HR Executives are faced with greater risks than ever before when it comes to data security and employee behaviors. This is an overview of processes and emerging risks. Presentation Highlights:
KEEP passwords and data private
Greatest risk is from the inside
Spoliation risks in legal matters
Security Analytics and Employee Monitoring
An introduction so various technologies for parents. Included are: Home Computers, Viruses, Safe Web Surfing, Social Networks, Cell Phones and Texting, and Reputation Management.
Tech-Smart Parents and Preschoolers
There's plenty of focus on safety for teens and pre-teens online. But what about the youngest techies? Did you know that over 6% of kids in the US have social network profile... at birth! How do online technologies effect preschoolers? We’ll talk about: your home computer, tablets and smartphones, web surfing, games and social networks. This talk is for digital natives, digital immigrants, parents, or anyone who would like to learn more about these technologies!
Kathleen Smith, CMO of CyberSecJobs and ClearedJobs.Net, presented on how to build, create and deploy a cyber career at the DC Cyber Warrior meetup on March 13, 2018.
This presentation covered some of the traditional and nontraditional ways professionals have built their career. There are also suggestions of how to continue career networking and skills development.
Social Engineering - Human aspects of grey and black competitive intelligence. What is social engineering? How it is used in the context of competitive intelligence and industrial espionage? How to recognize HUMINT / social engineering attacks? Which governments are known to use it?
An introduction so various technologies for parents. Included are: Home Computers, Viruses, Safe Web Surfing, Social Networks, Cell Phones and Texting, and Reputation Management.
Tech-Smart Parents and Preschoolers
There's plenty of focus on safety for teens and pre-teens online. But what about the youngest techies? Did you know that over 6% of kids in the US have social network profile... at birth! How do online technologies effect preschoolers? We’ll talk about: your home computer, tablets and smartphones, web surfing, games and social networks. This talk is for digital natives, digital immigrants, parents, or anyone who would like to learn more about these technologies!
Kathleen Smith, CMO of CyberSecJobs and ClearedJobs.Net, presented on how to build, create and deploy a cyber career at the DC Cyber Warrior meetup on March 13, 2018.
This presentation covered some of the traditional and nontraditional ways professionals have built their career. There are also suggestions of how to continue career networking and skills development.
Social Engineering - Human aspects of grey and black competitive intelligence. What is social engineering? How it is used in the context of competitive intelligence and industrial espionage? How to recognize HUMINT / social engineering attacks? Which governments are known to use it?
Digital Forensics: Yesterday, Today, and the Next FrontierThe Lorenzi Group
Presentation on where digital forensics is going, and disperse accessibility (not the cloud!).
Data will be available everywhere, like a personal Max Headroom avatar to assist you. If you're not protecting data from the ground up (hint, it's not at the servers), then you're not protecting data.
What is Social Engineering? An illustrated presentation.Pratum
Social engineering relies profoundly on human interaction and often involves the misleading of employees into violating their organization’s security procedures. Humans are naturally helpful, but when it comes to protecting an organization’s security, being helpful to an outsider can do more harm than good.
These slides discuss social engineering, the most common attack methods, and the best means for defending against a social engineering attack.
For more helpful cyber security blog articles, visit www.integritysrc.com/blog.
Social Engineering - Strategy, Tactics, & Case StudiesPraetorian
For many organizations, the human element is often the most overlooked attack vector. Ironically, people are typically one of the easiest vulnerabilities to exploit and an attacker needs little more than a smile or email to completely compromise a company. With targeted attacks on the rise, organizations must understand the risk of social engineering based attacks. The purpose of this presentation is to examine common physical, phone, and Internet based attacks. Real world case studies are included and recommendations are provided that will help mitigate this growing threat.
Praetorian's goal is to help our clients understand minimize their overall security exposure and liability. Through our services, your organization can obtain an accurate, independent security assessment.
LinkedIn to Your Network - The Social Engineering ThreatLancope, Inc.
By nature, humans are inclined to trust. Unfortunately, attackers are often successful in breaching large enterprises by targeting specific individuals and utilizing social engineering to obtain confidential information. Once an adversary is able to gain enough data through social media or other channels, they can pose as an authentic user with valid credentials, bypassing traditional security measures.
Join Lancope’s Joey Muniz, aka The Security Blogger, to hear about his successful, real-life experiments in using social engineering to easily compromise high-profile targets.
Learn about:
· The dangers of insider threats
·How attackers are leveraging social media to compromise targets
· Best practices for defending network interiors from attackers with authentic credentials
Companies are generally very good at protecting themselves against external attacks, but only rarely do they guard themselves against internal attacks. By using what’s known as ‘Social Engineering’, hackers exploit unsuspecting people who in good faith open up their doors to unwanted strangers.
Social engineering, or SE, is the art of manipulating people into performing actions or so they give up confidential information. Social Engineering can mean different things to different people.
Understand Social Engineering on a new perspective, beyond the conventional understanding that we have, learn how we use it on social development and securing the weakest link in cybersecurity
BYOD seems like it IT's Kobayashi Maru: the ultimate no-win scenario. Users and executives want unlimited choice with devices and access, while IT has to protect corporate data and find some way to support a grab-bag of hardware and operating systems. Can IT really balance these competing demands, or are we being set up to fail? In fact, you can do BYOD right, but it requires some groundwork. In this workshop we'll cover the motivation behind BYOD, because it's important to understand why it becomes such a divisive issue in organizations.
Crowdsourcing & ethics: a few thoughts and refences. Matthew Lease
Extracts and addendums from an earlier talk, for those interested in ethics and related issues in regard to crowdsourcing, particularly research uses. Slides updated Sept. 2, 2013.
Dr. Shawn P. Murray was invited to the National Security Institute in April 2012 to present current topics related to social engineering and the threats they pose to organizations and their sensitive information. This presentation analyzes the principles of social engineering tactics as they relate to technology and security practices. Dr. Murray is a well known Cyber Security professional and has presented at various conferences regarding Cyber Security and Information Assurance topics.
Current enterprise information security measures continue to fail us. Why is ...Livingstone Advisory
Conventional information security measures continue to fail our businesses in today’s rapidly changing world of cyber-risk. Adverse cyber-events manifest themselves as the usual suspects including data breaches, information theft, ransom- and malware, viruses, payment card fraud, DDOS attacks or physical loss – to name but a few.
Problem is, the tally of adverse events keeps mounting up. While headline adverse cyber incidents are now reported in the media with regularity, this represents the tip of the cyber-risk iceberg. Most known events are either unreported or hidden from public disclosure. Not helping, is the industry analysis suggesting that, on average, nearly half of all adverse cyber-risk events impacting organisations are self-inflicted and avoidable. No industry is untouched.
Delivered at the CIO Summit in Melbourne, Australia in November 2016, in this presentation, Rob offers valuable strategic insights into the problem and why it continues to be a problem.
He outlines some practical steps that will be helpful for CIOs and CISOs in reshaping their own organisation’s approach in building a more effective and resilient information security capability.
Digital Forensics: Yesterday, Today, and the Next FrontierThe Lorenzi Group
Presentation on where digital forensics is going, and disperse accessibility (not the cloud!).
Data will be available everywhere, like a personal Max Headroom avatar to assist you. If you're not protecting data from the ground up (hint, it's not at the servers), then you're not protecting data.
What is Social Engineering? An illustrated presentation.Pratum
Social engineering relies profoundly on human interaction and often involves the misleading of employees into violating their organization’s security procedures. Humans are naturally helpful, but when it comes to protecting an organization’s security, being helpful to an outsider can do more harm than good.
These slides discuss social engineering, the most common attack methods, and the best means for defending against a social engineering attack.
For more helpful cyber security blog articles, visit www.integritysrc.com/blog.
Social Engineering - Strategy, Tactics, & Case StudiesPraetorian
For many organizations, the human element is often the most overlooked attack vector. Ironically, people are typically one of the easiest vulnerabilities to exploit and an attacker needs little more than a smile or email to completely compromise a company. With targeted attacks on the rise, organizations must understand the risk of social engineering based attacks. The purpose of this presentation is to examine common physical, phone, and Internet based attacks. Real world case studies are included and recommendations are provided that will help mitigate this growing threat.
Praetorian's goal is to help our clients understand minimize their overall security exposure and liability. Through our services, your organization can obtain an accurate, independent security assessment.
LinkedIn to Your Network - The Social Engineering ThreatLancope, Inc.
By nature, humans are inclined to trust. Unfortunately, attackers are often successful in breaching large enterprises by targeting specific individuals and utilizing social engineering to obtain confidential information. Once an adversary is able to gain enough data through social media or other channels, they can pose as an authentic user with valid credentials, bypassing traditional security measures.
Join Lancope’s Joey Muniz, aka The Security Blogger, to hear about his successful, real-life experiments in using social engineering to easily compromise high-profile targets.
Learn about:
· The dangers of insider threats
·How attackers are leveraging social media to compromise targets
· Best practices for defending network interiors from attackers with authentic credentials
Companies are generally very good at protecting themselves against external attacks, but only rarely do they guard themselves against internal attacks. By using what’s known as ‘Social Engineering’, hackers exploit unsuspecting people who in good faith open up their doors to unwanted strangers.
Social engineering, or SE, is the art of manipulating people into performing actions or so they give up confidential information. Social Engineering can mean different things to different people.
Understand Social Engineering on a new perspective, beyond the conventional understanding that we have, learn how we use it on social development and securing the weakest link in cybersecurity
BYOD seems like it IT's Kobayashi Maru: the ultimate no-win scenario. Users and executives want unlimited choice with devices and access, while IT has to protect corporate data and find some way to support a grab-bag of hardware and operating systems. Can IT really balance these competing demands, or are we being set up to fail? In fact, you can do BYOD right, but it requires some groundwork. In this workshop we'll cover the motivation behind BYOD, because it's important to understand why it becomes such a divisive issue in organizations.
Crowdsourcing & ethics: a few thoughts and refences. Matthew Lease
Extracts and addendums from an earlier talk, for those interested in ethics and related issues in regard to crowdsourcing, particularly research uses. Slides updated Sept. 2, 2013.
Dr. Shawn P. Murray was invited to the National Security Institute in April 2012 to present current topics related to social engineering and the threats they pose to organizations and their sensitive information. This presentation analyzes the principles of social engineering tactics as they relate to technology and security practices. Dr. Murray is a well known Cyber Security professional and has presented at various conferences regarding Cyber Security and Information Assurance topics.
Current enterprise information security measures continue to fail us. Why is ...Livingstone Advisory
Conventional information security measures continue to fail our businesses in today’s rapidly changing world of cyber-risk. Adverse cyber-events manifest themselves as the usual suspects including data breaches, information theft, ransom- and malware, viruses, payment card fraud, DDOS attacks or physical loss – to name but a few.
Problem is, the tally of adverse events keeps mounting up. While headline adverse cyber incidents are now reported in the media with regularity, this represents the tip of the cyber-risk iceberg. Most known events are either unreported or hidden from public disclosure. Not helping, is the industry analysis suggesting that, on average, nearly half of all adverse cyber-risk events impacting organisations are self-inflicted and avoidable. No industry is untouched.
Delivered at the CIO Summit in Melbourne, Australia in November 2016, in this presentation, Rob offers valuable strategic insights into the problem and why it continues to be a problem.
He outlines some practical steps that will be helpful for CIOs and CISOs in reshaping their own organisation’s approach in building a more effective and resilient information security capability.
Embracing the IT Consumerization Imperative NG SecurityBarry Caplin
Consumerization and mobility in the enterprise – and our daily lives – is not only here to stay, but its footprint and influence is expanding. What does the broader consumerization and mobile environment look like? How do you assess the drivers for adoption and the cost/benefit of a mobile-enabled organization?
Join us for this session to get an understanding of how a large state government agency took a proactive approach to enablement that ultimately set them ahead of the security challenges, rather than behind.
If you suffered a cyber attack to your business systems, how much …
Business income could be impacted or lost?
Customer data and private commercial information could be exposed?
Would it cost you to detect the detect and fix computer systems and generally get on top of the problem quickly?
Intellectual property of your own or others is threatened?
Downtime would your customers experience? And what you need to do about it?
If any of these points relate to your business activities then book your place now.
Responding to recent high profile events, including Heartbleed and Microsoft zero day exploit we are running talks to inform business owners and mangers about protection for the balance sheets, working capital and reputation of their businesses in the event of a cyber-threat or data breach.
An informative session designed for busy business people.
Do you have questions about Cyber and Data Risks? Contact Risksmith
Today's security and privacy professionals know that breaches are a fact of life. Yet their organizations are often not prepared to respond when the time comes. They're "overweight" on prevention and detection, but "underweight" on response.
Based on a decade-plus caseload of actual breach investigations across of range of different organizations, this webinar will examine an amalgamated, anonymized breach situation and review a play-by-play of how the response went: the good, the bad, and the ugly. Attendees will gain hard-earned, battle-tested insight on what to do, and what to avoid when it's their turn to respond to an incident.
Our featured speakers for this timely webinar will be:
- Don Ulsch, CEO, ZeroPoint Risk. Distinguished Fellow at the Ponemon Institute.
- Joseph DeSalvo, Managing Director, ZeroPoint Risk. Former CSO at Mylan and Iron Mountain.
- Ted Julian, Chief Marketing Officer, Co3 Systems. Serial security and compliance entrepreneur.
Cyber Security 101: Training, awareness, strategies for small to medium sized...Stephen Cobb
I developed "Cyber Security 101: Training, awareness, strategies for small to medium sized business" for the second annual Small Business Summit on Security, Privacy, and Trust, co-hosted by ADP in New Jersey, October 2013.
Cyber security is an essential part of our digital lives today. But do you know what cyber security actually constitutes and how secure you really are? In this presentation, we help you understand:
a. The impact of cyber security on our digital lives
b. How cyber security is essential for our families
c. Cyber security in the business context
d. What Quick Heal can do to help
The Hacking Team Hack: Lessons Learned for Enterprise SecurityStephen Cobb
Recent aggressive hacks on companies underline the need for good risk analysis, situational awareness, and incident response. Just ask AshleyMadison, Hacking Team, and Sony Pictures.
BSides London 2018 - Solving Threat DetectionAlex Davies
Why do organisations fail so badly at threat detection? Despite chucking tons of cash at staff and magic next-gen ML products, detection teams rarely deliver reliable, high quality, tangible results. Where are we going so wrong?
This talk will step through key issues such as re-inventing the wheel syndrome, why information accumulation/sharing matters, the traditional SOC model and detection priorities, building/retaining awesome employees and an honest look at the state of detection tooling (and often underestimated deployment hurdles).
Although perhaps surprising, many issues actually have simple solutions which will be discussed through-out the talk. Technical examples will be used to quantify the challenges and how solutions can work in the real world, with lessons learnt coming straight from the experiences of the Countercept hunt team.
Where security and privacy meet partnering tips for CSOs and privacy/complian...Compliancy Group
This webinar will identifying challenges in both the privacy and security offices, explaining the necessities of working together, and identify mutual goals, both within their departments and in the context of the rest of the business. It will include solutions and suggestions for working together and case studies/examples showing common mistakes as well as success stories of privacy and IT offices working together.
Panelists:
Gant Redmon, General Counsel and VP of Business Development, Co3 Systems
Digital Forensics 101 – How is it used to protect an Organization’s Data?PECB
Digital forensics is the use of analytical and investigative techniques to identify, collect, examine and report on digital evidence or information. Digital evidence can provide valuable insights during investigations of theft of intellectual property involving multi-party collusion and the misappropriation of organizational assets and resources.
During this session participants will learn various methods of mitigating the “insider threats” to an organization’s digital data and methods of investigating digital evidence contained on computer and mobile systems during internal investigations.
Main points covered:
• Learn how to mitigate and investigate the theft of Intellectual Property from your company by adding digital forensic components into your Risk Management and Compliance programs.
• Learn and understand how Digital Forensics can augment your internal investigations.
• Learn where you and your organization fit into the Digital Forensic workflow, and when to call for help.
Presenter:
Our presenter for this webinar, Ryan Duquette is a seasoned digital forensic examiner with many years of experience in law enforcement and the private sector. He took his zest for “focusing on the facts” from his days in Law Enforcement and founded Hexigent Consulting, a firm focusing on digital investigations, cyber security consulting services and litigation support.
Ryan works closely with clients involved in workplace investigations and civil litigation matters including intellectual property theft, HR investigation and data breaches. During his days in Law Enforcement, he conducted digital investigations on a variety of criminal cases including homicide, child pornography, fraud, missing persons, and sexual assault cases.
He is a Sessional Lecturer at the University of Toronto teaching digital forensics, holds a Master of Science degree in Digital Forensics Management, and several digital forensics and fraud certifications.
Ryan is a Director for the Toronto chapter of the Association of Certified Fraud Examiners, has been qualified as an “expert witness” on numerous occasions, and is a frequent presenter at fraud, digital forensics, cybersecurity and investigative conferences worldwide.
Link of recorded webinar:
Similar to Digital Forensics, eDiscovery & Technology Risks for HR Executives (20)
Compliance management is difficult when needing to collect data after the fact. ROAR helps Compliance Managers wrangle in data and assess risks in real time.
Lawsuits involving employees are becoming much more common.
This presentation is designed to set some expectations on what is involved in the beginning phases of a dispute, from the employees perspective.
It's not easy being an employee, and lawsuits make it harder. Often, no one is explaining to the terms being used or consequences for improper actions.
We hope this clears some of that up.
Enjoy.
The Lorenzi Group
Discussion on how Certified Fraud Examiners (CFE's) can utilize Security Analytics to improve data security, compliance, and productivity within organizations.
Highlights include:
Employee Fraud Trends
Data Security Trends
Compliance Trends
Productivity Loss
Tools
Financial Needs
BYOD
ROAR
Litigation
Spoliation
Digital Forensics & eDiscovery for the Financial ExecutiveThe Lorenzi Group
Digital Forensics & eDiscovery are concepts that can negatively impact an organizations financial statement. CFO's and other executives need to know about these processes and how to manage them or risk going broke... and being held responsible.
Highlights:
Employee lawsuits on the rise
FCPA is a growing risk
Spoliation is YOUR fault
Security Analytics keeps costs low... and protects data
Cost saving tips
This is a presentation given at a Boston University conference. We discuss the future of digital forensics and eDiscovery and how Security Analytics (ROAR) will change the industry. Highlights:
Zynga (and MAYBE Google), not Apple, FB or others, is closest to delivering on the Artificial Intelligence promise of Max Headroom.
Security Analytics identifies and captures data BEFORE it is lost.
Monitoring information in this manner exponentially reduces costs in Digital Forensics AND eDiscovery.
IT and Data Security has a growing role in eDiscovery.
This presentation introduces the concept of taking a proactive stance to security and utilizing existing information in new (and better) ways to improve profitability.
This is a high-level introduction from The Lorenzi Group discussing the after-effects of the recent data breach at Epsilon. We cover what consumers and businesses need to be aware of and how they can begin to protect themselves.
Presentation I gave at the Business Fundamentals Bootcamp (March 25, 2011) hosted by Supporting Strategies and Acceleration Partners at the Cambridge Innovation Center.
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Let's dive deeper into the world of ODC! Ricardo Alves (OutSystems) will join us to tell all about the new Data Fabric. After that, Sezen de Bruijn (OutSystems) will get into the details on how to best design a sturdy architecture within ODC.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
2. p@SSw0rDz
Facebook
LinkedIn
Match.com
• Less is More, hire a professional
This line of questioning could open discrimination issues
3. Concepts of Security are
Changing
• The only thing you should be secure about is that
nothing is secure
• Organized Crime
• Random
• Employees
• Hacktivists
4. Greatest Risk to
Business?
• Employees, Contractors, Vendors & Partners
• Inside vs. Outside
• Don’t stop protecting outside…..
5. Virtual Machines & Child
Porn
• The virtual world is going virtual
• CP (or CSAI – See-S-eye) is an addiction
• Pirated media a (profitable) hobby
• High bandwidth, “ghost” (vmware)
The only thing you need to know:
Liability is HUGE.
6. Digital Forensics &
eDiscovery
• 2 Step Process
• Capturing and preserving everything
• Preparing the “Useful” information
7. SMILE!
Digital Forensics
Digital Forensics Using a 35mm Camera
Create a Forensic Image (Preserve Data) Take a Picture
Restore the Forensic Image Develop the Film
Analyze the Information Choose the Pictures you want
Report (and Testify) as necessary Build a Scrapbook
8. E-Z eDiscovery
1. Convert paper to electronic images
2. Combine images with Digital Forensics results
3. Filter out Unnecessary Info
4. Review Results
5. Submit
9. SPOLIATION
• The alteration and/or destruction of data
• Examples:
• Resending an email
• Opening a Word document
• Deleting a picture
• Turning on a computer
10. Litigation Hold
Legal Notice
Starts the moment litigation becomes reasonably possible
Requires parties to preserve all potential evidence
Failure to abide could bring sanctions, fines, dismissal of case, &
criminal charges
11. The IT Department –
Your BEST Friend… and WORST Enemy
• Digital Forensics is all about 3 things:
• Process
• Experience
• Defensibility
• CAN IT do some/all of it? Maybe.
• SHOULD IT do some/all of it? NO.
12. Any time…
You think internal is better/cheaper/faster…
• Remember:
• Legal, Financial, & Criminal Liability
• IT fear of public speaking
• Interpersonal relationships…… (ask about this)
13. Employee Monitoring
• It’s not Big Brother, it’s SMART Business
• Improves Data Security Exponentially
• Mistakes
• Desperate
• Criminal
• Makes Compliance Easier
• Can provide Productivity metrics
• Termination Justification
• Training Needs
• Resource Allocation
• Cost Saving Opportunities
Examples:
Lockheed, Fidelity, USPS, Kaiser Permanente
16. ADA
• EU says websurfing is an addiction
• What does the US say?
• REALLY????
17. Thoughts
Social Media is good
Acceptable Use Policies are required
Detailed Background Checks are better than FB
pages
Ongoing Training & Reminders are critical
18. Thank You
Rob Fitzgerald
The Lorenzi Group
866-632-9880 x123
www.thelorenzigroup.com