
 
The evolving threats and the challenges of the modern CISO
The evolving threats and the challenges of the modern CISOThe evolving threats and the challenges of the modern CISO
The evolving threats and the challenges of the modern CISO
 
ISACA 2019 Amman Chapter - Shah Sheikh - Cyber Resilience
ISACA 2019 Amman Chapter - Shah Sheikh - Cyber ResilienceISACA 2019 Amman Chapter - Shah Sheikh - Cyber Resilience
ISACA 2019 Amman Chapter - Shah Sheikh - Cyber Resilience
 
Cybersecurity Framework - Introduction
Cybersecurity Framework - IntroductionCybersecurity Framework - Introduction
Cybersecurity Framework - Introduction
 
Information Security Intelligence
Information Security IntelligenceInformation Security Intelligence
Information Security Intelligence
 
What is cyber resilience?
What is cyber resilience?What is cyber resilience?
What is cyber resilience?
 
Implementing of a Cyber Security Program Framework from ISO 27032 to ISO 55001
Implementing of a Cyber Security Program Framework from ISO 27032 to ISO 55001Implementing of a Cyber Security Program Framework from ISO 27032 to ISO 55001
Implementing of a Cyber Security Program Framework from ISO 27032 to ISO 55001
 
Cyber Security Strategies and Approaches
Cyber Security Strategies and ApproachesCyber Security Strategies and Approaches
Cyber Security Strategies and Approaches
 
Cybersecurity framework v1-1_presentation
Cybersecurity framework v1-1_presentationCybersecurity framework v1-1_presentation
Cybersecurity framework v1-1_presentation
 
You can't detect what you can't see illuminating the entire kill chain
You can't detect what you can't see illuminating the entire kill chainYou can't detect what you can't see illuminating the entire kill chain
You can't detect what you can't see illuminating the entire kill chain
 
DTS Solution - Company Presentation
DTS Solution - Company PresentationDTS Solution - Company Presentation
DTS Solution - Company Presentation
 
Super CISO 2020: How to Keep Your Job
Super CISO 2020: How to Keep Your JobSuper CISO 2020: How to Keep Your Job
Super CISO 2020: How to Keep Your Job
 

Similar to Cyber_Services_2015_company_intro_ENG_v2p0

My CV-Jan-2016
My CV-Jan-2016My CV-Jan-2016
My CV-Jan-2016Adel Zayed
 
David Patterson IT Security Resumes 2016
David Patterson IT Security Resumes 2016David Patterson IT Security Resumes 2016
David Patterson IT Security Resumes 2016David Patterson
 
Database development and security certification and accreditation plan pitwg
Database development and security certification and accreditation plan pitwgDatabase development and security certification and accreditation plan pitwg
Database development and security certification and accreditation plan pitwgJohn M. Kennedy
 
CYBER SECURITY CAREER GUIDE CHEAT SHEET
CYBER SECURITY CAREER GUIDE CHEAT SHEETCYBER SECURITY CAREER GUIDE CHEAT SHEET
CYBER SECURITY CAREER GUIDE CHEAT SHEETTravarsaPrivateLimit
 
OpenText Cyber Resilience Fastrak
OpenText Cyber Resilience FastrakOpenText Cyber Resilience Fastrak
OpenText Cyber Resilience FastrakMarc St-Pierre
 
Cy Cops Company Presentation
Cy Cops Company PresentationCy Cops Company Presentation
Cy Cops Company PresentationChaitanyaS
 
Software Security Training
Software Security TrainingSoftware Security Training
Software Security TrainingBryan Len
 
EC-Council Certified Network Defender
EC-Council Certified Network DefenderEC-Council Certified Network Defender
EC-Council Certified Network DefenderITpreneurs
 
Starting your Career in Information Security
Starting your Career in Information SecurityStarting your Career in Information Security
Starting your Career in Information SecurityAhmed Sayed-
 
Managed Security Operations Centre Alternative - Managed Security Service
Managed Security Operations Centre Alternative - Managed Security Service Managed Security Operations Centre Alternative - Managed Security Service
Managed Security Operations Centre Alternative - Managed Security Service Netpluz Asia Pte Ltd
 
CISSP Certification Training Course
CISSP Certification Training CourseCISSP Certification Training Course
CISSP Certification Training CourseRicky Lionel Vaz
 
Force 3 Software Practice Overview
Force 3 Software Practice OverviewForce 3 Software Practice Overview
Force 3 Software Practice OverviewForce 3
 
IBM Security Strategy Overview
IBM Security Strategy OverviewIBM Security Strategy Overview
IBM Security Strategy Overviewxband
 

Similar to Cyber_Services_2015_company_intro_ENG_v2p0 (20)

My CV-Jan-2016
My CV-Jan-2016My CV-Jan-2016
My CV-Jan-2016
 
David Patterson IT Security Resumes 2016
David Patterson IT Security Resumes 2016David Patterson IT Security Resumes 2016
David Patterson IT Security Resumes 2016
 
Database development and security certification and accreditation plan pitwg
Database development and security certification and accreditation plan pitwgDatabase development and security certification and accreditation plan pitwg
Database development and security certification and accreditation plan pitwg
 
CYBER SECURITY CAREER GUIDE CHEAT SHEET
CYBER SECURITY CAREER GUIDE CHEAT SHEETCYBER SECURITY CAREER GUIDE CHEAT SHEET
CYBER SECURITY CAREER GUIDE CHEAT SHEET
 
OpenText Cyber Resilience Fastrak
OpenText Cyber Resilience FastrakOpenText Cyber Resilience Fastrak
OpenText Cyber Resilience Fastrak
 
How to Build a Winning Cybersecurity Team
How to Build a Winning Cybersecurity TeamHow to Build a Winning Cybersecurity Team
How to Build a Winning Cybersecurity Team
 
Cy Cops Company Presentation
Cy Cops Company PresentationCy Cops Company Presentation
Cy Cops Company Presentation
 
Software Security Training
Software Security TrainingSoftware Security Training
Software Security Training
 
Cyber Security for Non-Technical Executives (SC GMIS) Columbia, SC
Cyber Security for Non-Technical Executives (SC GMIS) Columbia, SCCyber Security for Non-Technical Executives (SC GMIS) Columbia, SC
Cyber Security for Non-Technical Executives (SC GMIS) Columbia, SC
 
EC-Council Certified Network Defender
EC-Council Certified Network DefenderEC-Council Certified Network Defender
EC-Council Certified Network Defender
 
Starting your Career in Information Security
Starting your Career in Information SecurityStarting your Career in Information Security
Starting your Career in Information Security
 
Cyber risks in supply chains
Cyber risks in supply chains Cyber risks in supply chains
Cyber risks in supply chains
 
IBM Security Strategy
IBM Security StrategyIBM Security Strategy
IBM Security Strategy
 
Managed Security Operations Centre Alternative - Managed Security Service
Managed Security Operations Centre Alternative - Managed Security Service Managed Security Operations Centre Alternative - Managed Security Service
Managed Security Operations Centre Alternative - Managed Security Service
 
resume IT security
resume IT securityresume IT security
resume IT security
 
CISSP Certification Training Course
CISSP Certification Training CourseCISSP Certification Training Course
CISSP Certification Training Course
 
CCA study group
CCA study groupCCA study group
CCA study group
 
Force 3 Software Practice Overview
Force 3 Software Practice OverviewForce 3 Software Practice Overview
Force 3 Software Practice Overview
 
IBM Security Strategy Overview
IBM Security Strategy OverviewIBM Security Strategy Overview
IBM Security Strategy Overview
 
Cobit 2
Cobit 2Cobit 2
Cobit 2
 

Cyber_Services_2015_company_intro_ENG_v2p0

  • 1. Cyber Services 2015 Ferenc Frész Founder, CEO Cyber Services Plc WE ESTABLISH ORDER
  • 2. Overview – About Us Key Experts The Team Technical Competencies Ethical Hacking Cyber Threat Analysis Cyber Defence Exercises Multi-level Information Security Awareness Programs Information Security Courses and Education Program Development Reputation Management Cyber Defence Services Advanced Cyber Services Portfolio Key References Table of ContentsWE ESTABLISH ORDER
  • 3. Overview – About Us Founded in 2015 Founders and key experts are information security veterans with proven international reputation Available resources 10+ Senior consultants 20+ Sofware/Hardware Developers 20+ Sofware/Hardware Testers Qualifications of the team 9 Certified Ethical Hackers (KCEH) 3 International CEHs 4 Offensive Security Certified Professionals (OSCP) Services Ethical hacking Cyber threat analysis Cyber (defence) exercises (planning, execution) Multi-level information security awareness trainings – Gamification Information security and IT security courses, development Reputation management Key references NATO UAE Dubai ZAIN Kuwait EU Council Significant role in establishing national cyber security and defence potentials (incl. establishing and managing National Security Authority Cyber Defence Management Authority of Hungary) WE ESTABLISH ORDER
  • 4. Anett Mádi- Nátor Senior cyber security expert (strategic, administrative) and trainer 10 years working experience for government, NATO, European Union, and private sector incl. critical information infrastructure (approx. 400 projects on 5 (sub)continents) Recent positions include HUN MilCIRC Head of Coordination (2015), NATO Cyber Defence Capability Team Chair (2013-2015), NATO Cyber Coalition Exercises Core Stategic and Administrative Planner (2012-2015) HUN NSA CDMA Administrative Head (2011-2015) KÜRT Academy Ethical Hacking Course Lead of Strategic Communication and Project Management Module Ferenc Frész Senior cyber security expert (strategic, technical) and trainer Approx. 20 years working experience for government, NATO, European Union, and private sector incl. critical information infrastructure (more than 1400 projects on 5 (sub)continents) Recent positions inlcude HUN MilCIRC Technical Head (2015), HUN National Rep. to NATO Cyber Defence Capability Team (2011- 2015), NATO Cyber Coalition Exercises Core Technical Planner (2012-2015) HUN NSA CDMA Head, Founder and Lead Trainer of KÜRT Ethical Hacking Course Key ExpertsWE ESTABLISH ORDER
  • 5. TheTeam Qualification 9 Certified Ethical Hackers (KCEHA) 3 International CEHs 4 Offensive Security Certified Professionals (OSCP) Core competencies Analysis of complex IT systems IT and information security expert activity Hardening process support Planning and management of IT processes and projects Information security process support System design and documentation Incident management (log analysis and investigative network activities – network forensics and forensics) Supervision of critical infrastructure IT networks Installation and support of critical infrastructure system servers Software/hardware development Software/hardware testing Resources 10+ Senior consultants, advisors 20+ Developers 20+ Testers WE ESTABLISH ORDER
  • 6. Technical Competencies Windows 2008 R2 DNS, AD, DC installation, support Linux, Unix servers installation, support Exchange 2007 SP3 installation, support CISCO Firewalls ASA551xx programming, installation, support CISCO switch family – programming, installation, support Professional consultation on qualified operator networks Python, C, C++, C#, Ruby, Php, OpenCL programming (Windows, Linux) BASH scripting ’Reverse engineering – hardware (motherboard) compromise capabilities’ Application databases management – MySQL, MSSQL, Oracle, etc. NoSQL-s Cyber exercises planning and exeution based on NATO and NATO/EU compatible methodologies Tempest evaluation, reporting based on EU / NATO / National criteria Preparing classified information processing workstations for accreditation, monitoring; consultation WE ESTABLISH ORDER
  • 7. Ethical Hacking Black Box, Grey Box, White Box Testing, Assessments External Infrastructure Testing, Assessments Internal Infrastructure Testing, Assessments Application Testing, Assessments Automated, Manual, and Hybrid Vulnerability Assessments Methodology Reconnaissance Scanning Testing Exploitation Report of Findings WE ESTABLISH ORDER
  • 8. CyberThreat Analysis Focuses on revealing and identifying modern, so called asymmetric threat actors Enables proactive decision making Enables identifying and analysing hacktivist teams, hacker groups and state sponsored malicious threat actors Creates the capability to protect and to prepare for any potential cyber attacks WE ESTABLISH ORDER
  • 9. Cyber Defence Excercises Cyber (defence) exercises serve the purpose of testing, developing, and training the ability of organisations and commercial entities to defend their networks and information protection systems from various challenges that those are to face when operating in the virtual space. A well-developed cyber exercise tests systems and networks to make sure that those are able to keep pace with evolving threats. The human factor matters as well, as exercises also test individual and collective skills and expertise of cyber specialists of organisations and companies. Exercises provide the opportunity to involve all experts from technical fields up to the highest level decision making entities, even from remote locations. One important internal goal of such exercises is to exchange critical cyber information and promote a collective defence approach in a rapid manner. Then coordinated response approaches may be developed and followed in due course for real life situations, to mitigate and eliminate virtual attacks to result in consequences that are real and potentially destructive. Cyber exercises may be developed at various levels from table-top (mostly administrative) to fully developed and highly technical formats. WE ESTABLISH ORDER
  • 10. Multi-level Information Security Awareness Programs Multi-level (corporate-wide) information security awareness programs and campaigns for general users, system administrators, system developers, privileged users, internal trainers Contact sessions E-learning and e-campaigns through social media (apps) Technical and social challenges Gamification ’Policy in Practice’ ’Train the Trainer’ WE ESTABLISH ORDER
  • 11. Information Security Courses and Education Program Development Cyber Threat Analysis Log Analysis and Log Management Network Forensics Social Engineering Incident Handling and Management (incl. Early Warning, Incident Response, and Incident Mitigation) IT Project Communication (strategic approach) Cyber Defence Management WE ESTABLISH ORDER
  • 12. Reputation Management Real time influencer monitoring Implementing communicational content search engine optimizing strategy for existing and future search terms on the client organisations and commercial entities Real time content creation Real time link shield building Proactive actions prior to important initiatives of client organisations and commercial entities may launch WE ESTABLISH ORDER
  • 13. Cyber Defence Services Preventive (Proactive) Defence •CTAC (CYBER THREAT ANALYSIS) •AWARENESS •ETHICAL HACKING •GAMIFICATION •CYBER EXCERCISES Managed Security Services •MONITORING •LOG MANAGEMENT •INCIDENT MANAGEMENT •VULNERABILITY MANAGEMENT •APT and ZERODAY MANAGEMENT Incident Response •INCIDENT INVESTIGATION •COMPUTER AND NETWORK FORENSICS •MALWARE ANALYSIS Mitigation •RISK AND IMPACT MITIGATION •SYSTEM HARDENING •SOFTWARE REFACTORING Information Exchange •EARLY WARNING (VULNERABILITY INFORMATION EXCHANGE) •BUSINESS PROCESS REENGINEERING •TEAM DEVELOPMENT •DECISION SUPPORT •3rd PARTIES IIEX WE ESTABLISH ORDER
  • 14. Advanced Cyber Services Portfolio Proactive Defence CTAC (CYBER THREAT ANALYSIS) AWARENESS ETHICAL HACKING REPUTATION MANAGEMENT GAMIFICATION CYBER EXCERCISES Managed Security Services MONITORING LOG MANAGEMENT INCIDENT MANAGEMENT VULNERABILITY MANAGEMENT APT and 0day MANAGEMENT Incident Response INCIDENT INVESTIGATION COMPUTER AND NETWORK FORENSICS MALWARE ANALYSIS Mitigation RISK AND IMPACT MITIGATION SYSTEM HARDENING SOFTWARE REFACTORING Information Exchange EARLY WARNING BUSINESS PROCESS REENGINEERING TEAM DEVELOPMENT DECISION SUPPORT 3rd PARTIES IIEX Strategic Planning POLICY DEVELOPMENT CYBER DEFENCE MANAGEMENT SUPPORT AND CONSULTING Research and Developement STARTUP INCUBATION AUTOMATED METHODS DEVELOPMENT BIGDATA ANALYSIS DEVELOPMENT WE ESTABLISH ORDER
  • 15. Ethical hacking trainings for approx. 10 years (English, Hungarian) – duration varies b/w 2 weeks – 10 months KÜRT Academy Ethical Hacking course for 6 years NATO Cyber Coalition Exercises – core strategic, administrative, and technical planning (incl. Enterprise, Allies, Partners), 2012 – 2015 HUN MoD MilCIRC capability development, internal trainings for CTAC and forensics, 2015 UAE Dubai Smart Government GWISAP – Government Wide Information Security Awareness Program, developing and managing content of program; developing, managing content of, and conducting ’Train the Trainer’ module, 2013 – 2014 HUN National Security Authority Cyber Defence Management Authority development and management, internal training of employees incl. CTAC, network forensics, log analysis, etc., 2011 – 2015 SME IT security trainings for the HUN government IT service provider, incl. information security awareness EU Council SME IT Security Awareness course, course development and conducting the course, 2012 ZAIN Kuwait – SME IT security awareness and IT professional courses, information security awareness campaigns 2010 – 2015 Global Conference on CyberSpace 2015 – Responsible Disclosure Initiative, founders of initiative (Global Forum on Cyber Expertise) and participating national representatives Key ReferencesWE ESTABLISH ORDER
  • 16. Our Slogan WE ESTABLISH ORDER WE ESTABLISH ORDER
  • 17. Thank you for your attention. Ferenc Frész Founder, CEO https://www.linkedin.com/in/ferencfresz WE ESTABLISH ORDER