This document discusses building risk scenarios. It provides examples of using risk scenario analysis for proactive risk assessments, audits, and management inquiries. It outlines steps for scoping a risk scenario, including identifying threats, assets, events, controls and assumptions. Data sources that can inform the analysis are described, such as private organizational data, industry reports, audits, and security tools. The webinar is the second in a three part series on scenario based risk analysis.
Вы разрабатываете программу непрерывности бизнеса и экстренного восстановления, планируете, как будете справляться с пожаром, сбоями питания или стихийными бедствиями. Но внезапно в вашу сеть попадает шифровальщик-вымогатель, и, возможно, каждую секунду вы теряете доступность своих активов, а вместе с ними и данные. Докладчик расскажет о том, почему угрозу шифровальщиков стоит рассматривать в контексте непрерывности бизнеса и как справляться с уже произошедшим инцидентом и минимизировать его последствия.
Douwe Pieter van den Bos Practical insights in the day-to-day routine of an information security officer
How to be realistic about information security and don’t stress out. Practical tips that will help any organization.
Although organisations and individuals understand the need to build and maintain defences against evolving and persistent attacks, we should also prepare for the inevitable. The odds have always been stacked against the defenders, and attackers continue to grow, says Gareth Niblett, Chair, BCS Information Security Specialist Group.
In security, rules and thresholds create an excess of security alerts. This slows down security teams, and buries real threats to the enterprise. Analytics, in contrast, will take billions of events and distill them into a handful of true threat leads. This presentation explains—through case studies—how to use statistical methods to validate threats and reduce false positives.
Threat Hunting with Deceptive Defense and Splunk Enterprise SecuritySatnam Singh
Threat hunting has been primarily a playground for security experts in surfacing unknown threats. It is a proactive security approach where the hunt starts with a hypothesis about a hidden threat that may be already in the enterprise network. According to 2017 survey on threat hunting by the SANS Institute, nearly 45% of organizations hunt on an ad hoc basis. The ad hoc approach is ineffective and does not yield sufficient results to cover the cost of threat hunting. Considering the scarcity of security analysts, the ad hoc threat hunting becomes a costly and expensive process. Also, threat hunting is typically performed by doing outlier detection of the data. For example, analysts usually do outlier detection to find suspicious processes out of Windows process logs. The outlier detection can be done using simple box plots, control charts, or using more sophisticated unsupervised machine learning techniques. However, the output of all the outlier detection techniques is outliers/anomalies that still need to be audited/investigated by the security analysts. This adds more workload to the already overwhelmed security analyst.
The fusion of data science and deceive security provides an opportunity to validate many alerts automatically and therefore provides an automated approach from threat hunting. Deceptive defense system offers a way to confirm an adversary presence with nearly 0% false alarms when the adversary bumps onto one of the deceptions. The modern set of deceptions is the reincarnation of honeypots, honeytokens, honeynets, and honey files that blends well within the network and can dynamically change their configurations. When an adversary access a deception, it raises a positive affirmation of a threat. In this approach, one needs to use alerts and contextual security events along with deceptive security to rank the existing alerts. It takes away a lot of manual verification of various security alerts.
A Day in the Life of a GDPR Breach - September 2017: France Splunk
You’re a CIO, CISO or DPO - and you’ve been woken up in the middle of the night because personal data held by your organisation has been discovered for sale on the dark web. This disclosure puts the privacy of your customers at risk. What do you do next? Splunk's own Mathieu Dessus and Elizabeth Davies explore the future scenario.
Вы разрабатываете программу непрерывности бизнеса и экстренного восстановления, планируете, как будете справляться с пожаром, сбоями питания или стихийными бедствиями. Но внезапно в вашу сеть попадает шифровальщик-вымогатель, и, возможно, каждую секунду вы теряете доступность своих активов, а вместе с ними и данные. Докладчик расскажет о том, почему угрозу шифровальщиков стоит рассматривать в контексте непрерывности бизнеса и как справляться с уже произошедшим инцидентом и минимизировать его последствия.
Douwe Pieter van den Bos Practical insights in the day-to-day routine of an information security officer
How to be realistic about information security and don’t stress out. Practical tips that will help any organization.
Although organisations and individuals understand the need to build and maintain defences against evolving and persistent attacks, we should also prepare for the inevitable. The odds have always been stacked against the defenders, and attackers continue to grow, says Gareth Niblett, Chair, BCS Information Security Specialist Group.
In security, rules and thresholds create an excess of security alerts. This slows down security teams, and buries real threats to the enterprise. Analytics, in contrast, will take billions of events and distill them into a handful of true threat leads. This presentation explains—through case studies—how to use statistical methods to validate threats and reduce false positives.
Threat Hunting with Deceptive Defense and Splunk Enterprise SecuritySatnam Singh
Threat hunting has been primarily a playground for security experts in surfacing unknown threats. It is a proactive security approach where the hunt starts with a hypothesis about a hidden threat that may be already in the enterprise network. According to 2017 survey on threat hunting by the SANS Institute, nearly 45% of organizations hunt on an ad hoc basis. The ad hoc approach is ineffective and does not yield sufficient results to cover the cost of threat hunting. Considering the scarcity of security analysts, the ad hoc threat hunting becomes a costly and expensive process. Also, threat hunting is typically performed by doing outlier detection of the data. For example, analysts usually do outlier detection to find suspicious processes out of Windows process logs. The outlier detection can be done using simple box plots, control charts, or using more sophisticated unsupervised machine learning techniques. However, the output of all the outlier detection techniques is outliers/anomalies that still need to be audited/investigated by the security analysts. This adds more workload to the already overwhelmed security analyst.
The fusion of data science and deceive security provides an opportunity to validate many alerts automatically and therefore provides an automated approach from threat hunting. Deceptive defense system offers a way to confirm an adversary presence with nearly 0% false alarms when the adversary bumps onto one of the deceptions. The modern set of deceptions is the reincarnation of honeypots, honeytokens, honeynets, and honey files that blends well within the network and can dynamically change their configurations. When an adversary access a deception, it raises a positive affirmation of a threat. In this approach, one needs to use alerts and contextual security events along with deceptive security to rank the existing alerts. It takes away a lot of manual verification of various security alerts.
A Day in the Life of a GDPR Breach - September 2017: France Splunk
You’re a CIO, CISO or DPO - and you’ve been woken up in the middle of the night because personal data held by your organisation has been discovered for sale on the dark web. This disclosure puts the privacy of your customers at risk. What do you do next? Splunk's own Mathieu Dessus and Elizabeth Davies explore the future scenario.
A New Approach to Threat Detection: Big Data Security Analytics Interset
Learn how to distill billions of events into a handful of security leads. Security analytics powered by machine learning is proven to make your SOC more efficient. This presentation includes four case studies.
Risk Intelligence: Threats are the New RiskResolver Inc.
Do you know the criticality of the assets within your organization? If your answer is ‘no’, don’t worry – chances are, your cyber teams don’t either. Security is badly in need of holistic security leadership. Most security practitioners don’t know that information security risk is processed the same way that physical security risk is processed. By increasing your overall risk awareness, you can take a leadership stance in security within your organization.
The Importance of Backup and Disaster RecoveryNetEnrich, Inc.
Making sure your data is backed up is critical to running a business. Network outages and natural disasters happen, and if you lose any data, your organization’s vitality could be on the line. This is why cloud backups and Disaster Recovery plans are so critical to business continuity. Know more about how Disaster Recovery and backup strategies should be critical parts of your Operation and how the Cloud fits in…
http://bit.ly/2zMFoSz
Planning a move from Perspective to COREResolver Inc.
Here's an overview of incident and investigations management on Core. Get a great look on what upgrading would mean for all Perspective customers. Discover what we heard from our customers and how Core is designed to address some of your largest pain points. You will come away knowing what is available today and what is expected for the rest of 2018 so you plan to move when it best suits your team’s needs.
we will explore the path by which a discovery becomes transformed through the stages of invention, commercialization and large-scale deployment. Our discussion will include: factors that influence commercial viability, various revenue models and pricing structures, and how timing of a product launch can impact market success.
Taking a Data-Driven Approach to Business ContinuityResolver Inc.
When it comes to business continuity, we all know that data is king. Reporting on metrics is one of the few ways to truly know that what you’re doing works, but for many, this is a huge challenge. Learn the top 7 metrics that you should be reporting on in your BC/DR program and share strategies and tools to collect these metrics from other departments in your organization.
This presentation looks at how technology can make the security process more effective and efficient, rather than just talking about how “this new control” addresses “this new threat”. Understand ways to identify things that are slowing down the detection and response process and how to better harness technology and scarce resources to deliver faster, more measurable, more consistent and repeatable response to emerging cyber threats.
Learn from the experts! Tune into this webinar to hear Doug Copley, Deputy CISO/Security & Privacy Strategist for Forcepoint, talk about What It Takes to be a CISO in 2017: expectations, challenges, partnerships, the roadmap,critical activities and more.
A New Approach to Threat Detection: Big Data Security Analytics Interset
Learn how to distill billions of events into a handful of security leads. Security analytics powered by machine learning is proven to make your SOC more efficient. This presentation includes four case studies.
Risk Intelligence: Threats are the New RiskResolver Inc.
Do you know the criticality of the assets within your organization? If your answer is ‘no’, don’t worry – chances are, your cyber teams don’t either. Security is badly in need of holistic security leadership. Most security practitioners don’t know that information security risk is processed the same way that physical security risk is processed. By increasing your overall risk awareness, you can take a leadership stance in security within your organization.
The Importance of Backup and Disaster RecoveryNetEnrich, Inc.
Making sure your data is backed up is critical to running a business. Network outages and natural disasters happen, and if you lose any data, your organization’s vitality could be on the line. This is why cloud backups and Disaster Recovery plans are so critical to business continuity. Know more about how Disaster Recovery and backup strategies should be critical parts of your Operation and how the Cloud fits in…
http://bit.ly/2zMFoSz
Planning a move from Perspective to COREResolver Inc.
Here's an overview of incident and investigations management on Core. Get a great look on what upgrading would mean for all Perspective customers. Discover what we heard from our customers and how Core is designed to address some of your largest pain points. You will come away knowing what is available today and what is expected for the rest of 2018 so you plan to move when it best suits your team’s needs.
we will explore the path by which a discovery becomes transformed through the stages of invention, commercialization and large-scale deployment. Our discussion will include: factors that influence commercial viability, various revenue models and pricing structures, and how timing of a product launch can impact market success.
Taking a Data-Driven Approach to Business ContinuityResolver Inc.
When it comes to business continuity, we all know that data is king. Reporting on metrics is one of the few ways to truly know that what you’re doing works, but for many, this is a huge challenge. Learn the top 7 metrics that you should be reporting on in your BC/DR program and share strategies and tools to collect these metrics from other departments in your organization.
This presentation looks at how technology can make the security process more effective and efficient, rather than just talking about how “this new control” addresses “this new threat”. Understand ways to identify things that are slowing down the detection and response process and how to better harness technology and scarce resources to deliver faster, more measurable, more consistent and repeatable response to emerging cyber threats.
Learn from the experts! Tune into this webinar to hear Doug Copley, Deputy CISO/Security & Privacy Strategist for Forcepoint, talk about What It Takes to be a CISO in 2017: expectations, challenges, partnerships, the roadmap,critical activities and more.
Vetting Mobile Apps for Corporate Use: Security EssentialsNowSecure
What does a sensible approach to approving and denying Android and iOS apps for use by staff look like? It starts with accurate, up-to-date security assessment data. NowSecure VP of Customer Success and Services Katie Strzempka covers how to take a data-driven approach to evaluating mobile apps for use at your organization.
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...Eric Vanderburg
Timothy Opsitnick and Eric Vanderburg of TCDI presented at the Risk Management Society's 2017 Northeast Ohio Regional Conference on Cybersecurity incident response strategies and tactics.
RWISE Modeling and Simulation Presentationlevihumphrey
Charles F. Day & Associates specializes in leveraging big data and state-of-the-art modeling and simulation for social good. We have developed these capabilities through our Purdue Research Park location in W. Lafayette, IN. Based in part on Intellectual Property developed by Purdue University, and extended through Small Business Innovative Research projects, with additional private development and investments, we have leading edge capabilities in Big Data – either in the technological approaches or in the cost effectiveness of our products.
In an era of shrinking public resources and complex and persistent policy changes, CFDay provides decision makers with the ability to develop and utilize actionable intelligence to make data-informed decisions and monitor real-time impacts of policy changes.
By leveraging leading-edge technology, CFDay targets policy and action interventions and provide comprehensive information to identify what interventions are needed, how to best apply, and measure the results. By modeling the impacts of the interventions prior to implementation, decision makers eliminate the need for costly and time-consuming policy experiments.
How to Improve Threat Detection & Simplify Security OperationsIBM Security
Over 74% of global enterprise security professionals rate improving security monitoring as a top priority. Monitoring must be done efficiently within a security operations center (SOC) to combat increased threats and a limited supply of trained security analysts.
While the vendor landscape for security solutions is rapidly evolving, many early point solutions and first generation SIEMs are not keeping pace with the changing needs of security operations. A new class of platforms has emerged that combine advanced analytics and flexible deployment options. Join this exclusive webinar featuring Forrester Research to learn:
Characteristics of modern security platforms that have evolved from point solutions and basic SIEMs
Criteria to consider when evaluating vendors and solutions
The advantages of an integrated security platform that incorporates cognitive capabilities and augmented intelligence
Originally presented on 12/5/2017
To close out the 2017 webinar season, our mobile security expert panel will review the top mobile threats of 2017 (e.g., Cloudbleed, Bootstomp, Broadpwn, and more) and then debate what’s next in mobile app security and mobile app security testing for 2018. See the slides from this spirited discussion of the security ramifications of the new iPhone X, iOS 11, Android 8, the latest innovations in the mobile app security testing, and more. Compare your mobile app security and mobile app security testing initiatives with what our experts say should be your top priorities in 2018.
Today's threats demand a more active role in detecting and isolating sophisticated attacks. This must-see presentation provides practical guidance on modernizing your SOC and building out an effective threat hunting program. Ed Amoroso and David Bianco discuss best practices for developing and staffing a modern SOC, including the essential shifts in how to think about threat detection.
Watch the presentation with audio here: http://info.sqrrl.com/webinar-modernizing-your-security-operations
Even though GDPR is a European Union regulation, it impacts any company with customers in that region. One of the first key tasks of the data management team should be to create awareness regarding the impact of GDPR on the business with all key stakeholders across the organization. In order to generate awareness, organizations need to have clearly defined documentation defining the policies, rules, requirements and the impact of non-compliance. Kim Brushaber will look at what is involved with GDPR, what you should be concerned with, and how to get the conversation started between the business and technical teams within your organization using ER/Studio.
You’re a CIO, CISO or DPO - and you’ve been woken up in the middle of the night because personal data held by your organization has been discovered for sale on the dark web. This disclosure puts the privacy of your customers at risk. What do you do next?
Join this session to learn about the impact of GDPR and go through a breach investigation and response scenario as it would be after GDPR comes into effect in May 2018. You’ll hear from Splunk’s Data Privacy Officer Elizabeth Davies and Splunk’s Security Ninja Matthias Maier.
What you will learn:
- What breach response will look like under the GDPR
- What tools and processes a data privacy officer will rely on in case of a breach
- What departments and entities will be involved beyond IT
- What activities are currently happening within organizations to prepare for the GDPR
- What the consequences of the breach could be
Watch the webinar: http://explore.splunk.com/GDPR_Webinar_EN
A Day in the Life of a GDPR Breach - September 2017: Germany Splunk
You’re a CIO, CISO or DPO - and you’ve been woken up in the middle of the night because personal data held by your organisation has been discovered for sale on the dark web. This disclosure puts the privacy of your customers at risk. What do you do next? Splunk's own Matthias Maier and Elizabeth Davies explore the future scenario.
Build a Security Portfolio That Strengthens Your Security PostureSplunk
All data is security relevant – whether you are an IT or security professional, it is important to gain context into all your data to understand your environment, quickly hunt for and investigate potential threats in your environment, and take action to remediate.
Similar to Introduction to scenario based risk analysis part 2 (20)
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Search and Society: Reimagining Information Access for Radical FuturesBhaskar Mitra
The field of Information retrieval (IR) is currently undergoing a transformative shift, at least partly due to the emerging applications of generative AI to information access. In this talk, we will deliberate on the sociotechnical implications of generative AI for information access. We will argue that there is both a critical necessity and an exciting opportunity for the IR community to re-center our research agendas on societal needs while dismantling the artificial separation between the work on fairness, accountability, transparency, and ethics in IR and the rest of IR research. Instead of adopting a reactionary strategy of trying to mitigate potential social harms from emerging technologies, the community should aim to proactively set the research agenda for the kinds of systems we should build inspired by diverse explicitly stated sociotechnical imaginaries. The sociotechnical imaginaries that underpin the design and development of information access technologies needs to be explicitly articulated, and we need to develop theories of change in context of these diverse perspectives. Our guiding future imaginaries must be informed by other academic fields, such as democratic theory and critical theory, and should be co-developed with social science scholars, legal scholars, civil rights and social justice activists, and artists, among others.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.